summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'sys-auth')
-rw-r--r--sys-auth/AusweisApp/AusweisApp-2.0.3.ebuild (renamed from sys-auth/AusweisApp2/AusweisApp2-1.26.7.ebuild)22
-rw-r--r--sys-auth/AusweisApp/AusweisApp-2.1.0.ebuild47
-rw-r--r--sys-auth/AusweisApp/AusweisApp-9999.ebuild (renamed from sys-auth/AusweisApp2/AusweisApp2-9999.ebuild)4
-rw-r--r--sys-auth/AusweisApp/Manifest2
-rw-r--r--sys-auth/AusweisApp/metadata.xml (renamed from sys-auth/AusweisApp2/metadata.xml)2
-rw-r--r--sys-auth/AusweisApp2/Manifest1
-rw-r--r--sys-auth/elogind/elogind-246.10-r3.ebuild4
-rw-r--r--sys-auth/elogind/elogind-252.9.ebuild5
-rw-r--r--sys-auth/elogind/metadata.xml4
-rw-r--r--sys-auth/libfprint/Manifest1
-rw-r--r--sys-auth/libfprint/libfprint-1.94.7.ebuild70
-rw-r--r--sys-auth/libfprint/metadata.xml1
-rw-r--r--sys-auth/nss-mdns/files/lld-17-undefined-versioned-symbols.patch160
-rw-r--r--sys-auth/nss-mdns/nss-mdns-0.15.1.ebuild14
-rw-r--r--sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r2.ebuild7
-rw-r--r--sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r3.ebuild7
-rw-r--r--sys-auth/oath-toolkit/Manifest2
-rw-r--r--sys-auth/oath-toolkit/files/oath-toolkit-2.6.9-Fix-build-failure-noticed-on-ArchLinux-xmlsec.patch40
-rw-r--r--sys-auth/oath-toolkit/oath-toolkit-2.6.10.ebuild69
-rw-r--r--sys-auth/oath-toolkit/oath-toolkit-2.6.11.ebuild69
-rw-r--r--sys-auth/oath-toolkit/oath-toolkit-2.6.7-r2.ebuild4
-rw-r--r--sys-auth/oath-toolkit/oath-toolkit-2.6.9.ebuild8
-rw-r--r--sys-auth/pam_krb5/pam_krb5-4.11.ebuild4
-rw-r--r--sys-auth/pam_mount/Manifest1
-rw-r--r--sys-auth/pam_mount/metadata.xml2
-rw-r--r--sys-auth/pam_mount/pam_mount-2.20.ebuild46
-rw-r--r--sys-auth/pam_ssh/pam_ssh-2.3-r1.ebuild4
-rw-r--r--sys-auth/pambase/Manifest1
-rw-r--r--sys-auth/pambase/metadata.xml8
-rw-r--r--sys-auth/pambase/pambase-20240128.ebuild118
-rw-r--r--sys-auth/pambase/pambase-999999999.ebuild28
-rw-r--r--sys-auth/passwdqc/Manifest2
-rw-r--r--sys-auth/passwdqc/passwdqc-1.4.0-r2.ebuild73
-rw-r--r--sys-auth/passwdqc/passwdqc-2.0.2-r1.ebuild73
-rw-r--r--sys-auth/passwdqc/passwdqc-2.0.3-r1.ebuild2
-rw-r--r--sys-auth/passwdqc/passwdqc-2.0.3.ebuild65
-rw-r--r--sys-auth/polkit-qt/Manifest1
-rw-r--r--sys-auth/polkit-qt/polkit-qt-0.114.0-r3.ebuild4
-rw-r--r--sys-auth/polkit-qt/polkit-qt-0.200.0.ebuild60
-rw-r--r--sys-auth/polkit/Manifest1
-rw-r--r--sys-auth/polkit/files/polkit-124-systemd-fixup.patch28
-rw-r--r--sys-auth/polkit/files/polkit-124-systemd.patch50
-rw-r--r--sys-auth/polkit/metadata.xml4
-rw-r--r--sys-auth/polkit/polkit-123.ebuild2
-rw-r--r--sys-auth/polkit/polkit-124-r1.ebuild165
-rw-r--r--sys-auth/rtkit/rtkit-0.13-r2.ebuild4
-rw-r--r--sys-auth/seatd/Manifest1
-rw-r--r--sys-auth/seatd/seatd-0.7.0-r2.ebuild62
-rw-r--r--sys-auth/skey/skey-1.1.5-r14.ebuild4
-rw-r--r--sys-auth/solo1/solo1-0.1.1-r1.ebuild4
-rw-r--r--sys-auth/sssd/Manifest2
-rw-r--r--sys-auth/sssd/files/sssd-2.6.0-conditional-python-install.patch19
-rw-r--r--sys-auth/sssd/metadata.xml3
-rw-r--r--sys-auth/sssd/sssd-2.9.1-r1.ebuild (renamed from sys-auth/sssd/sssd-2.9.1.ebuild)13
-rw-r--r--sys-auth/sssd/sssd-2.9.4.ebuild (renamed from sys-auth/sssd/sssd-2.6.0-r2.ebuild)128
-rw-r--r--sys-auth/yubico-piv-tool/Manifest2
-rw-r--r--sys-auth/yubico-piv-tool/yubico-piv-tool-2.4.2.ebuild48
-rw-r--r--sys-auth/yubico-piv-tool/yubico-piv-tool-2.5.1.ebuild48
58 files changed, 1210 insertions, 413 deletions
diff --git a/sys-auth/AusweisApp2/AusweisApp2-1.26.7.ebuild b/sys-auth/AusweisApp/AusweisApp-2.0.3.ebuild
index 5e3970ddaa02..f791a20ba107 100644
--- a/sys-auth/AusweisApp2/AusweisApp2-1.26.7.ebuild
+++ b/sys-auth/AusweisApp/AusweisApp-2.0.3.ebuild
@@ -1,4 +1,4 @@
-# Copyright 2020-2023 Gentoo Authors
+# Copyright 2020-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -11,23 +11,20 @@ SRC_URI="https://github.com/Governikus/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz
LICENSE="EUPL-1.2"
SLOT="0"
-KEYWORDS="amd64 x86"
+KEYWORDS="amd64"
BDEPEND="
- dev-qt/linguist-tools:5
+ dev-qt/qtshadertools:6
+ dev-qt/qttools:6[linguist]
virtual/pkgconfig"
RDEPEND="
dev-libs/openssl:0=
- dev-qt/qtconcurrent:5
- dev-qt/qtcore:5
- dev-qt/qtdeclarative:5
- dev-qt/qtgui:5
- dev-qt/qtnetwork:5
- dev-qt/qtquickcontrols2:5
- dev-qt/qtsvg:5
- dev-qt/qtwebsockets:5[qml]
- dev-qt/qtwidgets:5
+ dev-qt/qtbase:6[concurrent,network,widgets]
+ dev-qt/qtdeclarative:6[widgets]
+ dev-qt/qtscxml:6[qml]
+ dev-qt/qtsvg:6
+ dev-qt/qtwebsockets:6[qml]
net-libs/http-parser:0=
sys-apps/pcsc-lite
virtual/udev"
@@ -37,7 +34,6 @@ DEPEND="${RDEPEND}"
src_configure() {
local mycmakeargs=(
-DBUILD_SHARED_LIBS=OFF
- -DQt=Qt5
)
cmake_src_configure
}
diff --git a/sys-auth/AusweisApp/AusweisApp-2.1.0.ebuild b/sys-auth/AusweisApp/AusweisApp-2.1.0.ebuild
new file mode 100644
index 000000000000..d86746427953
--- /dev/null
+++ b/sys-auth/AusweisApp/AusweisApp-2.1.0.ebuild
@@ -0,0 +1,47 @@
+# Copyright 2020-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake xdg-utils
+
+DESCRIPTION="Official authentication app for German ID cards and residence permits"
+HOMEPAGE="https://www.ausweisapp.bund.de/"
+SRC_URI="https://github.com/Governikus/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="EUPL-1.2"
+SLOT="0"
+KEYWORDS="~amd64"
+
+BDEPEND="
+ dev-qt/qtshadertools:6
+ dev-qt/qttools:6[linguist]
+ virtual/pkgconfig"
+
+RDEPEND="
+ dev-libs/openssl:0=
+ dev-qt/qtbase:6[concurrent,network,widgets]
+ dev-qt/qtdeclarative:6[widgets]
+ dev-qt/qtscxml:6[qml]
+ dev-qt/qtsvg:6
+ dev-qt/qtwebsockets:6[qml]
+ net-libs/http-parser:0=
+ sys-apps/pcsc-lite
+ virtual/udev"
+
+DEPEND="${RDEPEND}"
+
+src_configure() {
+ local mycmakeargs=(
+ -DBUILD_SHARED_LIBS=OFF
+ )
+ cmake_src_configure
+}
+
+pkg_postinst() {
+ xdg_icon_cache_update
+}
+
+pkg_postrm() {
+ xdg_icon_cache_update
+}
diff --git a/sys-auth/AusweisApp2/AusweisApp2-9999.ebuild b/sys-auth/AusweisApp/AusweisApp-9999.ebuild
index 764e968e501b..2ee0eb3209a0 100644
--- a/sys-auth/AusweisApp2/AusweisApp2-9999.ebuild
+++ b/sys-auth/AusweisApp/AusweisApp-9999.ebuild
@@ -1,4 +1,4 @@
-# Copyright 2020-2022 Gentoo Authors
+# Copyright 2020-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -7,7 +7,7 @@ inherit cmake git-r3 xdg-utils
DESCRIPTION="Official authentication app for German ID cards and residence permits"
HOMEPAGE="https://www.ausweisapp.bund.de/"
-EGIT_REPO_URI="https://github.com/Governikus/AusweisApp2.git"
+EGIT_REPO_URI="https://github.com/Governikus/AusweisApp.git"
LICENSE="EUPL-1.2"
SLOT="0"
diff --git a/sys-auth/AusweisApp/Manifest b/sys-auth/AusweisApp/Manifest
new file mode 100644
index 000000000000..bb557a4dc39f
--- /dev/null
+++ b/sys-auth/AusweisApp/Manifest
@@ -0,0 +1,2 @@
+DIST AusweisApp-2.0.3.tar.gz 9125557 BLAKE2B 6d32e0d451259bfb44ac99dce9dee3e66afd07d5c78c8f033703213888fb68c5d3ee9f8374d1ab79cd364061e78d98ce0c21fc5d6957f601bd88e5e3e6b2489d SHA512 4f492d137c1f38d3ff5ae70afc28d44bd86ce2034166e8ea7ca44e91161301a739ddcf985c76b14147485f6bc4e30e316db50db86eda7e2de1b7344c37091cd4
+DIST AusweisApp-2.1.0.tar.gz 5876657 BLAKE2B 54c8676dda53a667104f8edf8fc70fc4ca736b1207bea0ce2a5fc0a628216ce4f001adac03308fceccbb8ad834d171f364ac6b4e948ada26d6983ede827fd10e SHA512 a7186bdfe3ebd6779588dc6fa219fcc2f60d36c62a8b9956bbdc86e4962120e46b39266e7207cf0de4d84f9212d1616bbec9f8901cb0a112bcfcae1684f3ff75
diff --git a/sys-auth/AusweisApp2/metadata.xml b/sys-auth/AusweisApp/metadata.xml
index fe6904054d49..2b138ddc526e 100644
--- a/sys-auth/AusweisApp2/metadata.xml
+++ b/sys-auth/AusweisApp/metadata.xml
@@ -6,6 +6,6 @@
<name>Conrad Kostecki</name>
</maintainer>
<upstream>
- <remote-id type="github">Governikus/AusweisApp2</remote-id>
+ <remote-id type="github">Governikus/AusweisApp</remote-id>
</upstream>
</pkgmetadata>
diff --git a/sys-auth/AusweisApp2/Manifest b/sys-auth/AusweisApp2/Manifest
deleted file mode 100644
index ba5bf4b824a1..000000000000
--- a/sys-auth/AusweisApp2/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST AusweisApp2-1.26.7.tar.gz 11708844 BLAKE2B 3ae1e00e871f72aa36211e6edb6ab59a9abe7b4aeb1f1b6aab653ec549a56191da53e243fc7990f6c2512135ffce4288684ffd112ba9493aca7bdb6611d658a5 SHA512 a6b3024febb87ed66fd29e5cc841275cf59aafeb2d81cf44be0452c300217c84fb499477d080e757270d51c1d2101e5b75414d2aca16db1046031e8b7a7b454d
diff --git a/sys-auth/elogind/elogind-246.10-r3.ebuild b/sys-auth/elogind/elogind-246.10-r3.ebuild
index 532c0142c6d7..6dab1913be28 100644
--- a/sys-auth/elogind/elogind-246.10-r3.ebuild
+++ b/sys-auth/elogind/elogind-246.10-r3.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -92,7 +92,7 @@ src_configure() {
-Ddefault-kill-user-processes=false
-Dacl=$(usex acl true false)
-Daudit=$(usex audit true false)
- --buildtype $(usex debug debug release)
+ -Dbuildtype=$(usex debug debug release)
-Dhtml=$(usex doc auto false)
-Dpam=$(usex pam true false)
-Dselinux=$(usex selinux true false)
diff --git a/sys-auth/elogind/elogind-252.9.ebuild b/sys-auth/elogind/elogind-252.9.ebuild
index 8e772cb2b934..8ca3fd96ae06 100644
--- a/sys-auth/elogind/elogind-252.9.ebuild
+++ b/sys-auth/elogind/elogind-252.9.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -97,6 +97,8 @@ src_configure() {
python_setup
+ EMESON_BUILDTYPE="$(usex debug debug release)"
+
local emesonargs=(
-Ddocdir="${EPREFIX}/usr/share/doc/${PF}"
-Dhtmldir="${EPREFIX}/usr/share/doc/${PF}/html"
@@ -114,7 +116,6 @@ src_configure() {
-Ddefault-kill-user-processes=false
-Dacl=$(usex acl true false)
-Daudit=$(usex audit true false)
- --buildtype $(usex debug debug release)
-Dhtml=$(usex doc auto false)
-Dpam=$(usex pam true false)
-Dselinux=$(usex selinux true false)
diff --git a/sys-auth/elogind/metadata.xml b/sys-auth/elogind/metadata.xml
index 22535f4d8dab..43950e1cc395 100644
