pool/pam_mount
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/pam_mount?expand=0&rev=27

Browse Source
This commit is contained in:
OBS User unknown 2009-02-20 00:02:26 +00:00 committed by Git OBS Bridge
parent 6fb93975c7
commit c9c211a608
17 changed files with 736 additions and 262 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

184
convert_keyhash.pl Normal file
View File

@ -0,0 +1,184 @@
#!/usr/bin/perl -w
#
# convert tool for pam_mount.conf.xml
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file is under the same license as pam_mount itself.
#
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
use Data::Dumper;
use Getopt::Long;
use IO::File;
use XML::Writer;
use XML::Parser;
use File::Temp qw/ tempfile /;
use File::Copy;
use strict;
my $OLD_CONF = "/etc/security/pam_mount.conf.xml";
my ($TMPFH, $TEMPNAME) = tempfile("pam_mount_conf.XXXXXXXX", DIR => "/tmp/", UNLINK => 1);
my $BAK = "";
my $debug = 0;
my $hasChanges = 0;
my $node = {};
$node->{element} = "";
$node->{attrs} = {};
$node->{chars} = "";
$node->{isEmpty} = 1;
Getopt::Long::Configure(qw(bundling));
GetOptions(
"i=s" => \$OLD_CONF,
"d" => \$debug,
);
if( ! -e "$OLD_CONF" )
{
print STDERR "$OLD_CONF: file not found.\n";
exit 1;
}
$BAK = "$OLD_CONF";
my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
$mon += 1;
$year += 1900;
$BAK .= ".$year-$mon-$mday";
sub handle_decl_tag
{
my $wrt = shift;
my( $expat, $version, $encoding, $standalone ) = @_;
$wrt->xmlDecl($encoding, $standalone);
$wrt->raw("\n\n");
print "write xmlDecl with $encoding\n" if($debug);
}
sub handle_start_tag
{
my $wrt = shift;
my( $expat, $element, %attrs ) = @_;
if($node->{element} ne "" && !$node->{drop})
{
# subnode write the old one first
$wrt->startTag($node->{element}, %{$node->{attrs}});
print "write starttag of $node->{element}\n" if($debug);
if($node->{chars} ne "")
{
$wrt->characters($node->{chars});
print "write characters\n" if($debug);
}
$wrt->raw("\n");
$node->{element} = "";
$node->{attrs} = {};
$node->{chars} = "";
$node->{isEmpty} = 1;
}
if(lc($element) eq "volume" && ! exists $attrs{fskeyhash})
{
print "!!! set fskeyhash to MD5\n" if($debug);
$attrs{fskeyhash} = "md5";
$hasChanges = 1;
}
if(lc($element) eq "volume" ||
lc($element) eq "pam_mount" ||
lc($element) eq "debug" ||
lc($element) eq "luserconf" ||
lc($element) eq "mntoptions" ||
lc($element) eq "path" ||
lc($element) eq "logout" ||
lc($element) eq "mkmountpoint"
)
{
$node->{drop} = 0;
}
else
{
$node->{drop} = 1;
}
$node->{element} = $element;
$node->{attrs} = \%attrs;
$node->{chars} = "";
$node->{isEmpty} = 1;
}
sub handle_char_tag
{
my $wrt = shift;
my( $expat, $string ) = @_;
$node->{chars} .= $string;
$node->{isEmpty} = 0;
}
sub handle_end_tag
{
my $wrt = shift;
my( $expat, $element ) = @_;
if(!$node->{drop} && $element eq $node->{element})
{
if($node->{isEmpty})
{
$wrt->emptyTag($node->{element}, %{$node->{attrs}});
$wrt->raw("\n");
print "write emptytag of $node->{element}\n" if($debug);
}
else
{
$wrt->startTag($node->{element}, %{$node->{attrs}});
print "write starttag of $node->{element}\n" if($debug);
if($node->{chars} ne "")
{
$wrt->characters($node->{chars});
print "write characters\n" if($debug);
}
$wrt->endTag($node->{element});
$wrt->raw("\n");
print "write endtag of $node->{element}\n" if($debug);
}
}
elsif($element ne $node->{element})
{
$wrt->endTag($element);
print "write endtag of $element\n" if($debug);
}
$node->{element} = "";
$node->{attrs} = {};
$node->{chars} = "";
$node->{isEmpty} = 1;
}
my $writer = new XML::Writer(OUTPUT => $TMPFH, UNSAFE => 1);
my $parser = XML::Parser->new( Handlers =>
{ XMLDecl => sub { handle_decl_tag($writer, @_) },
Start => sub { handle_start_tag($writer, @_) },
Char => sub { handle_char_tag($writer, @_) },
End => sub { handle_end_tag($writer, @_) },
});
$parser->parsefile( $OLD_CONF );
$TMPFH->close();
if($hasChanges)
{
print "Changes made. $OLD_CONF => $BAK\n" if($debug);
copy( $OLD_CONF, $BAK );
print "$TEMPNAME => $OLD_CONF \n" if($debug);
copy( $TEMPNAME, $OLD_CONF );
}
else
{
print "No changes made. Keeping $OLD_CONF.\n" if($debug);
}
exit 0;

