Revision bump of the pam_pkcs11 package: fix the install to avoid installing static objects and .la files; fix the installed example configuration files to have the correct path for multilib systems; install the example files as default configuration files, install documentation in the proper directory, move the make_hash_link.sh script out of path, add some logs and a TODO list.

(Portage version: 2.2_rc44/cvs/Linux x86_64)

3 files changed, 224 insertions, 1 deletions

diff --git a/sys-auth/pam_pkcs11/ChangeLog b/sys-auth/pam_pkcs11/ChangeLog
index 3092e0a2417e..e6c0431a1a23 100644
--- a/sys-auth/pam_pkcs11/ChangeLog
+++ b/sys-auth/pam_pkcs11/ChangeLog
@@ -1,6 +1,17 @@
 # ChangeLog for sys-auth/pam_pkcs11
 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/ChangeLog,v 1.13 2009/06/12 14:57:31 arfrever Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/ChangeLog,v 1.14 2009/10/07 13:02:25 flameeyes Exp $
+
+*pam_pkcs11-0.6.1-r1 (07 Oct 2009)
+
+  07 Oct 2009; Diego E. Pettenò <flameeyes@gentoo.org>
+  +pam_pkcs11-0.6.1-r1.ebuild, +files/pam_pkcs11-0.6.1-properinstall.patch:
+  Revision bump of the pam_pkcs11 package: fix the install to avoid
+  installing static objects and .la files; fix the installed example
+  configuration files to have the correct path for multilib systems; install
+  the example files as default configuration files, install documentation in
+  the proper directory, move the make_hash_link.sh script out of path, add
+  some logs and a TODO list.
 
 *pam_pkcs11-0.6.1 (12 Jun 2009)
 