--- a/sys-auth/elogind/metadata.xml
+++ b/sys-auth/elogind/metadata.xml
@@ -4,10 +4,6 @@
<maintainer type="person">
<email>asturm@gentoo.org</email>
</maintainer>
- <maintainer type="person">
- <email>kensington@gentoo.org</email>
- <name>Michael Palimaka</name>
- </maintainer>
<use>
<flag name="cgroup-hybrid">Use hybrid cgroup hierarchy (OpenRC's default) instead of unified.</flag>
</use>
diff --git a/sys-auth/libfprint/Manifest b/sys-auth/libfprint/Manifest
index ae233d9316f7..5a4b54078971 100644
--- a/sys-auth/libfprint/Manifest
+++ b/sys-auth/libfprint/Manifest
@@ -1,3 +1,4 @@
DIST libfprint-1.94.3.tar.gz 10409543 BLAKE2B 33e25715313cfc37f0c05ad47eca6d315a041a067cfc7dfac9d71fcf5231a11f54888dd837c083b8cca03ca2b4b0bced30340e8966ab4c989d4a33c59ceb483e SHA512 22290bd393b54ada75c4655b3e901b6ee25f389a396a9b29bc1e76c0333d9718483b2059c927deb5b8d8e0acf632fecc9c4535b3f161910d5c51fad508d3e7a4
DIST libfprint-1.94.4.tar.gz 10408480 BLAKE2B 492ea10777d223ce7d610f0dca2871c8eae08cb5dd7d30187194d6cc139a60d5350e5908f759434065614c05a72192347be19c1d6fe5641e08a2f6419bdcede7 SHA512 425efdfde373179a237805c4b5561e3531616798c41ccd4358f1c521f1e21af01f8ca61aaf8c959e2c68a69e4dfda23960e696acaaad2228ffef6f999986468e
DIST libfprint-1.94.5.tar.bz2 8922994 BLAKE2B b79292dc77426d76e5e9cb1cbf8662867224f19ff9cf2434d000689d02e7d4609c9ca94a016185f71500e4a58e9522a7647684e1eaa841c02a40f27e0d22055e SHA512 6a73b3d05bd61b5c74e64d52eba7dab6e97dcf149e32c882e05f15dc7241fd8e78f115957ed52a9657ff0b21642ec633c27cc905cbd4697ed41369508957c989
+DIST libfprint-1.94.7.tar.bz2 9066931 BLAKE2B 5df859c4e38a8016b8f91785d8634d85e023cc19b837e928dd2de6392ed77b7a82c26e6c1485df2fa1fb2041421d4dd05441d5df24c2fc5399783dcc174d5afc SHA512 b91a71ef998b03a64b08d9439a1d26027f196f07fd1344bbe45f2dbeb3ace5752af9b7504ee8537eb40d896e43a517e3759a7b3735baded4cc3fb6c0ca3b0ece
diff --git a/sys-auth/libfprint/libfprint-1.94.7.ebuild b/sys-auth/libfprint/libfprint-1.94.7.ebuild
new file mode 100644
index 000000000000..7ece93fa19d2
--- /dev/null
+++ b/sys-auth/libfprint/libfprint-1.94.7.ebuild
@@ -0,0 +1,70 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit meson udev
+
+MY_P="${PN}-v${PV}"
+
+DESCRIPTION="Library to add support for consumer fingerprint readers"
+HOMEPAGE="
+ https://cgit.freedesktop.org/libfprint/libfprint
+ https://gitlab.freedesktop.org/libfprint/libfprint
+"
+SRC_URI="https://gitlab.freedesktop.org/${PN}/${PN}/-/archive/v${PV}/${MY_P}.tar.bz2 -> ${P}.tar.bz2"
+
+LICENSE="LGPL-2.1+"
+SLOT="2"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86"
+IUSE="examples gtk-doc +introspection"
+
+RDEPEND="
+ dev-libs/glib:2
+ dev-libs/libgudev
+ dev-libs/nss
+ dev-python/pygobject
+ dev-libs/libgusb
+ x11-libs/pixman
+ examples? (
+ x11-libs/gdk-pixbuf:2
+ x11-libs/gtk+:3
+ )
+"
+
+DEPEND="${RDEPEND}"
+
+BDEPEND="
+ virtual/pkgconfig
+ gtk-doc? ( dev-util/gtk-doc )
+ introspection? (
+ dev-libs/gobject-introspection
+ dev-libs/libgusb[introspection]
+ )
+"
+
+PATCHES=( "${FILESDIR}/${PN}-1.94.1-test-timeout.patch" )
+
+S="${WORKDIR}/${MY_P}"
+
+src_configure() {
+ local emesonargs=(
+ $(meson_use examples gtk-examples)
+ $(meson_use gtk-doc doc)
+ $(meson_use introspection introspection)
+ -Ddrivers=all
+ -Dinstalled-tests=false
+ -Dudev_rules=enabled
+ -Dudev_rules_dir=$(get_udevdir)/rules.d
+ )
+
+ meson_src_configure
+}
+
+pkg_postinst() {
+ udev_reload
+}
+
+pkg_postrm() {
+ udev_reload
+}
diff --git a/sys-auth/libfprint/metadata.xml b/sys-auth/libfprint/metadata.xml
index 9e7ea48833c1..ee1304226c06 100644
--- a/sys-auth/libfprint/metadata.xml
+++ b/sys-auth/libfprint/metadata.xml
@@ -4,6 +4,7 @@
<!-- maintainer-needed -->
<upstream>
<remote-id type="freedesktop-gitlab">libfprint/libfprint</remote-id>
+ <remote-id type="github">freedesktop/libfprint</remote-id>
<bugs-to>https://bugs.freedesktop.org/enter_bug.cgi?product=libfprint</bugs-to>
</upstream>
</pkgmetadata>
diff --git a/sys-auth/nss-mdns/files/lld-17-undefined-versioned-symbols.patch b/sys-auth/nss-mdns/files/lld-17-undefined-versioned-symbols.patch
new file mode 100644
index 000000000000..905e41853871
--- /dev/null
+++ b/sys-auth/nss-mdns/files/lld-17-undefined-versioned-symbols.patch
@@ -0,0 +1,160 @@
+Gentoo bug: https://bugs.gentoo.org/919484
+Upstream PR: https://github.com/avahi/nss-mdns/pull/93
+diff --git a/Makefile.am b/Makefile.am
+index d5a83c1..6df75f3 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -17,9 +17,6 @@
+ EXTRA_DIST=bootstrap.sh README.md ACKNOWLEDGEMENTS.md NEWS.md LICENSE
+ ACLOCAL_AMFLAGS=-I m4
+
+-# src
+-EXTRA_DIST += src/map-file
+-
+ AM_CFLAGS = \
+ -DMDNS_ALLOW_FILE=\"$(MDNS_ALLOW_FILE)\" \
+ -DAVAHI_SOCKET=\"$(AVAHI_SOCKET)\"
+@@ -47,29 +44,53 @@ endif
+
+ check_PROGRAMS = nss-test avahi-test
+
++src/libnss-mdns-la-map-file: $(srcdir)/src/map-file.in $(srcdir)/src/nss.h
++ $(COMPILE) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(libnss_mdns_la_CFLAGS) -E -x assembler-with-cpp -DVER_SYM_MAP_GEN -o $@ $<
++
++src/libnss-mdns-minimal-la-map-file: $(srcdir)/src/map-file.in $(srcdir)/src/nss.h
++ $(COMPILE) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(libnss_mdns_minimal_la_CFLAGS) -E -x assembler-with-cpp -DVER_SYM_MAP_GEN -o $@ $<
++
++src/libnss-mdns4-la-map-file: $(srcdir)/src/map-file.in $(srcdir)/src/nss.h
++ $(COMPILE) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(libnss_mdns4_la_CFLAGS) -E -x assembler-with-cpp -DVER_SYM_MAP_GEN -o $@ $<
++
++src/libnss-mdns4-minimal-la-map-file: $(srcdir)/src/map-file.in $(srcdir)/src/nss.h
++ $(COMPILE) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(libnss_mdns4_minimal_la_CFLAGS) -E -x assembler-with-cpp -DVER_SYM_MAP_GEN -o $@ $<
++
++src/libnss-mdns6-la-map-file: $(srcdir)/src/map-file.in $(srcdir)/src/nss.h
++ $(COMPILE) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(libnss_mdns6_la_CFLAGS) -E -x assembler-with-cpp -DVER_SYM_MAP_GEN -o $@ $<
++
++src/libnss-mdns6-minimal-la-map-file: $(srcdir)/src/map-file.in $(srcdir)/src/nss.h
++ $(COMPILE) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(libnss_mdns6_minimal_la_CFLAGS) -E -x assembler-with-cpp -DVER_SYM_MAP_GEN -o $@ $<
++
+ libnss_mdns_la_SOURCES=src/util.c src/util.h src/avahi.c src/avahi.h src/nss.c src/nss.h
++EXTRA_libnss_mdns_la_DEPENDENCIES=src/libnss-mdns-la-map-file
+ libnss_mdns_la_CFLAGS=$(AM_CFLAGS)
+-libnss_mdns_la_LDFLAGS=$(AM_LDFLAGS) -shrext .so.2 -Wl,-version-script=$(srcdir)/src/map-file
++libnss_mdns_la_LDFLAGS=$(AM_LDFLAGS) -shrext .so.2 -Wl,-version-script=src/libnss-mdns-la-map-file
+
+ libnss_mdns_minimal_la_SOURCES=$(libnss_mdns_la_SOURCES)
++EXTRA_libnss_mdns_minimal_la_DEPENDENCIES=src/libnss-mdns-minimal-la-map-file
+ libnss_mdns_minimal_la_CFLAGS=$(libnss_mdns_la_CFLAGS) -DMDNS_MINIMAL
+-libnss_mdns_minimal_la_LDFLAGS=$(libnss_mdns_la_LDFLAGS)
++libnss_mdns_minimal_la_LDFLAGS=$(AM_LDFLAGS) -shrext .so.2 -Wl,-version-script=src/libnss-mdns-minimal-la-map-file
+
+ libnss_mdns4_la_SOURCES=$(libnss_mdns_la_SOURCES)
++EXTRA_libnss_mdns4_la_DEPENDENCIES=src/libnss-mdns4-la-map-file
+ libnss_mdns4_la_CFLAGS=$(libnss_mdns_la_CFLAGS) -DNSS_IPV4_ONLY=1
+-libnss_mdns4_la_LDFLAGS=$(libnss_mdns_la_LDFLAGS)
++libnss_mdns4_la_LDFLAGS=$(AM_LDFLAGS) -shrext .so.2 -Wl,-version-script=src/libnss-mdns4-la-map-file
+
+ libnss_mdns4_minimal_la_SOURCES=$(libnss_mdns_la_SOURCES)
++EXTRA_libnss_mdns4_minimal_la_DEPENDENCIES=src/libnss-mdns4-minimal-la-map-file
+ libnss_mdns4_minimal_la_CFLAGS=$(libnss_mdns_la_CFLAGS) -DNSS_IPV4_ONLY=1 -DMDNS_MINIMAL
+-libnss_mdns4_minimal_la_LDFLAGS=$(libnss_mdns_la_LDFLAGS)
++libnss_mdns4_minimal_la_LDFLAGS=$(AM_LDFLAGS) -shrext .so.2 -Wl,-version-script=src/libnss-mdns4-minimal-la-map-file
+
+ libnss_mdns6_la_SOURCES=$(libnss_mdns_la_SOURCES)
++EXTRA_libnss_mdns6_la_DEPENDENCIES=src/libnss-mdns6-la-map-file
+ libnss_mdns6_la_CFLAGS=$(libnss_mdns_la_CFLAGS) -DNSS_IPV6_ONLY=1
+-libnss_mdns6_la_LDFLAGS=$(libnss_mdns_la_LDFLAGS)
++libnss_mdns6_la_LDFLAGS=$(AM_LDFLAGS) -shrext .so.2 -Wl,-version-script=src/libnss-mdns6-la-map-file
+
+ libnss_mdns6_minimal_la_SOURCES=$(libnss_mdns_la_SOURCES)
++EXTRA_libnss_mdns6_minimal_la_DEPENDENCIES=src/libnss-mdns6-minimal-la-map-file
+ libnss_mdns6_minimal_la_CFLAGS=$(libnss_mdns_la_CFLAGS) -DNSS_IPV6_ONLY=1 -DMDNS_MINIMAL
+-libnss_mdns6_minimal_la_LDFLAGS=$(libnss_mdns_la_LDFLAGS)
++libnss_mdns6_minimal_la_LDFLAGS=$(AM_LDFLAGS) -shrext .so.2 -Wl,-version-script=src/libnss-mdns6-minimal-la-map-file
+
+ nss_mdns_la_SOURCES=$(libnss_mdns_la_SOURCES) src/bsdnss.c
+ nss_mdns_la_CFLAGS=$(AM_CFLAGS)
+diff --git a/src/map-file b/src/map-file
+deleted file mode 100644
+index 69e7987..0000000
+--- a/src/map-file
++++ /dev/null
+@@ -1,41 +0,0 @@
+-NSSMDNS_0 {
+-global:
+-
+-_nss_mdns_gethostbyaddr_r;
+-_nss_mdns4_gethostbyaddr_r;
+-_nss_mdns6_gethostbyaddr_r;
+-_nss_mdns_minimal_gethostbyaddr_r;
+-_nss_mdns4_minimal_gethostbyaddr_r;
+-_nss_mdns6_minimal_gethostbyaddr_r;
+-
+-_nss_mdns_gethostbyname_r;
+-_nss_mdns4_gethostbyname_r;
+-_nss_mdns6_gethostbyname_r;
+-_nss_mdns_minimal_gethostbyname_r;
+-_nss_mdns4_minimal_gethostbyname_r;
+-_nss_mdns6_minimal_gethostbyname_r;
+-
+-_nss_mdns_gethostbyname2_r;
+-_nss_mdns4_gethostbyname2_r;
+-_nss_mdns6_gethostbyname2_r;
+-_nss_mdns_minimal_gethostbyname2_r;
+-_nss_mdns4_minimal_gethostbyname2_r;
+-_nss_mdns6_minimal_gethostbyname2_r;
+-
+-_nss_mdns_gethostbyname3_r;
+-_nss_mdns4_gethostbyname3_r;
+-_nss_mdns6_gethostbyname3_r;
+-_nss_mdns_minimal_gethostbyname3_r;
+-_nss_mdns4_minimal_gethostbyname3_r;
+-_nss_mdns6_minimal_gethostbyname3_r;
+-
+-_nss_mdns_gethostbyname4_r;
+-_nss_mdns4_gethostbyname4_r;
+-_nss_mdns6_gethostbyname4_r;
+-_nss_mdns_minimal_gethostbyname4_r;
+-_nss_mdns4_minimal_gethostbyname4_r;