441
convert_pam_mount_conf.pl Normal file
View File

@ -0,0 +1,441 @@
#!/usr/bin/perl -w
#
# convert tool for pam_mount.conf
#
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file is under the same license as pam_mount itself.
#
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
use Data::Dumper;
use Getopt::Long;
use IO::File;
use XML::Writer;
use strict;
my $OLD_CONF = "-";
my $NEW_CONF = "-";
my $debug = 0;
Getopt::Long::Configure(qw(bundling));
GetOptions(
"i=s" => \$OLD_CONF,
"o=s" => \$NEW_CONF,
"d" => \$debug,
);
my %callbacks = (
"debug" => \&callback_debug,
"logout" => \&callback_logout,
"mkmountpoint" => \&callback_mkmountpoint,
"fsckloop" => \&callback_fsckloop,
"luserconf" => \&callback_luserconf,
"options_allow" => \&callback_options_allow,
"options_deny" => \&callback_options_deny,
"options_require" => \&callback_options_require,
"lsof" => \&callback_lsof,
"fsck" => \&callback_fsck,
"losetup" => \&callback_losetup,
"unlosetup" => \&callback_unlosetup,
"cifsmount" => \&callback_cifsmount,
"smbmount" => \&callback_smbmount,
"ncpmount" => \&callback_ncpmount,
"smbumount" => \&callback_smbumount,
"ncpumount" => \&callback_ncpumount,
"fusemount" => \&callback_fusemount,
"fuseumount" => \&callback_fuseumount,
"umount" => \&callback_umount,
"lclmount" => \&callback_lclmount,
"cryptmount" => \&callback_cryptmount,
"nfsmount" => \&callback_nfsmount,
"mntagain" => \&callback_mntagain,
"mntcheck" => \&callback_mntcheck,
"pmvarrun" => \&callback_pmvarrun,
"volume" => \&callback_volume,
);
my $output = new IO::File("> $NEW_CONF");
my $writer = new XML::Writer(OUTPUT => $output, UNSAFE => 1);
$writer->xmlDecl("UTF-8");
$writer->startTag("pam_mount");
$writer->raw("\n\n");
sub callback_debug
{
my @fields = @_;
$writer->emptyTag("debug", "enable" => $fields[1]);
}
sub callback_logout
{
my @fields = @_;
# we create a default entry here, fields are not evaluated
$writer->emptyTag("logout", "wait" => "2000", "hup" => "0", "term" => "1", "kill" => "1");
}
sub callback_mkmountpoint
{
my @fields = @_;
$writer->emptyTag("mkmountpoint", "enable" => $fields[1]);
}
sub callback_fsckloop
{
my @fields = @_;
$writer->emptyTag("fsckloop", "device" => $fields[1]);
}
sub callback_luserconf
{
my @fields = @_;
$writer->emptyTag("luserconf", "name" => $fields[1].".xml");
print STDERR "Please note that you will also probably have to convert",
$fields[1], "\n";
}
sub callback_options_allow
{
my @fields = @_;
$writer->emptyTag("mntoptions", "allow" => $fields[1]);
}
sub callback_options_deny
{
my @fields = @_;
$writer->emptyTag("mntoptions", "deny" => $fields[1]);
}
sub callback_options_require
{
my @fields = @_;
$writer->emptyTag("mntoptions", "require" => $fields[1]);
}
sub callback_fsck
{
my @fields = @_;
shift @fields;
$writer->startTag("fsck");
$writer->characters(join(" ", @fields));
$writer->endTag("fsck");
}
sub callback_losetup
{
my @fields = @_;
shift @fields;
$writer->startTag("losetup");
$writer->characters(join(" ", @fields));
$writer->endTag("losetup");
}
sub callback_unlosetup
{
my @fields = @_;
shift @fields;
$writer->startTag("unlosetup");
$writer->characters(join(" ", @fields));
$writer->endTag("unlosetup");
}
sub callback_cifsmount
{
my @fields = @_;
shift @fields;
$writer->startTag("cifsmount");
$writer->characters(join(" ", @fields));
$writer->endTag("cifsmount");
}
sub callback_smbmount
{
my @fields = @_;
shift @fields;
$writer->startTag("smbmount");
$writer->characters(join(" ", @fields));
$writer->endTag("smbmount");
}
sub callback_ncpmount
{
my @fields = @_;
shift @fields;
$writer->startTag("ncpmount");
$writer->characters(join(" ", @fields));
$writer->endTag("ncpmount");
}
sub callback_smbumount
{
my @fields = @_;
shift @fields;
$writer->startTag("smbumount");
$writer->characters(join(" ", @fields));
$writer->endTag("smbumount");
}
sub callback_ncpumount
{
my @fields = @_;
shift @fields;
$writer->startTag("ncpumount");
$writer->characters(join(" ", @fields));
$writer->endTag("ncpumount");
}
sub callback_fusemount
{
my @fields = @_;
shift @fields;
