Accepting request 27109 from Linux-PAM

Copy from Linux-PAM/pam_mount based on submit request 27109 from user mcalmer OBS-URL: https://build.opensuse.org/request/show/27109 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/pam_mount?expand=0&rev=33
2009-12-18 14:14:31 +00:00 · 2009-12-18 14:14:31 +00:00 · 1b56352a74
commit 1b56352a74
parent 29b136c663
9 changed files with 23 additions and 169 deletions
--- a/pam_mount-0.47-enable-logout-kill.dif
+++ b/pam_mount-0.47-enable-logout-kill.dif
@ -1,8 +1,8 @@
-Index: pam_mount-1.27/config/pam_mount.conf.xml
+Index: pam_mount-1.32/config/pam_mount.conf.xml
 ===================================================================
--- pam_mount-1.27.orig/config/pam_mount.conf.xml
-+++ pam_mount-1.27/config/pam_mount.conf.xml
-@@ -29,7 +29,7 @@
+--- pam_mount-1.32.orig/config/pam_mount.conf.xml
+++ pam_mount-1.32/config/pam_mount.conf.xml
+@@ -33,7 +33,7 @@
 <mntoptions require="nosuid,nodev" />
 <path>/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin</path>
 
--- a/pam_mount-1.27-fix-krb5-env.dif
+++ b/pam_mount-1.27-fix-krb5-env.dif
@ -1,39 +0,0 @@
-Index: pam_mount-1.27/doc/changelog.txt
-===================================================================
--- pam_mount-1.27.orig/doc/changelog.txt
-+++ pam_mount-1.27/doc/changelog.txt
-@@ -4,6 +4,7 @@ For details, see the history as recorded
- 
- Fixes:
- - pam_mount: avoid crash in sudo by not calling setenv() with NULL
-+- pam_mount: unwind krb5 environment info at the right time
- - umount.crypt: do not remove entry from /etc/mtab twice
- 
- v1.27 (July 01 2009)
-Index: pam_mount-1.27/src/pam_mount.c
-===================================================================
--- pam_mount-1.27.orig/src/pam_mount.c
-+++ pam_mount-1.27/src/pam_mount.c
-@@ -550,9 +550,10 @@ PAM_EXTERN EXPORT_SYMBOL int pam_sm_open
- 			ret = PAM_SERVICE_ERR;
- 		}
- 	}
-	memset(system_authtok, 0, strlen(system_authtok));
-	if (krb5 != NULL)
-		unsetenv("KRB5CCNAME");
-+	if (system_authtok != NULL) {
-+		memset(system_authtok, 0, strlen(system_authtok));
-+		free(system_authtok);
-+	}
- 	modify_pm_count(&Config, Config.user, "1");
- 	envpath_restore();
- 	if (getuid() == 0)
-@@ -570,6 +571,8 @@ PAM_EXTERN EXPORT_SYMBOL int pam_sm_open
- 	 */
- 	ret = PAM_SUCCESS;
-  out:
-+	if (krb5 != NULL)
-+		unsetenv("KRB5CCNAME");
- 	w4rn("done opening session (ret=%d)\n", ret);
- 	common_exit();
- 	return ret;
--- a/pam_mount-1.27-fix-mtab-handling.dif
+++ b/pam_mount-1.27-fix-mtab-handling.dif
@ -1,29 +0,0 @@
-Index: pam_mount-1.27/doc/changelog.txt
-===================================================================
--- pam_mount-1.27.orig/doc/changelog.txt
-+++ pam_mount-1.27/doc/changelog.txt
-@@ -4,7 +4,7 @@ For details, see the history as recorded
- 
- Fixes:
- - pam_mount: avoid crash in sudo by not calling setenv() with NULL
-
-+- umount.crypt: do not remove entry from /etc/mtab twice
- 
- v1.27 (July 01 2009)
- ====================
-Index: pam_mount-1.27/src/mtcrypt.c
-===================================================================
--- pam_mount-1.27.orig/src/mtcrypt.c
-+++ pam_mount-1.27/src/mtcrypt.c
-@@ -563,9 +563,8 @@ static int mtcr_umount(struct umount_opt
- 
- 	umount_args[argk++] = "umount";
- #ifdef __linux__
-	umount_args[argk++] = "-i";
-	if (opt->no_update)
-		umount_args[argk++] = "-n";
-+	/* Always pass in -n, as we manually edit /etc/mtab */
-+	umount_args[argk++] = "-ni";
- #endif
- 	umount_args[argk++] = mountpoint;
- 	umount_args[argk]   = NULL;
--- a/pam_mount-1.27-fix-sudo-crash.dif
+++ b/pam_mount-1.27-fix-sudo-crash.dif
@ -1,57 +0,0 @@
-diff --git a/doc/changelog.txt b/doc/changelog.txt
-index 5107e9b..bdc37f0 100644
--- a/doc/changelog.txt
-+++ b/doc/changelog.txt
-@@ -2,6 +2,10 @@
- For details, see the history as recorded in the git repository.