+-_nss_mdns6_minimal_gethostbyname4_r;
+-
+-local:
+-*;
+-};
+diff --git a/src/map-file.in b/src/map-file.in
+new file mode 100644
+index 0000000..caecf41
+--- /dev/null
++++ b/src/map-file.in
+@@ -0,0 +1,14 @@
++NSSMDNS_0 {
++global:
++
++#include "nss.h"
++
++_nss_mdns_gethostbyaddr_r;
++_nss_mdns_gethostbyname2_r;
++_nss_mdns_gethostbyname3_r;
++_nss_mdns_gethostbyname4_r;
++_nss_mdns_gethostbyname_r;
++
++local:
++*;
++};
+diff --git a/src/nss.h b/src/nss.h
+index dd8dbff..d63f51c 100644
+--- a/src/nss.h
++++ b/src/nss.h
+@@ -33,6 +33,7 @@
+ #define _nss_mdns_gethostbyaddr_r _nss_mdns_minimal_gethostbyaddr_r
+ #endif
+
++#ifndef VER_SYM_MAP_GEN
+ // Define prototypes for nss function we're going to export (fixes GCC warnings)
+ #ifndef __FreeBSD__
+ enum nss_status _nss_mdns_gethostbyname4_r(const char*, struct gaih_addrtuple**,
+@@ -50,3 +51,4 @@ enum nss_status _nss_mdns_gethostbyaddr_r(const void*, int, int,
+ int*);
+
+ #endif
++#endif
diff --git a/sys-auth/nss-mdns/nss-mdns-0.15.1.ebuild b/sys-auth/nss-mdns/nss-mdns-0.15.1.ebuild
index 13fffc2c4aae..2c1aa9581be0 100644
--- a/sys-auth/nss-mdns/nss-mdns-0.15.1.ebuild
+++ b/sys-auth/nss-mdns/nss-mdns-0.15.1.ebuild
@@ -1,8 +1,8 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
-inherit multilib-minimal
+inherit autotools multilib-minimal
DESCRIPTION="Name Service Switch module for Multicast DNS"
HOMEPAGE="https://github.com/lathiat/nss-mdns"
@@ -18,6 +18,16 @@ RDEPEND=">=net-dns/avahi-0.6.31-r2[${MULTILIB_USEDEP}]"
DEPEND="${RDEPEND}
test? ( >=dev-libs/check-0.11[${MULTILIB_USEDEP}] )"
+PATCHES=(
+ "${FILESDIR}"/lld-17-undefined-versioned-symbols.patch
+)
+
+src_prepare() {
+ default
+ # Only needed for LLD 17 patch
+ eautoreconf
+}
+
multilib_src_configure() {
local myconf=(
# $(localstatedir)/run/... is used to locate avahi-daemon socket
diff --git a/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r2.ebuild b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r2.ebuild
index 0dc9f747f3cf..e84c116ffdc6 100644
--- a/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r2.ebuild
+++ b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r2.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
-PYTHON_COMPAT=( python3_{9..11} )
+PYTHON_COMPAT=( python3_{10..12} )
inherit autotools python-r1 s6 systemd tmpfiles multilib-minimal
DESCRIPTION="NSS module for name lookups using LDAP"
@@ -12,9 +12,10 @@ SRC_URI="https://arthurdejong.org/${PN}/${P}.tar.gz"
LICENSE="LGPL-2.1"
SLOT="0"
-KEYWORDS="amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc x86"
+KEYWORDS="amd64 arm ~hppa ~ia64 ~ppc ppc64 ~sparc x86"
IUSE="debug kerberos +pam pynslcd sasl test +utils"
REQUIRED_USE="
+ ${PYTHON_REQUIRED_USE}
utils? ( ${PYTHON_REQUIRED_USE} )
test? ( ${PYTHON_REQUIRED_USE} pynslcd )
"
diff --git a/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r3.ebuild b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r3.ebuild
index cac6c0e7ae00..ea0d0a14c8e4 100644
--- a/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r3.ebuild
+++ b/sys-auth/nss-pam-ldapd/nss-pam-ldapd-0.9.12-r3.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
-PYTHON_COMPAT=( python3_{9..11} )
+PYTHON_COMPAT=( python3_{10..12} )
inherit autotools python-r1 s6 systemd tmpfiles multilib-minimal
DESCRIPTION="NSS module for name lookups using LDAP"
@@ -12,9 +12,10 @@ SRC_URI="https://arthurdejong.org/${PN}/${P}.tar.gz"
LICENSE="LGPL-2.1"
SLOT="0"
-KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~sparc ~x86"
+KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc x86"
IUSE="debug kerberos +pam pynslcd sasl selinux test +utils"
REQUIRED_USE="
+ ${PYTHON_REQUIRED_USE}
utils? ( ${PYTHON_REQUIRED_USE} )
test? ( ${PYTHON_REQUIRED_USE} pynslcd )
"
diff --git a/sys-auth/oath-toolkit/Manifest b/sys-auth/oath-toolkit/Manifest
index ffcfbe9528bf..bdd4b255323b 100644
--- a/sys-auth/oath-toolkit/Manifest
+++ b/sys-auth/oath-toolkit/Manifest
@@ -1,2 +1,4 @@
+DIST oath-toolkit-2.6.10.tar.gz 4710528 BLAKE2B 2fd3c890214089b47bc4eb5759735cc921ed73f9eb9fa52aa8cc9f329b9887a45dbc0118ca077aecebc38660388d1be29a94d8c87917361def86f3a9378f5d40 SHA512 b9a4447350593c206aabf4dce09273194d5ac499c4f2fca4e36ba77480793898e3011655451d9147748b56c2a8611e04640ba2aec5f4e96fcd9e967b93b1c1b7
+DIST oath-toolkit-2.6.11.tar.gz 4699215 BLAKE2B f3fa3ab1818f4f9bbf7c8c88432cd3432fbfb30dfcc660ab85f07e2d3d7e1616fc24579900bc55bbf72fb81b2eac4a6591553968872f07d8b3955ce4e6495afd SHA512 42df879bebccdde3d38558ba735e09db14d0c916b9f0d3a1842e0ecc80614b7d1ee44db39d3097970a2a7108446da6eefd09bdd32dd2fb81d6aed06dc19552fd
DIST oath-toolkit-2.6.7.tar.gz 5625279 BLAKE2B 23f377c51eb633bf01d6085d33c7362cd91b6bed1cf4c2bbf32dc9433849e20c53f6896b16e5056b13f420f6a65a3c593fa1dafd7e184ed9e52666d94a7f75d1 SHA512 50edff75c8366887d69cf4740c4cc3bdfc3e43cbd4910ff40f735bca489f0953d7e5a21130f12782ac7a1f2fb00f0db313aff139085f23daba78a69bc7b2eb12
DIST oath-toolkit-2.6.9.tar.gz 4693524 BLAKE2B 572512311bbfa18d325c7b9b8d88ff85c05241c9a22942bc67edf531ed621e68b031dc4562bd8473ec1b1bfe264c8a4084c1c304ba0d24914acc5b21325b8601 SHA512 6e96b5a926f6e2448661fef267dcf9c99167b7bdfc71e319d2ab7ddc051a7be002043485547ad83744209c25ea0d87f8e28f25cccd6856281321f3d22e3cf160
diff --git a/sys-auth/oath-toolkit/files/oath-toolkit-2.6.9-Fix-build-failure-noticed-on-ArchLinux-xmlsec.patch b/sys-auth/oath-toolkit/files/oath-toolkit-2.6.9-Fix-build-failure-noticed-on-ArchLinux-xmlsec.patch
new file mode 100644
index 000000000000..8b0cbacc51f7
--- /dev/null
+++ b/sys-auth/oath-toolkit/files/oath-toolkit-2.6.9-Fix-build-failure-noticed-on-ArchLinux-xmlsec.patch
@@ -0,0 +1,40 @@
+https://bugs.gentoo.org/924395
+
+From 9f2bc8d4278421e2a05598c89f22cdf34929ec66 Mon Sep 17 00:00:00 2001
+From: Simon Josefsson <simon@josefsson.org>
+Date: Sun, 31 Dec 2023 15:42:00 +0100
+Subject: [PATCH] Fix build failure noticed on ArchLinux-xmlsec.
+
+---
+ NEWS | 2 ++
+ libpskc/container.c | 1 +
+ libpskc/parser.c | 1 +
+ 3 files changed, 4 insertions(+)
+
+diff --git a/libpskc/container.c b/libpskc/container.c
+index 639babc..bda2266 100644
+--- a/libpskc/container.c
++++ b/libpskc/container.c
+@@ -24,6 +24,7 @@
+ #include <pskc/pskc.h>
+
+ #include <string.h> /* memset */
++#include <stdlib.h> /* realloc */
+
+ #define INTERNAL_NEED_PSKC_STRUCT
+ #define INTERNAL_NEED_PSKC_KEY_STRUCT
+diff --git a/libpskc/parser.c b/libpskc/parser.c
+index b1f3245..9a1e925 100644
+--- a/libpskc/parser.c
++++ b/libpskc/parser.c
+@@ -28,6 +28,7 @@
+ #include "internal.h"
+
+ #include <string.h>
++#include <stdlib.h> /* malloc, strtoul */
+ #include "base64.h"
+
+ static void
+--
+2.43.0
+
diff --git a/sys-auth/oath-toolkit/oath-toolkit-2.6.10.ebuild b/sys-auth/oath-toolkit/oath-toolkit-2.6.10.ebuild
new file mode 100644
index 000000000000..03d2801fa64c
--- /dev/null
+++ b/sys-auth/oath-toolkit/oath-toolkit-2.6.10.ebuild
@@ -0,0 +1,69 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit pam
+
+DESCRIPTION="Toolkit for using one-time password authentication with HOTP/TOTP algorithms"
+HOMEPAGE="https://www.nongnu.org/oath-toolkit/"
+SRC_URI="mirror://nongnu/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-3 LGPL-2.1"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86"
+IUSE="pam static-libs test"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+ dev-libs/icu:=
+ dev-libs/libxml2
+ dev-libs/xmlsec:=
+ pam? ( sys-libs/pam )
+"
+RDEPEND="${DEPEND}"
+BDEPEND="
+ dev-build/gtk-doc-am
+ test? ( dev-libs/libxml2 )
+"
+
+QA_CONFIG_IMPL_DECL_SKIP=(
+ MIN # glibc fp
+ unreachable
+ alignof
+ static_assert
+)
+
+src_configure() {
+ local myeconfargs=(
+ --cache-file="${S}"/config.cache
+ --enable-pskc
+ $(use_enable test xmltest)
+ $(use_enable pam)
+ $(use_with pam pam-dir $(getpam_mod_dir))
+ $(use_enable static-libs static)
+ )
+
+ econf "${myeconfargs[@]}"
+}
+
+src_test() {
+ # Without keep-going, it will bail out after the first testsuite failure,
+ # skipping the other testsuites. as they are mostly independent, this sucks.
+ emake --keep-going check
+
+ # Avoid errant QA notice for no tests run on these
+ rm -f libpskc/gtk-doc/test-suite.log liboath/gtk-doc/test-suite.log || die
+}
+
+src_install() {
+ default
+
+ find "${ED}" -name '*.la' -type f -delete || die
+
+ if use pam; then
+ newdoc pam_oath/README README.pam
+ fi
+
+ doman pskctool/pskctool.1
+}
diff --git a/sys-auth/oath-toolkit/oath-toolkit-2.6.11.ebuild b/sys-auth/oath-toolkit/oath-toolkit-2.6.11.ebuild
new file mode 100644
index 000000000000..03d2801fa64c
--- /dev/null
+++ b/sys-auth/oath-toolkit/oath-toolkit-2.6.11.ebuild
@@ -0,0 +1,69 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit pam
+
+DESCRIPTION="Toolkit for using one-time password authentication with HOTP/TOTP algorithms"
+HOMEPAGE="https://www.nongnu.org/oath-toolkit/"
+SRC_URI="mirror://nongnu/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-3 LGPL-2.1"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86"
+IUSE="pam static-libs test"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+ dev-libs/icu:=
+ dev-libs/libxml2
+ dev-libs/xmlsec:=
+ pam? ( sys-libs/pam )
+"
+RDEPEND="${DEPEND}"
+BDEPEND="
+ dev-build/gtk-doc-am
+ test? ( dev-libs/libxml2 )
+"
+
+QA_CONFIG_IMPL_DECL_SKIP=(
+ MIN # glibc fp
+ unreachable
+ alignof
+ static_assert
+)
+
+src_configure() {
+ local myeconfargs=(
+ --cache-file="${S}"/config.cache
+ --enable-pskc
+ $(use_enable test xmltest)
+ $(use_enable pam)
+ $(use_with pam pam-dir $(getpam_mod_dir))
+ $(use_enable static-libs static)
+ )
+
+ econf "${myeconfargs[@]}"
+}
+
+src_test() {
+ # Without keep-going, it will bail out after the first testsuite failure,
+ # skipping the other testsuites. as they are mostly independent, this sucks.