$writer->startTag("fusemount");
$writer->characters(join(" ", @fields));
$writer->endTag("fusemount");
}
sub callback_fuseumount
{
my @fields = @_;
shift @fields;
$writer->startTag("fuseumount");
$writer->characters(join(" ", @fields));
$writer->endTag("fuseumount");
}
sub callback_umount
{
my @fields = @_;
shift @fields;
$writer->startTag("umount");
$writer->characters(join(" ", @fields));
$writer->endTag("umount");
}
sub callback_lclmount
{
my @fields = @_;
shift @fields;
$writer->startTag("lclmount");
$writer->characters(join(" ", @fields));
$writer->endTag("lclmount");
}
sub callback_cryptmount
{
my @fields = @_;
shift @fields;
$writer->startTag("cryptmount");
$writer->characters(join(" ", @fields));
$writer->endTag("cryptmount");
}
sub callback_nfsmount
{
my @fields = @_;
shift @fields;
$writer->startTag("nfsmount");
$writer->characters(join(" ", @fields));
$writer->endTag("nfsmount");
}
sub callback_mntagain
{
# not translated - removed in pam_mount 0.32
}
sub callback_lsof
{
# not translated - removed
}
sub callback_mntcheck
{
my @fields = @_;
shift @fields;
$writer->startTag("mntcheck");
$writer->characters(join(" ", @fields));
$writer->endTag("mntcheck");
}
sub callback_pmvarrun
{
my @fields = @_;
shift @fields;
$writer->startTag("pmvarrun");
$writer->characters(join(" ", @fields));
$writer->endTag("pmvarrun");
}
sub callback_volume
{
my @fields = @_;
shift @fields;
my %attr = (
"fstype" => "auto",
);
# search for wrong splits
# happens at 'a value' or "a value"
# and remove quotes around a single value. "value" or 'value'
my @new_fields;
my($nf, $char);
foreach my $f (@fields) {
if (!defined($nf) && $f =~ /^'(.+)'$/) {
push(@new_fields, $1);
} elsif (!defined($nf) && $f =~ /^"(.+)"$/) {
push(@new_fields, $1);
} elsif (!defined($nf) && $f =~ /^'([^']+)$/) {
$nf = $1;
$char = "'";
} elsif (!defined($nf) && $f =~ /^"([^"]+)$/) {
$nf = $1;
$char = "\"";
} elsif (defined($nf) && $f =~ /^([^$char]+)$char$/) {
$nf .= " $1";
push(@new_fields, $nf);
$nf = undef;
$char = undef;
} elsif(defined($nf)) {
$nf .= " $f";
} else {
push(@new_fields, $f);
}
}
@fields = @new_fields;
if ($debug) {
print STDERR Data::Dumper->Dump([@new_fields])
}
foreach my $i (2..7) {
$fields[$i] =~ s/&/\%(USER)/g;
$fields[$i] =~ s/\\\s/ /g;
}
if ($fields[0] =~ /^\@\@(.*)/) {
$attr{sgrp} = "$1";
} elsif ($fields[0] =~ /^\@(.*)/) {
$attr{pgrp} = "$1";
} else {
$attr{user} = "$fields[0]";
}
if (defined($fields[1]) && $fields[1] ne "local") {
$attr{fstype} = $fields[1];
}
if (defined($fields[2]) && $fields[2] ne "-") {
$attr{server} = $fields[2];
}
if (defined($fields[3])) {
$attr{path} = $fields[3];
}
if (defined($fields[4]) && $fields[4] ne "-") {
$attr{mountpoint} = $fields[4];
}
if (defined($fields[5]) && $fields[5] ne "-") {
$attr{options} = $fields[5];
}
if (defined($fields[6]) && $fields[6] ne "-") {
$attr{fskeycipher}= $fields[6];
}
if (defined($fields[7]) && $fields[7] ne "-") {
$attr{fskeypath} = $fields[7];
}
$writer->emptyTag("volume", %attr );
}
sub parse_conf
{
my @file;
open(OUT, "< $OLD_CONF") || die "Cannot open $OLD_CONF: $!\n";
@file = <OUT>;
close OUT;
foreach my $line (@file) {
++$.;
chomp $line;
$line =~ s/^\s+//s;
if (length($line) == 0 || substr($line, 0, 1) eq "#") {
next;
}
my @fields = split(/(?<!\\)\s+/, $line);
for (my $i = 0; $i <= $#fields; ++$i) {
if ($fields[$i] eq "#") {
#
# Old-style config file had this oddity in
# one spot, so need to trim it.
#
splice(@fields, $i);
last;
}
}
if (exists $callbacks{$fields[0]}) {
if ($debug) {
print STDERR "callback_$fields[0] called: ",
join(" ", @fields), "\n";
}
$callbacks{$fields[0]}->(@fields);
$writer->raw("\n\n");
} else {
print STDERR "-" x 40, "\n",
"Unknown command: \"$fields[0]\" near ",
"line $.:\n",
$line, "\n",
"-" x 40, "\n";
return 1;
}
# insert new <logout> field after debug
if( $fields[0] eq "debug" )
{
if ($debug) {
print STDERR "callback_logout called: (default)\n";
}
$callbacks{"logout"}->();
$writer->raw("\n\n");
}
}
return 0;
}
my $ret = parse_conf();
$writer->endTag("pam_mount");
$writer->end();
$output->close();
exit $ret;