- 
- 
-+Fixes:
-+- pam_mount: avoid crash in sudo by not calling setenv() with NULL
-+
-+
- v1.27 (July 01 2009)
- ====================
- Changes:
-diff --git a/src/pam_mount.c b/src/pam_mount.c
-index 87262bd..73da556 100644
--- a/src/pam_mount.c
-+++ b/src/pam_mount.c
-@@ -451,7 +451,7 @@ PAM_EXTERN EXPORT_SYMBOL int pam_sm_open_session(pam_handle_t *pamh, int flags,
- {
- 	struct vol *vol;
- 	int ret;
-	unsigned int krb5_set;
-+	const char *krb5;
- 	char *system_authtok = NULL;
- 	const void *tmp;
- 	int getval;
-@@ -464,11 +464,17 @@ PAM_EXTERN EXPORT_SYMBOL int pam_sm_open_session(pam_handle_t *pamh, int flags,
- 	w4rn(PACKAGE_STRING ": entering session stage\n");
- 
- 	/*
-+	 * Environment variables set with setenv() only last while PAM is
-+	 * active, i.e. disappear when the shell is started. On the other hand,
-+	 * variabled fed to pam_putenv() are only visible once the shell
-+	 * started.
-+	 */
-+	/*
- 	 * Get the Kerberos CCNAME so we can make it available to the
- 	 * mount command later on.
- 	 */
-	krb5_set = getenv("KRB5CCNAME") != NULL;
-	if (setenv("KRB5CCNAME", pam_getenv(pamh, "KRB5CCNAME"), 1) < 0)
-+	krb5 = pam_getenv(pamh, "KRB5CCNAME");
-+	if (krb5 != NULL && setenv("KRB5CCNAME", krb5, true) < 0)
- 		l0g("KRB5CCNAME setenv failed\n");
- 
- 	/* Store initialized config as PAM data */
-@@ -545,7 +551,7 @@ PAM_EXTERN EXPORT_SYMBOL int pam_sm_open_session(pam_handle_t *pamh, int flags,
- 		}
- 	}
- 	memset(system_authtok, 0, strlen(system_authtok));
-	if (krb5_set)
-+	if (krb5 != NULL)
- 		unsetenv("KRB5CCNAME");
- 	modify_pm_count(&Config, Config.user, "1");
- 	envpath_restore();
--- a/pam_mount-1.27-uid_guid-handling.dif
+++ b/pam_mount-1.27-uid_guid-handling.dif
@ -1,24 +0,0 @@
-diff --git a/src/rdconf1.c b/src/rdconf1.c
-index 0a90de7..9ec29f8 100644
--- a/src/rdconf1.c
-+++ b/src/rdconf1.c
-@@ -959,8 +959,7 @@ static int rc_volume_cond_uid(const struct passwd *pwd, xmlNode *node)
- 			continue;
- 		ret = __rc_volume_cond_id(signed_cast(const char *,
- 		      node->content), pwd->pw_uid);
-		if (ret < 0)
-			return ret;
-+		return ret;
- 	}
- 
- 	l0g("config: empty or invalid content for <%s>\n", "uid");
-@@ -981,8 +980,7 @@ static int rc_volume_cond_gid(const struct passwd *pwd, xmlNode *node)
- 			continue;
- 		ret = __rc_volume_cond_id(signed_cast(const char *,
- 		      node->content), pwd->pw_gid);
-		if (ret < 0)
-			return ret;
-+		return ret;
- 	}
- 
- 	l0g("config: empty or invalid content for <%s>\n", "gid");
--- a/pam_mount-1.27.tar.bz2
