Patchwork [02/10] dropbear: Support PAM

login
register
mail settings
Submitter Kang Kai
Date July 21, 2011, 8 a.m.
Message ID <6cd8526778ee4b4ccd54bbac16dfbd492baa06c3.1311234759.git.kai.kang@windriver.com>
Download mbox | patch
Permalink /patch/8195/
State New, archived
Headers show

Comments

Kang Kai - July 21, 2011, 8 a.m.
From: Xiaofeng Yan <xiaofeng.yan@windriver.com>

I make a patch and some changes in dropbear.inc for supporting pam.
- Enable pam in configure
- Modify file option.h to open pam supporting

Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
---
 meta/recipes-core/dropbear/dropbear.inc            |    6 ++++-
 .../dropbear/dropbear/dropbear-enable-pam.patch    |   21 ++++++++++++++++++++
 2 files changed, 26 insertions(+), 1 deletions(-)
 create mode 100644 meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
Koen Kooi - July 21, 2011, 8:54 a.m.
Op 21 jul. 2011, om 10:00 heeft Kang Kai het volgende geschreven:

> From: Xiaofeng Yan <xiaofeng.yan@windriver.com>
> 
> I make a patch and some changes in dropbear.inc for supporting pam.
> - Enable pam in configure
> - Modify file option.h to open pam supporting
> 
> Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
> ---
> meta/recipes-core/dropbear/dropbear.inc            |    6 ++++-
> .../dropbear/dropbear/dropbear-enable-pam.patch    |   21 ++++++++++++++++++++
> 2 files changed, 26 insertions(+), 1 deletions(-)
> create mode 100644 meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
> 
> diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
> index 1b51e1a..48cefb6 100644
> --- a/meta/recipes-core/dropbear/dropbear.inc
> +++ b/meta/recipes-core/dropbear/dropbear.inc
> @@ -9,13 +9,15 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3a5b0c2f0d0c49dfde9558ae2036683c"
> 
> DEPENDS = "zlib"
> RPROVIDES = "ssh sshd"
> +DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
> 
> SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \
> 	         file://urandom-xauth-changes-to-options.h.patch \
> 	         file://configure.patch \
> 	         file://fix-2kb-keys.patch \
> 	         file://allow-nopw.patch;apply=no \
> -	         file://init"
> +	         file://init \
> +		 file://dropbear-enable-pam.patch "
> 
> inherit autotools update-rc.d
> 
> @@ -28,6 +30,8 @@ LD = "${CC}"
> SBINCOMMANDS = "dropbear dropbearkey dropbearconvert"
> BINCOMMANDS = "dbclient ssh scp"
> EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS} ${BINCOMMANDS}"'
> +EXTRA_OECONF += "\
> +	${@base_contains('DISTRO_FEATURES', 'pam', '--enable-pam', '--disable-pam', d)}"
> 
> DISTRO_TYPE = "${@base_contains("IMAGE_FEATURES", "debug-tweaks", "debug", "",d)}"

That one is missing a PR bump
Khem Raj - July 21, 2011, 7:10 p.m.
On Thu, Jul 21, 2011 at 1:54 AM, Koen Kooi <koen@dominion.thruhere.net> wrote:
>
> Op 21 jul. 2011, om 10:00 heeft Kang Kai het volgende geschreven:
>
>> From: Xiaofeng Yan <xiaofeng.yan@windriver.com>
>>
>> I make a patch and some changes in dropbear.inc for supporting pam.
>> - Enable pam in configure
>> - Modify file option.h to open pam supporting
>>
>> Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
>> ---
>> meta/recipes-core/dropbear/dropbear.inc            |    6 ++++-
>> .../dropbear/dropbear/dropbear-enable-pam.patch    |   21 ++++++++++++++++++++
>> 2 files changed, 26 insertions(+), 1 deletions(-)
>> create mode 100644 meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
>>
>> diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
>> index 1b51e1a..48cefb6 100644
>> --- a/meta/recipes-core/dropbear/dropbear.inc
>> +++ b/meta/recipes-core/dropbear/dropbear.inc
>> @@ -9,13 +9,15 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3a5b0c2f0d0c49dfde9558ae2036683c"
>>
>> DEPENDS = "zlib"
>> RPROVIDES = "ssh sshd"
>> +DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
>>
>> SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \
>>                file://urandom-xauth-changes-to-options.h.patch \
>>                file://configure.patch \
>>                file://fix-2kb-keys.patch \
>>                file://allow-nopw.patch;apply=no \
>> -              file://init"
>> +              file://init \
>> +              file://dropbear-enable-pam.patch "
>>
>> inherit autotools update-rc.d
>>
>> @@ -28,6 +30,8 @@ LD = "${CC}"
>> SBINCOMMANDS = "dropbear dropbearkey dropbearconvert"
>> BINCOMMANDS = "dbclient ssh scp"
>> EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS} ${BINCOMMANDS}"'
>> +EXTRA_OECONF += "\
>> +     ${@base_contains('DISTRO_FEATURES', 'pam', '--enable-pam', '--disable-pam', d)}"
>>
>> DISTRO_TYPE = "${@base_contains("IMAGE_FEATURES", "debug-tweaks", "debug", "",d)}"
>
> That one is missing a PR bump