21
mount.crypt Normal file
View File

@ -0,0 +1,21 @@
#!/bin/sh
CMD=`basename $0`
if [[ "$CMD" =~ "umount" ]]; then
if [ ! -x ../usr/sbin/umount.crypt ]; then
logger -t "mount.crypt" -p user.err -i "/usr/sbin/umount.crypt: File not found."
exit 1
fi
../usr/sbin/umount.crypt $@
elif [[ "$CMD" =~ "mount" ]]; then
if [ ! -x ../usr/sbin/mount.crypt ]; then
logger -t "mount.crypt" -p user.err -i "/usr/sbin/mount.crypt: File not found."
exit 1
fi
../usr/sbin/mount.crypt $@
else
logger -t "mount.crypt" -p user.err -i "Unknown command: $0"
exit 1
fi

21
mount.encfs13 Normal file
View File

@ -0,0 +1,21 @@
#!/bin/sh
CMD=`basename $0`
if [[ "$CMD" =~ "umount" ]]; then
if [ ! -x ../usr/sbin/umount.encfs13 ]; then
logger -t "mount.encfs13" -p user.err -i "/usr/sbin/umount.encfs13: File not found."
exit 1
fi
../usr/sbin/umount.encfs13 $@
elif [[ "$CMD" =~ "mount" ]]; then
if [ ! -x ../usr/sbin/mount.encfs13 ]; then
logger -t "mount.encfs13" -p user.err -i "/usr/sbin/mount.encfs13: File not found."
exit 1
fi
../usr/sbin/mount.encfs13 $@
else
logger -t "mount.encfs13" -p user.err -i "Unknown command: $0"
exit 1
fi

