241 lines
8.5 KiB
RPMSpec
241 lines
8.5 KiB
RPMSpec
#
|
|
# spec file for package pam_mount (Version 0.41)
|
|
#
|
|
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
|
# This file and all modifications and additions to the pristine
|
|
# package are under the same license as the package itself.
|
|
#
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
#
|
|
|
|
# norootforbuild
|
|
|
|
|
|
Name: pam_mount
|
|
BuildRequires: libHX-devel libxml2-devel openssl-devel pam-devel perl-XML-Writer pkg-config
|
|
BuildRequires: linux-kernel-headers
|
|
Summary: A PAM Module that can Mount Volumes for a User Session
|
|
Version: 0.41
|
|
Release: 1
|
|
# psmisc: /bin/fuser
|
|
Recommends: cifs-mount psmisc
|
|
Recommends: cryptsetup
|
|
Requires: lsof util-linux
|
|
License: LGPL v2.1 or later
|
|
Prefix: /usr
|
|
Group: System/Libraries
|
|
Source: %{name}-%{version}.tar.bz2
|
|
Patch1: pam_mount-0.18-umount-home-dir.dif
|
|
Patch2: pam_mount-0.18-bump-max-par.diff
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
Url: http://pam-mount.sourceforge.net/
|
|
PreReq: coreutils, perl-XML-Writer
|
|
|
|
%description
|
|
This module is aimed at environments with SMB (Samba or Windows NT) or
|
|
NCP (Netware or Mars-NWE) servers that Unix users wish to access
|
|
transparently. It facilitates access to private volumes of these types.
|
|
This module also supports mounting home directories using loopback
|
|
encrypted filesystems. The module was originally written for use on the
|
|
Linux operating system but has since been modified to work on several
|
|
flavors of BSD.
|
|
|
|
o Every user can access their own volumes
|
|
|
|
o The user only needs to type the password once (at login)
|
|
|
|
o The mounting process is transparent to the user
|
|
|
|
o There is no need to keep the login passwords in any additional files
|
|
|
|
o The volumes are unmounted on logout, so it saves system resources,
|
|
avoiding the need to list every possibly useful remote volume in
|
|
/etc/fstab or in an automount/supermount config file. This is also
|
|
necessary for securing encrypted filesystems.
|
|
|
|
Pam_mount "understands" SMB, NCP, and any type of filesystem that can
|
|
be mounted using the standard mount command. If someone has a
|
|
particular need for a different filesystem, feel free to ask me to
|
|
include it and send me patches.
|
|
|
|
|
|
|
|
%prep
|
|
%setup -q
|
|
%patch1
|
|
%patch2
|
|
|
|
%build
|
|
%{suse_update_config -f}
|
|
autoreconf --verbose --force --install
|
|
CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" ./configure \
|
|
--prefix=%{_prefix} --with-slibdir=/%{_lib} --mandir=%{_mandir} \
|
|
--sysconfdir=%{_sysconfdir}
|
|
make
|
|
|
|
%install
|
|
make install DESTDIR=${RPM_BUILD_ROOT}
|
|
# Remove static and libtool version
|
|
rm -f ${RPM_BUILD_ROOT}/%{_lib}/security/pam_mount.{a,la}
|
|
mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/security
|
|
# remove mount_ehd, it's only for OpenBSD
|
|
rm $RPM_BUILD_ROOT%{_prefix}/bin/mount_ehd
|
|
rm $RPM_BUILD_ROOT%{_mandir}/man8/mount_ehd.8
|
|
#install the docs
|
|
mkdir -p ${RPM_BUILD_ROOT}/%_docdir/%{name}/examples
|
|
cp doc/bugs.txt doc/changelog.txt LICENSE* doc/faq.txt doc/todo.txt doc/options.txt doc/pam_mount.txt ${RPM_BUILD_ROOT}/%_docdir/%name/
|
|
install -m 755 scripts/convert_pam_mount_conf.pl ${RPM_BUILD_ROOT}/%_docdir/%{name}/examples/
