pambase: upgraded package to upstream
Upgraded sys-auth/pambase to version 20201103 on amd64
BUG=b/169267438
TEST=presubmit
RELEASE_NOTE=Upgraded sys-auth/pambase to version 20201103
Change-Id: Id7556a9bb12f3ef41b321125346c4f62595f4251
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/portage-stable/+/8482
Reviewed-by: Robert Kolchmeyer <rkolchmeyer@google.com>
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
diff --git a/metadata/md5-cache/sys-auth/pambase-20190402 b/metadata/md5-cache/sys-auth/pambase-20190402
deleted file mode 100644
index 2136120..0000000
--- a/metadata/md5-cache/sys-auth/pambase-20190402
+++ /dev/null
@@ -1,14 +0,0 @@
-DEFINED_PHASES=compile install test
-DEPEND=app-arch/xz-utils app-portage/portage-utils
-DESCRIPTION=PAM base configuration files
-EAPI=7
-HOMEPAGE=https://github.com/gentoo/pambase
-IUSE=consolekit +cracklib debug elogind minimal mktemp +nullok pam_krb5 pam_ssh passwdqc securetty selinux +sha512 systemd
-KEYWORDS=*
-LICENSE=GPL-2
-RDEPEND=>=sys-libs/pam-1.1.3 consolekit? ( sys-auth/consolekit[pam] ) cracklib? ( sys-libs/pam[cracklib] ) elogind? ( sys-auth/elogind[pam] ) mktemp? ( sys-auth/pam_mktemp ) pam_krb5? ( >=sys-libs/pam-1.1.3 sys-auth/pam_krb5 ) pam_ssh? ( sys-auth/pam_ssh ) passwdqc? ( sys-auth/pam_passwdqc ) selinux? ( sys-libs/pam[selinux] ) sha512? ( >=sys-libs/pam-1.1.3 ) systemd? ( sys-apps/systemd[pam] )
-REQUIRED_USE=?? ( consolekit elogind systemd )
-RESTRICT=binchecks
-SLOT=0
-SRC_URI=https://github.com/gentoo/pambase/archive/pambase-20190402.tar.gz
-_md5_=86b498f21a0ccd9c9275f84c930b32b9
diff --git a/metadata/md5-cache/sys-auth/pambase-20201103 b/metadata/md5-cache/sys-auth/pambase-20201103
new file mode 100644
index 0000000..afbbd69
--- /dev/null
+++ b/metadata/md5-cache/sys-auth/pambase-20201103
@@ -0,0 +1,15 @@
+BDEPEND=|| ( ( dev-lang/python:3.9 dev-python/jinja[python_targets_python3_9(-),python_single_target_python3_9(+)] ) ( dev-lang/python:3.8 dev-python/jinja[python_targets_python3_8(-),python_single_target_python3_8(+)] ) ( dev-lang/python:3.7 dev-python/jinja[python_targets_python3_7(-),python_single_target_python3_7(+)] ) )
+DEFINED_PHASES=configure install postinst setup test
+DESCRIPTION=PAM base configuration files
+EAPI=7
+HOMEPAGE=https://github.com/gentoo/pambase
+IUSE=caps debug elogind gnome-keyring minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 systemd
+KEYWORDS=*
+LICENSE=MIT
+RDEPEND=>=sys-libs/pam-1.4.0 elogind? ( sys-auth/elogind[pam] ) gnome-keyring? ( gnome-base/gnome-keyring[pam] ) mktemp? ( sys-auth/pam_mktemp ) pam_krb5? ( >=sys-libs/pam-1.4.0 sys-auth/pam_krb5 ) caps? ( sys-libs/libcap[pam] ) pam_ssh? ( sys-auth/pam_ssh ) passwdqc? ( >=sys-auth/passwdqc-1.4.0-r1 ) pwquality? ( dev-libs/libpwquality[pam] ) selinux? ( sys-libs/pam[selinux] ) sha512? ( >=sys-libs/pam-1.4.0 ) systemd? ( sys-apps/systemd[pam] )
+REQUIRED_USE=?? ( elogind systemd ) ?? ( passwdqc pwquality ) pwhistory? ( || ( passwdqc pwquality ) )
+RESTRICT=binchecks
