rpms/pam/devel pam.spec,1.169,1.170
Tomas Mraz (tmraz)
fedora-extras-commits at redhat.com
Mon Feb 4 13:07:00 UTC 2008
Author: tmraz
Update of /cvs/pkgs/rpms/pam/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7444
Modified Files:
pam.spec
Log Message:
* Mon Feb 4 2008 Tomas Mraz <tmraz at redhat.com> 0.99.8.1-18
- allow the package to build without SELinux and audit support (#431415)
- macro usage cleanup
Index: pam.spec
===================================================================
RCS file: /cvs/pkgs/rpms/pam/devel/pam.spec,v
retrieving revision 1.169
retrieving revision 1.170
diff -u -r1.169 -r1.170
--- pam.spec 28 Jan 2008 17:59:35 -0000 1.169
+++ pam.spec 4 Feb 2008 13:06:18 -0000 1.170
@@ -1,9 +1,3 @@
-%define WITH_AUDIT 1
-
-%define _sbindir /sbin
-%define _sysconfdir /etc
-
-%define pwdb_version 0.62
%define db_version 4.6.19
%define db_conflicting_version 4.7.0
%define pam_redhat_version 0.99.8-1
@@ -11,7 +5,7 @@
Summary: A security tool which provides authentication for applications
Name: pam
Version: 0.99.8.1
-Release: 17%{?dist}
+Release: 18%{?dist}
# The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant
# as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+,
# pam_rhosts_auth module is BSD with advertising
@@ -50,6 +44,18 @@
Patch52: pam-0.99.8.1-setkeycreatecon.patch
Patch53: pam-0.99.8.1-sepermit-kill-user.patch
+%define _sbindir /sbin
+%define _moduledir /%{_lib}/security
+%define _secconfdir %{_sysconfdir}/security
+%define _pamconfdir %{_sysconfdir}/pam.d
+
+%if %{?WITH_SELINUX:0}%{!?WITH_SELINUX:1}
+%define WITH_SELINUX 1
+%endif
+%if %{?WITH_AUDIT:0}%{!?WITH_AUDIT:1}
+%define WITH_AUDIT 1
+%endif
+
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: cracklib, cracklib-dicts >= 2.8