|
|
|
|
%post
|
|
if [ -e etc/security/pam_mount.conf ]
|
|
then
|
|
cp etc/security/pam_mount.conf.xml %_docdir/%{name}/examples/
|
|
%_docdir/%{name}/examples/convert_pam_mount_conf.pl \
|
|
-i etc/security/pam_mount.conf -o etc/security/pam_mount.conf.xml
|
|
fi
|
|
|
|
%clean
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
%files
|
|
%defattr(-, root, root)
|
|
%docdir %_docdir/%name
|
|
%_docdir/%name
|
|
/%{_lib}/security/pam_mount*.so
|
|
%{_prefix}/bin/mkehd
|
|
%{_prefix}/bin/autoehd
|
|
%{_prefix}/bin/passwdehd
|
|
%{_prefix}/bin/pmt-fd0ssh
|
|
/sbin/mount.crypt
|
|
/sbin/umount.crypt
|
|
%{_sbindir}/pmvarrun
|
|
%config(noreplace) %{_sysconfdir}/security/pam_mount.conf.xml
|
|
%doc %{_mandir}/man1/mkehd.1.gz
|
|
%doc %{_mandir}/man1/pmt-fd0ssh.1.gz
|
|
%doc %{_mandir}/man5/pam_mount.conf.5.gz
|
|
%doc %{_mandir}/man8/autoehd.8.gz
|
|
%doc %{_mandir}/man8/mount.crypt.8.gz
|
|
%doc %{_mandir}/man8/pam_mount.8.gz
|
|
%doc %{_mandir}/man8/passwdehd.8.gz
|
|
%doc %{_mandir}/man8/pmvarrun.8.gz
|
|
%doc %{_mandir}/man8/umount.crypt.8.gz
|
|
|
|
%changelog
|
|
* Mon Jun 23 2008 mc@suse.de
|
|
- version 0.41
|
|
- add missing pgrp/sgrp attribute handling for simple user control
|
|
- mount.crypt: handle arbitrary argument order
|
|
- correct extended sgrp handling
|
|
- manpages: add missing description for <fsck>, and reorder <path>
|
|
- the documentation in pam_mount.conf.xml has been reworked and
|
|
split off into pam_mount.conf(5).
|
|
- extensive user selection for <volume> (revised)
|
|
- case-insensitive matching for user, pgrp, sgrp
|
|
- fixed segfault when more than one volume was defined
|
|
- extended user selection for <volume>
|
|
- fix an unwanted inversion for handling <options allow=" (nonempty) ">
|
|
- store per-volume option list in ordered form --
|
|
essentially fixes the problem of "user" (implies noeexec)
|
|
overriding "exec"
|
|
- fix null pointer deref (from new UID/GID range support)
|
|
- mount.crypt uses normal sleep from coreutils again
|
|
- truecrypt 5.x is not supported because the truecrypt CLI component
|
|
that pam_mount requires was removed
|
|
- <volume> tag in pam_mount.conf.xml supports UID and GID ranges now
|
|
- fix HAVE_LIBCRYPTO regression;
|
|
crypto was always disabled even if openssl present
|
|
- remove pam_mount-0.35-fix-configure.dif (is upstream now)
|
|
* Tue Apr 22 2008 mc@suse.de
|
|
- use upstream fix for bnc#381292
|
|
* Fri Apr 18 2008 mc@suse.de
|
|
- fix configure (bnc#381292)
|
|
* Thu Apr 10 2008 ro@suse.de
|
|
- added baselibs.conf file to build xxbit packages
|
|
for multilib support
|
|
* Mon Apr 07 2008 mc@suse.de
|
|
- update to version 0.35
|
|
- mount.crypt: fix loop device detection
|
|
- mount.crypt: wait for dm devices to show up
|
|
- fixed: mount flag and value were one argument
|
|
- pmvarrun: support unprivileged mode
|
|
- Support for SSH keyboard-interactive authenticated volumes
|
|
- documentation updates
|
|
* Wed Apr 02 2008 mc@suse.de
|
|
- update to version 0.32
|
|
- notify about unknown options in /etc/pam.d/*
|
|
- support "debug" option for pam_mount in /etc/pam.d/*
|
|
- mount.crypt: detect loop devices by major number
|
|
- Fixed parsing of old-style pam_mount.conf with spaces in group names,
|
|
copy-and-paste typos and a missing return value. Added workaround for
|
|
CIFS volumes within NFS mounts with "root_squash" option.
|
|
- allow --keyfile to be used for non-LUKS too
|
|
- luksClose is the same as Remove (in umount.crypt)
|
|
- convert "local" fstype entries from old configuration format correctly.
|
|
- fixed parsing of old pam_mount.conf with spaces in group names
|
|
- fixed: When no volumes were to be mounted, return value
|
|
was not PAM_SUCCESS.
|
|
* Mon Oct 08 2007 mc@suse.de
|
|
- update to version 0.29
|
|
* pam_mount switched to an XML configuration.
|
|
* added truecrypt support
|
|
* add an "invert" attribute
|
|
* split group matching into multiple attributes
|
|
* properly detect loop64 support
|
|
* NT domain placeholders
|
|
* Implement the "soft_try_pass" option
|
|
* add "nullok" option
|
|
* --keyfile option added to mount.crypt
|
|
* Fri Sep 21 2007 mc@suse.de
|
|
- remove the loopdevice for the image too
|
|
[#326802]
|
|
* Thu Sep 20 2007 mc@suse.de
|
|
- add required dependencies [#326802]
|
|
* Wed Apr 04 2007 crivera@suse.de
|
|
- Don't package mount_ehd, it's only for
|
|
OpenBSD. Fixes 256214.
|
|
* Thu Mar 29 2007 mc@suse.de
|
|
- add zlib-devel to BuildRequires
|
|
* Tue Mar 13 2007 mc@suse.de
|
|
- fix reference counting of pmvarrun app
|
|
[#252243]
|
|
* Tue Jan 23 2007 mc@suse.de
|
|
- fix umount encrypted homedirectories
|
|
[#237793]
|
|
* Thu Jan 18 2007 mc@suse.de
|
|
- disable debug
|
|
- increase MAX_PAR to be able to read longer keys
|
|
* Fri Jan 12 2007 mc@suse.de
|
|
- add patch to kill all remaining user processes before
|
|
unmounting crypted partition
|
|
(pam_mount-0.18-umount-home-dir.dif)
|
|
* Fri Dec 08 2006 dgollub@suse.de
|
|
- use UID of specified user for owner change of mount point
|
|
(pam_mount-chownuid-fix.diff)
|
|
* Tue Sep 12 2006 mc@suse.de
|
|
- Update to 0.18
|
|
* fixes memory corruptions, zero termination, segfaults
|
|
* A crash on x86_64 has been fixed. pam_mount now changes
|
|
to the root directory before attempting to (un)mount
|
|
* Mon Jul 31 2006 kukuk@suse.de
|
|
- Update to version 0.16
|
|
bugfix release
|
|
* Wed Jan 25 2006 mls@suse.de
|
|
- converted neededforbuild to BuildRequires
|
|
* Thu Dec 22 2005 varkoly@suse.de
|
|
- Update to version 0.10.0
|
|
* Mon Dec 19 2005 ro@suse.de
|
|
- added symlinks to package
|
|
* Mon Jul 11 2005 schubi@suse.de
|
|
- Update to version 0.9.25
|
|
* Mon Apr 11 2005 kukuk@suse.de
|
|
- Update to version 0.9.22 [Bug #65110]
|
|
* Fri Jan 16 2004 kukuk@suse.de
|
|
- Build as user
|
|
- Add pam-devel to neededforbuild
|
|
* Mon Jan 12 2004 kukuk@suse.de
|
|
- Update to version 0.9.9
|
|
* Mon Oct 27 2003 kukuk@suse.de
|
|
- Update to version 0.9.6 [Bug #32216]
|
|
* Wed May 28 2003 kukuk@suse.de
|
|
- Initial package
|