Patchwork [03/10] openssh: Support PAM

login
register
mail settings
Submitter Kang Kai
Date July 21, 2011, 8 a.m.
Message ID <c97e204dcce4690cd83feddaf007f2a625dd4b6f.1311234759.git.kai.kang@windriver.com>
Download mbox | patch
Permalink /patch/8181/
State New, archived
Headers show

Comments

Kang Kai - July 21, 2011, 8 a.m.
From: Xiaofeng Yan <xiaofeng.yan@windriver.com>

Adding configuration file "sshd" in /etc/pam.d/ for supporting pam.

Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
---
 .../openssh/openssh-5.8p2/sshd                     |   10 ++++++++++
 meta/recipes-connectivity/openssh/openssh_5.8p2.bb |    7 +++++--
 2 files changed, 15 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-connectivity/openssh/openssh-5.8p2/sshd
Koen Kooi - July 21, 2011, 8:55 a.m.
Op 21 jul. 2011, om 10:00 heeft Kang Kai het volgende geschreven:

> From: Xiaofeng Yan <xiaofeng.yan@windriver.com>
> 
> Adding configuration file "sshd" in /etc/pam.d/ for supporting pam.

Where did this file come from and why isn't openssh providing it on its own?

> 
> Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
> ---
> .../openssh/openssh-5.8p2/sshd                     |   10 ++++++++++
> meta/recipes-connectivity/openssh/openssh_5.8p2.bb |    7 +++++--
> 2 files changed, 15 insertions(+), 2 deletions(-)
> create mode 100644 meta/recipes-connectivity/openssh/openssh-5.8p2/sshd
> 
> diff --git a/meta/recipes-connectivity/openssh/openssh-5.8p2/sshd b/meta/recipes-connectivity/openssh/openssh-5.8p2/sshd
> new file mode 100644
> index 0000000..4882e58
> --- /dev/null
> +++ b/meta/recipes-connectivity/openssh/openssh-5.8p2/sshd
> @@ -0,0 +1,10 @@
> +#%PAM-1.0
> +
> +auth       include      common-auth
> +account    required     pam_nologin.so
> +account    include      common-account
> +password   include      common-password
> +session    optional     pam_keyinit.so force revoke
> +session    include      common-session
> +session    required     pam_loginuid.so
> +
> diff --git a/meta/recipes-connectivity/openssh/openssh_5.8p2.bb b/meta/recipes-connectivity/openssh/openssh_5.8p2.bb
> index e23069c..e0da936 100644
> --- a/meta/recipes-connectivity/openssh/openssh_5.8p2.bb
> +++ b/meta/recipes-connectivity/openssh/openssh_5.8p2.bb
> @@ -7,7 +7,7 @@ SECTION = "console/network"
> LICENSE = "BSD"
> LIC_FILES_CHKSUM = "file://LICENCE;md5=bae9a689be41581503bcf95d8fb42c4e"
> 
> -PR = "r0"
> +PR = "r1"
> 
> DEPENDS = "zlib openssl"
> DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
> @@ -23,6 +23,7 @@ SRC_URI = "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.
>            file://sshd_config \
>            file://ssh_config \
>            file://init \
> +           file://sshd \
>           "
> SRC_URI[md5sum] = "0541579adf9d55abb15ef927048d372e"
> SRC_URI[sha256sum] = "5c35ec7c966ce05cc4497ac59c0b54a556e55ae7368165cc8c4129694654f314"
> @@ -59,7 +60,9 @@ do_compile_append () {
> 
> do_install_append () {
> 	install -d ${D}${sysconfdir}/init.d
> +	install -d ${D}${sysconfdir}/pam.d
> 	install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/sshd
> +	install -m 0755 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
> 	mv ${D}${bindir}/scp ${D}${bindir}/scp.${PN}
> 	mv ${D}${bindir}/ssh ${D}${bindir}/ssh.${PN}
> 	rm -f ${D}${bindir}/slogin ${D}${datadir}/Ssh.bin
> @@ -71,7 +74,7 @@ ALLOW_EMPTY_${PN} = "1"
> PACKAGES =+ "${PN}-keygen ${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-sftp ${PN}-misc ${PN}-sftp-server"
> FILES_${PN}-scp = "${bindir}/scp.${PN}"
> FILES_${PN}-ssh = "${bindir}/ssh.${PN} ${sysconfdir}/ssh/ssh_config"
> -FILES_${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd"
> +FILES_${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd ${sysconfdir}/pam.d/sshd"
> FILES_${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config"
> FILES_${PN}-sftp = "${bindir}/sftp"
> FILES_${PN}-sftp-server = "${libexecdir}/sftp-server"
> -- 
> 1.7.5.1.300.gc565c
> 
> 
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
Phil Blundell - July 21, 2011, 9:05 a.m.
On Thu, 2011-07-21 at 16:00 +0800, Kang Kai wrote:
>  do_install_append () {
>  	install -d ${D}${sysconfdir}/init.d
> +	install -d ${D}${sysconfdir}/pam.d
>  	install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/sshd
> +	install -m 0755 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd

I think this should be conditional on pam in DISTRO_FEATURES.

p.

Patch

diff --git a/meta/recipes-connectivity/openssh/openssh-5.8p2/sshd b/meta/recipes-connectivity/openssh/openssh-5.8p2/sshd
new file mode 100644
index 0000000..4882e58
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh-5.8p2/sshd
@@ -0,0 +1,10 @@ 
+#%PAM-1.0
+
+auth       include      common-auth
+account    required     pam_nologin.so
+account    include      common-account
+password   include      common-password
+session    optional     pam_keyinit.so force revoke
+session    include      common-session
+session    required     pam_loginuid.so
+
diff --git a/meta/recipes-connectivity/openssh/openssh_5.8p2.bb b/meta/recipes-connectivity/openssh/openssh_5.8p2.bb
index e23069c..e0da936 100644
--- a/meta/recipes-connectivity/openssh/openssh_5.8p2.bb
+++ b/meta/recipes-connectivity/openssh/openssh_5.8p2.bb
@@ -7,7 +7,7 @@  SECTION = "console/network"
 LICENSE = "BSD"
 LIC_FILES_CHKSUM = "file://LICENCE;md5=bae9a689be41581503bcf95d8fb42c4e"
 
-PR = "r0"
+PR = "r1"
 
 DEPENDS = "zlib openssl"
 DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
@@ -23,6 +23,7 @@  SRC_URI = "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.
            file://sshd_config \
            file://ssh_config \
            file://init \
+           file://sshd \
           "
 SRC_URI[md5sum] = "0541579adf9d55abb15ef927048d372e"
 SRC_URI[sha256sum] = "5c35ec7c966ce05cc4497ac59c0b54a556e55ae7368165cc8c4129694654f314"
@@ -59,7 +60,9 @@  do_compile_append () {
 
 do_install_append () {
 	install -d ${D}${sysconfdir}/init.d
+	install -d ${D}${sysconfdir}/pam.d
 	install -m 0755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/sshd
+	install -m 0755 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
 	mv ${D}${bindir}/scp ${D}${bindir}/scp.${PN}
 	mv ${D}${bindir}/ssh ${D}${bindir}/ssh.${PN}
 	rm -f ${D}${bindir}/slogin ${D}${datadir}/Ssh.bin
@@ -71,7 +74,7 @@  ALLOW_EMPTY_${PN} = "1"
 PACKAGES =+ "${PN}-keygen ${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-sftp ${PN}-misc ${PN}-sftp-server"
 FILES_${PN}-scp = "${bindir}/scp.${PN}"
 FILES_${PN}-ssh = "${bindir}/ssh.${PN} ${sysconfdir}/ssh/ssh_config"
-FILES_${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd"
+FILES_${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd ${sysconfdir}/pam.d/sshd"
 FILES_${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config"
 FILES_${PN}-sftp = "${bindir}/sftp"
 FILES_${PN}-sftp-server = "${libexecdir}/sftp-server"