+ emake --keep-going check
+
+ # Avoid errant QA notice for no tests run on these
+ rm -f libpskc/gtk-doc/test-suite.log liboath/gtk-doc/test-suite.log || die
+}
+
+src_install() {
+ default
+
+ find "${ED}" -name '*.la' -type f -delete || die
+
+ if use pam; then
+ newdoc pam_oath/README README.pam
+ fi
+
+ doman pskctool/pskctool.1
+}
diff --git a/sys-auth/oath-toolkit/oath-toolkit-2.6.7-r2.ebuild b/sys-auth/oath-toolkit/oath-toolkit-2.6.7-r2.ebuild
index fc1c4389b5cb..58b88b4c38a6 100644
--- a/sys-auth/oath-toolkit/oath-toolkit-2.6.7-r2.ebuild
+++ b/sys-auth/oath-toolkit/oath-toolkit-2.6.7-r2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -23,7 +23,7 @@ DEPEND="
"
RDEPEND="${DEPEND}"
BDEPEND="
- dev-util/gtk-doc-am
+ dev-build/gtk-doc-am
test? ( dev-libs/libxml2 )
"
diff --git a/sys-auth/oath-toolkit/oath-toolkit-2.6.9.ebuild b/sys-auth/oath-toolkit/oath-toolkit-2.6.9.ebuild
index e9692ae5d12d..d7c6b3404ba0 100644
--- a/sys-auth/oath-toolkit/oath-toolkit-2.6.9.ebuild
+++ b/sys-auth/oath-toolkit/oath-toolkit-2.6.9.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -23,7 +23,7 @@ DEPEND="
"
RDEPEND="${DEPEND}"
BDEPEND="
- dev-util/gtk-doc-am
+ dev-build/gtk-doc-am
test? ( dev-libs/libxml2 )
"
@@ -31,6 +31,10 @@ QA_CONFIG_IMPL_DECL_SKIP=(
MIN # glibc fp
)
+PATCHES=(
+ "${FILESDIR}"/${P}-Fix-build-failure-noticed-on-ArchLinux-xmlsec.patch
+)
+
src_configure() {
local myeconfargs=(
--cache-file="${S}"/config.cache
diff --git a/sys-auth/pam_krb5/pam_krb5-4.11.ebuild b/sys-auth/pam_krb5/pam_krb5-4.11.ebuild
index 9b8f4a977e1a..cdaa837b4677 100644
--- a/sys-auth/pam_krb5/pam_krb5-4.11.ebuild
+++ b/sys-auth/pam_krb5/pam_krb5-4.11.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -10,7 +10,7 @@ SRC_URI="https://archives.eyrie.org/software/kerberos/${P/_/-}.tar.xz"
LICENSE="|| ( BSD-2 GPL-2 )"
SLOT="0"
KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~loong ~mips ~ppc ppc64 ~riscv ~s390 sparc x86"
-IUSE=""
+
# tests fail without a /etc/krb5.conf
RESTRICT="test"
diff --git a/sys-auth/pam_mount/Manifest b/sys-auth/pam_mount/Manifest
index caf8020cba63..2de87dd002bc 100644
--- a/sys-auth/pam_mount/Manifest
+++ b/sys-auth/pam_mount/Manifest
@@ -1 +1,2 @@
DIST pam_mount-2.18.tar.xz 324524 BLAKE2B a3f29de8c0a348c98d3e73ac3568595083036fa704b5c34ed17c3660fcc8ff5f64195ad4158af6e351f79865a9128dbb773c7d18bbb07bdff1010e555803cfce SHA512 7f1e373fd7876eddd9226163602ba484ed8a7e1ce92ba6140c1f7603cb205190cb11ad75be41b54d2a6cd21602320d41a65714bfd0af8b5247850a3ef0fe3b22
+DIST pam_mount-2.20.tar.xz 325328 BLAKE2B 2b8a419c8b8604a6546ee5ac2b554d3c90ad04dd58c54bf8904d7e0354a2aafe1ae97a817e67143a24fd8ed40e62008baff94723ced8c4ad2d977e14c3e762ad SHA512 8661dc5ec134c256825df28e53751d1e0e1e881008c3687a56009f4046b3d17c5b9ddd1b1971dff4e023e5d74e5059f486b08a6cab2861a4bee5ba57fbae3454
diff --git a/sys-auth/pam_mount/metadata.xml b/sys-auth/pam_mount/metadata.xml
index 2c4bc1428e94..dd341fea2aca 100644
--- a/sys-auth/pam_mount/metadata.xml
+++ b/sys-auth/pam_mount/metadata.xml
@@ -5,6 +5,6 @@
<email>hanno@gentoo.org</email>
</maintainer>
<upstream>
- <remote-id type="sourceforge">pam-mount</remote-id>
+ <remote-id type="codeberg">jengelh/pam_mount</remote-id>
</upstream>
</pkgmetadata>
diff --git a/sys-auth/pam_mount/pam_mount-2.20.ebuild b/sys-auth/pam_mount/pam_mount-2.20.ebuild
new file mode 100644
index 000000000000..9c0644d8165a
--- /dev/null
+++ b/sys-auth/pam_mount/pam_mount-2.20.ebuild
@@ -0,0 +1,46 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DESCRIPTION="A PAM module that can mount volumes for a user session"
+HOMEPAGE="https://inai.de/projects/pam_mount/"
+SRC_URI="https://inai.de/files/pam_mount/${P}.tar.xz"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="amd64 ppc x86"
+
+IUSE="crypt ssl selinux"
+
+DEPEND="
+ >=sys-libs/pam-0.99
+ >=sys-libs/libhx-3.12.1:=
+ >=sys-apps/util-linux-2.20:=
+ >=dev-libs/libxml2-2.6:=
+ dev-libs/libpcre2
+ crypt? ( >=sys-fs/cryptsetup-1.1.0:= )
+ ssl? ( dev-libs/openssl:0= )
+ selinux? ( sys-libs/libselinux )"
+RDEPEND="${DEPEND}"
+BDEPEND="virtual/pkgconfig"
+
+src_configure() {
+ econf --with-slibdir="/$(get_libdir)" \
+ $(use_with crypt cryptsetup) \
+ $(use_with ssl crypto) \
+ $(use_with selinux)
+}
+
+src_install() {
+ default
+ use selinux || rm -r "${D}"/etc/selinux
+ dodoc doc/*.txt
+
+ # Remove unused nonstandard run-dir, current version uses
+ # FHS-compatible /run, but has leftover mkdir from old version
+ # Upstream report: https://codeberg.org/jengelh/pam_mount/pulls/9
+ rm -r "${D}/var/lib"
+
+ find "${ED}" -name '*.la' -delete || die
+}
diff --git a/sys-auth/pam_ssh/pam_ssh-2.3-r1.ebuild b/sys-auth/pam_ssh/pam_ssh-2.3-r1.ebuild
index d18636bda0c4..112b2a4121ad 100644
--- a/sys-auth/pam_ssh/pam_ssh-2.3-r1.ebuild
+++ b/sys-auth/pam_ssh/pam_ssh-2.3-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -11,7 +11,7 @@ SRC_URI="mirror://sourceforge/pam-ssh/${P}.tar.xz"
LICENSE="BSD-2 BSD ISC"
SLOT="0"
-KEYWORDS="~alpha amd64 arm ~arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux"
+KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux"
# Only supports OpenSSH via `ssh-agent` #282993
DEPEND="sys-libs/pam
diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest
index 4f8623bc342c..14a31170155a 100644
--- a/sys-auth/pambase/Manifest
+++ b/sys-auth/pambase/Manifest
@@ -1 +1,2 @@
DIST pambase-20220214.tar.gz 3372 BLAKE2B fc560005c48598d972cf68bfbd33784be7d7e5a12f5ebcd06e708241a169b1bcf7cb7dcd7109f44c2d9802ae0b294eaeb61782640f0b0cb9767f2ecf8c053c7f SHA512 57d037944cf6d9db69d5eb8ce32b087ac4781fae13c1daba1e248a1818dfcbbf2cb66fce79cad7808f2b0f89d3f3dd05455a1c8f3c976561769b056dc8bf7323
+DIST pambase-20240128.tar.bz2 5131 BLAKE2B 0950fff720f3a9d761a82303eaa7b997bfac635111b6cae772f7d9de2846147dbb4224326e5dba1868cb54a8a76076c2efed6615c861bbfa78256aba4f475da2 SHA512 6b4ad390c46f33947436892a5f19111a1c9f4ded406ae8ffe76539c94d541611b74ba697d76522b46da41f53aae45eb67c274fc0d6caec94d40c1691487624e6
diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml
index 8c6bc7d0d64a..526e8b5c341a 100644
--- a/sys-auth/pambase/metadata.xml
+++ b/sys-auth/pambase/metadata.xml
@@ -67,13 +67,17 @@
will not be compatible with systems using an earlier glibc
version.
</flag>
+ <flag name="sssd">
+ Add System Security Services Daemon (<pkg>sys-auth/sssd</pkg>) support
+ via pam_sss.
+ </flag>
<flag name="yescrypt">
Switch Linux-PAM's pam_unix module to use yescrypt for passwords hashes rather than MD5
</flag>
<flag name="pam_krb5">
Enable pam_krb5 module on system auth stack, as an alternative
- to pam_unix. If Kerberos authentication succeed, only pam_unix
- will be ignore, and all the other modules will proceed as usual,
+ to pam_unix. If Kerberos authentication succeeds, only pam_unix
+ will be ignorde, and all the other modules will proceed as usual,
including Gnome Keyring and other session modules. It requires
<pkg>sys-libs/pam</pkg> as PAM implementation.
</flag>
diff --git a/sys-auth/pambase/pambase-20240128.ebuild b/sys-auth/pambase/pambase-20240128.ebuild
new file mode 100644
index 000000000000..cca2add220e0
--- /dev/null
+++ b/sys-auth/pambase/pambase-20240128.ebuild
@@ -0,0 +1,118 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit pam python-any-r1 readme.gentoo-r1
+
+DESCRIPTION="PAM base configuration files"
+HOMEPAGE="https://github.com/gentoo/pambase"
+
+if [[ ${PV} == *9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="
+ https://anongit.gentoo.org/git/proj/pambase.git
+ https://github.com/gentoo/pambase.git
+ "
+else
+ SRC_URI="https://gitweb.gentoo.org/proj/pambase.git/snapshot/${P}.tar.bz2"
+
+ KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86"
+fi
+
+LICENSE="MIT"
+SLOT="0"
+IUSE="caps debug elogind gnome-keyring homed minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 sssd systemd yescrypt"
+
+RESTRICT="binchecks"
+
+REQUIRED_USE="
+ ?? ( elogind systemd )
+ ?? ( passwdqc pwquality )
+ ?? ( sha512 yescrypt )
+ pwhistory? ( || ( passwdqc pwquality ) )
+ homed? ( !pam_krb5 )
+ pam_krb5? ( !homed )
+"
+
+MIN_PAM_REQ=1.4.0
+
+RDEPEND="
+ >=sys-libs/pam-${MIN_PAM_REQ}
+ elogind? ( sys-auth/elogind[pam] )
+ gnome-keyring? ( gnome-base/gnome-keyring[pam] )
+ mktemp? ( sys-auth/pam_mktemp )
+ pam_krb5? (
+ >=sys-libs/pam-${MIN_PAM_REQ}
+ sys-auth/pam_krb5
+ )
+ caps? ( sys-libs/libcap[pam] )
+ pam_ssh? ( sys-auth/pam_ssh )
+ passwdqc? ( >=sys-auth/passwdqc-1.4.0-r1 )
+ pwquality? ( dev-libs/libpwquality[pam] )
+ selinux? ( sys-libs/pam[selinux] )
+ sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )
+ homed? ( sys-apps/systemd[homed] )
+ systemd? ( sys-apps/systemd[pam] )
+ yescrypt? ( sys-libs/libxcrypt[system] )
+ sssd? ( sys-auth/sssd )
+"
+BDEPEND="
+ $(python_gen_any_dep '
+ dev-python/jinja[${PYTHON_USEDEP}]
+ ')
+"
+
+python_check_deps() {
+ python_has_version "dev-python/jinja[${PYTHON_USEDEP}]"
+}
+
+src_configure() {
+ ${EPYTHON} ./${PN}.py \
+ $(usex caps '--caps' '') \
+ $(usex debug '--debug' '') \
+ $(usex elogind '--elogind' '') \
+ $(usex gnome-keyring '--gnome-keyring' '') \
+ $(usex homed '--homed' '') \
+ $(usex minimal '--minimal' '') \
+ $(usex mktemp '--mktemp' '') \
+ $(usex nullok '--nullok' '') \
+ $(usex pam_krb5 '--krb5' '') \
+ $(usex pam_ssh '--pam-ssh' '') \
+ $(usex passwdqc '--passwdqc' '') \
+ $(usex pwhistory '--pwhistory' '') \
+ $(usex pwquality '--pwquality' '') \
+ $(usex securetty '--securetty' '') \
+ $(usex selinux '--selinux' '') \
+ $(usex sha512 '--sha512' '') \
+ $(usex systemd '--systemd' '') \
+ $(usex yescrypt '--yescrypt' '') \
+ $(usex sssd '--sssd' '') \
+ || die
+}
+
+src_test() { :; }
+
+src_install() {
+ local DOC_CONTENTS
+
+ if use passwdqc; then
+ DOC_CONTENTS="To amend the existing password policy please see the man 5 passwdqc.conf
+ page and then edit the /etc/security/passwdqc.conf file"
+ fi
+
+ if use pwquality; then
+ DOC_CONTENTS="To amend the existing password policy please see the man 5 pwquality.conf
+ page and then edit the /etc/security/pwquality.conf file"
+ fi
+
+ { use passwdqc || use pwquality; } && readme.gentoo_create_doc
+
+ dopamd -r stack/.