+SLOT=0
+SRC_URI=https://github.com/gentoo/pambase/archive/pambase-20201103.tar.gz
+_eclasses_=eutils 06133990e861be0fe60c2b428fd025d9 flag-o-matic 5d5921a298e95441da2f85be419894c0 multilib 2477ebe553d3e4d2c606191fe6c33602 pam 3f746974e1cc47cabe3bd488c08cdc8e python-any-r1 54a3178500786b0a7ede4a23b7f2a6ad python-utils-r1 157a6a7a3e99c7dbdf81acc9dd4f57cd readme.gentoo-r1 22ae82e140bdd95d17a34fd5fd733190 toolchain-funcs 605c126bed8d87e4378d5ff1645330cb
+_md5_=a6aed898b315c08428dc8e3f0b33755f
diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest
index f09aab4..4f9960b 100644
--- a/sys-auth/pambase/Manifest
+++ b/sys-auth/pambase/Manifest
@@ -1 +1 @@
-DIST pambase-20190402.tar.gz 3679 BLAKE2B 992d7bf6b6f74ef22a8808b57dd6faffb6c351eaa8be4172f320031334ca6def698b2cb17005b58ac3c18e89a94012e279b0f27cc2bea5040ae8ddc3233cba2d SHA512 565d64653e9898b9bd231c1461ec0988a19dbc9500ff1417a7197ac75804abeb13ca543121ae4afb29017c1e99073a16137e5c876f43dcc01e2641218760f4ae
+DIST pambase-20201103.tar.gz 3295 BLAKE2B 7e104b5342842a21e10dce6e5c5a2d330ec06146b4791b888518463d915eebefbd694a809ff676b32c9c43945087935dc5c3496ae93ac17b7e4fd4e2e2974d1a SHA512 b94e47780f45c5e897b5fd073ce2184a901d241d51516ac5007658b1ae423d0f34c37a09a9e1d055962aa7158675ea7740dfe6466fad5e4a1b50b66a0812f51d
diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml
index 7c4208d..6b0d632 100644
--- a/sys-auth/pambase/metadata.xml
+++ b/sys-auth/pambase/metadata.xml
@@ -5,18 +5,11 @@
<email>zlogene@gentoo.org</email>
<name>Mikle Kolyada</name>
</maintainer>
+ <maintainer type="person">
+ <email>sam@gentoo.org</email>
+ <name>Sam James</name>
+ </maintainer>
<use>
- <flag name="cracklib">
- Enable pam_cracklib module on system authentication stack. This
- produces warnings when changing password to something easily
- crackable. It requires the same USE flag to be enabled on
- <pkg>sys-libs/pam</pkg> or system login might be impossible.
- </flag>
- <flag name="consolekit">
- Enable pam_ck_connector module on local system logins. This
- allows for console logins to make use of ConsoleKit
- authorization.
- </flag>
<flag name="elogind">
Use pam_elogind module to register user sessions with elogind.
</flag>
@@ -31,10 +24,19 @@
</flag>
<flag name="passwdqc">
Enable pam_passwdqc module on system auth stack for password
- quality validation. This is an alternative to pam_cracklib
- producing warnings, rejecting or providing example passwords
- when changing your system password. It is used by default by
- OpenWall GNU/*/Linux and by FreeBSD.
+ quality validation. This module produces warnings, rejecting
+ or providing example passwords when changing your system password.
+ It is used by default by OpenWall GNU/*/Linux and by FreeBSD.
+ </flag>
+ <flag name="pwhistory">
+ Enable pam_pwhistory module on system auth stack to save
+ the last passwords for each user in order to force password
+ change history and keep the user from alternating between
+ the same password too frequently.
