Revert "pambase: upgraded package to upstream"
This reverts commit 2afce76179846c0d0701274f4d8848958290eecd.
Reason for revert: Validation tests cannot SSH to VMs
Change-Id: I51e12fcd74d8a7b7c7b0d11310dc46be9d6a179a
Reviewed-on: https://cos-review.googlesource.com/c/third_party/overlays/portage-stable/+/8642
Reviewed-by: Roy Yang <royyang@google.com>
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
diff --git a/metadata/md5-cache/sys-auth/pambase-20190402 b/metadata/md5-cache/sys-auth/pambase-20190402
new file mode 100644
index 0000000..2136120
--- /dev/null
+++ b/metadata/md5-cache/sys-auth/pambase-20190402
@@ -0,0 +1,14 @@
+DEFINED_PHASES=compile install test
+DEPEND=app-arch/xz-utils app-portage/portage-utils
+DESCRIPTION=PAM base configuration files
+EAPI=7
+HOMEPAGE=https://github.com/gentoo/pambase
+IUSE=consolekit +cracklib debug elogind minimal mktemp +nullok pam_krb5 pam_ssh passwdqc securetty selinux +sha512 systemd
+KEYWORDS=*
+LICENSE=GPL-2
+RDEPEND=>=sys-libs/pam-1.1.3 consolekit? ( sys-auth/consolekit[pam] ) cracklib? ( sys-libs/pam[cracklib] ) elogind? ( sys-auth/elogind[pam] ) mktemp? ( sys-auth/pam_mktemp ) pam_krb5? ( >=sys-libs/pam-1.1.3 sys-auth/pam_krb5 ) pam_ssh? ( sys-auth/pam_ssh ) passwdqc? ( sys-auth/pam_passwdqc ) selinux? ( sys-libs/pam[selinux] ) sha512? ( >=sys-libs/pam-1.1.3 ) systemd? ( sys-apps/systemd[pam] )
+REQUIRED_USE=?? ( consolekit elogind systemd )
+RESTRICT=binchecks
+SLOT=0
+SRC_URI=https://github.com/gentoo/pambase/archive/pambase-20190402.tar.gz
+_md5_=86b498f21a0ccd9c9275f84c930b32b9
diff --git a/metadata/md5-cache/sys-auth/pambase-20201103 b/metadata/md5-cache/sys-auth/pambase-20201103
deleted file mode 100644
index afbbd69..0000000
--- a/metadata/md5-cache/sys-auth/pambase-20201103
+++ /dev/null
@@ -1,15 +0,0 @@
-BDEPEND=|| ( ( dev-lang/python:3.9 dev-python/jinja[python_targets_python3_9(-),python_single_target_python3_9(+)] ) ( dev-lang/python:3.8 dev-python/jinja[python_targets_python3_8(-),python_single_target_python3_8(+)] ) ( dev-lang/python:3.7 dev-python/jinja[python_targets_python3_7(-),python_single_target_python3_7(+)] ) )
-DEFINED_PHASES=configure install postinst setup test
-DESCRIPTION=PAM base configuration files
-EAPI=7
-HOMEPAGE=https://github.com/gentoo/pambase
-IUSE=caps debug elogind gnome-keyring minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 systemd
-KEYWORDS=*
-LICENSE=MIT
-RDEPEND=>=sys-libs/pam-1.4.0 elogind? ( sys-auth/elogind[pam] ) gnome-keyring? ( gnome-base/gnome-keyring[pam] ) mktemp? ( sys-auth/pam_mktemp ) pam_krb5? ( >=sys-libs/pam-1.4.0 sys-auth/pam_krb5 ) caps? ( sys-libs/libcap[pam] ) pam_ssh? ( sys-auth/pam_ssh ) passwdqc? ( >=sys-auth/passwdqc-1.4.0-r1 ) pwquality? ( dev-libs/libpwquality[pam] ) selinux? ( sys-libs/pam[selinux] ) sha512? ( >=sys-libs/pam-1.4.0 ) systemd? ( sys-apps/systemd[pam] )
-REQUIRED_USE=?? ( elogind systemd ) ?? ( passwdqc pwquality ) pwhistory? ( || ( passwdqc pwquality ) )