25
pam_mount-0.45-umount-home-dir.dif
View File

@ -1,25 +0,0 @@
Index: scripts/umount.crypt
===================================================================
--- scripts/umount.crypt.orig
+++ scripts/umount.crypt
@@ -46,6 +46,7 @@ fi;
# ask cryptsetup about the underlying device
#
REALDEVICE=`cryptsetup status "$DMDEVICE" | sed -n '/device/s/[ ]*device:[ ]*//p'`;
+IMGDEVICE=`losetup -a | grep "$REALDEVICE" | awk -F\( '{ print $2 }' | sed 's/)//'`
for ((x = 5; x >= 0; --x)); do
fuser -m "$1" || break;
@@ -73,3 +83,12 @@ if echo "$REALDEVICE" | grep ^/dev/loop
exit 1
fi
fi
+
+if echo "$IMGDEVICE" | grep ^/dev/loop >/dev/null; then
+ losetup -d "$IMGDEVICE";
+ if [ $? -ne 0 ]; then
+ echo "${0##*/}: error removing $IMGDEVICE" >&2
+ exit 1
+ fi
+fi
+

44
pam_mount-0.47-convert-add-logout.dif
View File

@ -1,44 +0,0 @@
--- orig/pam_mount-0.47/scripts/convert_pam_mount_conf.pl 2008-09-05 05:28:34.000000000 +0200
+++ pam_mount-0.47/scripts/convert_pam_mount_conf.pl 2009-01-10 18:07:15.000000000 +0100
@@ -26,6 +26,7 @@
my %callbacks = (
"debug" => \&callback_debug,
+ "logout" => \&callback_logout,
"mkmountpoint" => \&callback_mkmountpoint,
"fsckloop" => \&callback_fsckloop,
"luserconf" => \&callback_luserconf,
@@ -67,6 +68,14 @@
$writer->emptyTag("debug", "enable" => $fields[1]);
}
+sub callback_logout
+{
+ my @fields = @_;
+
+ # we create a default entry here, fields are not evaluated
+ $writer->emptyTag("logout", "wait" => "2000", "hup" => "0", "term" => "1", "kill" => "1");
+}
+
sub callback_mkmountpoint
{
my @fields = @_;
@@ -401,6 +415,18 @@
"-" x 40, "\n";
return 1;
}
+
+ # insert new <logout> field after debug
+
+ if( $fields[0] eq "debug" )
+ {
+ if ($debug) {
+ print STDERR "callback_logout called: (default)\n";
+ }
+
+ $callbacks{"logout"}->();
+ $writer->raw("\n\n");
+ }
}
return 0;

58
pam_mount-0.47-fix-decrypt-key.dif
View File

@ -1,58 +0,0 @@
--- src/crypto.c
+++ src/crypto.c 2008/09/25 12:40:16
@@ -35,6 +35,7 @@
#include "crypto.h"
#include "misc.h"
#include "pam_mount.h"
+#include <stdio.h>
/* Functions */
#if defined(HAVE_LIBCRYPTO) && defined(HAVE_LIBSSL)
@@ -123,7 +124,7 @@
int decrypted_key(hmc_t **pt_fs_key, const char *fs_key_path,
const char *fs_key_cipher, const char *authtok)
{
- hmc_t *ct_fs_key = NULL, *line = NULL;
+ hmc_t *ct_fs_key = NULL;
int segment_len, pt_fs_key_len, ret = 1;
unsigned char hashed_authtok[EVP_MAX_KEY_LENGTH]; /* hash(system authtok) */
unsigned char iv[EVP_MAX_IV_LENGTH];
@@ -156,10 +157,26 @@
}
ct_fs_key = hmc_minit(NULL, 0);
- while (HX_getl(&line, fs_key_fp) != NULL)
- hmc_memcat(&ct_fs_key, line, hmc_length(line));
- hmc_free(line);
+ while (1)
+ {
+ unsigned char line[EVP_MAX_BLOCK_LENGTH];
+ size_t n = fread(&line, 1, EVP_MAX_BLOCK_LENGTH, fs_key_fp);
+ if (ferror(fs_key_fp))
+ {
+ l0g("failed to read the key(%d)", ferror(fs_key_fp));
+ goto out2;
+ }
+
+ if(n > 0)
+ {
+ hmc_memcat(&ct_fs_key, line, n);
+ }
+
+ if (feof(fs_key_fp))
+ break;
+ }
+
if (hmc_length(ct_fs_key) == 0) {
l0g("failed to read encrypted filesystem key from %s, "
"or file empty.\n", fs_key_path);
@@ -210,7 +227,7 @@
ERR_free_strings();
/* pt_fs_key_len is unsigned */
- assert(ret == 0);
+ assert(ret != 0);
return ret;
}