diff --git a/sys-auth/pam_pkcs11/files/pam_pkcs11-0.6.1-properinstall.patch b/sys-auth/pam_pkcs11/files/pam_pkcs11-0.6.1-properinstall.patch
new file mode 100644
index 000000000000..163b411871ac
--- /dev/null
+++ b/sys-auth/pam_pkcs11/files/pam_pkcs11-0.6.1-properinstall.patch
@@ -0,0 +1,110 @@
+Index: pam_pkcs11-0.6.1/etc/Makefile.am
+===================================================================
+--- pam_pkcs11-0.6.1.orig/etc/Makefile.am
++++ pam_pkcs11-0.6.1/etc/Makefile.am
+@@ -10,4 +10,4 @@ EXTRA_DIST = pam_pkcs11.conf.example \
+ 	pkcs11_eventmgr.conf.example \
+ 	card_eventmgr.conf.example
+ 
+-pkgdata_DATA = $(EXTRA_DIST)
++doc_DATA = $(EXTRA_DIST)
+Index: pam_pkcs11-0.6.1/src/pam_pkcs11/Makefile.am
+===================================================================
+--- pam_pkcs11-0.6.1.orig/src/pam_pkcs11/Makefile.am
++++ pam_pkcs11-0.6.1/src/pam_pkcs11/Makefile.am
+@@ -5,17 +5,15 @@ MAINTAINERCLEANFILES = Makefile.in
+ AM_CFLAGS = -Wall -fno-strict-aliasing $(CRYPTO_CFLAGS)
+ AM_CPPFLAGS = -Wall -fno-strict-aliasing $(CRYPTO_CFLAGS)
+ 
+-lib_LTLIBRARIES = pam_pkcs11.la
++pamdir=$(libdir)/security
++
++pam_LTLIBRARIES = pam_pkcs11.la
+ 
+ pam_pkcs11_la_SOURCES =  pam_pkcs11.c  \
+ 			mapper_mgr.c mapper_mgr.h \
+ 			pam_config.c pam_config.h
+-pam_pkcs11_la_LDFLAGS = -module -avoid-version
++pam_pkcs11_la_LDFLAGS = -module -avoid-version -shared
+ pam_pkcs11_la_LIBADD = $(LIBMAPPERS) $(CRYPTO_LIBS)
+ 
+-install:       
+-	$(mkinstalldirs) $(DESTDIR)/$(libdir)/security
+-	$(libLTLIBRARIES_INSTALL) $(top_builddir)/src/pam_pkcs11/.libs/pam_pkcs11.so $(DESTDIR)/$(libdir)/security
+-
+ format:
+ 	indent *.c *.h
+Index: pam_pkcs11-0.6.1/src/mappers/Makefile.am
+===================================================================
+--- pam_pkcs11-0.6.1.orig/src/mappers/Makefile.am
++++ pam_pkcs11-0.6.1/src/mappers/Makefile.am
+@@ -52,56 +52,56 @@ lib_LTLIBRARIES = opensc_mapper.la opens
+ endif
+ 
+ openssh_mapper_la_SOURCES = openssh_mapper.c openssh_mapper.h
+-openssh_mapper_la_LDFLAGS = -module -avoid-version
++openssh_mapper_la_LDFLAGS = -module -avoid-version -shared
+ openssh_mapper_la_LIBADD = libmappers.la
+ 
+ # generic_mapper_la_SOURCES = generic_mapper.c generic_mapper.h
+-# generic_mapper_la_LDFLAGS = -module -avoid-version
++# generic_mapper_la_LDFLAGS = -module -avoid-version -shared
+ # generic_mapper_la_LIBADD = libmappers.la
+ 
+ # subject_mapper_la_SOURCES = subject_mapper.c subject_mapper.h
+-# subject_mapper_la_LDFLAGS = -module -avoid-version
++# subject_mapper_la_LDFLAGS = -module -avoid-version -shared
+ # subject_mapper_la_LIBADD = libmappers.la
+ 
+ if HAVE_LDAP
+ ldap_mapper_la_SOURCES = ldap_mapper.c ldap_mapper.h
+-ldap_mapper_la_LDFLAGS = -module -avoid-version
++ldap_mapper_la_LDFLAGS = -module -avoid-version -shared
+ ldap_mapper_la_LIBADD = libmappers.la
+ endif
+ 
+ opensc_mapper_la_SOURCES = opensc_mapper.c opensc_mapper.h
+-opensc_mapper_la_LDFLAGS = -module -avoid-version
++opensc_mapper_la_LDFLAGS = -module -avoid-version -shared
+ opensc_mapper_la_LIBADD = libmappers.la
+ 
+ # mail_mapper_la_SOURCES = mail_mapper.c mail_mapper.h
+-# mail_mapper_la_LDFLAGS = -module -avoid-version
++# mail_mapper_la_LDFLAGS = -module -avoid-version -shared
+ # mail_mapper_la_LIBADD = libmappers.la
+ 
+ # ms_mapper_la_SOURCES = ms_mapper.c ms_mapper.h
+-# ms_mapper_la_LDFLAGS = -module -avoid-version
++# ms_mapper_la_LDFLAGS = -module -avoid-version -shared
+ # ms_mapper_la_LIBADD = libmappers.la
+ 
+ # krb_mapper_la_SOURCES = krb_mapper.c krb_mapper.h
+-# krb_mapper_la_LDFLAGS = -module -avoid-version
++# krb_mapper_la_LDFLAGS = -module -avoid-version -shared
+ # krb_mapper_la_LIBADD = libmappers.la
+ 
+ # cn_mapper_la_SOURCES = cn_mapper.c cn_mapper.h
+-# cn_mapper_la_LDFLAGS = -module -avoid-version
++# cn_mapper_la_LDFLAGS = -module -avoid-version -shared
+ # cn_mapper_la_LIBADD = libmappers.la
+ 
+ # uid_mapper_la_SOURCES = uid_mapper.c uid_mapper.h
+-# uid_mapper_la_LDFLAGS = -module -avoid-version
