diff options
Diffstat (limited to 'eclass/pam.eclass')
-rw-r--r-- | eclass/pam.eclass | 131 |
1 files changed, 41 insertions, 90 deletions
diff --git a/eclass/pam.eclass b/eclass/pam.eclass index 97fcb89d3f5b..2516fa896587 100644 --- a/eclass/pam.eclass +++ b/eclass/pam.eclass @@ -1,20 +1,34 @@ -# Copyright 1999-2019 Gentoo Authors +# Copyright 1999-2023 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 # @ECLASS: pam.eclass # @MAINTAINER: -# Mikle Kolyada <zlogene@gentoo.org> +# base-system@gentoo.org # @AUTHOR: # Diego Pettenò <flameeyes@gentoo.org> +# @SUPPORTED_EAPIS: 7 8 # @BLURB: Handles pam related tasks # @DESCRIPTION: # This eclass contains functions to install pamd configuration files and # pam modules. +case ${EAPI} in + 7|8) ;; + *) die "${ECLASS}: EAPI ${EAPI:-0} not supported" ;; +esac + if [[ -z ${_PAM_ECLASS} ]]; then _PAM_ECLASS=1 -inherit flag-o-matic multilib +inherit flag-o-matic + +# @FUNCTION: _pam_flag_disabled +# @INTERNAL +# @DESCRIPTION: +# Check whether pam support is disabled. +_pam_flag_disabled() { + in_iuse pam && ! use pam +} # @FUNCTION: dopamd # @USAGE: <file> [more files] @@ -23,15 +37,13 @@ inherit flag-o-matic multilib dopamd() { [[ -z $1 ]] && die "dopamd requires at least one argument" - if has pam ${IUSE} && ! use pam; then - return 0; - fi + _pam_flag_disabled && return 0 ( # dont want to pollute calling env insinto /etc/pam.d insopts -m 0644 doins "$@" - ) || die "failed to install $@" + ) cleanpamd "$@" } @@ -42,15 +54,13 @@ dopamd() { newpamd() { [[ $# -ne 2 ]] && die "newpamd requires two arguments" - if has pam ${IUSE} && ! use pam; then - return 0; - fi + _pam_flag_disabled && return 0 ( # dont want to pollute calling env insinto /etc/pam.d insopts -m 0644 newins "$1" "$2" - ) || die "failed to install $1 as $2" + ) cleanpamd $2 } @@ -61,15 +71,13 @@ newpamd() { dopamsecurity() { [[ $# -lt 2 ]] && die "dopamsecurity requires at least two arguments" - if has pam ${IUSE} && ! use pam; then - return 0 - fi + _pam_flag_disabled && return 0 ( # dont want to pollute calling env insinto /etc/security/$1 insopts -m 0644 doins "${@:2}" - ) || die "failed to install ${@:2}" + ) } # @FUNCTION: newpamsecurity @@ -79,27 +87,20 @@ dopamsecurity() { newpamsecurity() { [[ $# -ne 3 ]] && die "newpamsecurity requires three arguments" - if has pam ${IUSE} && ! use pam; then - return 0; - fi + _pam_flag_disabled && return 0 ( # dont want to pollute calling env insinto /etc/security/$1 insopts -m 0644 newins "$2" "$3" - ) || die "failed to install $2 as $3" + ) } # @FUNCTION: getpam_mod_dir # @DESCRIPTION: # Returns the pam modules' directory for current implementation getpam_mod_dir() { - if has_version sys-libs/pam; then - PAM_MOD_DIR=/$(get_libdir)/security - else - # Unable to find PAM implementation... defaulting - PAM_MOD_DIR=/$(get_libdir)/security - fi + PAM_MOD_DIR=/$(get_libdir)/security echo ${PAM_MOD_DIR} } @@ -128,12 +129,10 @@ EOF dopammod() { [[ -z $1 ]] && die "dopammod requires at least one argument" - if has pam ${IUSE} && ! use pam; then - return 0; - fi + _pam_flag_disabled && return 0 exeinto $(getpam_mod_dir) - doexe "$@" || die "failed to install $@" + doexe "$@" } # @FUNCTION: newpammod @@ -142,14 +141,12 @@ dopammod() { # Install pam