-RESTRICT=binchecks
-SLOT=0
-SRC_URI=https://github.com/gentoo/pambase/archive/pambase-20201103.tar.gz
-_eclasses_=eutils 06133990e861be0fe60c2b428fd025d9 flag-o-matic 5d5921a298e95441da2f85be419894c0 multilib 2477ebe553d3e4d2c606191fe6c33602 pam 3f746974e1cc47cabe3bd488c08cdc8e python-any-r1 54a3178500786b0a7ede4a23b7f2a6ad python-utils-r1 157a6a7a3e99c7dbdf81acc9dd4f57cd readme.gentoo-r1 22ae82e140bdd95d17a34fd5fd733190 toolchain-funcs 605c126bed8d87e4378d5ff1645330cb
-_md5_=a6aed898b315c08428dc8e3f0b33755f
diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest
index 4f9960b..f09aab4 100644
--- a/sys-auth/pambase/Manifest
+++ b/sys-auth/pambase/Manifest
@@ -1 +1 @@
-DIST pambase-20201103.tar.gz 3295 BLAKE2B 7e104b5342842a21e10dce6e5c5a2d330ec06146b4791b888518463d915eebefbd694a809ff676b32c9c43945087935dc5c3496ae93ac17b7e4fd4e2e2974d1a SHA512 b94e47780f45c5e897b5fd073ce2184a901d241d51516ac5007658b1ae423d0f34c37a09a9e1d055962aa7158675ea7740dfe6466fad5e4a1b50b66a0812f51d
+DIST pambase-20190402.tar.gz 3679 BLAKE2B 992d7bf6b6f74ef22a8808b57dd6faffb6c351eaa8be4172f320031334ca6def698b2cb17005b58ac3c18e89a94012e279b0f27cc2bea5040ae8ddc3233cba2d SHA512 565d64653e9898b9bd231c1461ec0988a19dbc9500ff1417a7197ac75804abeb13ca543121ae4afb29017c1e99073a16137e5c876f43dcc01e2641218760f4ae
diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml
index 6b0d632..7c4208d 100644
--- a/sys-auth/pambase/metadata.xml
+++ b/sys-auth/pambase/metadata.xml
@@ -5,11 +5,18 @@
<email>zlogene@gentoo.org</email>
<name>Mikle Kolyada</name>
</maintainer>
- <maintainer type="person">
- <email>sam@gentoo.org</email>
- <name>Sam James</name>
- </maintainer>
<use>
+ <flag name="cracklib">
+ Enable pam_cracklib module on system authentication stack. This
+ produces warnings when changing password to something easily
+ crackable. It requires the same USE flag to be enabled on
+ <pkg>sys-libs/pam</pkg> or system login might be impossible.
+ </flag>
+ <flag name="consolekit">
+ Enable pam_ck_connector module on local system logins. This
+ allows for console logins to make use of ConsoleKit
+ authorization.
+ </flag>
<flag name="elogind">
Use pam_elogind module to register user sessions with elogind.
</flag>
@@ -24,19 +31,10 @@
</flag>
<flag name="passwdqc">
Enable pam_passwdqc module on system auth stack for password
- quality validation. This module produces warnings, rejecting
- or providing example passwords when changing your system password.
- It is used by default by OpenWall GNU/*/Linux and by FreeBSD.
- </flag>
- <flag name="pwhistory">
- Enable pam_pwhistory module on system auth stack to save
- the last passwords for each user in order to force password
- change history and keep the user from alternating between
- the same password too frequently.
- </flag>
- <flag name="pwquality">
- Enable pam_pwquality module on system auth stack for passwd
- quality validation. It is used be dafault by Fedora GNU/*/Linux.
