rpms/pam/devel pam-0.80-install-perms.patch, NONE, 1.1 pam.spec, 1.80, 1.81

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Mon Jul 18 16:01:20 UTC 2005 

Author: tmraz

Update of /cvs/dist/rpms/pam/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv1618

Modified Files:
	pam.spec 
Added Files:
	pam-0.80-install-perms.patch 
Log Message:
* Mon Jul 18 2005 Tomas Mraz <tmraz at redhat.com> 0.80-2
- fixed module tests so the pam doesn't require itself to build (#163502)
- added buildprereq for building the documentation (#163503)
- relaxed permissions of binaries (u+w)


pam-0.80-install-perms.patch:
 pam_console/Makefile           |    2 +-
 pam_filter/upperLOWER/Makefile |    2 +-
 pam_pwdb/Makefile              |    2 +-
 pam_timestamp/Makefile         |    2 +-
 pam_unix/Makefile              |    2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

--- NEW FILE pam-0.80-install-perms.patch ---
--- Linux-PAM-0.80/modules/pam_console/Makefile.install-perms	2005-07-14 15:13:44.000000000 +0200
+++ Linux-PAM-0.80/modules/pam_console/Makefile	2005-07-18 17:44:24.000000000 +0200
@@ -123,7 +123,7 @@
 	    bash -f ../install_conf "$(FAKEROOT)" "$(SCONFIGD)/console.perms.d" "$(INSTALLED_CONF3)" "$(TITLE)" "$(LOCAL_CONF3)" ;\
 	fi
 	test -d  $(FAKEROOT)$(SUPLEMENTED) || install -m 755 -d $(FAKEROOT)$(SUPLEMENTED)
-	install -m 555 $(BINARY) $(FAKEROOT)$(SUPLEMENTED)
+	install -m 755 $(BINARY) $(FAKEROOT)$(SUPLEMENTED)
 
 
 remove:
--- Linux-PAM-0.80/modules/pam_filter/upperLOWER/Makefile.install-perms	2004-09-22 11:37:47.000000000 +0200
+++ Linux-PAM-0.80/modules/pam_filter/upperLOWER/Makefile	2005-07-18 17:50:00.000000000 +0200
@@ -29,7 +29,7 @@
 
 install:
 	$(MKDIR) $(FAKEROOT)$(FILTERSDIR)
-	$(INSTALL) -m 511 $(TITLE) $(FAKEROOT)$(FILTERSDIR)
+	$(INSTALL) -m 711 $(TITLE) $(FAKEROOT)$(FILTERSDIR)
 
 remove:
 	cd $(FAKEROOT)$(FILTERSDIR) && rm -f $(TITLE)
--- Linux-PAM-0.80/modules/pam_pwdb/Makefile.install-perms	2005-05-19 17:19:50.000000000 +0200
+++ Linux-PAM-0.80/modules/pam_pwdb/Makefile	2005-07-18 17:44:24.000000000 +0200
@@ -113,7 +113,7 @@
 	$(INSTALL) -m $(SHLIBMODE) $(LIBSHARED) $(FAKEROOT)$(SECUREDIR)
 endif
 	$(MKDIR) $(FAKEROOT)$(SUPLEMENTED)
-	$(INSTALL) -m 4555 $(CHKPWD) $(FAKEROOT)$(SUPLEMENTED)
+	$(INSTALL) -m 4755 $(CHKPWD) $(FAKEROOT)$(SUPLEMENTED)
 
 remove:
 	rm -f $(FAKEROOT)$(SECUREDIR)/$(TITLE).so
--- Linux-PAM-0.80/modules/pam_unix/Makefile.install-perms	2005-05-19 17:25:43.000000000 +0200
+++ Linux-PAM-0.80/modules/pam_unix/Makefile	2005-07-18 17:44:24.000000000 +0200
@@ -178,7 +178,7 @@
 		do ln -sf $(LIBSHARED) $(FAKEROOT)$(SECUREDIR)/$$x.so ; done
 endif
 	$(MKDIR) $(FAKEROOT)$(SUPLEMENTED)
-	install -m 4555 $(CHKPWD) $(FAKEROOT)$(SUPLEMENTED)
+	install -m 4755 $(CHKPWD) $(FAKEROOT)$(SUPLEMENTED)
 