11
pam_mount-0.47-fix-deny_ok.dif
View File

@ -1,11 +0,0 @@
--- src/rdconf2.c
+++ src/rdconf2.c 2008/10/14 10:35:21
@@ -102,7 +102,7 @@
return false;
while ((e = HXbtraverse(t)) != NULL)
- if (!kvplist_contains(options, e->key)) {
+ if (kvplist_contains(options, e->key)) {
l0g("option \"%s\" denied\n",
static_cast(const char *, e->key));
HXbtrav_free(t);

11
pam_mount-0.47-fix-logout.dif
View File

@ -1,11 +0,0 @@
--- src/ofl-lib.c
+++ src/ofl-lib.c 2009/01/12 09:29:20
@@ -206,7 +206,7 @@
while ((de = HXdir_read(dir)) != NULL) {
if (*de == '.')
continue;
- snprintf(tmp, sizeof(tmp), "%s/%s", path, de);
+ snprintf(tmp, sizeof(tmp), "%s/%s/fd", path, de);
if (lstat(tmp, &data->sb) < 0 || !S_ISDIR(data->sb.st_mode))
continue;
ofl_taskfd(mnt, tmp, data);

32
pam_mount-0.47-fix-replace-options.dif
View File

@ -1,32 +0,0 @@
--- src/mount.c
+++ src/mount.c 2008/10/13 14:19:40
@@ -785,6 +785,7 @@
{
const struct HXdeque_node *n;
struct HXdeque *argv;
+ struct HXdeque *argv2;
hmc_t *ll_password = NULL;
int child_exit = 0, cstdin = -1, cstderr = -1;
const char *mount_user;
@@ -847,13 +848,20 @@
if ((argv = HXdeque_init()) == NULL)
misc_log("malloc: %s\n", strerror(errno));
+ if ((argv2 = HXdeque_init()) == NULL)
+ misc_log("malloc: %s\n", strerror(errno));
if (vpt->uses_ssh)
for (n = config->command[CMD_FD0SSH]->first;
n != NULL; n = n->next)
arglist_add(argv, n->ptr, vinfo);
for (n = config->command[vpt->type]->first; n != NULL; n = n->next)
- arglist_add(argv, n->ptr, vinfo);
+ arglist_add(argv2, n->ptr, vinfo);
+ /*
+ * do a replacement a second time to catch also variables
+ * specified in the options of a volume
+ */
+ argv = arglist_build(argv2, vinfo);
if (vpt->type == CMD_LCLMOUNT &&
!check_filesystem(config, vpt, vinfo, ll_password))

18
pam_mount-0.47-recognize-required-and-deny-option-for-luserconfig.dif
View File

@ -1,18 +0,0 @@
--- src/rdconf2.c
+++ src/rdconf2.c 2009/01/12 12:16:30
@@ -158,6 +158,7 @@
misc_log("Luser volume for %s is missing options that "
"are required by global <mntoptions>\n",
vol->mountpoint);
+ return false;
}
if (config->options_allow->items != 0 &&
!allow_ok(config->options_allow, &vol->options)) {
@@ -171,6 +172,7 @@
misc_log("Luser volume for %s has options that are "
"denied by global <mntoptions>\n",
vol->mountpoint);
+ return false;
}
}

14
pam_mount-0.47-remove-lsof-convert.dif
View File

@ -1,14 +0,0 @@
--- scripts/convert_pam_mount_conf.pl
+++ scripts/convert_pam_mount_conf.pl 2008/11/04 12:47:05
@@ -256,6 +256,11 @@
# not translated - removed in pam_mount 0.32
}
+sub callback_lsof
+{
+ # not translated - removed
+}
+
sub callback_mntcheck
{
my @fields = @_;