+++ b/pam_mount-1.27.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:37a5121e81113b05029200aaba5104dd1ac2c1e68906c31d373a04b1606c2011
-size 329455
--- a/pam_mount-1.32.tar.bz2
+++ b/pam_mount-1.32.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:76786345ea182a3ac53808c71340e36d999ab2ed318ca24a70af2eb1d447437c
+size 330255
--- a/pam_mount.changes
+++ b/pam_mount.changes
@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Fri Dec 18 13:14:17 CET 2009 - mc@suse.de
+
+- update to version 1.32
+  * luserconf: fix skipping luser volume mounting
+  * config: allow arbitrary source paths for tmpfs 
+  * fix a potential strlen(NULL) on login
+  * umount.crypt: do not remove entry from /etc/mtab twice
+  * luserconf: delayed parsing and mounting of luserconf volumes
+  * documentation fixes
+
 -------------------------------------------------------------------
 Thu Nov 19 11:12:36 CET 2009 - mc@suse.de

--- a/pam_mount.spec
+++ b/pam_mount.spec
@ -1,5 +1,5 @@
 #
-# spec file for package pam_mount (Version 1.27)
+# spec file for package pam_mount (Version 1.32)
 #
 # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@ -22,16 +22,16 @@ Name:           pam_mount
 BuildRequires:  perl-XML-Parser perl-XML-Writer
 BuildRequires:  libtool pam-devel >= 0.99 pkg-config >= 0.19
 BuildRequires:  libxml2-devel >= 2.6 openssl-devel >= 0.9.8
-BuildRequires:  libHX-devel >= 2.8
+BuildRequires:  libHX-devel >= 3.0.1
 BuildRequires:  linux-kernel-headers >= 2.6
 Summary:        A PAM Module that can Mount Volumes for a User Session
-Version:        1.27
-Release:        2
+Version:        1.32
+Release:        1
 # psmisc: /bin/fuser
 Recommends:     cryptsetup
 Recommends:     cifs-mount xfsprogs
 Requires:       util-linux
-License:        LGPL v2.1 or later
+License:        LGPLv2.1+
 Prefix:         /usr
 Group:          System/Libraries
 Source:         %{name}-%{version}.tar.bz2
@ -40,10 +40,6 @@ Source2:        convert_keyhash.pl
 Source3:        mount.crypt
 Source4:        mount.encfs13
 Patch1:         pam_mount-0.47-enable-logout-kill.dif
-Patch2:         pam_mount-1.27-fix-sudo-crash.dif
-Patch3:         pam_mount-1.27-fix-mtab-handling.dif
-Patch4:         pam_mount-1.27-uid_guid-handling.dif
-Patch5:         pam_mount-1.27-fix-krb5-env.dif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Url:            http://pam-mount.sourceforge.net/
 PreReq:         coreutils, perl-XML-Writer, perl-XML-Parser
@ -64,10 +60,6 @@ dm-crypt and LUKS.
 %prep
 %setup -q
 %patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1

 %build
 %{suse_update_config -f}