Import sys-freebsd into main portage.

(Portage version: 2.1_pre7-r3)

8 files changed, 261 insertions, 0 deletions

diff --git a/sys-freebsd/freebsd-pam-modules/files/5.4/README.pamd b/sys-freebsd/freebsd-pam-modules/files/5.4/README.pamd
new file mode 100644
index 000000000000..4bd2176c6676
--- /dev/null
+++ b/sys-freebsd/freebsd-pam-modules/files/5.4/README.pamd
@@ -0,0 +1,63 @@
+/etc/pam.d
+
+This directory contains configuration files for the Pluggable
+Authentication Modules (PAM) library.
+
+Each file details the module chain for a single service, and must be
+named after that service.  If no configuration file is found for a
+particular service, the /etc/pam.d/other is used instead.  If that
+file does not exist, /etc/pam.conf is searched for entries matching
+the specified service or, failing that, the "other" service.
+
+See the pam(8) manual page for an explanation of the workings of the
+PAM library and descriptions of the various files and modules.  Below
+is a summary of the format for the pam.conf and /etc/pam.d/* files.
+
+Configuration lines take the following form:
+
+module-type	control-flag	module-path	arguments
+
+Comments are introduced with a hash mark ('#').  Blank lines and lines
+consisting entirely of comments are ignored.
+
+The meanings of the different fields are as follows:
+
+ module-type:
+   auth:      prompt for a password to authenticate that the user is
+              who they say they are, and set any credentials.
+   account:   non-authentication based authorization, based on time,
+              resources, etc.
+   session:   housekeeping before and/or after login.
+   password:  update authentication tokens.
+
+ control-flag: How libpam handles success or failure of the module.
+   required:   success is required; on failure all remaining
+               modules are run, but the request will be denied.
+   requisite:  success is required, and on failure no remaining
+               modules are run.
+   sufficient: success is sufficient, and if no previous required
+               module failed, no remaining modules are run.
+   binding:    success is sufficient; on failure all remaining
+               modules are run, but the request will be denied.
+   optional:   ignored unless the other modules return PAM_IGNORE.
+
+ arguments: Module-specific options, plus some generic ones:
+   debug:           syslog debug info.
+   no_warn:         return no warning messages to the application.
+                    Remove this to feed back to the user the
+                    reason(s) they are being rejected.
+   use_first_pass:  try authentication using password from the
+                    preceding auth module.
+   try_first_pass:  first try authentication using password from
+                    the preceding auth module, and if that fails
+                    prompt for a new password.
+   use_mapped_pass: convert cleartext password to a crypto key.
+   expose_account:  allow printing more info about the user when
+                    prompting.
+
+Note that having a "sufficient" module as the last entry for a
+particular service and module type may result in surprising behaviour.
+To get the intended semantics, add a "required" entry listing the
+pam_deny module at the end of the chain.
+
+$Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-pam-modules/files/5.4/README.pamd,v 1.1 2006/04/01 16:43:51 flameeyes Exp $
diff --git a/sys-freebsd/freebsd-pam-modules/files/5.4/convert.pl b/sys-freebsd/freebsd-pam-modules/files/5.4/convert.pl
new file mode 100644
index 000000000000..42a061e2fe1d
--- /dev/null
+++ b/sys-freebsd/freebsd-pam-modules/files/5.4/convert.pl
@@ -0,0 +1,87 @@
+#!/usr/bin/perl -w
+#-
+# Copyright (c) 2001,2002 Networks Associates Technologies, Inc.
+# All rights reserved.
+#
+# This software was developed for the FreeBSD Project by ThinkSec AS and
+# NAI Labs, the Security Research Division of Network Associates, Inc.