And does this mean that it also needs libpam in DEPENDS ?
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>
Kang Kai - July 22, 2011, 2:41 a.m.
On 2011?07?22? 03:10, Khem Raj wrote:
> On Thu, Jul 21, 2011 at 1:54 AM, Koen Kooi<koen@dominion.thruhere.net>  wrote:
>> Op 21 jul. 2011, om 10:00 heeft Kang Kai het volgende geschreven:
>>
>>> From: Xiaofeng Yan<xiaofeng.yan@windriver.com>
>>>
>>> I make a patch and some changes in dropbear.inc for supporting pam.
>>> - Enable pam in configure
>>> - Modify file option.h to open pam supporting
>>>
>>> Signed-off-by: Xiaofeng Yan<xiaofeng.yan@windriver.com>
>>> ---
>>> meta/recipes-core/dropbear/dropbear.inc            |    6 ++++-
>>> .../dropbear/dropbear/dropbear-enable-pam.patch    |   21 ++++++++++++++++++++
>>> 2 files changed, 26 insertions(+), 1 deletions(-)
>>> create mode 100644 meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
>>>
>>> diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
>>> index 1b51e1a..48cefb6 100644
>>> --- a/meta/recipes-core/dropbear/dropbear.inc
>>> +++ b/meta/recipes-core/dropbear/dropbear.inc
>>> @@ -9,13 +9,15 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3a5b0c2f0d0c49dfde9558ae2036683c"
>>>
>>> DEPENDS = "zlib"
>>> RPROVIDES = "ssh sshd"
>>> +DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
>>>
>>> SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \
>>>                 file://urandom-xauth-changes-to-options.h.patch \
>>>                 file://configure.patch \
>>>                 file://fix-2kb-keys.patch \
>>>                 file://allow-nopw.patch;apply=no \
>>> -              file://init"
>>> +              file://init \
>>> +              file://dropbear-enable-pam.patch "
>>>
>>> inherit autotools update-rc.d
>>>
>>> @@ -28,6 +30,8 @@ LD = "${CC}"
>>> SBINCOMMANDS = "dropbear dropbearkey dropbearconvert"
>>> BINCOMMANDS = "dbclient ssh scp"
>>> EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS} ${BINCOMMANDS}"'
>>> +EXTRA_OECONF += "\
>>> +     ${@base_contains('DISTRO_FEATURES', 'pam', '--enable-pam', '--disable-pam', d)}"
>>>
>>> DISTRO_TYPE = "${@base_contains("IMAGE_FEATURES", "debug-tweaks", "debug", "",d)}"
>> That one is missing a PR bump
> And does this mean that it also needs libpam in DEPENDS ?

Yes, I think so. So add the

+DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"