 remove:
 	rm -f $(FAKEROOT)$(SECUREDIR)/$(LIBSHARED)
--- Linux-PAM-0.80/modules/pam_timestamp/Makefile.install-perms	2003-07-08 05:16:28.000000000 +0200
+++ Linux-PAM-0.80/modules/pam_timestamp/Makefile	2005-07-18 17:44:24.000000000 +0200
@@ -6,7 +6,7 @@
 
 TITLE=pam_timestamp
 APPLICATION=$(TITLE)_check
-APPMODE=04511
+APPMODE=04755
 MAN8=$(TITLE).8 $(TITLE)_check.8
 MODULE_SIMPLE_EXTRAFILES=sha1 hmacsha1
 


Index: pam.spec
===================================================================
RCS file: /cvs/dist/rpms/pam/devel/pam.spec,v
retrieving revision 1.80
retrieving revision 1.81
diff -u -r1.80 -r1.81
--- pam.spec	14 Jul 2005 14:21:56 -0000	1.80
+++ pam.spec	18 Jul 2005 16:00:41 -0000	1.81
@@ -12,7 +12,7 @@
 Summary: A security tool which provides authentication for applications.
 Name: pam
 Version: 0.80
-Release: 1
+Release: 2
 License: GPL or BSD
 Group: System Environment/Base
 Source0: ftp.us.kernel.org:/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2
@@ -30,6 +30,7 @@
 Patch61: pam-pwdbselinux.patch
 Patch65: pam-0.77-audit.patch
 Patch70: pam-0.80-selinux-nofail.patch
+Patch71: pam-0.80-install-perms.patch
 
 BuildRoot: %{_tmppath}/%{name}-root
 Requires: cracklib, cracklib-dicts >= 2.8, glib2, initscripts >= 3.94
@@ -46,6 +47,10 @@
 BuildPrereq: libselinux-devel >= 1.17.1
 Requires: libselinux >= 1.17.1
 %endif
+# Following deps are necessary only to build the pam library documentation.
+# They can be safely removed if the documentation is not needed.
+BuildPrereq: ghostscript, linuxdoc-tools
+
 URL: http://www.us.kernel.org/pub/linux/libs/pam/index.html
 
 # We internalize libdb to get a non-threaded copy, but we should at least try
@@ -86,6 +91,7 @@
 %patch65 -p1 -b .audit
 %endif
 %patch70 -p1 -b .nofail
+%patch71 -p1 -b .install-perms
 
 for readme in modules/pam_*/README ; do
 	cp -f ${readme} doc/txts/README.`dirname ${readme} | sed -e 's|^modules/||'`
@@ -159,15 +165,6 @@
 install -m 644 doc/man/*.3 $RPM_BUILD_ROOT%{_mandir}/man3/
 install -m 644 doc/man/*.8 $RPM_BUILD_ROOT%{_mandir}/man8/
 
-# Move static libraries and make new .so links -- this depends on the value
-# of _libdir not changing, and *not* being /usr/lib.
-install -d -m 755 $RPM_BUILD_ROOT%{_libdir}
-for lib in libpam libpamc libpam_misc ; do
-ln -sf ../../%{_lib}/${lib}.so.%{version} $RPM_BUILD_ROOT%{_libdir}/${lib}.so
-rm -f $RPM_BUILD_ROOT/%{_lib}/${lib}.so
-mv $RPM_BUILD_ROOT/%{_lib}/${lib}.a $RPM_BUILD_ROOT%{_libdir}/
-done
-
 # Make sure every module subdirectory gave us a module.  Yes, this is hackish.
 for dir in modules/pam_* ; do
 if [ -d ${dir} ] ; then
@@ -178,35 +175,47 @@
 fi
 done
 