+# under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
+# DARPA CHATS research program.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+# 3. The name of the author may not be used to endorse or promote
+#    products derived from this software without specific prior written
+#    permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-pam-modules/files/5.4/convert.pl,v 1.1 2006/04/01 16:43:51 flameeyes Exp $
+#
+
+use strict;
+use Fcntl;
+use vars qw(%SERVICES);
+
+MAIN:{
+    my $line;
+    my $service;
+    my $version;
+    my $type;
+    local *FILE;
+
+    while (<>) {
+	chomp();
+	s/\s*$//;
+	next unless m/^(\#*)(\w+)\s+(auth|account|session|password)\s+(\S.*)$/;
+	$line = $1.$3;
+	$line .= "\t" x ((16 - length($line) + 7) / 8);
+	$line .= $4;
+	push(@{$SERVICES{$2}->{$3}}, $line);
+    }
+
+    foreach $service (keys(%SERVICES)) {
+	$version = '$' . 'FreeBSD' . '$';
+	if (sysopen(FILE, $service, O_RDONLY)) {
+		while (<FILE>) {
+			next unless (m/(\$[F]reeBSD.*?\$)/);
+			$version = $1;
+			last;
+		}
+		close(FILE);
+	}
+	sysopen(FILE, $service, O_RDWR|O_CREAT|O_TRUNC)
+	    or die("$service: $!\n");
+	print(FILE "#\n");
+	print(FILE "# $version\n");
+	print(FILE "#\n");
+	print(FILE "# PAM configuration for the \"$service\" service\n");
+	print(FILE "#\n");
+	foreach $type (qw(auth account session password)) {
+	    next unless exists($SERVICES{$service}->{$type});
+	    print(FILE "\n");
+	    print(FILE "# $type\n");
+	    print(FILE join("\n", @{$SERVICES{$service}->{$type}}, ""));
+	}
+	close(FILE);
+	warn("$service\n");
+    }
+
+    exit(0);
+}
diff --git a/sys-freebsd/freebsd-pam-modules/files/5.4/pam.d/other b/sys-freebsd/freebsd-pam-modules/files/5.4/pam.d/other
new file mode 100644
index 000000000000..5b6170e578be
--- /dev/null
+++ b/sys-freebsd/freebsd-pam-modules/files/5.4/pam.d/other
@@ -0,0 +1,25 @@
+#
+# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-pam-modules/files/5.4/pam.d/other,v 1.1 2006/04/01 16:43:51 flameeyes Exp $
+#
+# PAM configuration for the "other" service
+#
+
+# auth
+auth		required	pam_nologin.so		no_warn
+auth		sufficient	pam_opie.so		no_warn no_fake_prompts
+auth		requisite	pam_opieaccess.so	no_warn allow_local
+#auth		sufficient	pam_krb5.so		no_warn try_first_pass
+#auth		sufficient	pam_ssh.so		no_warn try_first_pass
+auth		required	pam_unix.so		no_warn try_first_pass
+
+# account
+#account 	required	pam_krb5.so
+account		required	pam_login_access.so
+account		required	pam_unix.so
+
+# session
+#session 	optional	pam_ssh.so
+session		required	pam_permit.so
+
+# password
+password	required	pam_permit.so
diff --git a/sys-freebsd/freebsd-pam-modules/files/5.4/pam.d/system b/sys-freebsd/freebsd-pam-modules/files/5.4/pam.d/system
new file mode 100644
index 000000000000..5c28c2a10df1
--- /dev/null
+++ b/sys-freebsd/freebsd-pam-modules/files/5.4/pam.d/system
@@ -0,0 +1,25 @@
+#
+# $Header: /var/cvsroot/gentoo-x86/sys-freebsd/freebsd-pam-modules/files/5.4/pam.d/system,v 1.1 2006/04/01 16:43:51 flameeyes Exp $
+#
+# System-wide defaults
+#
+
+# auth
+auth		sufficient	pam_opie.so		no_warn no_fake_prompts
+auth		requisite	pam_opieaccess.so	no_warn allow_local
+#auth		sufficient	pam_krb5.so		no_warn try_first_pass
+#auth		sufficient	pam_ssh.so		no_warn try_first_pass
+auth		required	pam_unix.so		no_warn try_first_pass nullok
+
+# account
+#account 	required	pam_krb5.so
+account		required	pam_login_access.so
+account		required	pam_unix.so
+
+# session
+#session 	optional	pam_ssh.so
+session		required	pam_lastlog.so		no_fail
+
+# password
+#password	sufficient	pam_krb5.so		no_warn try_first_pass
+password	required	pam_unix.so		no_warn try_first_pass
diff --git a/sys-freebsd/freebsd-pam-modules/files/5.4/pam.d/system-auth b/sys-freebsd/freebsd-pam-modules/files/5.4/pam.d/system-auth
new file mode 100644
index 000000000000..5f19bffea642
--- /dev/null
+++ b/sys-freebsd/freebsd-pam-modules/files/5.4/pam.d/system-auth
@@ -0,0 +1,9 @@
+# Copyright 2005 Gentoo Foundation.