Requires(post): coreutils, /sbin/ldconfig
@@ -62,8 +68,10 @@
BuildRequires: audit-libs-devel >= 1.0.8
Requires: audit-libs >= 1.0.8
%endif
+%if %{WITH_SELINUX}
BuildRequires: libselinux-devel >= 1.33.2
Requires: libselinux >= 1.33.2
+%endif
BuildRequires: glibc >= 2.3.90-37
Requires: glibc >= 2.3.90-37
# Following deps are necessary only to build the pam library documentation.
@@ -161,7 +169,13 @@
%configure \
--libdir=/%{_lib} \
--includedir=%{_includedir}/security \
- --enable-isadir=../../%{_lib}/security \
+ --enable-isadir=../..%{_moduledir} \
+%if ! %{WITH_SELINUX}
+ --disable-selinux \
+%endif
+%if ! %{WITH_AUDIT}
+ --disable-audit \
+%endif
--with-db-uniquename=_pam
make
# we do not use _smp_mflags because the build of sources in yacc/flex fails
@@ -183,11 +197,11 @@
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/environment
# Install default configuration files.
-install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
-install -m 644 %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/other
-install -m 644 %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/system-auth
-install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/config-util
-install -m 600 /dev/null $RPM_BUILD_ROOT%{_sysconfdir}/security/opasswd
+install -d -m 755 $RPM_BUILD_ROOT%{_pamconfdir}
+install -m 644 %{SOURCE5} $RPM_BUILD_ROOT%{_pamconfdir}/other
+install -m 644 %{SOURCE6} $RPM_BUILD_ROOT%{_pamconfdir}/system-auth
+install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_pamconfdir}/config-util
+install -m 600 /dev/null $RPM_BUILD_ROOT%{_secconfdir}/opasswd
install -d -m 755 $RPM_BUILD_ROOT/var/log
install -m 600 /dev/null $RPM_BUILD_ROOT/var/log/faillog
install -m 600 /dev/null $RPM_BUILD_ROOT/var/log/tallylog
@@ -196,7 +210,7 @@
install -m 644 %{SOURCE9} %{SOURCE10} $RPM_BUILD_ROOT%{_mandir}/man5/
for phase in auth acct passwd session ; do
- ln -sf pam_unix.so $RPM_BUILD_ROOT/%{_lib}/security/pam_unix_${phase}.so
+ ln -sf pam_unix.so $RPM_BUILD_ROOT%{_moduledir}/pam_unix_${phase}.so
done
# Remove .la files and make new .so links -- this depends on the value
@@ -209,12 +223,12 @@
rm -f $RPM_BUILD_ROOT/%{_lib}/${lib}.so
rm -f $RPM_BUILD_ROOT/%{_lib}/${lib}.la
done
-rm -f $RPM_BUILD_ROOT/%{_lib}/security/*.la
+rm -f $RPM_BUILD_ROOT%{_moduledir}/*.la
# Duplicate doc file sets.
rm -fr $RPM_BUILD_ROOT/usr/share/doc/pam
-# Create /lib/security in case it isn't the same as /%{_lib}/security.
+# Create /lib/security in case it isn't the same as %{_moduledir}.
install -m755 -d $RPM_BUILD_ROOT/lib/security
%find_lang Linux-PAM
@@ -223,7 +237,10 @@
# Make sure every module subdirectory gave us a module. Yes, this is hackish.
for dir in modules/pam_* ; do
if [ -d ${dir} ] ; then
- if ! ls -1 $RPM_BUILD_ROOT/%{_lib}/security/`basename ${dir}`*.so ; then
+%if ! %{WITH_SELINUX}
+ [ ${dir} = "modules/pam_selinux" ] && continue
+%endif
+ if ! ls -1 $RPM_BUILD_ROOT%{_moduledir}/`basename ${dir}`*.so ; then
echo ERROR `basename ${dir}` did not build a module.
exit 1
fi
@@ -233,7 +250,7 @@
# Check for module problems. Specifically, check that every module we just
# installed can actually be loaded by a minimal PAM-aware application.
/sbin/ldconfig -n $RPM_BUILD_ROOT/%{_lib}
-for module in $RPM_BUILD_ROOT/%{_lib}/security/pam*.so ; do
+for module in $RPM_BUILD_ROOT%{_moduledir}/pam*.so ; do
if ! env LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib} \
%{SOURCE8} -ldl -lpam -L$RPM_BUILD_ROOT/%{_libdir} ${module} ; then
echo ERROR module: ${module} cannot be loaded.