+}
+
+pkg_postinst() {
+ { use passwdqc || use pwquality; } && readme.gentoo_print_elog
+}
diff --git a/sys-auth/pambase/pambase-999999999.ebuild b/sys-auth/pambase/pambase-999999999.ebuild
index f1a0a423fa7e..cad46258f14c 100644
--- a/sys-auth/pambase/pambase-999999999.ebuild
+++ b/sys-auth/pambase/pambase-999999999.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
-EAPI=7
+EAPI=8
-PYTHON_COMPAT=( python3_{9..11} )
+PYTHON_COMPAT=( python3_{10..12} )
inherit pam python-any-r1 readme.gentoo-r1
@@ -12,16 +12,19 @@ HOMEPAGE="https://github.com/gentoo/pambase"
if [[ ${PV} == *9999 ]]; then
inherit git-r3
- EGIT_REPO_URI="https://github.com/gentoo/pambase.git"
+ EGIT_REPO_URI="
+ https://anongit.gentoo.org/git/proj/pambase.git
+ https://github.com/gentoo/pambase.git
+ "
else
- SRC_URI="https://github.com/gentoo/pambase/archive/${P}.tar.gz"
- KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86"
- S="${WORKDIR}/${PN}-${P}"
+ SRC_URI="https://gitweb.gentoo.org/proj/pambase.git/snapshot/${P}.tar.bz2"
+
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
fi
LICENSE="MIT"
SLOT="0"
-IUSE="caps debug elogind gnome-keyring homed minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 systemd yescrypt"
+IUSE="caps debug elogind gnome-keyring homed minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 sssd systemd yescrypt"
RESTRICT="binchecks"
@@ -54,11 +57,13 @@ RDEPEND="
homed? ( sys-apps/systemd[homed] )
systemd? ( sys-apps/systemd[pam] )
yescrypt? ( sys-libs/libxcrypt[system] )
+ sssd? ( sys-auth/sssd )
"
-
-BDEPEND="$(python_gen_any_dep '
+BDEPEND="
+ $(python_gen_any_dep '
dev-python/jinja[${PYTHON_USEDEP}]
- ')"
+ ')
+"
python_check_deps() {
python_has_version "dev-python/jinja[${PYTHON_USEDEP}]"
@@ -84,6 +89,7 @@ src_configure() {
$(usex sha512 '--sha512' '') \
$(usex systemd '--systemd' '') \
$(usex yescrypt '--yescrypt' '') \
+ $(usex sssd '--sssd' '') \
|| die
}
diff --git a/sys-auth/passwdqc/Manifest b/sys-auth/passwdqc/Manifest
index 48eb4b6d7b16..f42837f74669 100644
--- a/sys-auth/passwdqc/Manifest
+++ b/sys-auth/passwdqc/Manifest
@@ -1,3 +1 @@
-DIST passwdqc-1.4.0.tar.gz 55219 BLAKE2B 3f96a2d219ee23f11db2ad8ba433eaa56b97a263ad1a49159e0356b779cb4486ec9aa74cd7002fdd6d273e5a7bae4fe1b94e02f60256d331e5afc30d63e81360 SHA512 b9be6632688a1d7d929ec546679a366a67d44e7841e106c7f739a8e0656842866125160c87b04c8e0b3189a3e85eb182aa789196f68925b2f8ec71cd6a479800
-DIST passwdqc-2.0.2.tar.gz 88796 BLAKE2B 4be0180dbee38d124cc5fd3780fcc27b276bd9370c59c83a9c037b67f18518873bd34d23f779125ac0b5e8bb1f40a5e8e24dc65bfe5919f735f96d4f625cebdb SHA512 60f91ad7c86314b0d9ad97a2474a1a5bbb8b41491b274e09f7300d8a609cfffb0688bf39d4e715f647f3c87bfee429cb5e01f1a641a14eea3f55b223610ed8ec
DIST passwdqc-2.0.3.tar.gz 89608 BLAKE2B d4d999f1da011041e947fcf40b28977c825e7be2a9edfe641205f433862607e958d74b6e11ef5222e9791985a55dc3117c71d47b9516c521bb64ff4cddee77d5 SHA512 08a1ee0e7efe0be8af8b253147836c479247a849baf598a1ad573a050ef4b8700fdb725fd887877f82f9207f3654f489f71267cc4051ce8ebf2405125b77b6b9
diff --git a/sys-auth/passwdqc/passwdqc-1.4.0-r2.ebuild b/sys-auth/passwdqc/passwdqc-1.4.0-r2.ebuild
deleted file mode 100644
index 90ea5b5ec52c..000000000000
--- a/sys-auth/passwdqc/passwdqc-1.4.0-r2.ebuild
+++ /dev/null
@@ -1,73 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit flag-o-matic pam toolchain-funcs
-
-DESCRIPTION="Password strength checking library (and PAM module)"
-HOMEPAGE="http://www.openwall.com/passwdqc/"
-SRC_URI="http://www.openwall.com/${PN}/${P}.tar.gz"
-
-LICENSE="Openwall BSD public-domain"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux"
-
-RDEPEND="sys-libs/pam
- virtual/libcrypt:="
-DEPEND="${RDEPEND}"
-
-pkg_setup() {
- QA_FLAGS_IGNORED="/$(get_libdir)/security/pam_passwdqc.so
- /usr/$(get_libdir)/libpasswdqc.so.0"
-}
-
-src_prepare() {
- default
- sed -i -e 's:`uname -s`:Linux:' Makefile || die
-
- # ship our own default settings
- cat <<- EOF > "${S}/passwdqc.conf"
- min=8,8,8,8,8
- max=40
- passphrase=3
- match=4
- similar=deny
- random=47
- enforce=everyone
- retry=3
- EOF
-
-}
-
-src_configure() {
- # ideally we want !tc-ld-is-bfd for best future-proofing, but it needs
- # https://github.com/gentoo/gentoo/pull/28355
- # mold needs this too but right now tc-ld-is-mold is also not available
- if tc-ld-is-lld; then
- append-ldflags -Wl,--undefined-version
- fi
-
- default
-}
-
-_emake() {
- emake \
- SHARED_LIBDIR="/usr/$(get_libdir)" \
- SECUREDIR="$(getpam_mod_dir)" \
- CONFDIR="/etc/security" \
- CFLAGS="${CFLAGS} ${CPPFLAGS}" \
- LDFLAGS="${LDFLAGS}" \
- CC="$(tc-getCC)" \
- LD="$(tc-getCC)" \
- "$@"
-}
-
-src_compile() {
- _emake all
-}
-
-src_install() {
- _emake DESTDIR="${ED}" install_lib install_pam install_utils
- dodoc README PLATFORMS INTERNALS
-}
diff --git a/sys-auth/passwdqc/passwdqc-2.0.2-r1.ebuild b/sys-auth/passwdqc/passwdqc-2.0.2-r1.ebuild
deleted file mode 100644
index 2710ce4c24dc..000000000000
--- a/sys-auth/passwdqc/passwdqc-2.0.2-r1.ebuild
+++ /dev/null
@@ -1,73 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit flag-o-matic pam toolchain-funcs
-
-DESCRIPTION="Password strength checking library (and PAM module)"
-HOMEPAGE="http://www.openwall.com/passwdqc/"
-SRC_URI="http://www.openwall.com/${PN}/${P}.tar.gz"
-
-LICENSE="Openwall BSD public-domain"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux"
-
-RDEPEND="sys-libs/pam
- virtual/libcrypt:="
-DEPEND="${RDEPEND}"
-
-pkg_setup() {
- QA_FLAGS_IGNORED="/$(get_libdir)/security/pam_passwdqc.so
- /usr/$(get_libdir)/libpasswdqc.so.1"
-}
-
-src_prepare() {
- default
- sed -i -e 's:`uname -s`:Linux:' Makefile || die
-
- # ship our own default settings
- cat <<- EOF > "${S}/passwdqc.conf"
- min=disabled,24,11,8,7
- max=72
- passphrase=3
- match=4
- similar=deny
- random=47
- enforce=everyone
- retry=3
- EOF
-
-}
-
-src_configure() {
- # ideally we want !tc-ld-is-bfd for best future-proofing, but it needs
- # https://github.com/gentoo/gentoo/pull/28355
- # mold needs this too but right now tc-ld-is-mold is also not available
- if tc-ld-is-lld; then
- append-ldflags -Wl,--undefined-version
- fi
-
- default
-}
-
-_emake() {
- emake \
- SHARED_LIBDIR="/usr/$(get_libdir)" \
- SECUREDIR="$(getpam_mod_dir)" \
- CONFDIR="/etc/security" \
- CFLAGS="${CFLAGS} ${CPPFLAGS}" \
- LDFLAGS="${LDFLAGS}" \
- CC="$(tc-getCC)" \
- LD="$(tc-getCC)" \
- "$@"
-}
-
-src_compile() {
- _emake all
-}
-
-src_install() {
- _emake DESTDIR="${ED}" install_lib install_pam install_utils
- dodoc README PLATFORMS INTERNALS
-}
diff --git a/sys-auth/passwdqc/passwdqc-2.0.3-r1.ebuild b/sys-auth/passwdqc/passwdqc-2.0.3-r1.ebuild
index e93fc3fbfa78..b1dbf9048f69 100644
--- a/sys-auth/passwdqc/passwdqc-2.0.3-r1.ebuild
+++ b/sys-auth/passwdqc/passwdqc-2.0.3-r1.ebuild
@@ -11,7 +11,7 @@ SRC_URI="http://www.openwall.com/${PN}/${P}.tar.gz"
LICENSE="Openwall BSD public-domain"
SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
+KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux"
RDEPEND="
sys-libs/pam
diff --git a/sys-auth/passwdqc/passwdqc-2.0.3.ebuild b/sys-auth/passwdqc/passwdqc-2.0.3.ebuild
deleted file mode 100644
index 1f921efc60bb..000000000000
--- a/sys-auth/passwdqc/passwdqc-2.0.3.ebuild
+++ /dev/null
@@ -1,65 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit pam toolchain-funcs
-
-DESCRIPTION="Password strength checking library (and PAM module)"
-HOMEPAGE="http://www.openwall.com/passwdqc/"
-SRC_URI="http://www.openwall.com/${PN}/${P}.tar.gz"
-
-LICENSE="Openwall BSD public-domain"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux"
-
-RDEPEND="
- sys-libs/pam
- virtual/libcrypt:=
-"
-DEPEND="${RDEPEND}"
-
-QA_FLAGS_IGNORED="
- lib*/security/pam_passwdqc.so
- usr/lib*/libpasswdqc.so.1
-"
-
-src_prepare() {
- default
-
- sed -i -e 's:`uname -s`:Linux:' Makefile || die
-
- # Ship our own default settings
- cat <<- EOF > "${S}/passwdqc.conf"
- min=disabled,24,11,8,7
- max=72
- passphrase=3
- match=4
- similar=deny
- random=47
- enforce=none
- retry=3
- EOF
-
-}
-
-_emake() {
- emake \
- SHARED_LIBDIR="/usr/$(get_libdir)" \
- SECUREDIR="$(getpam_mod_dir)" \
- CONFDIR="/etc/security" \
- CFLAGS="${CFLAGS} ${CPPFLAGS}" \
- LDFLAGS="${LDFLAGS}" \
- CC="$(tc-getCC)" \
- LD="$(tc-getCC)" \
- "$@"
-}
-
-src_compile() {
- _emake all
-}
-
-src_install() {
- _emake DESTDIR="${ED}" install_lib install_pam install_utils
- dodoc README PLATFORMS INTERNALS
-}
diff --git a/sys-auth/polkit-qt/Manifest b/sys-auth/polkit-qt/Manifest
index dc394746a2ad..13d9a367b01c 100644
--- a/sys-auth/polkit-qt/Manifest
+++ b/sys-auth/polkit-qt/Manifest
@@ -1 +1,2 @@
DIST polkit-qt-1-0.114.0.tar.xz 58384 BLAKE2B e788198e386797ba9b4c228a451dde703f83e79c81eacaf805e431a3f60c0832adc3faef4616e3008dfaa816d7dc5a7a80aaf02936ea232373e78e0d008724ca SHA512 4a16d9428d5ccc0107dcbd67c29ecba196424e555dc43d55cf2b6e0e7b72c99f894e9c994eaed85a9536010d67a19f20fe74f792c0d6b9ca0e05ce85f655f9a8
+DIST polkit-qt-1-0.200.0.tar.xz 58216 BLAKE2B 4edd1577178d4b61889f3da3699f36e0b3251c38b111c0c219ad9c9585ff32845034c068a5c382c29baa1d9cd8d723378422dafb4ea8734766da1b8032025826 SHA512 a09214043fa874234086a5de4d27153368dbe775dd6d573dd2531f2f2be79eb22bf73bbfb2a3a839c20c0347762e7af86b73ba38a05b2dcd43e59526e29c008d
diff --git a/sys-auth/polkit-qt/polkit-qt-0.114.0-r3.ebuild b/sys-auth/polkit-qt/polkit-qt-0.114.0-r3.ebuild
index 464e34718786..500f97b02646 100644
--- a/sys-auth/polkit-qt/polkit-qt-0.114.0-r3.ebuild
+++ b/sys-auth/polkit-qt/polkit-qt-0.114.0-r3.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -12,7 +12,7 @@ HOMEPAGE="https://api.kde.org/polkit-qt-1/html/"
if [[ ${KDE_BUILD_TYPE} = release ]]; then
SRC_URI="mirror://kde/stable/${KDE_ORG_NAME}/${KDE_ORG_NAME}-${PV}.tar.xz"
- KEYWORDS="amd64 ~arm arm64 ~loong ~ppc ~ppc64 ~riscv x86"
+ KEYWORDS="amd64 ~arm arm64 ~loong ~ppc ppc64 ~riscv x86"
fi
LICENSE="LGPL-2"
diff --git a/sys-auth/polkit-qt/polkit-qt-0.200.0.ebuild b/sys-auth/polkit-qt/polkit-qt-0.200.0.ebuild
new file mode 100644
index 000000000000..ccd0336422ba
--- /dev/null
+++ b/sys-auth/polkit-qt/polkit-qt-0.200.0.ebuild
@@ -0,0 +1,60 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+KDE_ORG_CATEGORY="libraries"
+KDE_ORG_NAME="polkit-qt-1"
+inherit cmake kde.org multibuild
+
+DESCRIPTION="Qt wrapper around polkit-1 client libraries"
+HOMEPAGE="https://api.kde.org/polkit-qt-1/html/"
+
+if [[ ${KDE_BUILD_TYPE} = release ]]; then
+ SRC_URI="mirror://kde/stable/${KDE_ORG_NAME}/${KDE_ORG_NAME}-${PV}.tar.xz"
+ KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~x86"
+fi
+
+LICENSE="LGPL-2"
+SLOT="0"
+IUSE="+qt5 qt6"
+REQUIRED_USE="|| ( qt5 qt6 )"
+
+RDEPEND="
+ dev-libs/glib:2
+ >=sys-auth/polkit-0.103
+ qt5? (
+ dev-qt/qtcore:5
+ dev-qt/qtdbus:5
+ dev-qt/qtgui:5
+ dev-qt/qtwidgets:5
+ )
+ qt6? ( dev-qt/qtbase:6[dbus,gui,widgets] )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="virtual/pkgconfig"
+
+DOCS=( AUTHORS README README.porting TODO )
+
+pkg_setup() {
+ MULTIBUILD_VARIANTS=( $(usev qt5) $(usev qt6) )
+}
+
+src_configure() {
+ myconfigure() {
+ local mycmakeargs=(
+ -DBUILD_EXAMPLES=OFF
+ -DQT_MAJOR_VERSION=${MULTIBUILD_VARIANT/qt/}
+ )
+ cmake_src_configure
+ }
+ multibuild_foreach_variant myconfigure
+}
+
+src_compile() {
+ multibuild_foreach_variant cmake_src_compile
+}
+
+src_install() {
+ multibuild_foreach_variant cmake_src_install
+}
diff --git a/sys-auth/polkit/Manifest b/sys-auth/polkit/Manifest
index f4ec97d2f7df..6827b9281360 100644
--- a/sys-auth/polkit/Manifest
+++ b/sys-auth/polkit/Manifest
@@ -1,2 +1,3 @@
DIST polkit-122.tar.bz2 704972 BLAKE2B 601ed969de816d061a974b07490d64c144940898a75d4e1761462ee1ff0f00686b068298fa6fdc901879d8cd4bea4334c0187aa5bde50acf90728c37e73e21f4 SHA512 a7c0a951bbcdb09899adbc128296c74fc062441e996f4d6a782b214178f0936137e2fdc489eaa86a00599b988711735a5bd9b5c3b93bdb42fb915db9f9b04e26
DIST polkit-123.tar.bz2 707480 BLAKE2B 27d8764606d8156118269fb4cd5eda1cfd0d56df219e4157cd78fd4c2a2d001c474271b7bb31e7e82ca376eacd26411418695058cc888700690606348b4d014a SHA512 4306363d3ed7311243de462832199bd10ddda35e36449104daff0895725d8189b07a4c88340f28607846fdf761c23470da2d43288199c46aa816426384124bb6
+DIST polkit-124.tar.bz2 715490 BLAKE2B ecfc1ec73a7e1bbdf7374642ad4e1dbe534149a27e75bb1235eaa446ff912466ee0cdd978c34b7f110bc62a49b25ffddc9011e280686e3f304a234454be85a40 SHA512 db520882b0bedf1c96052570bf4c55d7e966d8172f6d26acf0791d98c4b911fce5ee39e6d830f06122ac8df33c6b43c252cdb7ba3a54523804824ebf355405dc
diff --git a/sys-auth/polkit/files/polkit-124-systemd-fixup.patch b/sys-auth/polkit/files/polkit-124-systemd-fixup.patch
new file mode 100644
index 000000000000..a4dd7eafcf92