3
pam_mount-0.47.tar.lzma
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ec545cfebca827f5d3065698974ef1d0913f113c129ac216192a3e61f8937d3c
size 250337

3
pam_mount-1.18-rpmlintrc Normal file
View File

@ -0,0 +1,3 @@
addFilter("percent-in-%post")
addFilter("files-duplicate.*crypt.*8.gz")

3
pam_mount-1.18.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:fce9ae6889f8cce6369ee5694e07694f46c577f0a77d8065fedb3d9d359defd3
size 323607

12
pam_mount.changes
View File

@ -1,9 +1,17 @@
-------------------------------------------------------------------
Wed Feb 18 12:46:10 CET 2009 - mc@suse.de
- update to version 1.18
* lot of fixes and new Features.
see /usr/share/doc/packages/pam_mount/changelog.txt
for details
-------------------------------------------------------------------
Thu Jan 29 16:00:36 CET 2009 - crrodriguez@suse.de
- reduce buildRequires after libHX changes
- reduce buildRequires after libHX changes
-------------------------------------------------------------------
--------------------------------------------------------------------
Mon Jan 12 11:23:15 CET 2009 - mc@suse.de
- fix <logout> feature (bnc#461333)

97
pam_mount.spec
View File

@ -1,5 +1,5 @@
#
# spec file for package pam_mount (Version 0.47)
# spec file for package pam_mount (Version 1.18)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@ -19,11 +19,12 @@
Name: pam_mount
BuildRequires: libHX-devel lzma openssl-devel pam-devel perl-XML-Writer pkg-config
BuildRequires: libHX-devel libxml2-devel openssl-devel pam-devel pkg-config
BuildRequires: perl-XML-Parser perl-XML-Writer
BuildRequires: linux-kernel-headers
Summary: A PAM Module that can Mount Volumes for a User Session
Version: 0.47
Release: 15
Version: 1.18
Release: 1
# psmisc: /bin/fuser
Recommends: cifs-mount psmisc
Recommends: cryptsetup
@ -31,19 +32,16 @@ Requires: util-linux
License: LGPL v2.1 or later
Prefix: /usr
Group: System/Libraries
Source: %{name}-%{version}.tar.lzma
Patch1: pam_mount-0.45-umount-home-dir.dif
Patch2: pam_mount-0.47-fix-decrypt-key.dif
Patch3: pam_mount-0.47-fix-replace-options.dif
Patch4: pam_mount-0.47-fix-deny_ok.dif
Patch5: pam_mount-0.47-remove-lsof-convert.dif
Patch6: pam_mount-0.47-fix-logout.dif
Patch7: pam_mount-0.47-enable-logout-kill.dif
Patch8: pam_mount-0.47-convert-add-logout.dif
Patch9: pam_mount-0.47-recognize-required-and-deny-option-for-luserconfig.dif
Source: %{name}-%{version}.tar.bz2
Source1: convert_pam_mount_conf.pl
Source2: convert_keyhash.pl
Source3: mount.crypt
Source4: mount.encfs13
Source5: pam_mount-1.18-rpmlintrc
Patch1: pam_mount-0.47-enable-logout-kill.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Url: http://pam-mount.sourceforge.net/
PreReq: coreutils, perl-XML-Writer
PreReq: coreutils, perl-XML-Writer, perl-XML-Parser
%description
This module is aimed at environments with SMB (Samba or Windows NT) or
@ -76,15 +74,7 @@ include it and send me patches.
%prep
%setup -q
%patch1
%patch2
%patch3
%patch4
%patch5
%patch6
%patch7 -p1
%patch8 -p1
%patch9
%patch1 -p1
%build
%{suse_update_config -f}
@ -96,17 +86,23 @@ CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
%install
make install DESTDIR=${RPM_BUILD_ROOT}
# Remove static and libtool version
rm -vf ${RPM_BUILD_ROOT}/%{_lib}/security/pam_mount.{a,la}
mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/security
# remove mount_ehd, it's only for OpenBSD
rm $RPM_BUILD_ROOT%{_prefix}/bin/mount_ehd
rm $RPM_BUILD_ROOT%{_mandir}/man8/mount_ehd.8
rm $RPM_BUILD_ROOT%{_prefix}/bin/passwdehd
rm $RPM_BUILD_ROOT%{_mandir}/man8/passwdehd.8
rm -f ${RPM_BUILD_ROOT}/%{_lib}/security/pam_mount.{a,la}
#install the docs
mkdir -p ${RPM_BUILD_ROOT}/%_docdir/%{name}/examples
cp doc/bugs.txt doc/changelog.txt LICENSE* doc/faq.txt doc/todo.txt doc/options.txt doc/pam_mount.txt ${RPM_BUILD_ROOT}/%_docdir/%name/
install -m 755 scripts/convert_pam_mount_conf.pl ${RPM_BUILD_ROOT}/%_docdir/%{name}/examples/
install -m 755 %{SOURCE1} ${RPM_BUILD_ROOT}/%_docdir/%{name}/examples/
install -m 755 %{SOURCE2} ${RPM_BUILD_ROOT}/%_docdir/%{name}/examples/
#
# move /sbin/mount.crypt to /usr/sbin/mount.crypt and put a wrapper script to /sbin/mount.crypt
# The same for mount.encfs13
#
mkdir -p ${RPM_BUILD_ROOT}/usr/sbin/
mv ${RPM_BUILD_ROOT}/sbin/mount.crypt ${RPM_BUILD_ROOT}/usr/sbin/
mv ${RPM_BUILD_ROOT}/sbin/mount.encfs13 ${RPM_BUILD_ROOT}/usr/sbin/
ln -s /usr/sbin/mount.crypt ${RPM_BUILD_ROOT}/usr/sbin/umount.crypt
ln -s /usr/sbin/mount.encfs13 ${RPM_BUILD_ROOT}/usr/sbin/umount.encfs13
install -m755 %{SOURCE3} ${RPM_BUILD_ROOT}/sbin/
install -m755 %{SOURCE4} ${RPM_BUILD_ROOT}/sbin/
%post
if [ -e etc/security/pam_mount.conf ]
@ -115,6 +111,16 @@ then
%_docdir/%{name}/examples/convert_pam_mount_conf.pl \
-i etc/security/pam_mount.conf -o etc/security/pam_mount.conf.xml
fi
if [ $1 -gt 1 ]
then
for v in `rpm -q --queryformat "%{VERSION} " %{name}`; do
if echo "$v" | grep -E "^0\." - ; then
%_docdir/%{name}/examples/convert_keyhash.pl \
-i etc/security/pam_mount.conf.xml
break;
fi
done
fi
%clean
rm -rf $RPM_BUILD_ROOT
@ -124,25 +130,28 @@ rm -rf $RPM_BUILD_ROOT
%docdir %_docdir/%name
%_docdir/%name
/%{_lib}/security/pam_mount*.so
%{_prefix}/bin/mkehd
%{_prefix}/bin/autoehd
%{_prefix}/bin/pmt-fd0ssh
%{_prefix}/bin/pmt-ofl
/sbin/mount.crypt
/sbin/umount.crypt
%{_bindir}/pmt-fd0ssh
%{_bindir}/pmt-ofl
/sbin/mount.crypt*
/sbin/umount.crypt*
/sbin/mount.encfs13
%{_sbindir}/mount.crypt
%{_sbindir}/umount.crypt
%{_sbindir}/mount.encfs13
%{_sbindir}/umount.encfs13
%{_sbindir}/pmvarrun
%{_sbindir}/pmt-ehd
%config(noreplace) %{_sysconfdir}/security/pam_mount.conf.xml
%doc %{_mandir}/man1/mkehd.1.gz
%doc %{_mandir}/man1/pmt-fd0ssh.1.gz
%doc %{_mandir}/man5/pam_mount.conf.5.gz
%doc %{_mandir}/man8/autoehd.8.gz
%doc %{_mandir}/man8/mount.crypt.8.gz
%doc %{_mandir}/man8/pam_mount.8.gz
%doc %{_mandir}/man8/pmvarrun.8.gz
%doc %{_mandir}/man8/umount.crypt.8.gz
%doc %{_mandir}/man8/*.8.gz
%changelog
* Wed Feb 18 2009 mc@suse.de
- update to version 1.18
* lot of fixes and new Features.
see /usr/share/doc/packages/pam_mount/changelog.txt
for details
* Thu Jan 29 2009 crrodriguez@suse.de
- reduce buildRequires after libHX changes
* Mon Jan 12 2009 mc@suse.de