@@ -265,10 +282,10 @@
%files -f Linux-PAM.lang
%defattr(-,root,root)
-%dir /etc/pam.d
-%config(noreplace) /etc/pam.d/other
-%config(noreplace) /etc/pam.d/system-auth
-%config(noreplace) /etc/pam.d/config-util
+%dir %{_pamconfdir}
+%config(noreplace) %{_pamconfdir}/other
+%config(noreplace) %{_pamconfdir}/system-auth
+%config(noreplace) %{_pamconfdir}/config-util
%doc Copyright
%doc doc/txts
%doc doc/sag/*.txt doc/sag/html
@@ -285,76 +302,78 @@
%if %{_lib} != lib
%dir /lib/security
%endif
-%dir /%{_lib}/security
-/%{_lib}/security/pam_access.so
-/%{_lib}/security/pam_chroot.so
-/%{_lib}/security/pam_console.so
-/%{_lib}/security/pam_cracklib.so
-/%{_lib}/security/pam_debug.so
-/%{_lib}/security/pam_deny.so
-/%{_lib}/security/pam_echo.so
-/%{_lib}/security/pam_env.so
-/%{_lib}/security/pam_exec.so
-/%{_lib}/security/pam_faildelay.so
-/%{_lib}/security/pam_filter.so
-/%{_lib}/security/pam_ftp.so
-/%{_lib}/security/pam_group.so
-/%{_lib}/security/pam_issue.so
-/%{_lib}/security/pam_keyinit.so
-/%{_lib}/security/pam_lastlog.so
-/%{_lib}/security/pam_limits.so
-/%{_lib}/security/pam_listfile.so
-/%{_lib}/security/pam_localuser.so
-/%{_lib}/security/pam_loginuid.so
-/%{_lib}/security/pam_mail.so
-/%{_lib}/security/pam_mkhomedir.so
-/%{_lib}/security/pam_motd.so
-/%{_lib}/security/pam_namespace.so
-/%{_lib}/security/pam_nologin.so
-/%{_lib}/security/pam_permit.so
-/%{_lib}/security/pam_postgresok.so
-/%{_lib}/security/pam_rhosts.so
-/%{_lib}/security/pam_rhosts_auth.so
-/%{_lib}/security/pam_rootok.so
-/%{_lib}/security/pam_rps.so
-/%{_lib}/security/pam_selinux.so
-/%{_lib}/security/pam_selinux_permit.so
-/%{_lib}/security/pam_securetty.so
-/%{_lib}/security/pam_shells.so
-/%{_lib}/security/pam_stress.so
-/%{_lib}/security/pam_succeed_if.so
-/%{_lib}/security/pam_tally.so
-/%{_lib}/security/pam_tally2.so
-/%{_lib}/security/pam_time.so
-/%{_lib}/security/pam_timestamp.so
-/%{_lib}/security/pam_tty_audit.so
-/%{_lib}/security/pam_umask.so
-/%{_lib}/security/pam_unix.so
-/%{_lib}/security/pam_unix_acct.so
-/%{_lib}/security/pam_unix_auth.so
-/%{_lib}/security/pam_unix_passwd.so
-/%{_lib}/security/pam_unix_session.so
-/%{_lib}/security/pam_userdb.so
-/%{_lib}/security/pam_warn.so
-/%{_lib}/security/pam_wheel.so
-/%{_lib}/security/pam_xauth.so
-/%{_lib}/security/pam_filter
-%dir %{_sysconfdir}/security
-%config(noreplace) %{_sysconfdir}/security/access.conf
-%config(noreplace) %{_sysconfdir}/security/chroot.conf
-%config %{_sysconfdir}/security/console.perms
-%config(noreplace) %{_sysconfdir}/security/console.handlers
-%config(noreplace) %{_sysconfdir}/security/group.conf
-%config(noreplace) %{_sysconfdir}/security/limits.conf
-%config(noreplace) %{_sysconfdir}/security/namespace.conf
-%attr(755,root,root) %config(noreplace) %{_sysconfdir}/security/namespace.init
-%config(noreplace) %{_sysconfdir}/security/pam_env.conf
-%config(noreplace) %{_sysconfdir}/security/sepermit.conf
-%config(noreplace) %{_sysconfdir}/security/time.conf
-%config(noreplace) %{_sysconfdir}/security/opasswd