++# uid_mapper_la_LDFLAGS = -module -avoid-version -shared
+ # uid_mapper_la_LIBADD = libmappers.la
+ 
+ # pwent_mapper_la_SOURCES = pwent_mapper.c pwent_mapper.h
+-# pwent_mapper_la_LDFLAGS = -module -avoid-version
++# pwent_mapper_la_LDFLAGS = -module -avoid-version -shared
+ # pwent_mapper_la_LIBADD = libmappers.la
+ 
+ # digest_mapper_la_SOURCES = digest_mapper.c digest_mapper.h
+-# digest_mapper_la_LDFLAGS = -module -avoid-version
++# digest_mapper_la_LDFLAGS = -module -avoid-version -shared
+ # digest_mapper_la_LIBADD = libmappers.la
+ 
+ # null_mapper_la_SOURCES = null_mapper.c null_mapper.h
+-# null_mapper_la_LDFLAGS = -module -avoid-version
++# null_mapper_la_LDFLAGS = -module -avoid-version -shared
+ # null_mapper_la_LIBADD = libmappers.la
+ 
diff --git a/sys-auth/pam_pkcs11/pam_pkcs11-0.6.1-r1.ebuild b/sys-auth/pam_pkcs11/pam_pkcs11-0.6.1-r1.ebuild
new file mode 100644
index 000000000000..5861772ca3fc
--- /dev/null
+++ b/sys-auth/pam_pkcs11/pam_pkcs11-0.6.1-r1.ebuild
@@ -0,0 +1,102 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam_pkcs11/pam_pkcs11-0.6.1-r1.ebuild,v 1.1 2009/10/07 13:02:25 flameeyes Exp $
+
+EAPI=2
+
+inherit pam autotools multilib
+
+DESCRIPTION="PKCS11 Pam library"
+HOMEPAGE="http://www.opensc-project.org/pam_pkcs11"
+SRC_URI="http://www.opensc-project.org/files/pam_pkcs11/${P}.tar.gz"
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="curl ldap pcsc-lite"
+
+RDEPEND="sys-libs/pam
+	dev-libs/openssl
+	curl? ( net-misc/curl )
+	ldap? ( net-nds/openldap )
+	pcsc-lite? ( sys-apps/pcsc-lite )"
+DEPEND="${RDEPEND}
+	dev-util/pkgconfig"
+
+src_prepare() {
+	epatch "${FILESDIR}"/${P}-properinstall.patch
+
+	# Fix the example files to be somewhat decent, and usable as
+	# default configuration
+	sed -i \
+		-e '/try_first_pass/s:false:true:' \
+		-e '/debug =/s:true:false:' \
+		-e "s:/usr/lib:/usr/$(get_libdir):g" \
+		etc/pam_pkcs11.conf.example \
+		etc/pkcs11_eventmgr.conf.example || die
+
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		$(use_with curl) \
+		$(use_with pcsc-lite pcsclite) \
+		$(use_with ldap) \
+		--docdir=/usr/share/doc/${PF}
+}
+
+src_install() {
+	emake DESTDIR="${D}" install \
+		pamdir=$(getpam_mod_dir) || die "emake install failed"
+
+	# These are all dlopened plugins, so .la files are useless.
+	find "${D}" -name '*.la' -delete || die
+
+	dodoc AUTHORS ChangeLog NEWS README TODO || die
+
+	# Move the make_hash_link script somehwere safe, it's _way_ too
+	# generic of a name to use.
+	dodir /usr/share/${PN}
+	mv "${D}"/usr/bin/make_hash_link.sh "${D}"/usr/share/${PN} || die
+
+	# Provide some basic configuration
+	keepdir /etc/pam_pkcs11{,/{cacerts,crl}}
+
+	insinto /etc/pam_pkcs11
+	newins etc/pam_pkcs11.conf.example pam_pkcs11.conf || die
+	newins etc/pkcs11_eventmgr.conf.example pkcs11_eventmgr.conf || die
+}
+
+pkg_config() {
+	for dir in "${ROOT}"/etc/${PN}/{cacerts,crl}; do
+		pushd $dir &>/dev/null
+		ebegin "Creating hash links in ${dir}"
+		"${ROOT}"/usr/share/${PN}/make_hash_link.sh || die
+		eend $?
+		popd &>/dev/null
+	done
+}
+
+pkg_postinst() {
+	elog "You probably want to configure the /etc/${PN}/${PN}.conf file."
+	elog "with the settings for your pkcs11 provider."
+	elog ""
+	elog "You might also want to set up /etc/${PN}/pkcs11_eventmgr.conf"
+	elog "with the settings for the event manager, and start it up at"
+	elog "user login."
+}
+
+# TODO list!
+#
+# - we need to find a way allow the user to choose whether to start the
+#   event manager at _all_ the logins, and if that's the case, lock all
+#   kind of sessions (terminal _and_ X);
+# - upstream should probably migrate the configuration of the event
+#   manager on a per-user basis, since it makes little sense to be _all_
+#   system-level configuration;
+# - we should probably provide some better config support that ensures
+#   the configuration to be valid, as well as creating the symlinks;
+# - we should probably add support for nss;
+# - we should move the configuration in /etc/security as for the rest
+#   of PAM-related configuration.