Re: [PR PATCH] [Updated] [NOMERGE] Update pam to 1.5.0.

[ericonr <ericonr@users.noreply.github.com>]

[-- Attachment #1: Type: text/plain, Size: 442 bytes --]

There is an updated pull request by ericonr against master on the void-packages repository

https://github.com/ericonr/void-packages pam
https://github.com/void-linux/void-packages/pull/25506

[NOMERGE] Update pam to 1.5.0.
Had to do some patching around, but the patches are fully documented.

Please test it out in whatever weird setups you have!

A patch file from https://github.com/void-linux/void-packages/pull/25506.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-pam-25506.patch --]
[-- Type: text/x-diff, Size: 7372 bytes --]

From 87f87939d2cb5ffad7dc11ce9b9d182536b77bca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=89rico=20Rolim?= <erico.erc@gmail.com>
Date: Sun, 11 Oct 2020 00:43:04 -0300
Subject: [PATCH] pam: update to 1.5.1, update homepage, adopt.

Also:

- Cracklib is deprecated and disabled by default.
- pam_tally and pam_tally2 have been removed.
- Add checkdepends.
- Add changelog.

Due to the pam_tally removal, this package has to depend on the newest
version of pam-base.
---
 srcpkgs/pam/INSTALL.msg                       |  7 +++
 srcpkgs/pam/patches/musl-fix-pam_exec.patch   | 31 -------------
 .../pam/patches/pam_unix_sys_resource.patch   | 10 -----
 srcpkgs/pam/patches/portability-fixes.patch   | 44 -------------------
 srcpkgs/pam/template                          | 41 ++++++++---------
 5 files changed, 25 insertions(+), 108 deletions(-)
 create mode 100644 srcpkgs/pam/INSTALL.msg
 delete mode 100644 srcpkgs/pam/patches/musl-fix-pam_exec.patch
 delete mode 100644 srcpkgs/pam/patches/pam_unix_sys_resource.patch
 delete mode 100644 srcpkgs/pam/patches/portability-fixes.patch