-# Install the pwdb configuration file.
-install -m644 pwdb-%{pwdb_version}/conf/pwdb.conf $RPM_BUILD_ROOT%{_sysconfdir}/
-
-# Remove unwanted files from the buildroot.
-rm $RPM_BUILD_ROOT/%{_lib}/security/pam_radius.so
-rm -f doc/txts/README.pam_radius
-
-# Duplicate doc file sets.
-rm -fr $RPM_BUILD_ROOT/usr/doc/Linux-PAM $RPM_BUILD_ROOT/usr/share/doc/pam
-
-# Create /lib/security in case it isn't the same as /%{_lib}/security.
-install -m755 -d $RPM_BUILD_ROOT/lib/security
-
 # Check for module problems.  Specifically, check that every module we just
 # installed can actually be loaded by a minimal PAM-aware application.
+/sbin/ldconfig -n $RPM_BUILD_ROOT/%{_lib}
 for module in $RPM_BUILD_ROOT/%{_lib}/security/pam*.so ; do
-	if ! $RPM_SOURCE_DIR/dlopen.sh -lpam -ldl -L$RPM_BUILD_ROOT/%{_lib} ${module} ; then
+	if ! env LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib} \
+		 $RPM_SOURCE_DIR/dlopen.sh -ldl -lpam -L$RPM_BUILD_ROOT/%{_lib} ${module} ; then
 		echo ERROR module: ${module} cannot be loaded.
 		exit 1
 	fi
 # And for good measure, make sure that none of the modules pull in threading
 # libraries, which if loaded in a non-threaded application, can cause Very
 # Bad Things to happen.
-	if env LD_PRELOAD=$RPM_BUILD_ROOT/%{_libdir}/libpam.so ldd -r ${module} | fgrep -q libpthread ; then
+	if env LD_LIBRARY_PATH=$RPM_BUILD_ROOT/%{_lib} \
+	       LD_PRELOAD=$RPM_BUILD_ROOT/%{_lib}/libpam.so ldd -r ${module} | fgrep -q libpthread ; then
 		echo ERROR module: ${module} pulls threading libraries.
 		exit 1
 	fi
 done
 
+# Move static libraries and make new .so links -- this depends on the value
+# of _libdir not changing, and *not* being /usr/lib.
+install -d -m 755 $RPM_BUILD_ROOT%{_libdir}
+for lib in libpam libpamc libpam_misc ; do
+ln -sf ../../%{_lib}/${lib}.so.%{version} $RPM_BUILD_ROOT%{_libdir}/${lib}.so
+rm -f $RPM_BUILD_ROOT/%{_lib}/${lib}.so $RPM_BUILD_ROOT/%{_lib}/${lib}.so.?
+mv $RPM_BUILD_ROOT/%{_lib}/${lib}.a $RPM_BUILD_ROOT%{_libdir}/
+done
+
+# Install the pwdb configuration file.
+install -m644 pwdb-%{pwdb_version}/conf/pwdb.conf $RPM_BUILD_ROOT%{_sysconfdir}/
+
+# Remove unwanted files from the buildroot.
+rm $RPM_BUILD_ROOT/%{_lib}/security/pam_radius.so
+rm -f doc/txts/README.pam_radius
+
+# Duplicate doc file sets.
+rm -fr $RPM_BUILD_ROOT/usr/doc/Linux-PAM $RPM_BUILD_ROOT/usr/share/doc/pam
+
+# Create /lib/security in case it isn't the same as /%{_lib}/security.
+install -m755 -d $RPM_BUILD_ROOT/lib/security
+
 %clean
 rm -rf $RPM_BUILD_ROOT
 
@@ -355,6 +364,11 @@
 %{_libdir}/libpam_misc.so
 
 %changelog
+* Mon Jul 18 2005 Tomas Mraz <tmraz at redhat.com> 0.80-2
+- fixed module tests so the pam doesn't require itself to build (#163502)
+- added buildprereq for building the documentation (#163503)
+- relaxed permissions of binaries (u+w)
+
 * Thu Jul 14 2005 Tomas Mraz <tmraz at redhat.com> 0.80-1
 - upgrade to new upstream sources
 - removed obsolete patches

More information about the fedora-cvs-commits mailing list