--- /dev/null
+++ b/sys-auth/polkit/files/polkit-124-systemd-fixup.patch
@@ -0,0 +1,28 @@
+https://bugs.gentoo.org/922458
+https://github.com/polkit-org/polkit/pull/417/files#r1458416421
+--- a/meson.build
++++ b/meson.build
+@@ -212,14 +212,17 @@ if enable_logind
+ config_h.set10('HAVE_' + func.to_upper(), cc.has_function(func, dependencies: logind_dep))
+
+ # systemd unit / service files
+- systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
+ systemd_systemdsystemunitdir = get_option('systemdsystemunitdir')
+- if systemd_systemdsystemunitdir == '' and session_tracking == 'libsystemd-login'
+- # FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used
+- systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir')
+- endif
++ if session_tracking == 'libsystemd-login'
++ systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
+
+- systemd_sysusers_dir = systemd_dep.get_pkgconfig_variable('sysusers_dir', default: '/usr/lib/sysusers.d')
++ if systemd_systemdsystemunitdir == ''
++ # FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used
++ systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir')
++ endif
++
++ systemd_sysusers_dir = systemd_dep.get_pkgconfig_variable('sysusers_dir', default: '/usr/lib/sysusers.d')
++ endif
+ endif
+ config_h.set('HAVE_LIBSYSTEMD', enable_logind)
+
diff --git a/sys-auth/polkit/files/polkit-124-systemd.patch b/sys-auth/polkit/files/polkit-124-systemd.patch
new file mode 100644
index 000000000000..e9b10e99e5da
--- /dev/null
+++ b/sys-auth/polkit/files/polkit-124-systemd.patch
@@ -0,0 +1,50 @@
+https://github.com/polkit-org/polkit/pull/417
+
+From 69d6b94d590b4dd1fbbac22b4f4d449f46ef61aa Mon Sep 17 00:00:00 2001
+From: Luca Boccassi <bluca@debian.org>
+Date: Thu, 18 Jan 2024 15:07:32 +0000
+Subject: [PATCH] meson: fix build failure when -Dsystemdsystemunitdir is
+ specified
+
+When 'systemdsystemunitdir' is specified as an option the systemd_dep
+variable is not defined, but the sysusers.d directory lookup uses it,
+causing a build failure:
+
+dh_auto_configure -- \
+ -Dexamples=false \
+ -Dintrospection=true \
+ -Dman=true \
+ -Dsystemdsystemunitdir=/usr/lib/systemd/system \
+ -Dtests=true \
+ -Dgtk_doc=true -Dsession_tracking=libsystemd-login
+ cd obj-x86_64-linux-gnu && DEB_PYTHON_INSTALL_LAYOUT=deb LC_ALL=C.UTF-8 meson setup .. --wrap-mode=nodownload --buildtype=plain --prefix=/usr --sysconfdir=/etc --localstatedir=/var --libdir=lib/x86_64-linux-gnu -Dpython.bytecompile=-1 -Dexamples=false -Dintrospection=true -Dman=true -Dsystemdsystemunitdir=/usr/lib/systemd/system -Dtests=true -Dgtk_doc=true -Dsession_tracking=libsystemd-login
+The Meson build system
+Version: 1.3.1
+Source dir: /builds/bluca/polkit/debian/output/source_dir
+Build dir: /builds/bluca/polkit/debian/output/source_dir/obj-x86_64-linux-gnu
+Build type: native build
+Project name: polkit
+Project version: 124
+
+<...>
+
+Run-time dependency libsystemd found: YES 255
+Checking for function "sd_uid_get_display" with dependency libsystemd: YES
+Checking for function "sd_pidfd_get_session" with dependency libsystemd: YES
+../meson.build:222:37: ERROR: Unknown variable "systemd_dep".
+
+Follow-up for 24f1e0af3f7bd17e220cb96201f3c654e737ad34
+--- a/meson.build
++++ b/meson.build
+@@ -212,9 +212,9 @@ if enable_logind
+ config_h.set10('HAVE_' + func.to_upper(), cc.has_function(func, dependencies: logind_dep))
+
+ # systemd unit / service files
++ systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
+ systemd_systemdsystemunitdir = get_option('systemdsystemunitdir')
+ if systemd_systemdsystemunitdir == '' and session_tracking == 'libsystemd-login'
+- systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
+ # FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used
+ systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir')
+ endif
+
diff --git a/sys-auth/polkit/metadata.xml b/sys-auth/polkit/metadata.xml
index e4fe842bbae0..420dae0ebcd2 100644
--- a/sys-auth/polkit/metadata.xml
+++ b/sys-auth/polkit/metadata.xml
@@ -5,11 +5,11 @@
<email>freedesktop-bugs@gentoo.org</email>
</maintainer>
<use>
- <flag name="daemon">Build polkitd in addition to libpolkit. Those using <pkg>sys-apps/dbus-broker</pkg> may wish to disable this flag.</flag>
+ <flag name="daemon">Build polkitd in addition to libpolkit.</flag>
<flag name="duktape">Use <pkg>dev-lang/duktape</pkg> instead of <pkg>dev-lang/spidermonkey</pkg> as JavaScript engine</flag>
<flag name="systemd">Use <pkg>sys-apps/systemd</pkg> for session tracking</flag>
</use>
<upstream>
- <remote-id type="freedesktop-gitlab">polkit/polkit</remote-id>
+ <remote-id type="github">polkit-org/polkit</remote-id>
</upstream>
</pkgmetadata>
diff --git a/sys-auth/polkit/polkit-123.ebuild b/sys-auth/polkit/polkit-123.ebuild
index 10339bf91bae..fae107ce5592 100644
--- a/sys-auth/polkit/polkit-123.ebuild
+++ b/sys-auth/polkit/polkit-123.ebuild
@@ -22,7 +22,7 @@ fi
LICENSE="LGPL-2"
SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86"
IUSE="+daemon +duktape examples gtk +introspection kde pam selinux systemd test"
# https://gitlab.freedesktop.org/polkit/polkit/-/issues/181 for test restriction
RESTRICT="!test? ( test ) test"
diff --git a/sys-auth/polkit/polkit-124-r1.ebuild b/sys-auth/polkit/polkit-124-r1.ebuild
new file mode 100644
index 000000000000..d5ae6fcf9f54
--- /dev/null
+++ b/sys-auth/polkit/polkit-124-r1.ebuild
@@ -0,0 +1,165 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..12} )
+inherit meson pam pax-utils python-any-r1 systemd xdg-utils
+
+DESCRIPTION="Policy framework for controlling privileges for system-wide services"
+HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit"
+if [[ ${PV} == *_p* ]] ; then
+ # Upstream don't make releases very often. Test snapshots throughly
+ # and review commits, but don't shy away if there's useful stuff there
+ # we want.
+ MY_COMMIT=""
+ SRC_URI="https://gitlab.freedesktop.org/polkit/polkit/-/archive/${MY_COMMIT}/polkit-${MY_COMMIT}.tar.bz2 -> ${P}.tar.bz2"
+
+ S="${WORKDIR}"/${PN}-${MY_COMMIT}
+else
+ SRC_URI="https://gitlab.freedesktop.org/polkit/polkit/-/archive/${PV}/${P}.tar.bz2"
+fi
+
+LICENSE="LGPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+IUSE="+daemon +duktape examples gtk +introspection kde pam selinux systemd test"
+# https://gitlab.freedesktop.org/polkit/polkit/-/issues/181 for test restriction
+RESTRICT="!test? ( test ) test"
+
+# This seems to be fixed with 121?
+#if [[ ${PV} == *_p* ]] ; then
+# RESTRICT="!test? ( test )"
+#else
+# # Tests currently don't work with meson in the dist tarballs. See
+# # https://gitlab.freedesktop.org/polkit/polkit/-/issues/144
+# RESTRICT="test"
+#fi
+
+BDEPEND="
+ acct-user/polkitd
+ app-text/docbook-xml-dtd:4.1.2
+ app-text/docbook-xsl-stylesheets
+ dev-libs/glib
+ dev-libs/gobject-introspection-common
+ dev-libs/libxslt
+ dev-util/glib-utils
+ sys-devel/gettext
+ virtual/pkgconfig
+ introspection? ( >=dev-libs/gobject-introspection-0.6.2 )
+ test? (
+ $(python_gen_any_dep '
+ dev-python/dbus-python[${PYTHON_USEDEP}]
+ dev-python/python-dbusmock[${PYTHON_USEDEP}]
+ ')
+ )
+"
+DEPEND="
+ >=dev-libs/glib-2.32:2
+ dev-libs/expat
+ daemon? (
+ duktape? ( dev-lang/duktape:= )
+ !duktape? ( dev-lang/spidermonkey:115[-debug] )
+ )
+ pam? (
+ sys-auth/pambase
+ sys-libs/pam
+ )
+ !pam? ( virtual/libcrypt:= )
+ systemd? ( sys-apps/systemd:0=[policykit] )
+ !systemd? ( sys-auth/elogind )
+"
+RDEPEND="
+ ${DEPEND}
+ acct-user/polkitd
+ selinux? ( sec-policy/selinux-policykit )
+"
+PDEPEND="
+ gtk? ( || (
+ >=gnome-extra/polkit-gnome-0.105
+ >=lxde-base/lxsession-0.5.2
+ ) )
+ kde? ( kde-plasma/polkit-kde-agent )
+"
+
+DOCS=( docs/TODO HACKING.md NEWS.md README.md )
+
+QA_MULTILIB_PATHS="
+ usr/lib/polkit-1/polkit-agent-helper-1
+ usr/lib/polkit-1/polkitd
+"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-124-systemd.patch
+ "${FILESDIR}"/${PN}-124-systemd-fixup.patch
+)
+
+python_check_deps() {
+ python_has_version "dev-python/dbus-python[${PYTHON_USEDEP}]" &&
+ python_has_version "dev-python/python-dbusmock[${PYTHON_USEDEP}]"
+}
+
+pkg_setup() {
+ use test && python-any-r1_pkg_setup
+}
+
+src_prepare() {
+ default
+
+ # bug #401513
+ sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die
+}
+
+src_configure() {
+ xdg_environment_reset
+
+ local emesonargs=(
+ --localstatedir="${EPREFIX}"/var
+ -Dauthfw="$(usex pam pam shadow)"
+ -Dexamples=false
+ -Dgtk_doc=false
+ -Dman=true
+ -Dos_type=gentoo
+ -Dsession_tracking="$(usex systemd libsystemd-login libelogind)"
+ -Dsystemdsystemunitdir="$(systemd_get_systemunitdir)"
+ -Djs_engine=$(usex duktape duktape mozjs)
+ $(meson_use !daemon libs-only)
+ $(meson_use introspection)
+ $(meson_use test tests)
+ $(usex pam "-Dpam_module_dir=$(getpam_mod_dir)" '')
+ )
+ meson_src_configure
+}
+
+src_compile() {
+ meson_src_compile
+
+ # Required for polkitd on hardened/PaX due to spidermonkey's JIT
+ pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest
+}
+
+src_install() {
+ meson_src_install
+
+ # acct-user/polkitd installs its own (albeit with a different filename)
+ rm -rf "${ED}"/usr/lib/sysusers.d || die
+
+ if use examples ; then
+ docinto examples
+ dodoc src/examples/{*.c,*.policy*}
+ fi
+
+ if use daemon; then
+ if [[ ${EUID} == 0 ]]; then
+ diropts -m 0700 -o polkitd
+ fi
+ keepdir /etc/polkit-1/rules.d
+ fi
+}
+
+pkg_postinst() {
+ if use daemon && [[ ${EUID} == 0 ]]; then
+ chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
+ chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
+ fi
+}
diff --git a/sys-auth/rtkit/rtkit-0.13-r2.ebuild b/sys-auth/rtkit/rtkit-0.13-r2.ebuild
index 48ba78ba090a..fd13fbac19c3 100644
--- a/sys-auth/rtkit/rtkit-0.13-r2.ebuild
+++ b/sys-auth/rtkit/rtkit-0.13-r2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -11,7 +11,7 @@ SRC_URI="https://github.com/heftig/${PN}/releases/download/v${PV}/${P}.tar.xz"
LICENSE="GPL-3 BSD"
SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ppc ppc64 sparc x86"
+KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ppc ppc64 ~riscv sparc x86"
IUSE="selinux systemd"
BDEPEND="virtual/pkgconfig"
diff --git a/sys-auth/seatd/Manifest b/sys-auth/seatd/Manifest
index 273b094f6b87..a5d51ded54e6 100644
--- a/sys-auth/seatd/Manifest
+++ b/sys-auth/seatd/Manifest
@@ -1,2 +1 @@
-DIST seatd-0.7.0.tar.gz 39198 BLAKE2B eddae25b353a5ff4da8aa8b41ead6e6ebab6ffa321376887769cbaf22c3c1b8448d84758749714b82d6ca2d602f2140042634bbeb9312449d8ac207b3774851e SHA512 c81c43994b92672a388bf255edb1fe24d3dba7ece2eb35f9fedc05cc0b8e464e9167ffed037645c4072430fe7b3b8fc80cc99f21fb5100654b5dd23a94742e66
DIST seatd-0.8.0.tar.gz 39349 BLAKE2B 920270808f28c85badb173af22edb03960f2b9cdce5af3124c64fe68c52a77f002272d2f19e97d107303c55ad6de498d279f6b05311793270c6ee84565fc435e SHA512 93b1e5c170564ce9654e4df9985af95cb505274b36e950998bb1f16803d2d46712140eded2bdd8d5e85aec62070afd9c224184276d79a0ff0813408dfc472db7
diff --git a/sys-auth/seatd/seatd-0.7.0-r2.ebuild b/sys-auth/seatd/seatd-0.7.0-r2.ebuild
deleted file mode 100644
index 568f20ede190..000000000000
--- a/sys-auth/seatd/seatd-0.7.0-r2.ebuild
+++ /dev/null
@@ -1,62 +0,0 @@
-# Copyright 2020-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit meson systemd
-
-DESCRIPTION="Minimal seat management daemon and universal library"
-HOMEPAGE="https://sr.ht/~kennylevinsen/seatd"
-if [[ ${PV} == 9999 ]]; then
- inherit git-r3
- EGIT_REPO_URI="https://git.sr.ht/~kennylevinsen/seatd"
-else
- KEYWORDS="~alpha amd64 arm arm64 ~ia64 ~loong ~ppc ppc64 ~riscv ~sparc x86"
- SRC_URI="https://git.sr.ht/~kennylevinsen/seatd/archive/${PV}.tar.gz -> ${P}.tar.gz"
-fi
-LICENSE="MIT"
-SLOT="0/1"
-IUSE="builtin elogind server systemd"
-REQUIRED_USE="?? ( elogind systemd )"
-
-DEPEND="
- elogind? ( sys-auth/elogind )
- systemd? ( sys-apps/systemd )
-"
-RDEPEND="${DEPEND}
- server? ( acct-group/seat )
-"
-BDEPEND=">=app-text/scdoc-1.9.7"
-
-src_configure() {
- local emesonargs=(
- -Dman-pages=enabled
- $(meson_feature builtin libseat-builtin)
- $(meson_feature server)
- )
-
- if use elogind ; then
- emesonargs+=( -Dlibseat-logind=elogind )
- elif use systemd; then
- emesonargs+=( -Dlibseat-logind=systemd )
- else
- emesonargs+=( -Dlibseat-logind=disabled )
- fi
-
- meson_src_configure
-}
-
-src_install() {
- meson_src_install
-
- if use server; then
- newinitd "${FILESDIR}/seatd.initd-r1" seatd
- systemd_dounit contrib/systemd/seatd.service
-
- if has_version '<sys-auth/seatd-0.7.0-r2'; then
- elog "For OpenRC users: seatd is now using the 'seat' group instead of the 'video' group"
- elog "Make sure your user(s) are in the 'seat' group."