+ quality validation. This is an alternative to pam_cracklib
+ producing warnings, rejecting or providing example passwords
+ when changing your system password. It is used by default by
+ OpenWall GNU/*/Linux and by FreeBSD.
</flag>
<flag name="mktemp">
Enable pam_mktemp module on system auth stack for session
@@ -73,10 +71,11 @@
</flag>
<flag name="minimal">
Disables the standard PAM modules that provide extra information
- to users on login; this includes pam_lastlog, pam_motd, pam_mail
- and other similar modules. This might not be a good idea on
- a multi-user system but could reduce slightly the overhead on
- single-user non-networked systems.
+ to users on login; this includes pam_tally (and pam_tally2 for
+ Linux PAM 1.1 and later), pam_lastlog, pam_motd and other
+ similar modules. This might not be a good idea on a multi-user
+ system but could reduce slightly the overhead on single-user
+ non-networked systems.
</flag>
<flag name="nullok">
Enable the nullok option with the pam_unix module. This allows
diff --git a/sys-auth/pambase/pambase-20190402.ebuild b/sys-auth/pambase/pambase-20190402.ebuild
new file mode 100644
index 0000000..3d85f49
--- /dev/null
+++ b/sys-auth/pambase/pambase-20190402.ebuild
@@ -0,0 +1,87 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+DESCRIPTION="PAM base configuration files"
+HOMEPAGE="https://github.com/gentoo/pambase"
+SRC_URI="https://github.com/gentoo/pambase/archive/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="*"
+IUSE="consolekit +cracklib debug elogind minimal mktemp +nullok pam_krb5 pam_ssh passwdqc securetty selinux +sha512 systemd"
+
+RESTRICT="binchecks"
+
+REQUIRED_USE="?? ( consolekit elogind systemd )"
+
+MIN_PAM_REQ=1.1.3
+
+RDEPEND="
+ >=sys-libs/pam-${MIN_PAM_REQ}
+ consolekit? ( sys-auth/consolekit[pam] )
+ cracklib? ( sys-libs/pam[cracklib] )
+ elogind? ( sys-auth/elogind[pam] )
+ mktemp? ( sys-auth/pam_mktemp )
+ pam_krb5? (
+ >=sys-libs/pam-${MIN_PAM_REQ}
+ sys-auth/pam_krb5
+ )
+ pam_ssh? ( sys-auth/pam_ssh )
+ passwdqc? ( sys-auth/pam_passwdqc )
+ selinux? ( sys-libs/pam[selinux] )
+ sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )
+ systemd? ( sys-apps/systemd[pam] )
+"
+DEPEND="
+ app-arch/xz-utils
+ app-portage/portage-utils
+"
+
+S="${WORKDIR}/${PN}-${P}"
+
+src_compile() {
+ local implementation linux_pam_version
+ if has_version sys-libs/pam; then
+ implementation=linux-pam
+ local ver_str=$(qatom $(best_version sys-libs/pam) | cut -d ' ' -f 3)
+ linux_pam_version=$(printf "0x%02x%02x%02x" ${ver_str//\./ })
+ elif has_version sys-auth/openpam; then
+ implementation=openpam
+ else
+ die "PAM implementation not identified"
+ fi
+
+ use_var() {
+ local varname=$(echo "$1" | tr '[:lower:]' '[:upper:]')
+ local usename=${2-$(echo "$1" | tr '[:upper:]' '[:lower:]')}
+ local varvalue=$(usex ${usename})
+ echo "${varname}=${varvalue}"
+ }
+
+ emake \
+ GIT=true \
+ $(use_var debug) \
+ $(use_var cracklib) \
+ $(use_var passwdqc) \
+ $(use_var consolekit) \
+ $(use_var elogind) \
+ $(use_var systemd) \
+ $(use_var selinux) \