+# Distributed under the terms of the GNU General Public License v2
+# $ Header: $
+
+auth		include		system
+account		include		system
+session		include		system
+password	include		system
+
diff --git a/sys-freebsd/freebsd-pam-modules/files/digest-freebsd-pam-modules-6.0 b/sys-freebsd/freebsd-pam-modules/files/digest-freebsd-pam-modules-6.0
new file mode 100644
index 000000000000..4bc16d14aa9c
--- /dev/null
+++ b/sys-freebsd/freebsd-pam-modules/files/digest-freebsd-pam-modules-6.0
@@ -0,0 +1 @@
+MD5 3888da5da1cb329a65a3ac9d316f99ea freebsd-lib-6.0.tar.bz2 2613087
diff --git a/sys-freebsd/freebsd-pam-modules/files/freebsd-pam-modules-6.0-gentoo.patch b/sys-freebsd/freebsd-pam-modules/files/freebsd-pam-modules-6.0-gentoo.patch
new file mode 100644
index 000000000000..ce1a7fbff8c6
--- /dev/null
+++ b/sys-freebsd/freebsd-pam-modules/files/freebsd-pam-modules-6.0-gentoo.patch
@@ -0,0 +1,24 @@
+Index: fbsd-6.0/lib/libpam/modules/Makefile.inc
+===================================================================
+--- fbsd-6.0.orig/lib/libpam/modules/Makefile.inc
++++ fbsd-6.0/lib/libpam/modules/Makefile.inc
+@@ -5,18 +5,10 @@ PAMDIR=		${.CURDIR}/../../../../contrib/
+ NO_INSTALLLIB=
+ NO_PROFILE=
+ 
+-CFLAGS+= -I${PAMDIR}/include -I${.CURDIR}/../../libpam
++CFLAGS+= -I${.CURDIR}/../../libpam
+ WARNS?=	4
+ 
+-# This is nasty.
+-# For the static case, libpam.a depends on the modules.
+-# For the dynamic case, the modules depend on libpam.so.N
+-.if defined(_NO_LIBPAM_SO_YET)
+-NO_PIC=
+-.else
+ SHLIB_NAME?=	${LIB}.so.${SHLIB_MAJOR}
+-DPADD+=		${LIBPAM}
+ LDADD+=		-lpam
+-.endif
+ 
+ .include "../Makefile.inc"
diff --git a/sys-freebsd/freebsd-pam-modules/files/freebsd-pam-modules-gentoo.patch b/sys-freebsd/freebsd-pam-modules/files/freebsd-pam-modules-gentoo.patch
new file mode 100644
index 000000000000..a20a0f4c3cfc
--- /dev/null
+++ b/sys-freebsd/freebsd-pam-modules/files/freebsd-pam-modules-gentoo.patch
@@ -0,0 +1,27 @@
+diff -ur -x '*~' lib/libpam/modules/Makefile.inc lib/libpam.gentoo/modules/Makefile.inc
+--- lib/libpam/modules/Makefile.inc	2005-02-13 08:23:13.000000000 +0100
++++ lib/libpam.gentoo/modules/Makefile.inc	2005-06-04 20:48:26.560373440 +0200
+@@ -1,22 +1,12 @@
+ # $FreeBSD: src/lib/libpam/modules/Makefile.inc,v 1.15.6.1 2005/02/13 07:23:13 obrien Exp $
+ 
+-PAMDIR=		${.CURDIR}/../../../../contrib/openpam
+-
+ NOINSTALLLIB=
+ NOPROFILE=
+ 
+-CFLAGS+= -I${PAMDIR}/include -I${.CURDIR}/../../libpam
++CFLAGS+= -I${.CURDIR}/../../libpam
+ WARNS?=	4
+ 
+-# This is nasty.
+-# For the static case, libpam.a depends on the modules.
+-# For the dynamic case, the modules depend on libpam.so.N
+-.if defined(_NO_LIBPAM_SO_YET)
+-NOPIC=
+-.else
+ SHLIB_NAME?=	${LIB}.so.${SHLIB_MAJOR}
+-DPADD+=		${LIBPAM}
+ LDADD+=		-lpam
+-.endif
+ 
+ .include "../Makefile.inc"