- elog "Note: 'video' is still needed for GPU access like OpenGL"
- fi
- fi
-}
diff --git a/sys-auth/skey/skey-1.1.5-r14.ebuild b/sys-auth/skey/skey-1.1.5-r14.ebuild
index 813f7155f171..f91749db5148 100644
--- a/sys-auth/skey/skey-1.1.5-r14.ebuild
+++ b/sys-auth/skey/skey-1.1.5-r14.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -7,7 +7,7 @@ inherit autotools readme.gentoo-r1 toolchain-funcs usr-ldscript
DESCRIPTION="Linux Port of OpenBSD Single-key Password System"
HOMEPAGE="https://web.archive.org/web/20160710152027/http://www.openbsd.org:80/faq/faq8.html#SKey"
-SRC_URI="mirror://gentoo/${P}.tar.bz2
+SRC_URI="https://dev.gentoo.org/~ulm/distfiles/${P}.tar.bz2
https://dev.gentoo.org/~ulm/distfiles/${P}-patches-7.tar.xz"
LICENSE="BSD MIT RSA BEER-WARE"
diff --git a/sys-auth/solo1/solo1-0.1.1-r1.ebuild b/sys-auth/solo1/solo1-0.1.1-r1.ebuild
index adb8f5c22183..0e8e190536f4 100644
--- a/sys-auth/solo1/solo1-0.1.1-r1.ebuild
+++ b/sys-auth/solo1/solo1-0.1.1-r1.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
-PYTHON_COMPAT=( python3_{9..11} )
+PYTHON_COMPAT=( python3_{10..12} )
DISTUTILS_USE_PEP517=flit
inherit distutils-r1 pypi
diff --git a/sys-auth/sssd/Manifest b/sys-auth/sssd/Manifest
index e2f173e39988..99b108e1bbf8 100644
--- a/sys-auth/sssd/Manifest
+++ b/sys-auth/sssd/Manifest
@@ -1,2 +1,2 @@
-DIST sssd-2.6.0.tar.gz 7440969 BLAKE2B 6b05fcea09ef10a5b2f373dc6a66032edc4c4f46f65f42fdc9ffb5b676025095e16de4a86b3088351c22746e062829d1d68fa7e960cccb7c5a77d960e6d38e2a SHA512 0b9e169424cbadfa6132a3e5e9789facf82f04cce94cb5344b8ff49370ae8817c2cb16cf21caddf6a7cd42e661d5ff5bf97843d79681683aacff0053ff93f64b
DIST sssd-2.9.1.tar.gz 7943540 BLAKE2B 9113b63d54beb40ba85c5b5c75068197317b3b8088119cf6557c6b4aed113d2d67f0bc64fc68fb34f4dbef54cccdb8b32ef44112115930751fdec5ec92e0a09b SHA512 eb7345dcfbbd51f005f67ee5032364d369d24589111ded60701e2dbe09563f0b862d343f231dd2e9d548acd8c560a036c8b88a0601f9aa048a7202da8202cd9b
+DIST sssd-2.9.4.tar.gz 7982544 BLAKE2B 6ed23787f1c029abc89f2bbe516787ddbe2fa39f052b75b965972b0a3532c66076f16b775258c5ee6f4ac9ef63bd6ab5bad1a3b660bcac135b3af460d0f14748 SHA512 9546cf074628f32137b16ca0c763988785271124244b645d1e786762e8578f10d983793a29bffcc004b064452fe8d465476a3041688d2f3c11c2751fb5bec3e2
diff --git a/sys-auth/sssd/files/sssd-2.6.0-conditional-python-install.patch b/sys-auth/sssd/files/sssd-2.6.0-conditional-python-install.patch
deleted file mode 100644
index 04c18ceede8c..000000000000
--- a/sys-auth/sssd/files/sssd-2.6.0-conditional-python-install.patch
+++ /dev/null
@@ -1,19 +0,0 @@
---- a/src/tools/analyzer/Makefile.am
-+++ b/src/tools/analyzer/Makefile.am
-@@ -1,5 +1,7 @@
- pkgpythondir = $(python3dir)/sssd
-+modulesdir = $(pkgpythondir)/modules
-
-+if BUILD_PYTHON_BINDINGS
- dist_pkgpython_SCRIPTS = \
- sss_analyze.py \
- $(NULL)
-@@ -10,7 +12,7 @@
- source_reader.py \
- $(NULL)
-
--modulesdir = $(pkgpythondir)/modules
- dist_modules_DATA = \
- modules/request.py \
- $(NULL)
-+endif
diff --git a/sys-auth/sssd/metadata.xml b/sys-auth/sssd/metadata.xml
index 628b459ea0a0..a4f6c50a3f9e 100644
--- a/sys-auth/sssd/metadata.xml
+++ b/sys-auth/sssd/metadata.xml
@@ -15,10 +15,9 @@
</maintainer>
<use>
<flag name="acl"> Build and use the cifsidmap plugin</flag>
- <flag name="locator">Install sssd's Kerberos plugin</flag>
+ <flag name="keyutils">Controls whether the kernel keyring should be used via <pkg>sys-apps/keyutils</pkg></flag>
<flag name="netlink">Add support for netlink protocol via <pkg>dev-libs/libnl</pkg></flag>
<flag name="nfsv4">Add support for the nfsv4 idmapd plugin provided by <pkg>net-fs/nfs-utils</pkg></flag>
- <flag name="pac">Add Privileged Attribute Certificate Support for Kerberos</flag>
<flag name="samba">Add Privileged Attribute Certificate Support for Kerberos</flag>
<flag name="subid">Support subordinate uid and gid ranges in FreeIPA</flag>
<flag name="sudo">Build helper to let <pkg>app-admin/sudo</pkg> use sssd provided information</flag>
diff --git a/sys-auth/sssd/sssd-2.9.1.ebuild b/sys-auth/sssd/sssd-2.9.1-r1.ebuild
index 416554744465..af43a0ad6b5a 100644
--- a/sys-auth/sssd/sssd-2.9.1.ebuild
+++ b/sys-auth/sssd/sssd-2.9.1-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -24,7 +24,7 @@ fi
LICENSE="GPL-3"
SLOT="0"
KEYWORDS="amd64 ~arm ~arm64 ~hppa ~m68k ~mips ~ppc ~ppc64 ~riscv ~sparc x86"
-IUSE="acl doc +netlink nfsv4 nls +man python samba selinux subid sudo systemd systemtap test"
+IUSE="acl doc keyutils +netlink nfsv4 nls +man python samba selinux subid sudo systemd systemtap test"
REQUIRED_USE="
python? ( ${PYTHON_REQUIRED_USE} )
test? ( sudo )"
@@ -44,7 +44,6 @@ DEPEND="
>=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}]
>=net-nds/openldap-2.4.30:=[sasl,experimental]
>=sys-apps/dbus-1.6
- >=sys-apps/keyutils-1.5:=
>=sys-libs/pam-0-r1[${MULTILIB_USEDEP}]
>=sys-libs/talloc-2.0.7
>=sys-libs/tdb-1.2.9
@@ -52,6 +51,7 @@ DEPEND="
>=sys-libs/ldb-1.1.17-r1:=
virtual/libintl
acl? ( net-fs/cifs-utils[acl] )
+ keyutils? ( >=sys-apps/keyutils-1.5:= )
netlink? ( dev-libs/libnl:3 )
nfsv4? ( >=net-fs/nfs-utils-2.3.1-r2 )
nls? ( >=sys-devel/gettext-0.18 )
@@ -73,13 +73,13 @@ DEPEND="
sys-apps/systemd:=
sys-apps/util-linux
)
- systemtap? ( dev-util/systemtap )"
+ systemtap? ( dev-debug/systemtap )"
RDEPEND="${DEPEND}
selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )"
BDEPEND="
virtual/pkgconfig
${PYTHON_DEPS}
- doc? ( app-doc/doxygen )
+ doc? ( app-text/doxygen )
man? (
app-text/docbook-xml-dtd:4.4
>=dev-libs/libxslt-1.1.26
@@ -172,6 +172,9 @@ src_configure() {
multilib_src_configure() {
local myconf=()
+ export ac_cv_header_keyutils_h=$(usex keyutils)
+ export ac_cv_lib_keyutils_add_key=$(usex keyutils)
+
myconf+=(
--libexecdir="${EPREFIX}"/usr/libexec
--localstatedir="${EPREFIX}"/var
diff --git a/sys-auth/sssd/sssd-2.6.0-r2.ebuild b/sys-auth/sssd/sssd-2.9.4.ebuild
index ed2f740d4b06..d83be12eeecc 100644
--- a/sys-auth/sssd/sssd-2.6.0-r2.ebuild
+++ b/sys-auth/sssd/sssd-2.9.4.ebuild
@@ -1,22 +1,31 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
-EAPI=7
+EAPI=8
-PYTHON_COMPAT=( python3_{9..11} )
+PLOCALES="ca de es fr ja ko pt_BR ru sv tr uk"
+PLOCALES_BIN="${PLOCALES} bg cs eu fi hu id it ka nb nl pl pt tg zh_TW zh_CN"
+PLOCALE_BACKUP="sv"
+PYTHON_COMPAT=( python3_{10..12} )
-inherit autotools linux-info multilib-minimal optfeature python-single-r1 pam systemd toolchain-funcs
+inherit autotools linux-info multilib-minimal optfeature plocale \
+ python-single-r1 pam systemd toolchain-funcs
DESCRIPTION="System Security Services Daemon provides access to identity and authentication"
HOMEPAGE="https://github.com/SSSD/sssd"
-SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz"
+if [[ ${PV} != 9999 ]]; then
+ SRC_URI="https://github.com/SSSD/sssd/releases/download/${PV}/${P}.tar.gz"
+ KEYWORDS="amd64 ~arm ~arm64 ~hppa ~m68k ~mips ~ppc ~ppc64 ~riscv ~sparc x86"
+else
+ inherit git-r3
+ EGIT_REPO_URI="https://github.com/SSSD/sssd.git"
+ EGIT_BRANCH="master"
+fi
LICENSE="GPL-3"
SLOT="0"
-KEYWORDS="amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~sparc x86"
-IUSE="acl doc +locator +netlink nfsv4 nls +man pac python samba selinux sudo systemd systemtap test"
+IUSE="acl doc +netlink nfsv4 nls +man python samba selinux subid sudo systemd systemtap test"
REQUIRED_USE="
- pac? ( samba )
python? ( ${PYTHON_REQUIRED_USE} )
test? ( sudo )"
RESTRICT="!test? ( test )"
@@ -26,13 +35,14 @@ DEPEND="
app-crypt/p11-kit
>=dev-libs/ding-libs-0.2
>=dev-libs/cyrus-sasl-2.1.25-r3[kerberos]
+ dev-libs/jansson:=
dev-libs/libpcre2:=
+ dev-libs/libunistring:=
>=dev-libs/popt-1.16
>=dev-libs/openssl-1.0.2:=
- dev-libs/libunistring:=
>=net-dns/bind-tools-9.9[gssapi]
- >=net-dns/c-ares-1.7.4:=
- >=net-nds/openldap-2.4.30:=[sasl]
+ >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}]
+ >=net-nds/openldap-2.4.30:=[sasl,experimental]
>=sys-apps/dbus-1.6
>=sys-apps/keyutils-1.5:=
>=sys-libs/pam-0-r1[${MULTILIB_USEDEP}]
@@ -42,28 +52,39 @@ DEPEND="
>=sys-libs/ldb-1.1.17-r1:=
virtual/libintl
acl? ( net-fs/cifs-utils[acl] )
- locator? ( >=net-dns/c-ares-1.10.0-r1:=[${MULTILIB_USEDEP}] )
netlink? ( dev-libs/libnl:3 )
nfsv4? ( >=net-fs/nfs-utils-2.3.1-r2 )
- pac? ( net-fs/samba )
- python? ( ${PYTHON_DEPS} )
+ nls? ( >=sys-devel/gettext-0.18 )
+ python? (
+ ${PYTHON_DEPS}
+ systemd? (
+ $(python_gen_cond_dep '
+ dev-python/python-systemd[${PYTHON_USEDEP}]
+ ')
+ )
+ )
samba? ( >=net-fs/samba-4.10.2[winbind] )
selinux? (
>=sys-libs/libselinux-2.1.9
>=sys-libs/libsemanage-2.1
)
+ subid? ( >=sys-apps/shadow-4.9 )
systemd? (
sys-apps/systemd:=
sys-apps/util-linux
)
- systemtap? ( dev-util/systemtap )"
+ systemtap? ( dev-debug/systemtap )"
RDEPEND="${DEPEND}
- >=sys-libs/glibc-2.17[nscd]
selinux? ( >=sec-policy/selinux-sssd-2.20120725-r9 )"
BDEPEND="
virtual/pkgconfig
${PYTHON_DEPS}
- doc? ( app-doc/doxygen )
+ doc? ( app-text/doxygen )
+ man? (
+ app-text/docbook-xml-dtd:4.4
+ >=dev-libs/libxslt-1.1.26
+ nls? ( app-text/po4a )
+ )
nls? ( sys-devel/gettext )
test? (
