diff options
| author |   Chris PeBenito <pebenito@gentoo.org> | 2003-08-16 01:10:04 +0000 |
|---|---|---|
| committer | Chris PeBenito <pebenito@gentoo.org> | 2003-08-16 01:10:04 +0000 |
| commit | d1475156dedc91ee4f02007471a7e2191a88b02a (patch) | |
| tree | 6bc13b22738a896bef98e6cacd85e41f1bad7797 /sys-apps/policycoreutils | |
| parent | mark stable rm old (diff) | |
| download | historical-d1475156dedc91ee4f02007471a7e2191a88b02a.tar.gz historical-d1475156dedc91ee4f02007471a7e2191a88b02a.tar.bz2 historical-d1475156dedc91ee4f02007471a7e2191a88b02a.zip | |
install good pam.d entries
Diffstat (limited to 'sys-apps/policycoreutils')
| -rw-r--r-- | sys-apps/policycoreutils/Manifest | 4 | ||||
| -rw-r--r-- | sys-apps/policycoreutils/files/newrole | 30 | ||||
| -rw-r--r-- | sys-apps/policycoreutils/files/run_init | 30 | ||||
| -rw-r--r-- | sys-apps/policycoreutils/policycoreutils-1.1.ebuild | 7 |
4 files changed, 69 insertions, 2 deletions
diff --git a/sys-apps/policycoreutils/Manifest b/sys-apps/policycoreutils/Manifest index 1690bac4e61a..cc5e1e35d097 100644 --- a/sys-apps/policycoreutils/Manifest +++ b/sys-apps/policycoreutils/Manifest @@ -1,8 +1,10 @@ MD5 5e9c77e1722ffe0ba097de3e8d291708 policycoreutils-1.0.ebuild 925 MD5 fd55bafe00aa7a8e91b2d172642b0ef4 metadata.xml 268 MD5 319a20355e64020523f0dddb1edc2a22 ChangeLog 691 -MD5 d653a42c50b22c182c18760cde8966f9 policycoreutils-1.1.ebuild 930 +MD5 502cf1d82408dc282b0ebd0ea8d58f50 policycoreutils-1.1.ebuild 1065 MD5 a70bb20f56dfca63475bea2bc811927a files/digest-policycoreutils-1.0 67 MD5 6d4df7058894970c15d4066f7ad88c29 files/policycoreutils-1.0-gentoo.diff 1818 MD5 1f231a1da642997577ac4567ee9867ac files/rlpkg 2317 MD5 2d09b4cfc5e5b399863a1ecd381ba33e files/digest-policycoreutils-1.1 67 +MD5 8daee4f4fd3e4a74c4d5f2ddb6b086a5 files/newrole 1197 +MD5 8daee4f4fd3e4a74c4d5f2ddb6b086a5 files/run_init 1197 diff --git a/sys-apps/policycoreutils/files/newrole b/sys-apps/policycoreutils/files/newrole new file mode 100644 index 000000000000..12dc3c21b326 --- /dev/null +++ b/sys-apps/policycoreutils/files/newrole @@ -0,0 +1,30 @@ +#%PAM-1.0 + + +# If you want to restrict users begin allowed to su even more, +# create /etc/security/suauth.allow (or to that matter) that is only +# writable by root, and add users that are allowed to su to that +# file, one per line. +#auth required /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow + +# Uncomment this to allow users in the wheel group to su without +# entering a passwd. +#auth sufficient /lib/security/pam_wheel.so use_uid trust + +# Alternatively to above, you can implement a list of users that do +# not need to supply a passwd with a list. +#auth sufficient /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass + +# Comment this to allow any user, even those not in the 'wheel' +# group to su +auth required /lib/security/pam_wheel.so use_uid + +auth required /lib/security/pam_stack.so service=system-auth + +account required /lib/security/pam_stack.so service=system-auth + +password required /lib/security/pam_stack.so service=system-auth + +session required /lib/security/pam_stack.so service=system-auth +session optional /lib/security/pam_xauth.so + diff --git a/sys-apps/policycoreutils/files/run_init b/sys-apps/policycoreutils/files/run_init new file mode 100644 index 000000000000..12dc3c21b326 --- /dev/null +++ b/sys-apps/policycoreutils/files/run_init @@ -0,0 +1,30 @@ +#%PAM-1.0 + + +# If you want to restrict users begin allowed to su even more, +# create /etc/security/suauth.allow (or to that matter) that is only +# writable by root, and add users that are allowed to su to that +# file, one per line. +#auth required /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow + +# Uncomment this to allow users in the wheel group to su without +# entering a passwd. +#auth sufficient /lib/security/pam_wheel.so use_uid trust + +# Alternatively to above, you can implement a list of users that do +# not need to supply a passwd with a list. +#auth sufficient /lib/security/pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass + +# Comment this to allow any user, even those not in the 'wheel' +# group to su +auth required /lib/security/pam_wheel.so use_uid + +auth required /lib/security/pam_stack.so service=system-auth + +account required /lib/security/pam_stack.so service=system-auth + +password required /lib/security/pam_stack.so service=system-auth + +session required /lib/security/pam_stack.so service=system-auth +session optional /lib/security/pam_xauth.so + diff --git a/sys-apps/policycoreutils/policycoreutils-1.1.ebuild b/sys-apps/policycoreutils/policycoreutils-1.1.ebuild index 0a7f16b9cdfc..50d068aff7e8 100644 --- a/sys-apps/policycoreutils/policycoreutils-1.1.ebuild +++ b/sys-apps/policycoreutils/policycoreutils-1.1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2003 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/policycoreutils/policycoreutils-1.1.ebuild,v 1.1 2003/08/14 15:32:03 pebenito Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/policycoreutils/policycoreutils-1.1.ebuild,v 1.2 2003/08/16 01:09:59 pebenito Exp $ IUSE="" @@ -43,4 +43,9 @@ src_install() { make DESTDIR="${D}" install dosbin ${FILESDIR}/rlpkg + + # overwrite pam.d stuff with ours + rm -f ${D}/etc/pam.d/{newrole,run_init} + insinto /etc/pam.d + doins ${FILESDIR}/{newrole,run_init} } |