+ </flag>
+ <flag name="pwquality">
+ Enable pam_pwquality module on system auth stack for passwd
+ quality validation. It is used be dafault by Fedora GNU/*/Linux.
</flag>
<flag name="mktemp">
Enable pam_mktemp module on system auth stack for session
@@ -71,11 +73,10 @@
</flag>
<flag name="minimal">
Disables the standard PAM modules that provide extra information
- to users on login; this includes pam_tally (and pam_tally2 for
- Linux PAM 1.1 and later), pam_lastlog, pam_motd and other
- similar modules. This might not be a good idea on a multi-user
- system but could reduce slightly the overhead on single-user
- non-networked systems.
+ to users on login; this includes pam_lastlog, pam_motd, pam_mail
+ and other similar modules. This might not be a good idea on
+ a multi-user system but could reduce slightly the overhead on
+ single-user non-networked systems.
</flag>
<flag name="nullok">
Enable the nullok option with the pam_unix module. This allows
diff --git a/sys-auth/pambase/pambase-20190402.ebuild b/sys-auth/pambase/pambase-20190402.ebuild
deleted file mode 100644
index 3d85f49..0000000
--- a/sys-auth/pambase/pambase-20190402.ebuild
+++ /dev/null
@@ -1,87 +0,0 @@
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-DESCRIPTION="PAM base configuration files"
-HOMEPAGE="https://github.com/gentoo/pambase"
-SRC_URI="https://github.com/gentoo/pambase/archive/${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="*"
-IUSE="consolekit +cracklib debug elogind minimal mktemp +nullok pam_krb5 pam_ssh passwdqc securetty selinux +sha512 systemd"
-
-RESTRICT="binchecks"
-
-REQUIRED_USE="?? ( consolekit elogind systemd )"
-
-MIN_PAM_REQ=1.1.3
-
-RDEPEND="
- >=sys-libs/pam-${MIN_PAM_REQ}
- consolekit? ( sys-auth/consolekit[pam] )
- cracklib? ( sys-libs/pam[cracklib] )
- elogind? ( sys-auth/elogind[pam] )
- mktemp? ( sys-auth/pam_mktemp )
- pam_krb5? (
- >=sys-libs/pam-${MIN_PAM_REQ}
- sys-auth/pam_krb5
- )
- pam_ssh? ( sys-auth/pam_ssh )
- passwdqc? ( sys-auth/pam_passwdqc )
- selinux? ( sys-libs/pam[selinux] )
- sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )
- systemd? ( sys-apps/systemd[pam] )
-"
-DEPEND="
- app-arch/xz-utils
- app-portage/portage-utils
-"
-
-S="${WORKDIR}/${PN}-${P}"
-
-src_compile() {
- local implementation linux_pam_version
- if has_version sys-libs/pam; then
- implementation=linux-pam
- local ver_str=$(qatom $(best_version sys-libs/pam) | cut -d ' ' -f 3)
- linux_pam_version=$(printf "0x%02x%02x%02x" ${ver_str//\./ })
- elif has_version sys-auth/openpam; then
- implementation=openpam
- else
- die "PAM implementation not identified"
- fi
-
- use_var() {
- local varname=$(echo "$1" | tr '[:lower:]' '[:upper:]')
- local usename=${2-$(echo "$1" | tr '[:upper:]' '[:lower:]')}
- local varvalue=$(usex ${usename})
- echo "${varname}=${varvalue}"
- }
-
- emake \
- GIT=true \
- $(use_var debug) \
- $(use_var cracklib) \
- $(use_var passwdqc) \
- $(use_var consolekit) \
- $(use_var elogind) \
- $(use_var systemd) \
- $(use_var selinux) \
- $(use_var nullok) \