>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
Khem Raj - July 22, 2011, 2:49 a.m.
On Thu, Jul 21, 2011 at 7:41 PM, Kang Kai <Kai.Kang@windriver.com> wrote:
> On 2011?07?22? 03:10, Khem Raj wrote:
>>
>> On Thu, Jul 21, 2011 at 1:54 AM, Koen Kooi<koen@dominion.thruhere.net>
>>  wrote:
>>>
>>> Op 21 jul. 2011, om 10:00 heeft Kang Kai het volgende geschreven:
>>>
>>>> From: Xiaofeng Yan<xiaofeng.yan@windriver.com>
>>>>
>>>> I make a patch and some changes in dropbear.inc for supporting pam.
>>>> - Enable pam in configure
>>>> - Modify file option.h to open pam supporting
>>>>
>>>> Signed-off-by: Xiaofeng Yan<xiaofeng.yan@windriver.com>
>>>> ---
>>>> meta/recipes-core/dropbear/dropbear.inc            |    6 ++++-
>>>> .../dropbear/dropbear/dropbear-enable-pam.patch    |   21
>>>> ++++++++++++++++++++
>>>> 2 files changed, 26 insertions(+), 1 deletions(-)
>>>> create mode 100644
>>>> meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
>>>>
>>>> diff --git a/meta/recipes-core/dropbear/dropbear.inc
>>>> b/meta/recipes-core/dropbear/dropbear.inc
>>>> index 1b51e1a..48cefb6 100644
>>>> --- a/meta/recipes-core/dropbear/dropbear.inc
>>>> +++ b/meta/recipes-core/dropbear/dropbear.inc
>>>> @@ -9,13 +9,15 @@ LIC_FILES_CHKSUM =
>>>> "file://LICENSE;md5=3a5b0c2f0d0c49dfde9558ae2036683c"
>>>>
>>>> DEPENDS = "zlib"
>>>> RPROVIDES = "ssh sshd"
>>>> +DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '',
>>>> d)}"
>>>>
>>>> SRC_URI =
>>>> "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \
>>>>                file://urandom-xauth-changes-to-options.h.patch \
>>>>                file://configure.patch \
>>>>                file://fix-2kb-keys.patch \
>>>>                file://allow-nopw.patch;apply=no \
>>>> -              file://init"
>>>> +              file://init \
>>>> +              file://dropbear-enable-pam.patch "
>>>>
>>>> inherit autotools update-rc.d
>>>>
>>>> @@ -28,6 +30,8 @@ LD = "${CC}"
>>>> SBINCOMMANDS = "dropbear dropbearkey dropbearconvert"
>>>> BINCOMMANDS = "dbclient ssh scp"
>>>> EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS}
>>>> ${BINCOMMANDS}"'
>>>> +EXTRA_OECONF += "\
>>>> +     ${@base_contains('DISTRO_FEATURES', 'pam', '--enable-pam',
>>>> '--disable-pam', d)}"
>>>>
>>>> DISTRO_TYPE = "${@base_contains("IMAGE_FEATURES", "debug-tweaks",
>>>> "debug", "",d)}"
>>>
>>> That one is missing a PR bump
>>
>> And does this mean that it also needs libpam in DEPENDS ?
>
> Yes, I think so. So add the
>
> +DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"

and to all recipes which are modified

>
>
>>> _______________________________________________
>>> Openembedded-core mailing list
>>> Openembedded-core@lists.openembedded.org
>>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>>>
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>
>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>
Kang Kai - July 22, 2011, 2:56 a.m.
On 2011?07?22? 10:49, Khem Raj wrote:
> On Thu, Jul 21, 2011 at 7:41 PM, Kang Kai<Kai.Kang@windriver.com>  wrote:
>> On 2011?07?22? 03:10, Khem Raj wrote:
>>> On Thu, Jul 21, 2011 at 1:54 AM, Koen Kooi<koen@dominion.thruhere.net>
>>>   wrote:
>>>> Op 21 jul. 2011, om 10:00 heeft Kang Kai het volgende geschreven:
>>>>
>>>>> From: Xiaofeng Yan<xiaofeng.yan@windriver.com>
>>>>>
>>>>> I make a patch and some changes in dropbear.inc for supporting pam.
>>>>> - Enable pam in configure
>>>>> - Modify file option.h to open pam supporting
>>>>>
>>>>> Signed-off-by: Xiaofeng Yan<xiaofeng.yan@windriver.com>
>>>>> ---
>>>>> meta/recipes-core/dropbear/dropbear.inc            |    6 ++++-
>>>>> .../dropbear/dropbear/dropbear-enable-pam.patch    |   21
>>>>> ++++++++++++++++++++
>>>>> 2 files changed, 26 insertions(+), 1 deletions(-)
>>>>> create mode 100644
>>>>> meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
>>>>>
>>>>> diff --git a/meta/recipes-core/dropbear/dropbear.inc
>>>>> b/meta/recipes-core/dropbear/dropbear.inc
>>>>> index 1b51e1a..48cefb6 100644
>>>>> --- a/meta/recipes-core/dropbear/dropbear.inc
>>>>> +++ b/meta/recipes-core/dropbear/dropbear.inc
>>>>> @@ -9,13 +9,15 @@ LIC_FILES_CHKSUM =
>>>>> "file://LICENSE;md5=3a5b0c2f0d0c49dfde9558ae2036683c"
>>>>>
>>>>> DEPENDS = "zlib"
>>>>> RPROVIDES = "ssh sshd"
>>>>> +DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '',
>>>>> d)}"
>>>>>
>>>>> SRC_URI =
>>>>> "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \
>>>>>                 file://urandom-xauth-changes-to-options.h.patch \
>>>>>                 file://configure.patch \
>>>>>                 file://fix-2kb-keys.patch \
>>>>>                 file://allow-nopw.patch;apply=no \
>>>>> -              file://init"
>>>>> +              file://init \
>>>>> +              file://dropbear-enable-pam.patch "
>>>>>
>>>>> inherit autotools update-rc.d
>>>>>
>>>>> @@ -28,6 +30,8 @@ LD = "${CC}"
>>>>> SBINCOMMANDS = "dropbear dropbearkey dropbearconvert"
>>>>> BINCOMMANDS = "dbclient ssh scp"
>>>>> EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS}
>>>>> ${BINCOMMANDS}"'
>>>>> +EXTRA_OECONF += "\
>>>>> +     ${@base_contains('DISTRO_FEATURES', 'pam', '--enable-pam',
>>>>> '--disable-pam', d)}"
>>>>>
>>>>> DISTRO_TYPE = "${@base_contains("IMAGE_FEATURES", "debug-tweaks",
>>>>> "debug", "",d)}"
>>>> That one is missing a PR bump
>>> And does this mean that it also needs libpam in DEPENDS ?
>> Yes, I think so. So add the
>>
>> +DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
> and to all recipes which are modified