module file <old name> as <new name> in the pam # modules' dir for current implementation newpammod() { - [[ $# -ne 2 ]] && die "newpammod requires two arguements" + [[ $# -ne 2 ]] && die "newpammod requires two arguments" - if has pam ${IUSE} && ! use pam; then - return 0; - fi + _pam_flag_disabled && return 0 exeinto $(getpam_mod_dir) - newexe "$1" "$2" || die "failed to install $1 as $2" + newexe "$1" "$2" } # @FUNCTION: pamd_mimic_system @@ -158,7 +155,7 @@ newpammod() { # This function creates a pamd file which mimics system-auth file # for the given levels in the /etc/pam.d directory. pamd_mimic_system() { - [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two argments" + [[ $# -lt 2 ]] && die "pamd_mimic_system requires at least two arguments" pamd_mimic system-auth "$@" } @@ -168,28 +165,25 @@ pamd_mimic_system() { # This function creates a pamd file which mimics the given stack # for the given levels in the /etc/pam.d directory. pamd_mimic() { - [[ $# -lt 3 ]] && die "pamd_mimic requires at least three argments" + [[ $# -lt 3 ]] && die "pamd_mimic requires at least three arguments" - if has pam ${IUSE} && ! use pam; then - return 0; - fi + _pam_flag_disabled && return 0 dodir /etc/pam.d - pamdfile=${D}/etc/pam.d/$2 - echo -e "# File autogenerated by pamd_mimic in pam eclass\n\n" >> \ - $pamdfile + local pamdfile="${ED}/etc/pam.d/$2" + echo -e "# File autogenerated by pamd_mimic in pam eclass\n\n" \ + >> "${pamdfile}" || die - originalstack=$1 - authlevels="auth account password session" + local authlevels="auth account password session" - mimic="\tsubstack\t\t${originalstack}" + local mimic="\tsubstack\t\t$1" shift; shift while [[ -n $1 ]]; do has $1 ${authlevels} || die "unknown level type" - echo -e "$1${mimic}" >> ${pamdfile} + echo -e "$1${mimic}" >> "${pamdfile}" || die shift done @@ -203,54 +197,11 @@ pamd_mimic() { cleanpamd() { while [[ -n $1 ]]; do if ! has_version sys-libs/pam; then - sed -i -e '/pam_shells\|pam_console/s:^:#:' "${D}/etc/pam.d/$1" + sed -i -e '/pam_shells\|pam_console/s:^:#:' "${ED}/etc/pam.d/$1" || die fi shift done } -# @FUNCTION: pam_epam_expand -# @USAGE: <pamd file> -# @DESCRIPTION: -# Steer clear, deprecated, don't use, bad experiment -pam_epam_expand() { - sed -n -e 's|#%EPAM-\([[:alpha:]-]\+\):\([-+<>=/.![:alnum:]]\+\)%#.*|\1 \2|p' \ - "$@" | sort -u | while read condition parameter; do - - disable="yes" - - case "$condition" in - If-Has) - message="This can be used only if you have ${parameter} installed" - has_version "$parameter" && disable="no" - ;; - Use-Flag) - message="This can be used only if you enabled the ${parameter} USE flag" - use "$parameter" && disable="no" - ;; - *) - eerror "Unknown EPAM condition '${condition}' ('${parameter}')" - die "Unknown EPAM condition '${condition}' ('${parameter}')" - ;; - esac - - if [ "${disable}" = "yes" ]; then - sed -i -e "/#%EPAM-${condition}:${parameter/\//\\/}%#/d" "$@" - else - sed -i -e "s|#%EPAM-${condition}:${parameter}%#||" "$@" - fi - - done -} - -# Think about it before uncommenting this one, for now run it by hand -# pam_pkg_preinst() { -# eshopts_push -o noglob # so that bash doen't expand "*" -# -# pam_epam_expand "${D}"/etc/pam.d/* -# -# eshopts_pop # reset old shell opts -# } - fi |