public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-auth/pambase/
Date: Sat, 06 Sep 2025 20:57:08 +0000 (UTC)	[thread overview]
Message-ID: <1757192128.e9ab218a16d07af32c94e5917c51c70537622a94.sam@gentoo> (raw)

commit:     e9ab218a16d07af32c94e5917c51c70537622a94
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sat Sep  6 20:55:28 2025 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Sep  6 20:55:28 2025 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e9ab218a

sys-auth/pambase: add 20250906

Sam James (3):
      Add pam_gnome_keybase to auth, session stacks too
      Keep pam_gnome_keyring in passwd too
      Run pam_mktemp then pam_env

Closes: https://bugs.gentoo.org/780441
Signed-off-by: Sam James <sam <AT> gentoo.org>

 sys-auth/pambase/Manifest                |   1 +
 sys-auth/pambase/pambase-20250906.ebuild | 129 +++++++++++++++++++++++++++++++
 2 files changed, 130 insertions(+)

diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest
index 7168378e37d5..a4a3c71e4315 100644
--- a/sys-auth/pambase/Manifest
+++ b/sys-auth/pambase/Manifest
@@ -3,3 +3,4 @@ DIST pambase-20240128.tar.bz2 5131 BLAKE2B 0950fff720f3a9d761a82303eaa7b997bfac6
 DIST pambase-20250223.tar.bz2 5124 BLAKE2B ea89d43c93d85baafa1a6951ae80c6306c762ab0524f84de86ed4b6a1abc1056e85c6b1f13012615ce2db40e113ce51e17ddcd274d5f4f4f94a0ec9315318500 SHA512 ce31d08f3fa51879cddab158ffed3dc9929c37a56e7dc2f757f7e87e72076a75d10874cba2020f398a198c0156ffc4ecc2ec5d6d654ca36f135a4f1837094b57
 DIST pambase-20250228.tar.bz2 5144 BLAKE2B ab4c8e84cc21e25ac12b66a3d9943becb62d4f53c2f9c201c79f2a1f1f1320f4bad2b56a2a76924386d7dbe9656abf5a0bd92bbbedda23088a26128aa743e79f SHA512 e2ccbcd0c3e6f9fb035a2489a79bdfff5f12fe9393517d3b7ddb3bbd7a6a6e5b358663b1423166b0250931d50f608bb81a9f486fc53dbc7126b3980617387c94
 DIST pambase-20250826.tar.bz2 4925 BLAKE2B c6929aa506b94b9215bd2c686fd9965d6c3a77f36c7a2d114ca5b2c39a30e2209a84408ee855559837d54161e359723889b89bb9c048bb36b00c7156495968fc SHA512 c9bc07ac617891ddab6f2a8358b10899462d9b54fcc3642d222dd2402914f24225854103b6c581aa2041fb0feb0f94688e07aad10ab94c3a629b4cd2937bd785
+DIST pambase-20250906.tar.bz2 4972 BLAKE2B b65da13a265d5a3df1e84546a8f6e1447d7ea5a40fe4a44488691c4a182cf4b3d13d20ce85778f549d217ebf4b4511e71f5f285b34edf9e9e18bab50b0d22c82 SHA512 639d87169fafb0e44401104ade7dfaa7a5d6bd473d9e4e3c35a0fb87aaf73a383d406ee05944a3190750e55e59decd867ab3f773664f9fb787f40acc05826d1c

