Bug 55279 - sys-auth/pam_skey-1.1.4 (new ebuild)
|
Bug#:
55279
|
Product: Gentoo Linux
|
Version: unspecified
|
Platform: All
|
|
OS/Version: Linux
|
Status: RESOLVED
|
Severity: enhancement
|
Priority: P2
|
|
Resolution: FIXED
|
Assigned To: maintainer-wanted@gentoo.org
|
Reported By: ulm@gentoo.org
|
|
Component: Ebuilds
|
|
|
URL:
http://freshmeat.net/projects/pam_skey/
|
|
Summary: sys-auth/pam_skey-1.1.4 (new ebuild)
|
|
Keywords: EBUILD, InCVS
|
|
Status Whiteboard:
|
|
Opened: 2004-06-26 15:03 0000
|
Hello,
this is pam_skey-1.1.3.ebuild, providing a PAM module for interfacing the S/Key library.
I suggest sys-libs/pam_skey where the main PAM libraries are located, too.
Uli
Reproducible: Always
Steps to Reproduce:
When bug 65343 is fixed, this will no longer be needed (at least for sshd).
Created an attachment (id=52094) [details]
pam_skey-1.1.3-r1.ebuild
Updated SRC_URI to a live copy of the source. Added my own gentoo-r1 patch
(URL is live). Add src_unpack, updated src_compile (--libdir should have been
specified, not --exec_prefix) and src_install to fit with the new patch.
My gentoo-r1 patch is a major rewrite of the pam_skey authentication code; it
makes the module more compliant with PAM standards. See the README and INSTALL
files included with the patch.
I just want to note that bug 36499 and this one concern the same thing,
so one of them should be resolved as a duplicate.
I noticed that as well; I added the update to this one because (a) this bug is
more recent, so hopefully it has more active people watching it, and (b) the
ebuild file with this bug was cleaner.
In any case, the important part of my update isn't the ebuild at all, but the
patch that it refers to.
*** Bug 36499 has been marked as a duplicate of this bug. ***
Tested this w/ openssh-4.2_p1-r1, works nicely. I also tried to redo the
patches for 1.1.4 but the two big ones are too much work, don't have time for
that. :/
I've looked through the changes from pam_skey-1.1.3 to pam_skey-1.1.4, and the
only code changes are bugfixes to bugs that don't exist in my code. Since my
patch involved a rewrite of the entirety of pam_skey.c (and removing
pam_skey_access.c) the codebase is completely different. My recommendation is
to keep pam_skey-1.1.3-r1 as the current version of the ebuild, as making a
1.1.4-r1 patch and ebuild would provide no further benefits.
Apart from changes related to the new autoconf version, the differences between
1.1.3 and 1.1.4 are small. So it really is not a big issue to base the patch on
1.1.4. See attachment.
Dany, did you consider sending your patch to Upstream? Or is it too Gentoo
specific?
(In reply to comment #17)
Works fine w/ openssh and sudo.
I considered sending in the patch; the only reason I didn't was because I made
a number of assumptions while writing my code; I don't know how portable it
would be to other systems (Linux using a different skey library, *BSD). That's
why I took out many of the configure defines.
So, yes, the new code is in general suitable for any PAM system; however, it
might need work to make it portable.
*Pretty please* remove this from sunrise, installing a new system-auth file is
a no-go situation, and will most likely create _more_ problems for the PAM team
(that is: me alone).
Committed to Portage tree, thanks everybody.
*pam_skey-1.1.4 (16 Jan 2008)
16 Jan 2008; Ulrich Mueller <ulm@gentoo.org> +metadata.xml,
+pam_skey-1.1.4.ebuild:
Import from Sunrise overlay. Original ebuild and patch contributed by
Dani Church <dani.church@gmail.com>, Jakub Moc <jakub@gentoo.org> and me,
bug 55279.