dev-libs/check
@@ -75,15 +96,14 @@ BDEPEND="
sys-libs/pam_wrapper
sys-libs/uid_wrapper
)
- man? (
- app-text/docbook-xml-dtd:4.4
- >=dev-libs/libxslt-1.1.26
- nls? ( app-text/po4a )
- )"
+"
CONFIG_CHECK="~KEYS"
-PATCHES=( "${FILESDIR}"/${PN}-2.6.0-conditional-python-install.patch )
+PATCHES=(
+ "${FILESDIR}/${PN}-2.8.2-krb5_pw_locked.patch"
+ "${FILESDIR}/${PN}-2.9.1-conditional-python-install.patch"
+)
MULTILIB_WRAPPED_HEADERS=(
/usr/include/ipa_hbac.h
@@ -104,6 +124,26 @@ pkg_setup() {
src_prepare() {
default
+ plocale_get_locales > src/man/po/LINGUAS || die
+
+ sed -i \
+ -e "/_langs]/ s/ .*//" \
+ src/man/po/po4a.cfg \
+ || die
+ enable_locale() {
+ local locale=${1}
+
+ sed -i \
+ -e "/_langs]/ s/$/ ${locale}/" \
+ src/man/po/po4a.cfg \
+ || die
+ }
+
+ plocale_for_each_locale enable_locale
+
+ PLOCALES="${PLOCALES_BIN}"
+ plocale_get_locales > po/LINGUAS || die
+
sed -i \
-e 's:/var/run:/run:' \
src/examples/logrotate \
@@ -130,8 +170,10 @@ multilib_src_configure() {
local myconf=()
myconf+=(
+ --libexecdir="${EPREFIX}"/usr/libexec
--localstatedir="${EPREFIX}"/var
--runstatedir="${EPREFIX}"/run
+ --sbindir="${EPREFIX}"/usr/sbin
--with-pid-path="${EPREFIX}"/run
--with-plugin-path="${EPREFIX}"/usr/$(get_libdir)/sssd
--enable-pammoddir="${EPREFIX}"/$(getpam_mod_dir)
@@ -143,20 +185,20 @@ multilib_src_configure() {
--with-mcache-path="${EPREFIX}"/var/lib/sss/mc
--with-secrets-db-path="${EPREFIX}"/var/lib/sss/secrets
--with-log-path="${EPREFIX}"/var/log/sssd
+ --with-kcm
+ --enable-kcm-renewal
--with-os=gentoo
--disable-rpath
--disable-static
# Valgrind is only used for tests
--disable-valgrind
- --sbindir="${EPREFIX}"/usr/sbin
- $(multilib_native_use_with systemd kcm)
$(use_with samba)
--with-smb-idmap-interface-version=6
$(multilib_native_use_enable acl cifs-idmap-plugin)
$(multilib_native_use_with selinux)
$(multilib_native_use_with selinux semanage)
- $(use_enable locator krb5-locator-plugin)
- $(use_enable pac pac-responder)
+ --enable-krb5-locator-plugin
+ $(use_enable samba pac-responder)
$(multilib_native_use_with nfsv4 nfsv4-idmapd-plugin)
$(use_enable nls)
$(multilib_native_use_with netlink libnl)
@@ -164,6 +206,9 @@ multilib_src_configure() {
$(multilib_native_use_with sudo)
$(multilib_native_with autofs)
$(multilib_native_with ssh)
+ --without-oidc-child
+ --without-passkey
+ $(use_with subid)
$(use_enable systemtap)
--without-python2-bindings
$(multilib_native_use_with python python3-bindings)
@@ -181,9 +226,9 @@ multilib_src_configure() {
{POPT,TALLOC,TDB,TEVENT,LDB}_{CFLAGS,LIBS}=' '
# ldb headers are fine since native needs it
# ldb lib fails... but it does not seem to bother
- {DHASH,COLLECTION,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' '
- {PCRE,CARES,SYSTEMD_LOGIN,SASL,GLIB2,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' '
- {NDR_NBT,SMBCLIENT,NDR_KRB5PAC}_{CFLAGS,LIBS}=' '
+ {DHASH,UNISTRING,INI_CONFIG_V{0,1,1_1,1_3}}_{CFLAGS,LIBS}=' '
+ {PCRE,CARES,SYSTEMD_LOGIN,SASL,DBUS,CRYPTO,P11_KIT}_{CFLAGS,LIBS}=' '
+ {NDR_NBT,SAMBA_UTIL,SMBCLIENT,NDR_KRB5PAC,JANSSON}_{CFLAGS,LIBS}=' '
# use native include path for dbus (needed for build)
DBUS_CFLAGS="${native_dbus_cflags}"
@@ -191,6 +236,7 @@ multilib_src_configure() {
# non-pkgconfig checks
ac_cv_lib_ldap_ldap_search=yes
--without-kcm
+ --without-manpages
)
fi
@@ -201,13 +247,10 @@ multilib_src_compile() {
if multilib_is_native_abi; then
default
use doc && emake docs
- if use man || use nls; then
- emake update-po
- fi
else
- emake libnss_sss.la pam_sss.la
- use locator && emake sssd_krb5_locator_plugin.la
- use pac && emake sssd_pac_plugin.la
+ emake libnss_sss.la pam_sss.la pam_sss_gss.la
+ emake sssd_krb5_locator_plugin.la
+ use samba && emake sssd_pac_plugin.la
fi
}
@@ -228,16 +271,15 @@ multilib_src_install() {
else
# easier than playing with automake...
dopammod .libs/pam_sss.so
+ dopammod .libs/pam_sss_gss.so
into /
dolib.so .libs/libnss_sss.so*
- if use locator; then
- exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5
- doexe .libs/sssd_krb5_locator_plugin.so
- fi
+ exeinto /usr/$(get_libdir)/krb5/plugins/libkrb5
+ doexe .libs/sssd_krb5_locator_plugin.so
- if use pac; then
+ if use samba; then
exeinto /usr/$(get_libdir)/krb5/plugins/authdata
doexe .libs/sssd_pac_plugin.so
fi
@@ -270,7 +312,7 @@ multilib_src_install_all() {
# strip empty dirs
if ! use doc; then
rm -r "${ED}"/usr/share/doc/"${PF}"/doc || die
- rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap,sss_simpleifp}_doc || die
+ rm -r "${ED}"/usr/share/doc/"${PF}"/{hbac,idmap,nss_idmap}_doc || die
fi
rm -r "${ED}"/run || die
@@ -280,6 +322,6 @@ multilib_src_install_all() {
pkg_postinst() {
elog "You must set up sssd.conf (default installed into /etc/sssd)"
elog "and (optionally) configuration in /etc/pam.d in order to use SSSD"
- elog "features. Please see howto in https://sssd.io/docs/design_pages/smartcard_authentication_require.html"
+ elog "features."
optfeature "Kerberos keytab renew (see krb5_renew_interval)" app-crypt/adcli
}
diff --git a/sys-auth/yubico-piv-tool/Manifest b/sys-auth/yubico-piv-tool/Manifest
index 096d74301322..881856fd979b 100644
--- a/sys-auth/yubico-piv-tool/Manifest
+++ b/sys-auth/yubico-piv-tool/Manifest
@@ -1 +1,3 @@
DIST yubico-piv-tool-2.3.1.tar.gz 1315267 BLAKE2B 9b7d96129f3cab4fd68d18d0bbbf8dfa5fdda383ffb8099f898e23c99d0f1caf387a26cb9d01582521a070b93bac941b8a10faac736137cb72c86fbf5c95d2f8 SHA512 44cd9c482f2a2942d10a238ac2cb2d40df7cd11ddc27d6df88912512e956746b5634018b421d5cc4b947e4c36f9841898d5a08eb613bf22558089103dab95988
+DIST yubico-piv-tool-2.4.2.tar.gz 1332497 BLAKE2B ba08b19fe4659842fdfad06d662120a9d2858e25a56d56f63edc88e607c5b56a79f5ca90826fb8b78295e218ff1a728a168d04f330b7f640a9f3e804528320ed SHA512 032a91c9ac50cb5604a56ec0d0a84cf64bfff5440930a1643bddcd15cf02fc44d33d949286b2595eb4c196cb31050c13f507b32f3156d4600fdad46057b65b56
+DIST yubico-piv-tool-2.5.1.tar.gz 1340147 BLAKE2B 96638e22bf03046daae5ba4b4d689cfe6d7e1f8ebbf64695bd3e259ca7e53513ff92933c935294536c504fc96b2ed1c7df4b9962b1789803eb9576b51715f00e SHA512 736aeeac3d9368699b33e928cfb5b54ad6aa1450acf734397bc689ba9ccc82077f46f7ea2bd06dd1457b91eb50f7a0231a57914b3ea2ff0f07d425b4d27b96e4
diff --git a/sys-auth/yubico-piv-tool/yubico-piv-tool-2.4.2.ebuild b/sys-auth/yubico-piv-tool/yubico-piv-tool-2.4.2.ebuild
new file mode 100644
index 000000000000..42a6ee70a2dc
--- /dev/null
+++ b/sys-auth/yubico-piv-tool/yubico-piv-tool-2.4.2.ebuild
@@ -0,0 +1,48 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake
+
+DESCRIPTION="Command-line tool and p11-kit module for the YubiKey PIV application"
+HOMEPAGE="https://developers.yubico.com/yubico-piv-tool/ https://github.com/Yubico/yubico-piv-tool"
+SRC_URI="https://developers.yubico.com/${PN}/Releases/${P}.tar.gz"
+
+LICENSE="BSD-2"
+SLOT="0/2"
+KEYWORDS="amd64 ~arm64 ~riscv"
+IUSE="test"
+
+RESTRICT="!test? ( test )"
+
+RDEPEND="sys-apps/pcsc-lite
+ dev-libs/openssl:=[-bindist(-)]"
+DEPEND="${RDEPEND}
+ test? ( dev-libs/check )"
+BDEPEND="dev-util/gengetopt
+ sys-apps/help2man
+ virtual/pkgconfig"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-2.1.1-tests-optional.patch
+ "${FILESDIR}"/${PN}-2.1.1-ykcs11-threads.patch
+ "${FILESDIR}"/${PN}-2.3.0-no-Werror.patch
+)
+
+src_configure() {
+ local mycmakeargs=(
+ -DBUILD_STATIC_LIB=OFF
+ -DBUILD_TESTING=$(usex test)
+ )
+ cmake_src_configure
+}
+
+src_install() {
+ cmake_src_install
+
+ echo "module: ${EPREFIX}/usr/$(get_libdir)/libykcs11.so" > ${PN}.module \
+ || die "Failed to generate p11-kit module configuration"
+ insinto /usr/share/p11-kit/modules
+ doins ${PN}.module
+}
diff --git a/sys-auth/yubico-piv-tool/yubico-piv-tool-2.5.1.ebuild b/sys-auth/yubico-piv-tool/yubico-piv-tool-2.5.1.ebuild
new file mode 100644
index 000000000000..68122cc758d6
--- /dev/null
+++ b/sys-auth/yubico-piv-tool/yubico-piv-tool-2.5.1.ebuild
@@ -0,0 +1,48 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake
+
+DESCRIPTION="Command-line tool and p11-kit module for the YubiKey PIV application"
+HOMEPAGE="https://developers.yubico.com/yubico-piv-tool/ https://github.com/Yubico/yubico-piv-tool"
+SRC_URI="https://developers.yubico.com/${PN}/Releases/${P}.tar.gz"
+
+LICENSE="BSD-2"
+SLOT="0/2"
+KEYWORDS="~amd64 ~arm64 ~riscv"
+IUSE="test"
+
+RESTRICT="!test? ( test )"
+
+RDEPEND="sys-apps/pcsc-lite
+ dev-libs/openssl:=[-bindist(-)]"
+DEPEND="${RDEPEND}
+ test? ( dev-libs/check )"
+BDEPEND="dev-util/gengetopt
+ sys-apps/help2man
+ virtual/pkgconfig"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-2.1.1-tests-optional.patch
+ "${FILESDIR}"/${PN}-2.1.1-ykcs11-threads.patch
+ "${FILESDIR}"/${PN}-2.3.0-no-Werror.patch
+)
+
+src_configure() {
+ local mycmakeargs=(
+ -DBUILD_STATIC_LIB=OFF
+ -DBUILD_TESTING=$(usex test)
+ )
+ cmake_src_configure
+}
+
+src_install() {
+ cmake_src_install
+
+ echo "module: ${EPREFIX}/usr/$(get_libdir)/libykcs11.so" > ${PN}.module \
+ || die "Failed to generate p11-kit module configuration"
+ insinto /usr/share/p11-kit/modules
+ doins ${PN}.module
+}