ok, I'll check all the modified recipes.

>
>>
>>>> _______________________________________________
>>>> Openembedded-core mailing list
>>>> Openembedded-core@lists.openembedded.org
>>>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>>>>
>>> _______________________________________________
>>> Openembedded-core mailing list
>>> Openembedded-core@lists.openembedded.org
>>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>>
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core

Patch

diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc
index 1b51e1a..48cefb6 100644
--- a/meta/recipes-core/dropbear/dropbear.inc
+++ b/meta/recipes-core/dropbear/dropbear.inc
@@ -9,13 +9,15 @@  LIC_FILES_CHKSUM = "file://LICENSE;md5=3a5b0c2f0d0c49dfde9558ae2036683c"
 
 DEPENDS = "zlib"
 RPROVIDES = "ssh sshd"
+DEPENDS += "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
 
 SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.gz \
 	         file://urandom-xauth-changes-to-options.h.patch \
 	         file://configure.patch \
 	         file://fix-2kb-keys.patch \
 	         file://allow-nopw.patch;apply=no \
-	         file://init"
+	         file://init \
+		 file://dropbear-enable-pam.patch "
 
 inherit autotools update-rc.d
 
@@ -28,6 +30,8 @@  LD = "${CC}"
 SBINCOMMANDS = "dropbear dropbearkey dropbearconvert"
 BINCOMMANDS = "dbclient ssh scp"
 EXTRA_OEMAKE = 'MULTI=1 SCPPROGRESS=1 PROGRAMS="${SBINCOMMANDS} ${BINCOMMANDS}"'
+EXTRA_OECONF += "\
+	${@base_contains('DISTRO_FEATURES', 'pam', '--enable-pam', '--disable-pam', d)}"
 
 DISTRO_TYPE = "${@base_contains("IMAGE_FEATURES", "debug-tweaks", "debug", "",d)}"
 
diff --git a/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch b/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
new file mode 100644
index 0000000..b941db5
--- /dev/null
+++ b/meta/recipes-core/dropbear/dropbear/dropbear-enable-pam.patch
@@ -0,0 +1,21 @@ 
+dropbear: We need modify file option.h besides enabling pam in \
+configure if we want dropbear to support pam.
+
+Upstream-Status: Pending
+
+Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com>
+
+--- a/options.h	2011-07-12 13:27:39.008819183 +0800
++++ b/options.h.new	2011-07-12 13:37:37.780819308 +0800
+@@ -149,9 +149,9 @@
+  * but there's an interface via a PAM module - don't bother using it otherwise.
+  * You can't enable both PASSWORD and PAM. */
+ 
+-#define ENABLE_SVR_PASSWORD_AUTH
++//#define ENABLE_SVR_PASSWORD_AUTH
+ /* PAM requires ./configure --enable-pam */
+-/*#define ENABLE_SVR_PAM_AUTH*/
++#define ENABLE_SVR_PAM_AUTH
+ #define ENABLE_SVR_PUBKEY_AUTH
+ 
+ /* Wether to ake public key options in authorized_keys file into account */