+ $(use_var nullok) \
+ $(use_var mktemp) \
+ $(use_var pam_ssh) \
+ $(use_var securetty) \
+ $(use_var sha512) \
+ $(use_var KRB5 pam_krb5) \
+ $(use_var minimal) \
+ IMPLEMENTATION=${implementation} \
+ LINUX_PAM_VERSION=${linux_pam_version}
+}
+
+src_test() { :; }
+
+src_install() {
+ emake GIT=true DESTDIR="${ED}" install
+}
diff --git a/sys-auth/pambase/pambase-20201103.ebuild b/sys-auth/pambase/pambase-20201103.ebuild
deleted file mode 100644
index a5b9515..0000000
--- a/sys-auth/pambase/pambase-20201103.ebuild
+++ /dev/null
@@ -1,100 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{6..9} )
-
-inherit pam python-any-r1 readme.gentoo-r1
-
-DESCRIPTION="PAM base configuration files"
-HOMEPAGE="https://github.com/gentoo/pambase"
-SRC_URI="https://github.com/gentoo/pambase/archive/${P}.tar.gz"
-
-LICENSE="MIT"
-SLOT="0"
-KEYWORDS="*"
-IUSE="caps debug elogind gnome-keyring minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 systemd"
-
-RESTRICT="binchecks"
-
-REQUIRED_USE="
- ?? ( elogind systemd )
- ?? ( passwdqc pwquality )
- pwhistory? ( || ( passwdqc pwquality ) )
-"
-
-MIN_PAM_REQ=1.4.0
-
-RDEPEND="
- >=sys-libs/pam-${MIN_PAM_REQ}
- elogind? ( sys-auth/elogind[pam] )
- gnome-keyring? ( gnome-base/gnome-keyring[pam] )
- mktemp? ( sys-auth/pam_mktemp )
- pam_krb5? (
- >=sys-libs/pam-${MIN_PAM_REQ}
- sys-auth/pam_krb5
- )
- caps? ( sys-libs/libcap[pam] )
- pam_ssh? ( sys-auth/pam_ssh )
- passwdqc? ( >=sys-auth/passwdqc-1.4.0-r1 )
- pwquality? ( dev-libs/libpwquality[pam] )
- selinux? ( sys-libs/pam[selinux] )
- sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )
- systemd? ( sys-apps/systemd[pam] )
-"
-
-BDEPEND="$(python_gen_any_dep '
- dev-python/jinja[${PYTHON_USEDEP}]
- ')"
-
-python_check_deps() {
- has_version -b "dev-python/jinja[${PYTHON_USEDEP}]"
-}
-
-S="${WORKDIR}/${PN}-${P}"
-
-src_configure() {
- ${EPYTHON} ./${PN}.py \
- $(usex caps '--caps' '') \
- $(usex debug '--debug' '') \
- $(usex elogind '--elogind' '') \
- $(usex gnome-keyring '--gnome-keyring' '') \
- $(usex minimal '--minimal' '') \
- $(usex mktemp '--mktemp' '') \
- $(usex nullok '--nullok' '') \
- $(usex pam_krb5 '--krb5' '') \
- $(usex pam_ssh '--pam-ssh' '') \
- $(usex passwdqc '--passwdqc' '') \
- $(usex pwhistory '--pwhistory' '') \
- $(usex pwquality '--pwquality' '') \
- $(usex securetty '--securetty' '') \
- $(usex selinux '--selinux' '') \
- $(usex sha512 '--sha512' '') \
- $(usex systemd '--systemd' '') \
- || die
-}
-
-src_test() { :; }
-
-src_install() {
- local DOC_CONTENTS
-
- if use passwdqc; then
- DOC_CONTENTS="To amend the existing password policy please see the man 5 passwdqc.conf
- page and then edit the /etc/security/passwdqc.conf file"
- fi
-
- if use pwquality; then
- DOC_CONTENTS="To amend the existing password policy please see the man 5 pwquality.conf
- page and then edit the /etc/security/pwquality.conf file"
- fi
-
- { use passwdqc || use pwquality; } && readme.gentoo_create_doc
-
- dopamd -r stack/.
-}
-
-pkg_postinst() {
- { use passwdqc || use pwquality; } && readme.gentoo_print_elog
-}