diff --git a/sys-auth/pambase/pambase-20250906.ebuild b/sys-auth/pambase/pambase-20250906.ebuild
new file mode 100644
index 000000000000..810cd47a7139
--- /dev/null
+++ b/sys-auth/pambase/pambase-20250906.ebuild
@@ -0,0 +1,129 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{11..13} )
+
+inherit edo pam python-any-r1 readme.gentoo-r1
+
+DESCRIPTION="PAM base configuration files"
+HOMEPAGE="https://github.com/gentoo/pambase"
+
+if [[ ${PV} == *9999 ]]; then
+	inherit git-r3
+	EGIT_REPO_URI="
+		https://anongit.gentoo.org/git/proj/pambase.git
+		https://github.com/gentoo/pambase.git
+	"
+else
+	SRC_URI="https://gitweb.gentoo.org/proj/pambase.git/snapshot/${P}.tar.bz2"
+
+	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+fi
+
+LICENSE="MIT"
+SLOT="0"
+IUSE="caps debug elogind gnome-keyring homed minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 sssd systemd yescrypt"
+
+RESTRICT="binchecks"
+
+REQUIRED_USE="
+	?? ( elogind systemd )
+	?? ( passwdqc pwquality )
+	?? ( sha512 yescrypt )
+	pwhistory? ( || ( passwdqc pwquality ) )
+	homed? ( !pam_krb5 )
+	pam_krb5? ( !homed )
+"
+
+MIN_PAM_REQ=1.4.0
+
+RDEPEND="
+	>=sys-libs/pam-${MIN_PAM_REQ}
+	elogind? ( sys-auth/elogind[pam] )
+	gnome-keyring? ( gnome-base/gnome-keyring[pam] )
+	mktemp? ( sys-auth/pam_mktemp )
+	pam_krb5? (
+		>=sys-libs/pam-${MIN_PAM_REQ}
+		sys-auth/pam_krb5
+	)
+	caps? ( sys-libs/libcap[pam] )
+	pam_ssh? ( sys-auth/pam_ssh )
+	passwdqc? ( >=sys-auth/passwdqc-1.4.0-r1 )
+	pwquality? ( dev-libs/libpwquality[pam] )
+	selinux? ( sys-libs/pam[selinux] )
+	sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )
+	homed? ( sys-apps/systemd[homed] )
+	systemd? ( sys-apps/systemd[pam] )
+	yescrypt? ( sys-libs/libxcrypt[system] )
+	sssd? ( sys-auth/sssd )
+"
+BDEPEND="
+	$(python_gen_any_dep '
+		dev-python/jinja2[${PYTHON_USEDEP}]
+	')
+"
+
+python_check_deps() {
+	python_has_version "dev-python/jinja2[${PYTHON_USEDEP}]"
+}
+
+src_configure() {
+	local crypt=md5
+	# TODO: sha256, blowfish, gost_yescrypt
+	use sha512 && crypt=sha512
+	use yescrypt && crypt=yescrypt
+
+	local pamargs=(
+		# Not all 'upstream' options are (currently) wired up
+		# in the ebuild.
+		#
+		# TODO: pam_shells
+		$(usev caps '--caps')
+		$(usev debug '--debug')
+		$(usev elogind '--elogind')
+		$(usev gnome-keyring '--gnome-keyring')
+		$(usev homed '--homed')
+		$(usev minimal '--minimal')
+		$(usev mktemp '--mktemp')
+		$(usev nullok '--nullok')
+		$(usev pam_krb5 '--krb5')
+		$(usev pam_ssh '--pam-ssh')
+		$(usev passwdqc '--passwdqc')
+		$(usev pwhistory '--pwhistory')
+		$(usev pwquality '--pwquality')
+		$(usev securetty '--securetty')
+		$(usev selinux '--selinux')
+		$(usex systemd '--systemd' '--openrc')
+		$(usev sssd '--sssd')
+
+		--encrypt=${crypt}
+	)
+
+	edo ${EPYTHON} ./${PN}.py "${pamargs[@]}"
+}
+
+src_test() { :; }
+
+src_install() {
+	local DOC_CONTENTS
+
+	if use passwdqc; then
+		DOC_CONTENTS="To amend the existing password policy please see the man 5 passwdqc.conf
+				page and then edit the /etc/security/passwdqc.conf file"
+	fi
+
+	if use pwquality; then
+		DOC_CONTENTS="To amend the existing password policy please see the man 5 pwquality.conf
+				page and then edit the /etc/security/pwquality.conf file"
+	fi
+
+	{ use passwdqc || use pwquality; } && readme.gentoo_create_doc
+
+	dopamd -r stack/.
+}
+
+pkg_postinst() {
+	{ use passwdqc || use pwquality; } && readme.gentoo_print_elog
+}

next             reply	other threads:[~2025-09-06 20:57 UTC|newest]