diff --git a/srcpkgs/pam/INSTALL.msg b/srcpkgs/pam/INSTALL.msg
new file mode 100644
index 00000000000..e5767f32ca2
--- /dev/null
+++ b/srcpkgs/pam/INSTALL.msg
@@ -0,0 +1,7 @@
+WARNING: PAM>=1.5.0 has removed the pam_tally and pam_tally2 modules,
+as well as the pam_lastlog module on musl. If you have a custom PAM
+config, you will need to fix it immediately for these changes.
+
+Otherwise, the pam-base-0.4 update will have handled these changes for
+you, unless your XBPS config uses "keepconf=true",
+"preserve=/etc/pam.d/system-login" or "preserve=/etc/pam.d/*".
diff --git a/srcpkgs/pam/patches/musl-fix-pam_exec.patch b/srcpkgs/pam/patches/musl-fix-pam_exec.patch
deleted file mode 100644
index b6b999faed7..00000000000
--- a/srcpkgs/pam/patches/musl-fix-pam_exec.patch
+++ /dev/null
@@ -1,31 +0,0 @@
---- ./modules/pam_exec/pam_exec.c.orig
-+++ ./modules/pam_exec/pam_exec.c
-@@ -103,11 +103,14 @@
-   int optargc;
-   const char *logfile = NULL;
-   const char *authtok = NULL;
-+  char authtok_buf[PAM_MAX_RESP_SIZE+1];
-+
-   pid_t pid;
-   int fds[2];
-   int stdout_fds[2];
-   FILE *stdout_file = NULL;
- 
-+  memset(authtok_buf, 0, sizeof(authtok_buf));
-   if (argc < 1) {
-     pam_syslog (pamh, LOG_ERR,
- 		"This module needs at least one argument");
-@@ -178,11 +181,11 @@
- 		}
- 
- 	      pam_set_item (pamh, PAM_AUTHTOK, resp);
--	      authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
-+	      authtok = strncpy(authtok_buf, resp, sizeof(authtok_buf));
- 	      _pam_drop (resp);
- 	    }
- 	  else
--	    authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);
-+	    authtok = strncpy(authtok_buf, void_pass, sizeof(authtok_buf));
- 
- 	  if (pipe(fds) != 0)
- 	    {
diff --git a/srcpkgs/pam/patches/pam_unix_sys_resource.patch b/srcpkgs/pam/patches/pam_unix_sys_resource.patch
deleted file mode 100644
index 21f313b3584..00000000000
--- a/srcpkgs/pam/patches/pam_unix_sys_resource.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- modules/pam_unix/pam_unix_acct.c.orig	2012-07-09 15:01:11.592269364 +0200
-+++ modules/pam_unix/pam_unix_acct.c	2012-07-09 15:01:54.615228076 +0200
-@@ -47,6 +47,7 @@
- #include <time.h>		/* for time() */
- #include <errno.h>
- #include <sys/wait.h>
-+#include <sys/resource.h>	/* for RLIMIT_NOFILE */
- 
- #include <security/_pam_macros.h>
- 
diff --git a/srcpkgs/pam/patches/portability-fixes.patch b/srcpkgs/pam/patches/portability-fixes.patch
deleted file mode 100644
index 6f395008208..00000000000
--- a/srcpkgs/pam/patches/portability-fixes.patch
+++ /dev/null
@@ -1,44 +0,0 @@
---- modules/pam_lastlog/pam_lastlog.c.orig     2014-01-11 12:56:15.735248391 +0100
-+++ modules/pam_lastlog/pam_lastlog.c  2014-01-11 12:57:33.142756424 +0100
-@@ -26,6 +26,7 @@
- #include <sys/types.h>
- #include <syslog.h>
- #include <unistd.h>
-+#include <paths.h>
- 
- #if defined(hpux) || defined(sunos) || defined(solaris)
- # ifndef _PATH_LASTLOG
-@@ -403,7 +404,9 @@ last_login_write(pam_handle_t *pamh, int
- 
-     if (announce & LASTLOG_WTMP) {
-       /* write wtmp entry for user */
-+#ifdef HAVE_LOGWTMP
-       logwtmp(last_login.ll_line, user, remote_host);
-+#endif
-     }
- 
-     /* cleanup */
-@@ -713,7 +716,9 @@ pam_sm_close_session (pam_handle_t *pamh
-     terminal_line = get_tty(pamh);
- 
-     /* Wipe out utmp logout entry */
-+#ifdef HAVE_LOGWTMP
-     logwtmp(terminal_line, "", "");
-+#endif
- 
-     return PAM_SUCCESS;
- }
---- modules/pam_rhosts/pam_rhosts.c.orig       2014-01-11 12:58:40.263196779 +0100
-+++ modules/pam_rhosts/pam_rhosts.c    2014-01-11 12:59:25.182491398 +0100
-@@ -113,8 +113,10 @@ int pam_sm_authenticate (pam_handle_t *p
- 
- #ifdef HAVE_RUSEROK_AF
-     retval = ruserok_af (rhost, as_root, ruser, luser, PF_UNSPEC);
--#else
-+#elif HAVE_RUSEROK
-     retval = ruserok (rhost, as_root, ruser, luser);
-+#else
-+    retval = 1;
- #endif
-     if (retval != 0) {
-       if (!opt_silent || opt_debug)
diff --git a/srcpkgs/pam/template b/srcpkgs/pam/template
index 161f96ad51f..6168a318429 100644
--- a/srcpkgs/pam/template
+++ b/srcpkgs/pam/template
@@ -1,16 +1,18 @@
 # Template file for 'pam'
 pkgname=pam
-version=1.3.0
-revision=2
+version=1.5.1
+revision=1
 wrksrc="Linux-PAM-$version"
 build_style=gnu-configure
 configure_args="
  --libdir=/usr/lib --sbindir=/usr/bin --docdir=/usr/share/doc/pam
- --disable-nis --disable-cracklib --disable-audit --disable-selinux
+ --disable-nis --disable-audit --disable-selinux
  --disable-regenerate-docu BUILD_CFLAGS=-Os BUILD_LDFLAGS="
-hostmakedepends="automake gettext-devel flex libtool pkg-config"
+hostmakedepends="gettext-devel pkg-config"
 makedepends="libfl-devel db-devel"
-depends="pam-base"
+# version of pam-base that doesn't include removed modules
+depends="pam-base>=0.4_1"
+checkdepends="${depends}"
 conf_files="
 	/etc/environment
 	/etc/security/access.conf
@@ -22,31 +24,24 @@ conf_files="
 make_dirs="
 	/etc/security/limits.d 0755 root root
 	/etc/security/namespace.d 0755 root root"
-lib32disabled=yes
 short_desc="Flexible mechanism for authenticating users"
-maintainer="Orphaned <orphan@voidlinux.org>"
+maintainer="Érico Nogueira <ericonr@disroot.org>"
 license="BSD-3-Clause"
-homepage="http://www.kernel.org/pub/linux/libs/pam/"
-distfiles="http://linux-pam.org/library/Linux-PAM-${version}.tar.bz2"
-checksum=241aed1ef522f66ed672719ecf2205ec513fd0075ed80cda8e086a5b1a01d1bb
+homepage="https://github.com/linux-pam/linux-pam"
+changelog="https://raw.githubusercontent.com/linux-pam/linux-pam/master/NEWS"
+distfiles="${homepage}/releases/download/v${version}/Linux-PAM-${version}.tar.xz"
+checksum=201d40730b1135b1b3cdea09f2c28ac634d73181ccd0172ceddee3649c5792fc
+lib32disabled=yes
 
-pre_configure() {
-	case "$XBPS_TARGET_MACHINE" in
-		*-musl) configure_args+=" ac_cv_search_crypt=no";;
-	esac
-	autoreconf -fi
-}
+if [ "$XBPS_CHECK_PKGS" = musl ]; then
+	configure_args+=" ac_cv_search_crypt=no"
+fi
 
 post_install() {
 	# Fix unix_chkpwd perms.
 	chmod 4755 ${DESTDIR}/usr/bin/unix_chkpwd
-	#
-	# Fix a syntax error in namespace.init, -p flag is unknown
-	# at least to dash and bash.
-	#
-	sed -i -e "s|^#!/bin/sh -p$|#!/bin/sh|" \
-		${DESTDIR}/etc/security/namespace.init
-	chmod 755 ${DESTDIR}/etc/security/namespace.init
+	rm -r ${DESTDIR}/usr/lib/systemd
+	vlicense COPYING LICENSE
 }
 
 pam-devel_package() {