-%dir %{_sysconfdir}/security/console.apps
-%dir %{_sysconfdir}/security/console.perms.d
-%config %{_sysconfdir}/security/console.perms.d/50-default.perms
+%dir %{_moduledir}
+%{_moduledir}/pam_access.so
+%{_moduledir}/pam_chroot.so
+%{_moduledir}/pam_console.so
+%{_moduledir}/pam_cracklib.so
+%{_moduledir}/pam_debug.so
+%{_moduledir}/pam_deny.so
+%{_moduledir}/pam_echo.so
+%{_moduledir}/pam_env.so
+%{_moduledir}/pam_exec.so
+%{_moduledir}/pam_faildelay.so
+%{_moduledir}/pam_filter.so
+%{_moduledir}/pam_ftp.so
+%{_moduledir}/pam_group.so
+%{_moduledir}/pam_issue.so
+%{_moduledir}/pam_keyinit.so
+%{_moduledir}/pam_lastlog.so
+%{_moduledir}/pam_limits.so
+%{_moduledir}/pam_listfile.so
+%{_moduledir}/pam_localuser.so
+%{_moduledir}/pam_loginuid.so
+%{_moduledir}/pam_mail.so
+%{_moduledir}/pam_mkhomedir.so
+%{_moduledir}/pam_motd.so
+%{_moduledir}/pam_namespace.so
+%{_moduledir}/pam_nologin.so
+%{_moduledir}/pam_permit.so
+%{_moduledir}/pam_postgresok.so
+%{_moduledir}/pam_rhosts.so
+%{_moduledir}/pam_rhosts_auth.so
+%{_moduledir}/pam_rootok.so
+%{_moduledir}/pam_rps.so
+%if %{WITH_SELINUX}
+%{_moduledir}/pam_selinux.so
+%{_moduledir}/pam_selinux_permit.so
+%endif
+%{_moduledir}/pam_securetty.so
+%{_moduledir}/pam_shells.so
+%{_moduledir}/pam_stress.so
+%{_moduledir}/pam_succeed_if.so
+%{_moduledir}/pam_tally.so
+%{_moduledir}/pam_tally2.so
+%{_moduledir}/pam_time.so
+%{_moduledir}/pam_timestamp.so
+%{_moduledir}/pam_tty_audit.so
+%{_moduledir}/pam_umask.so
+%{_moduledir}/pam_unix.so
+%{_moduledir}/pam_unix_acct.so
+%{_moduledir}/pam_unix_auth.so
+%{_moduledir}/pam_unix_passwd.so
+%{_moduledir}/pam_unix_session.so
+%{_moduledir}/pam_userdb.so
+%{_moduledir}/pam_warn.so
+%{_moduledir}/pam_wheel.so
+%{_moduledir}/pam_xauth.so
+%{_moduledir}/pam_filter
+%dir %{_secconfdir}
+%config(noreplace) %{_secconfdir}/access.conf
+%config(noreplace) %{_secconfdir}/chroot.conf
+%config %{_secconfdir}/console.perms
+%config(noreplace) %{_secconfdir}/console.handlers
+%config(noreplace) %{_secconfdir}/group.conf
+%config(noreplace) %{_secconfdir}/limits.conf
+%config(noreplace) %{_secconfdir}/namespace.conf
+%attr(755,root,root) %config(noreplace) %{_secconfdir}/namespace.init
+%config(noreplace) %{_secconfdir}/pam_env.conf
+%config(noreplace) %{_secconfdir}/sepermit.conf
+%config(noreplace) %{_secconfdir}/time.conf
+%config(noreplace) %{_secconfdir}/opasswd
+%dir %{_secconfdir}/console.apps
+%dir %{_secconfdir}/console.perms.d
+%config %{_secconfdir}/console.perms.d/50-default.perms
%dir /var/run/console
%dir /var/run/sepermit
%ghost %verify(not md5 size mtime) /var/log/faillog
@@ -373,6 +392,10 @@
%doc doc/adg/*.txt doc/adg/html
%changelog
+* Mon Feb 4 2008 Tomas Mraz <tmraz at redhat.com> 0.99.8.1-18
+- allow the package to build without SELinux and audit support (#431415)
+- macro usage cleanup
+
* Mon Jan 28 2008 Tomas Mraz <tmraz at redhat.com> 0.99.8.1-17
- test for setkeycreatecon correctly
- add exclusive login mode of operation to pam_selinux_permit (original
More information about the fedora-extras-commits
mailing list