- $(use_var mktemp) \
- $(use_var pam_ssh) \
- $(use_var securetty) \
- $(use_var sha512) \
- $(use_var KRB5 pam_krb5) \
- $(use_var minimal) \
- IMPLEMENTATION=${implementation} \
- LINUX_PAM_VERSION=${linux_pam_version}
-}
-
-src_test() { :; }
-
-src_install() {
- emake GIT=true DESTDIR="${ED}" install
-}
diff --git a/sys-auth/pambase/pambase-20201103.ebuild b/sys-auth/pambase/pambase-20201103.ebuild
new file mode 100644
index 0000000..a5b9515
--- /dev/null
+++ b/sys-auth/pambase/pambase-20201103.ebuild
@@ -0,0 +1,100 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{6..9} )
+
+inherit pam python-any-r1 readme.gentoo-r1
+
+DESCRIPTION="PAM base configuration files"
+HOMEPAGE="https://github.com/gentoo/pambase"
+SRC_URI="https://github.com/gentoo/pambase/archive/${P}.tar.gz"
+
+LICENSE="MIT"
+SLOT="0"
+KEYWORDS="*"
+IUSE="caps debug elogind gnome-keyring minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 systemd"
+
+RESTRICT="binchecks"
+
+REQUIRED_USE="
+ ?? ( elogind systemd )
+ ?? ( passwdqc pwquality )
+ pwhistory? ( || ( passwdqc pwquality ) )
+"
+
+MIN_PAM_REQ=1.4.0
+
+RDEPEND="
+ >=sys-libs/pam-${MIN_PAM_REQ}
+ elogind? ( sys-auth/elogind[pam] )
+ gnome-keyring? ( gnome-base/gnome-keyring[pam] )
+ mktemp? ( sys-auth/pam_mktemp )
+ pam_krb5? (
+ >=sys-libs/pam-${MIN_PAM_REQ}
+ sys-auth/pam_krb5
+ )
+ caps? ( sys-libs/libcap[pam] )
+ pam_ssh? ( sys-auth/pam_ssh )
+ passwdqc? ( >=sys-auth/passwdqc-1.4.0-r1 )
+ pwquality? ( dev-libs/libpwquality[pam] )
+ selinux? ( sys-libs/pam[selinux] )
+ sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )
+ systemd? ( sys-apps/systemd[pam] )
+"
+
+BDEPEND="$(python_gen_any_dep '
+ dev-python/jinja[${PYTHON_USEDEP}]
+ ')"
+
+python_check_deps() {
+ has_version -b "dev-python/jinja[${PYTHON_USEDEP}]"
+}
+
+S="${WORKDIR}/${PN}-${P}"
+
+src_configure() {
+ ${EPYTHON} ./${PN}.py \
+ $(usex caps '--caps' '') \
+ $(usex debug '--debug' '') \
+ $(usex elogind '--elogind' '') \
+ $(usex gnome-keyring '--gnome-keyring' '') \
+ $(usex minimal '--minimal' '') \
+ $(usex mktemp '--mktemp' '') \
+ $(usex nullok '--nullok' '') \
+ $(usex pam_krb5 '--krb5' '') \
+ $(usex pam_ssh '--pam-ssh' '') \
+ $(usex passwdqc '--passwdqc' '') \
+ $(usex pwhistory '--pwhistory' '') \
+ $(usex pwquality '--pwquality' '') \
+ $(usex securetty '--securetty' '') \
+ $(usex selinux '--selinux' '') \
+ $(usex sha512 '--sha512' '') \
+ $(usex systemd '--systemd' '') \
+ || die
+}
+
+src_test() { :; }
+
+src_install() {
+ local DOC_CONTENTS
+
+ if use passwdqc; then
+ DOC_CONTENTS="To amend the existing password policy please see the man 5 passwdqc.conf
+ page and then edit the /etc/security/passwdqc.conf file"
+ fi
+
+ if use pwquality; then
+ DOC_CONTENTS="To amend the existing password policy please see the man 5 pwquality.conf
+ page and then edit the /etc/security/pwquality.conf file"
+ fi
+
+ { use passwdqc || use pwquality; } && readme.gentoo_create_doc
+
+ dopamd -r stack/.
+}
+
+pkg_postinst() {
+ { use passwdqc || use pwquality; } && readme.gentoo_print_elog
+}