Thread overview: 138+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-09-06 20:57 Sam James [this message]
  -- strict thread matches above, loose matches on Subject: below --
2025-09-06 20:57 [gentoo-commits] repo/gentoo:master commit in: sys-auth/pambase/ Sam James
2025-08-28 19:45 Sam James
2025-08-28 19:45 Sam James
2025-08-28 19:45 Sam James
2025-08-28 19:45 Sam James
2025-08-28 19:45 Sam James
2025-08-28 19:45 Sam James
2025-08-28 19:40 Sam James
2025-08-26 14:03 Sam James
2025-08-26 14:00 Sam James
2025-08-26 13:50 Sam James
2025-08-26 13:49 Sam James
2025-04-13 21:22 Sam James
2025-03-27 17:56 Arthur Zamarin
2025-03-27 13:55 Sam James
2025-03-27 13:55 Sam James
2025-03-27 13:55 Sam James
2025-03-27 13:55 Sam James
2025-03-27 13:43 Sam James
2025-03-27 13:43 Sam James
2025-02-28 10:13 Sam James
2025-02-28 10:12 Sam James
2025-02-28  3:43 Sam James
2025-02-23 23:53 Sam James
2024-04-13  6:26 Arthur Zamarin
2024-03-14  9:12 Sam James
2024-03-14  7:36 Arthur Zamarin
2024-03-14  7:34 Sam James
2024-03-14  6:44 Sam James
2024-03-14  6:23 Sam James
2024-03-14  6:11 Sam James
2024-03-14  6:06 Sam James
2024-01-28  8:16 Sam James
2024-01-19  5:49 Sam James
2024-01-19  5:39 Sam James
2023-06-24  1:18 Sam James
2023-01-14 23:11 Sam James
2022-12-11 16:19 Sam James
2022-12-11 12:53 Sam James
2022-10-28 19:53 Sam James
2022-08-08  6:08 Sam James
2022-07-06  6:02 Arthur Zamarin
2022-07-03  8:59 Agostino Sarubbo
2022-07-03  8:52 Agostino Sarubbo
2022-07-03  8:51 Agostino Sarubbo
2022-07-03  8:51 Agostino Sarubbo
2022-07-03  8:50 Agostino Sarubbo
2022-07-03  8:49 Agostino Sarubbo
2022-07-03  8:48 Agostino Sarubbo
2022-02-14 17:14 Sam James
2021-12-19 11:12 Sam James
2021-12-18 17:53 Mikle Kolyada
2021-12-18 17:48 Mikle Kolyada
2021-11-14 12:36 Mikle Kolyada
2021-06-01 19:09 Mikle Kolyada
2021-06-01 19:09 Mikle Kolyada
2021-02-18 16:03 Mikle Kolyada
2021-02-02 20:59 Sam James
2021-02-01 19:08 Mikle Kolyada
2021-02-01 14:01 Mikle Kolyada
2020-12-22 18:39 Mikle Kolyada
2020-12-22 18:20 Mikle Kolyada
2020-11-04 11:01 Mikle Kolyada
2020-11-04 11:01 Mikle Kolyada
2020-11-03  7:38 Sam James
2020-11-03  7:23 Sam James
2020-10-29 20:56 Mikle Kolyada
2020-10-28 19:28 Mikle Kolyada
2020-10-28 17:15 Mikle Kolyada
2020-10-27  0:17 Sam James
2020-10-27  0:17 Sam James
2020-10-20  2:40 Sam James
2020-10-13 18:47 Mikle Kolyada
2020-10-13 18:47 Mikle Kolyada
2020-10-10 15:46 Mikle Kolyada
2020-10-10  9:31 Mikle Kolyada
2020-10-10  9:31 Mikle Kolyada
2020-10-10  9:14 Mikle Kolyada
2020-10-04 19:41 Mikle Kolyada
2020-09-20 12:58 Mikle Kolyada
2020-09-20  8:55 Mikle Kolyada
2020-09-18  2:10 Sam James
2020-09-17 21:15 Mikle Kolyada
2020-08-29  7:13 Mikle Kolyada
2020-08-17  7:52 Mikle Kolyada
2020-08-16 19:02 Mikle Kolyada
2020-08-10 16:23 Mikle Kolyada
2020-08-09 16:20 Mikle Kolyada
2020-08-07  0:11 Sam James
2020-08-06 22:41 Sam James
2020-08-05  9:19 Mikle Kolyada
2020-08-05  9:19 Mikle Kolyada
2020-08-04 16:02 Mikle Kolyada
2020-08-04 15:01 Mikle Kolyada
2020-08-04 14:22 Mikle Kolyada
2020-08-04  9:52 Mikle Kolyada
2020-07-28 15:51 Sam James
2020-07-28 15:47 Sam James
2020-07-03 10:45 David Seifert
2020-07-03  9:55 David Seifert
2020-06-18 10:21 Mikle Kolyada
2020-06-17 18:38 Mikle Kolyada
2020-06-17 18:35 Mikle Kolyada
2020-06-16 18:37 Mikle Kolyada
2020-06-16 16:44 Mikle Kolyada
2020-06-09 13:19 Mikle Kolyada
2020-03-07  7:23 Mikle Kolyada
2019-11-30 10:31 Mikle Kolyada
2019-11-22 11:19 Mikle Kolyada
2019-11-03 17:25 Mikle Kolyada
2019-10-11 15:28 Michał Górny
2019-06-23 10:48 Mikle Kolyada
2019-05-04 11:24 Mikle Kolyada
2019-04-02 13:31 Mikle Kolyada
2019-03-28  6:05 Michał Górny
2019-02-17 16:01 Mikle Kolyada
2019-02-12 13:05 Mikle Kolyada
2018-12-28  3:46 Matt Turner
2018-12-05 15:32 Mart Raudsepp
2018-10-29  1:01 Matt Turner
2018-10-27 18:43 Sergei Trofimovich
2018-10-26 20:19 Sergei Trofimovich
2018-09-29  8:01 Sergei Trofimovich
2018-09-23 16:46 Pacho Ramos
2018-09-23 16:46 Pacho Ramos
2018-08-26 20:35 Michał Górny
2018-01-12  5:32 Mike Frysinger
2017-12-28 22:35 Michael Orlitzky
2017-12-24 21:37 Mikle Kolyada
2017-12-24 19:51 Mikle Kolyada
2017-12-24 19:19 Mikle Kolyada
2017-12-15  9:23 Jason Zaman
2017-12-02  8:21 Markus Meier
2017-11-30 20:19 Tobias Klausmann
2017-11-29 20:28 Sergei Trofimovich
2017-08-16  7:29 Michał Górny
2016-04-18  9:43 Patrice Clement

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:7168378e37d dfblob:a4a3c71e431 dfblob:810cd47a713 )
 OR (
bs:"[gentoo-commits] repo/gentoo:master commit in: sys-auth/pambase/" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1757192128.e9ab218a16d07af32c94e5917c51c70537622a94.sam@gentoo \
    --to=sam@gentoo.org \
    --cc=gentoo-commits@lists.gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox