Add tizen patches to pam

Also enforce the build of the pam module in the image recipe. This might not be necessary, if that's the case, please remove it. Change-Id: I21aa5d6c8a4742cd90f793052b7b55dda414eecc Signed-off-by: Kévin THIERRY <kevin.thierry@open.eurogiciel.org>
author: Kévin THIERRY <kevin.thierry@open.eurogiciel.org> 2014-05-22 18:33:01 +0200
committer: Kévin THIERRY <kevin.thierry@open.eurogiciel.org> 2014-05-22 09:36:32 -0700
commit: f4a36b3ca8e89f4bff8f7bb881ffa43c248f0581 (patch)
tree: a1fed30886b8c6e6a874c26bf3b07f391da78c1d /recipes-extended
parent: 8d9be3c6e8080a58e7000240df34b4b09e60bc86 (diff)
download: meta-tizen-f4a36b3ca8e89f4bff8f7bb881ffa43c248f0581.tar.gz
meta-tizen-f4a36b3ca8e89f4bff8f7bb881ffa43c248f0581.tar.bz2
meta-tizen-f4a36b3ca8e89f4bff8f7bb881ffa43c248f0581.zip
23 files changed, 1199 insertions, 0 deletions
diff --git a/recipes-extended/pam/libpam/0001-add-packaging.patch b/recipes-extended/pam/libpam/0001-add-packaging.patch
new file mode 100644
index 00000000..7c1423ee
--- /dev/null
+++ b/recipes-extended/pam/libpam/0001-add-packaging.patch
@@ -0,0 +1,247 @@
+From ad470da426563b3de0d99e02efec02b5e65ee30a Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Tue, 6 Nov 2012 22:56:58 -0800
+Subject: [PATCH 01/20] add packaging
+
+---
+ packaging/pam-fix-includes.patch |  25 +++++
+ packaging/pam.spec               | 195 +++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 220 insertions(+)
+ create mode 100644 packaging/pam-fix-includes.patch
+ create mode 100644 packaging/pam.spec
+
+diff --git a/packaging/pam-fix-includes.patch b/packaging/pam-fix-includes.patch
+new file mode 100644
+index 0000000..99c5fc8
+--- /dev/null
++++ b/packaging/pam-fix-includes.patch
+@@ -0,0 +1,25 @@
++Index: Linux-PAM-1.1.5/modules/pam_unix/pam_unix_acct.c
++===================================================================
++--- Linux-PAM-1.1.5.orig/modules/pam_unix/pam_unix_acct.c
+++++ Linux-PAM-1.1.5/modules/pam_unix/pam_unix_acct.c
++@@ -47,6 +47,8 @@
++ #include <time.h>		/* for time() */
++ #include <errno.h>
++ #include <sys/wait.h>
+++#include <sys/time.h>
+++#include <sys/resource.h>
++ 
++ #include <security/_pam_macros.h>
++ 
++Index: Linux-PAM-1.1.5/modules/pam_unix/pam_unix_passwd.c
++===================================================================
++--- Linux-PAM-1.1.5.orig/modules/pam_unix/pam_unix_passwd.c
+++++ Linux-PAM-1.1.5/modules/pam_unix/pam_unix_passwd.c
++@@ -54,6 +54,7 @@
++ #include <ctype.h>
++ #include <sys/time.h>
++ #include <sys/stat.h>
+++#include <sys/resource.h>
++ 
++ #include <signal.h>
++ #include <errno.h>
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+new file mode 100644
+index 0000000..c5dda90
+--- /dev/null
++++ b/packaging/pam.spec
+@@ -0,0 +1,195 @@
++%define _sbindir /sbin
++%define _moduledir %{_libdir}/security
++%define _secconfdir %{_sysconfdir}/security
++%define _pamconfdir %{_sysconfdir}/pam.d
++
++Name:           pam
++Version:        1.1.5
++Release:        1
++License:        BSD and GPLv2+ and BSD with advertising
++Summary:        PAM
++Url:            http://www.linux-pam.org/
++Group:          System/Base
++Source0:        %{name}-%{version}.tar.bz2
++Source1:        system-auth
++Source2:        other
++Source1001:     %{name}.manifest
++Patch0:         pam-fix-includes.patch
++
++BuildRequires:  autoconf,
++BuildRequires:  automake,
++BuildRequires:  bison
++BuildRequires:  db4-devel
++BuildRequires:  flex
++BuildRequires:  gcc
++BuildRequires:  libtool
++BuildRequires:  net-tools
++BuildRequires:  zlib-devel
++Requires(post): /sbin/ldconfig
++Requires(post): /usr/bin/install
++Requires(postun): /sbin/ldconfig
++
++%description
++PAM (Pluggable Authentication Modules) is a system security tool that
++allows system administrators to set authentication policy without
++having to recompile programs that handle authentication.
++
++%package -n pam-modules-extra
++Summary:        Extra modules provided by PAM not used in the base system
++Group:          System/Base
++Requires:       pam = %{version}
++
++%description -n pam-modules-extra
++PAM (Pluggable Authentication Modules) is a system security tool that
++allows system administrators to set authentication policy without
++having to recompile programs that handle authentication. This package
++contains extra modules for use by programs that are not used in the
++default Tizen install.
++
++%package devel
++Summary:        Files needed for developing PAM-aware applications and modules for PAM
++Group:          Development/Libraries
++Requires:       pam = %{version}
++
++%description devel
++PAM (Pluggable Authentication Modules) is a system security tool that
++allows system administrators to set authentication policy without
++having to recompile programs that handle authentication. This package
++contains header files and static libraries used for building both
++PAM-aware applications and modules for use with PAM.
++
++%prep
++%setup -q
++%patch0 -p1
++
++libtoolize -f #--copy --force && aclocal && autoheader
++autoreconf
++
++%build
++cp %{SOURCE1001} .
++CFLAGS="-fPIC %{optflags} " ; export CFLAGS
++
++%configure \
++        --libdir=%{_libdir} \
++        --includedir=%{_includedir}/security \
++        --enable-isadir=../..%{_moduledir} \
++        --disable-audit \
++        --disable-nls \
++        --with-db-uniquename=_pam \
++        --with-libiconv-prefix=/usr \
++        --enable-read-both-confs &&
++
++make %{?_smp_flags} CFLAGS="$CFLAGS -lfl -lcrypt"
++
++%install
++%make_install
++
++# RPM uses docs from source tree
++rm -rf %{buildroot}%{_datadir}/doc/Linux-PAM
++# Included in setup package
++rm -f %{buildroot}%{_sysconfdir}/environment
++
++for phase in auth acct passwd session ; do
++	ln -sf pam_unix.so %{buildroot}%{_moduledir}/pam_unix_${phase}.so
++done
++
++# Install default pam configuration files
++install -d -m 0755 %{buildroot}%{_pamconfdir}
++install -m 0644 %{SOURCE1} %{buildroot}%{_pamconfdir}/
++install -m 0644 %{SOURCE2} %{buildroot}%{_pamconfdir}/
++
++%post
++/sbin/ldconfig
++if [ ! -a /var/log/faillog ] ; then
++	/usr/bin/install -m 600 /dev/null /var/log/faillog
++fi
++if [ ! -a /var/log/tallylog ] ; then
++	/usr/bin/install -m 600 /dev/null /var/log/tallylog
++fi
++
++%postun -p /sbin/ldconfig
++
++
++%files
++%manifest pam.manifest
++%doc Copyright
++%{_sbindir}/pam_tally
++%{_sbindir}/pam_tally2
++%attr(4755,root,root) %{_sbindir}/pam_timestamp_check
++%attr(4755,root,root) %{_sbindir}/unix_chkpwd
++%attr(0700,root,root) %{_sbindir}/unix_update
++%attr(0755,root,root) %{_sbindir}/mkhomedir_helper
++%{_sysconfdir}/security/limits.conf
++%{_libdir}/libpam.so.*
++%{_libdir}/libpam_misc.so.*
++%{_libdir}/libpamc.so.*
++%dir %{_moduledir}
++%{_moduledir}/pam_deny.so
++%{_moduledir}/pam_env.so
++%{_moduledir}/pam_keyinit.so
++%{_moduledir}/pam_limits.so
++%{_moduledir}/pam_loginuid.so
++%{_moduledir}/pam_namespace.so
++%{_moduledir}/pam_nologin.so
++%{_moduledir}/pam_permit.so
++%{_moduledir}/pam_lastlog.so
++%{_moduledir}/pam_rootok.so
++%{_moduledir}/pam_securetty.so
++%{_moduledir}/pam_succeed_if.so
++%{_moduledir}/pam_unix.so
++%{_moduledir}/pam_wheel.so
++%{_moduledir}/pam_xauth.so
++%{_moduledir}/pam_filter
++%dir %{_secconfdir}
++%config(noreplace) %{_secconfdir}/access.conf
++%config(noreplace) %{_secconfdir}/group.conf
++%config(noreplace) %{_secconfdir}/namespace.conf
++#%dir %{_secconfdir}/namespace.d
++%attr(755,root,root) %config(noreplace) %{_secconfdir}/namespace.init
++%config(noreplace) %{_secconfdir}/pam_env.conf
++%config(noreplace) %{_secconfdir}/time.conf
++%dir %{_pamconfdir}
++%{_pamconfdir}/system-auth
++%{_pamconfdir}/other
++
++%files -n pam-modules-extra
++%manifest pam.manifest
++%{_moduledir}/pam_access.so
++%{_moduledir}/pam_debug.so
++%{_moduledir}/pam_echo.so
++%{_moduledir}/pam_exec.so
++%{_moduledir}/pam_faildelay.so
++%{_moduledir}/pam_filter.so
++%{_moduledir}/pam_ftp.so
++%{_moduledir}/pam_group.so
++%{_moduledir}/pam_issue.so
++%{_moduledir}/pam_listfile.so
++%{_moduledir}/pam_localuser.so
++%{_moduledir}/pam_mail.so
++%{_moduledir}/pam_mkhomedir.so
++%{_moduledir}/pam_motd.so
++%{_moduledir}/pam_pwhistory.so
++%{_moduledir}/pam_rhosts.so
++%{_moduledir}/pam_shells.so
++%{_moduledir}/pam_stress.so
++%{_moduledir}/pam_tally.so
++%{_moduledir}/pam_time.so
++%{_moduledir}/pam_timestamp.so
++%{_moduledir}/pam_umask.so
++%{_moduledir}/pam_unix_acct.so
++%{_moduledir}/pam_unix_auth.so
++%{_moduledir}/pam_unix_passwd.so
++%{_moduledir}/pam_unix_session.so
++%{_moduledir}/pam_warn.so
++
++%files devel
++%manifest pam.manifest
++%{_includedir}/security/*
++%doc %{_mandir}/man3/*
++%doc %{_mandir}/man5/*
++%doc %{_mandir}/man8/*
++%{_libdir}/libpam.so
++%{_libdir}/libpam_misc.so
++%{_libdir}/libpamc.so
++%{_libdir}/security/pam_tally2.so
++
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0002-fix-includes.patch b/recipes-extended/pam/libpam/0002-fix-includes.patch
new file mode 100644
index 00000000..8c5727c9
--- /dev/null
+++ b/recipes-extended/pam/libpam/0002-fix-includes.patch
@@ -0,0 +1,38 @@
+From fa9915be1e26c3fb68ce0861ce2cba200f336fed Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Wed, 7 Nov 2012 20:03:07 -0800
+Subject: [PATCH 02/20] fix includes
+
+---
+ modules/pam_unix/pam_unix_acct.c   | 2 ++
+ modules/pam_unix/pam_unix_passwd.c | 1 +
+ 2 files changed, 3 insertions(+)
+
+diff --git a/modules/pam_unix/pam_unix_acct.c b/modules/pam_unix/pam_unix_acct.c
+index 4a362f8..9b56bbd 100644
+--- a/modules/pam_unix/pam_unix_acct.c
++++ b/modules/pam_unix/pam_unix_acct.c
+@@ -48,6 +48,8 @@
+ #include <time.h>		/* for time() */
+ #include <errno.h>
+ #include <sys/wait.h>
++#include <sys/time.h>
++#include <sys/resource.h>
+ 
+ #include <security/_pam_macros.h>
+ 
+diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
+index 9e1302d..e4b7629 100644
+--- a/modules/pam_unix/pam_unix_passwd.c
++++ b/modules/pam_unix/pam_unix_passwd.c
+@@ -54,6 +54,7 @@
+ #include <ctype.h>
+ #include <sys/time.h>
+ #include <sys/stat.h>
++#include <sys/resource.h>
+ 
+ #include <signal.h>
+ #include <errno.h>
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0003-add-missing-files.patch b/recipes-extended/pam/libpam/0003-add-missing-files.patch
new file mode 100644
index 00000000..a5f2cf52
--- /dev/null
+++ b/recipes-extended/pam/libpam/0003-add-missing-files.patch
@@ -0,0 +1,65 @@
+From 24daff79d8e50a65906e3a37d20d6a340421309f Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Wed, 7 Nov 2012 20:04:22 -0800
+Subject: [PATCH 03/20] add missing files
+
+---
+ packaging/pam-fix-includes.patch | 25 -------------------------
+ packaging/pam.spec               |  2 --
+ 2 files changed, 27 deletions(-)
+ delete mode 100644 packaging/pam-fix-includes.patch
+
+diff --git a/packaging/pam-fix-includes.patch b/packaging/pam-fix-includes.patch
+deleted file mode 100644
+index 99c5fc8..0000000
+--- a/packaging/pam-fix-includes.patch
++++ /dev/null
+@@ -1,25 +0,0 @@
+-Index: Linux-PAM-1.1.5/modules/pam_unix/pam_unix_acct.c
+-===================================================================
+---- Linux-PAM-1.1.5.orig/modules/pam_unix/pam_unix_acct.c
+-+++ Linux-PAM-1.1.5/modules/pam_unix/pam_unix_acct.c
+-@@ -47,6 +47,8 @@
+- #include <time.h>		/* for time() */
+- #include <errno.h>
+- #include <sys/wait.h>
+-+#include <sys/time.h>
+-+#include <sys/resource.h>
+- 
+- #include <security/_pam_macros.h>
+- 
+-Index: Linux-PAM-1.1.5/modules/pam_unix/pam_unix_passwd.c
+-===================================================================
+---- Linux-PAM-1.1.5.orig/modules/pam_unix/pam_unix_passwd.c
+-+++ Linux-PAM-1.1.5/modules/pam_unix/pam_unix_passwd.c
+-@@ -54,6 +54,7 @@
+- #include <ctype.h>
+- #include <sys/time.h>
+- #include <sys/stat.h>
+-+#include <sys/resource.h>
+- 
+- #include <signal.h>
+- #include <errno.h>
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+index c5dda90..8cf314e 100644
+--- a/packaging/pam.spec
++++ b/packaging/pam.spec
+@@ -14,7 +14,6 @@ Source0:        %{name}-%{version}.tar.bz2
+ Source1:        system-auth
+ Source2:        other
+ Source1001:     %{name}.manifest
+-Patch0:         pam-fix-includes.patch
+ 
+ BuildRequires:  autoconf,
+ BuildRequires:  automake,
+@@ -60,7 +59,6 @@ PAM-aware applications and modules for use with PAM.
+ 
+ %prep
+ %setup -q
+-%patch0 -p1
+ 
+ libtoolize -f #--copy --force && aclocal && autoheader
+ autoreconf
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0004-Update-to-1.1.6.patch b/recipes-extended/pam/libpam/0004-Update-to-1.1.6.patch
new file mode 100644
index 00000000..5980c577
--- /dev/null
+++ b/recipes-extended/pam/libpam/0004-Update-to-1.1.6.patch
@@ -0,0 +1,111 @@
+From c4d409a068d570560ba92375d26702588324c3d3 Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Fri, 11 Jan 2013 21:45:07 -0800
+Subject: [PATCH 04/20] Update to 1.1.6
+
+---
+ packaging/other       |  5 +++++
+ packaging/pam.spec    | 15 +++++----------
+ packaging/system-auth | 17 +++++++++++++++++
+ 3 files changed, 27 insertions(+), 10 deletions(-)
+ create mode 100644 packaging/other
+ create mode 100644 packaging/system-auth
+
+diff --git a/packaging/other b/packaging/other
+new file mode 100644
+index 0000000..50c6e52
+--- /dev/null
++++ b/packaging/other
+@@ -0,0 +1,5 @@
++#%PAM-1.0
++auth       required   pam_deny.so
++account    required   pam_deny.so
++password   required   pam_deny.so
++session    required   pam_deny.so
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+index 8cf314e..1ea9180 100644
+--- a/packaging/pam.spec
++++ b/packaging/pam.spec
+@@ -4,16 +4,15 @@
+ %define _pamconfdir %{_sysconfdir}/pam.d
+ 
+ Name:           pam
+-Version:        1.1.5
++Version:        1.1.6
+ Release:        1
+ License:        BSD and GPLv2+ and BSD with advertising
+ Summary:        PAM
+ Url:            http://www.linux-pam.org/
+ Group:          System/Base
+-Source0:        %{name}-%{version}.tar.bz2
++Source0:        Linux-PAM-%{version}.tar.bz2
+ Source1:        system-auth
+ Source2:        other
+-Source1001:     %{name}.manifest
+ 
+ BuildRequires:  autoconf,
+ BuildRequires:  automake,
+@@ -58,13 +57,12 @@ contains header files and static libraries used for building both
+ PAM-aware applications and modules for use with PAM.
+ 
+ %prep
+-%setup -q
++%setup -q -n Linux-PAM-%{version}
+ 
+ libtoolize -f #--copy --force && aclocal && autoheader
+ autoreconf
+ 
+ %build
+-cp %{SOURCE1001} .
+ CFLAGS="-fPIC %{optflags} " ; export CFLAGS
+ 
+ %configure \
+@@ -109,8 +107,7 @@ fi
+ 
+ 
+ %files
+-%manifest pam.manifest
+-%doc Copyright
++%license Copyright
+ %{_sbindir}/pam_tally
+ %{_sbindir}/pam_tally2
+ %attr(4755,root,root) %{_sbindir}/pam_timestamp_check
+@@ -183,11 +180,9 @@ fi
+ %files devel
+ %manifest pam.manifest
+ %{_includedir}/security/*
+-%doc %{_mandir}/man3/*
+-%doc %{_mandir}/man5/*
+-%doc %{_mandir}/man8/*
+ %{_libdir}/libpam.so
+ %{_libdir}/libpam_misc.so
+ %{_libdir}/libpamc.so
+ %{_libdir}/security/pam_tally2.so
+ 
++%docs_package
+diff --git a/packaging/system-auth b/packaging/system-auth
+new file mode 100644
+index 0000000..44a1011
+--- /dev/null
++++ b/packaging/system-auth
+@@ -0,0 +1,17 @@
++#%PAM-1.0
++auth        required      pam_env.so
++auth        sufficient    pam_unix.so try_first_pass nullok
++auth        required      pam_deny.so
++
++account     required      pam_unix.so
++
++# cracklib is disabled in the build.
++# password    required      pam_cracklib.so try_first_pass retry=3 type=
++password    sufficient    pam_unix.so try_first_pass nullok sha512 shadow
++password    required      pam_deny.so
++
++session     optional      pam_keyinit.so revoke
++session     optional      pam_systemd.so
++session     required      pam_limits.so
++session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
++session     required      pam_unix.so
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0005-add-missing-DESTDIR.patch b/recipes-extended/pam/libpam/0005-add-missing-DESTDIR.patch
new file mode 100644
index 00000000..ac52393e
--- /dev/null
+++ b/recipes-extended/pam/libpam/0005-add-missing-DESTDIR.patch
@@ -0,0 +1,39 @@
+From 7b192f8b21862b41fe36d1625b6894c7e3df5b79 Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Fri, 11 Jan 2013 21:52:03 -0800
+Subject: [PATCH 05/20] add missing DESTDIR
+
+---
+ modules/pam_namespace/Makefile.am | 2 +-
+ modules/pam_sepermit/Makefile.am  | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/modules/pam_namespace/Makefile.am b/modules/pam_namespace/Makefile.am
+index a28f196..ebb00f3 100644
+--- a/modules/pam_namespace/Makefile.am
++++ b/modules/pam_namespace/Makefile.am
+@@ -40,7 +40,7 @@ if HAVE_UNSHARE
+   secureconf_SCRIPTS = namespace.init
+ 
+ install-data-local:
+-	mkdir -p $(namespaceddir)
++	mkdir -p $(DESTDIR)$(namespaceddir)
+ endif
+ 
+ 
+diff --git a/modules/pam_sepermit/Makefile.am b/modules/pam_sepermit/Makefile.am
+index cfc5594..bc82275 100644
+--- a/modules/pam_sepermit/Makefile.am
++++ b/modules/pam_sepermit/Makefile.am
+@@ -35,7 +35,7 @@ if HAVE_LIBSELINUX
+   securelib_LTLIBRARIES = pam_sepermit.la
+ 
+ install-data-local:
+-	mkdir -p $(sepermitlockdir)
++	mkdir -p $(DESTDIR)$(sepermitlockdir)
+ endif
+ if ENABLE_REGENERATE_MAN
+ noinst_DATA = README pam_sepermit.8 sepermit.conf.5
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0006-Update-to-1.1.6.patch b/recipes-extended/pam/libpam/0006-Update-to-1.1.6.patch
new file mode 100644
index 00000000..6417f24a
--- /dev/null
+++ b/recipes-extended/pam/libpam/0006-Update-to-1.1.6.patch
@@ -0,0 +1,22 @@
+From 75fb8705a8675295843e397030dc1b8d4dcde536 Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Fri, 11 Jan 2013 21:53:43 -0800
+Subject: [PATCH 06/20] Update to 1.1.6
+
+---
+ packaging/pam.changes | 3 +++
+ 1 file changed, 3 insertions(+)
+ create mode 100644 packaging/pam.changes
+
+diff --git a/packaging/pam.changes b/packaging/pam.changes
+new file mode 100644
+index 0000000..3390f5f
+--- /dev/null
++++ b/packaging/pam.changes
+@@ -0,0 +1,3 @@
++* Fri Jan 11 2013 Anas Nashif <anas.nashif@intel.com> upstream/1.1.6@7b192f8
++- Update to 1.1.6
++
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0007-Move-pam_mkhomedir.so-to-main-package-systemd-needs-.patch b/recipes-extended/pam/libpam/0007-Move-pam_mkhomedir.so-to-main-package-systemd-needs-.patch
new file mode 100644
index 00000000..d6863c2d
--- /dev/null
+++ b/recipes-extended/pam/libpam/0007-Move-pam_mkhomedir.so-to-main-package-systemd-needs-.patch
@@ -0,0 +1,55 @@
+From d35f12c684d5b12dee1960a7803824bba9a676bd Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Wed, 16 Jan 2013 16:24:16 -0800
+Subject: [PATCH 07/20] Move pam_mkhomedir.so to main package, systemd needs it
+
+---
+ packaging/pam.changes | 3 +++
+ packaging/pam.spec    | 6 +++---
+ 2 files changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/packaging/pam.changes b/packaging/pam.changes
+index 3390f5f..c2fbe90 100644
+--- a/packaging/pam.changes
++++ b/packaging/pam.changes
+@@ -1,3 +1,6 @@
++* Wed Jan 16 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130112.055406@75fb870
++- Move pam_mkhomedir.so to main package, systemd needs it
++
+ * Fri Jan 11 2013 Anas Nashif <anas.nashif@intel.com> upstream/1.1.6@7b192f8
+ - Update to 1.1.6
+ 
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+index 1ea9180..a6ddc34 100644
+--- a/packaging/pam.spec
++++ b/packaging/pam.spec
+@@ -14,8 +14,8 @@ Source0:        Linux-PAM-%{version}.tar.bz2
+ Source1:        system-auth
+ Source2:        other
+ 
+-BuildRequires:  autoconf,
+-BuildRequires:  automake,
++BuildRequires:  autoconf
++BuildRequires:  automake
+ BuildRequires:  bison
+ BuildRequires:  db4-devel
+ BuildRequires:  flex
+@@ -135,6 +135,7 @@ fi
+ %{_moduledir}/pam_wheel.so
+ %{_moduledir}/pam_xauth.so
+ %{_moduledir}/pam_filter
++%{_moduledir}/pam_mkhomedir.so
+ %dir %{_secconfdir}
+ %config(noreplace) %{_secconfdir}/access.conf
+ %config(noreplace) %{_secconfdir}/group.conf
+@@ -161,7 +162,6 @@ fi
+ %{_moduledir}/pam_listfile.so
+ %{_moduledir}/pam_localuser.so
+ %{_moduledir}/pam_mail.so
+-%{_moduledir}/pam_mkhomedir.so
+ %{_moduledir}/pam_motd.so
+ %{_moduledir}/pam_pwhistory.so
+ %{_moduledir}/pam_rhosts.so
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0008-remove-manifest-macro.patch b/recipes-extended/pam/libpam/0008-remove-manifest-macro.patch
new file mode 100644
index 00000000..9ecc0136
--- /dev/null
+++ b/recipes-extended/pam/libpam/0008-remove-manifest-macro.patch
@@ -0,0 +1,24 @@
+From 58ebf98fb7abdc126169c48a5606c448ecfc8270 Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Sat, 2 Feb 2013 17:25:21 -0800
+Subject: [PATCH 08/20] remove manifest macro
+
+---
+ packaging/pam.spec | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+index a6ddc34..0d8aebe 100644
+--- a/packaging/pam.spec
++++ b/packaging/pam.spec
+@@ -149,7 +149,6 @@ fi
+ %{_pamconfdir}/other
+ 
+ %files -n pam-modules-extra
+-%manifest pam.manifest
+ %{_moduledir}/pam_access.so
+ %{_moduledir}/pam_debug.so
+ %{_moduledir}/pam_echo.so
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0009-remove-manifest-macro.patch b/recipes-extended/pam/libpam/0009-remove-manifest-macro.patch
new file mode 100644
index 00000000..0c288578
--- /dev/null
+++ b/recipes-extended/pam/libpam/0009-remove-manifest-macro.patch
@@ -0,0 +1,23 @@
+From 821a95223a0c2f22e43dc01423dc2fb4352e4293 Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Sat, 2 Feb 2013 17:25:33 -0800
+Subject: [PATCH 09/20] remove manifest macro
+
+---
+ packaging/pam.changes | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/packaging/pam.changes b/packaging/pam.changes
+index c2fbe90..d23bfa3 100644
+--- a/packaging/pam.changes
++++ b/packaging/pam.changes
+@@ -1,3 +1,6 @@
++* Sat Feb 02 2013 Anas Nashif <anas.nashif@intel.com> accepted/trunk/20130117.013515@58ebf98
++- remove manifest macro
++
+ * Wed Jan 16 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130112.055406@75fb870
+ - Move pam_mkhomedir.so to main package, systemd needs it
+ 
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0010-remove-manifest.patch b/recipes-extended/pam/libpam/0010-remove-manifest.patch
new file mode 100644
index 00000000..e55ee722
--- /dev/null
+++ b/recipes-extended/pam/libpam/0010-remove-manifest.patch
@@ -0,0 +1,24 @@
+From 3b802af3505daec915c7c740b83a9d388a64015d Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Sat, 2 Feb 2013 17:33:53 -0800
+Subject: [PATCH 10/20] remove manifest
+
+---
+ packaging/pam.spec | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+index 0d8aebe..6ef0aad 100644
+--- a/packaging/pam.spec
++++ b/packaging/pam.spec
+@@ -177,7 +177,6 @@ fi
+ %{_moduledir}/pam_warn.so
+ 
+ %files devel
+-%manifest pam.manifest
+ %{_includedir}/security/*
+ %{_libdir}/libpam.so
+ %{_libdir}/libpam_misc.so
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0011-remove-non-existant-manifest-macro.patch b/recipes-extended/pam/libpam/0011-remove-non-existant-manifest-macro.patch
new file mode 100644
index 00000000..f2d8b7c4
--- /dev/null
+++ b/recipes-extended/pam/libpam/0011-remove-non-existant-manifest-macro.patch
@@ -0,0 +1,23 @@
+From 0bf5af91e99d30942ea89172f0aa3dfda19691f7 Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Sat, 2 Feb 2013 17:34:13 -0800
+Subject: [PATCH 11/20] remove non-existant manifest macro
+
+---
+ packaging/pam.changes | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/packaging/pam.changes b/packaging/pam.changes
+index d23bfa3..eedb6cb 100644
+--- a/packaging/pam.changes
++++ b/packaging/pam.changes
+@@ -1,3 +1,6 @@
++* Sat Feb 02 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130203.012535@3b802af
++- remove non-existant manifest macro
++
+ * Sat Feb 02 2013 Anas Nashif <anas.nashif@intel.com> accepted/trunk/20130117.013515@58ebf98
+ - remove manifest macro
+ 
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0012-Add-multi-lib-support.patch b/recipes-extended/pam/libpam/0012-Add-multi-lib-support.patch
new file mode 100644
index 00000000..27adb2d4
--- /dev/null
+++ b/recipes-extended/pam/libpam/0012-Add-multi-lib-support.patch
@@ -0,0 +1,21 @@
+From f3ed55fb93f9413a03190a2e950707e874919c2e Mon Sep 17 00:00:00 2001
+From: Patrick McCarty <patrick.mccarty@linux.intel.com>
+Date: Tue, 5 Feb 2013 17:03:12 -0800
+Subject: [PATCH 12/20] Add multi-lib support
+
+Change-Id: Ie3f00a4319e7beb2be15236b725ca5cd3f57ce87
+---
+ packaging/baselibs.conf | 1 +
+ 1 file changed, 1 insertion(+)
+ create mode 100644 packaging/baselibs.conf
+
+diff --git a/packaging/baselibs.conf b/packaging/baselibs.conf
+new file mode 100644
+index 0000000..dc83ed2
+--- /dev/null
++++ b/packaging/baselibs.conf
+@@ -0,0 +1 @@
++pam
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0013-Fixed-package-groups.patch b/recipes-extended/pam/libpam/0013-Fixed-package-groups.patch
new file mode 100644
index 00000000..7b759711
--- /dev/null
+++ b/recipes-extended/pam/libpam/0013-Fixed-package-groups.patch
@@ -0,0 +1,46 @@
+From 60744838d458089f74f1f2a792a0599d9aace6ca Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Fri, 22 Mar 2013 11:04:21 -0700
+Subject: [PATCH 13/20] Fixed package groups
+
+---
+ packaging/pam.changes | 3 +++
+ packaging/pam.spec    | 4 ++--
+ 2 files changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/packaging/pam.changes b/packaging/pam.changes
+index eedb6cb..92fa9a8 100644
+--- a/packaging/pam.changes
++++ b/packaging/pam.changes
+@@ -1,3 +1,6 @@
++* Fri Mar 22 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130203.013415@f3ed55f
++- Fixed package groups
++
+ * Sat Feb 02 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130203.012535@3b802af
+ - remove non-existant manifest macro
+ 
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+index 6ef0aad..9b8a90a 100644
+--- a/packaging/pam.spec
++++ b/packaging/pam.spec
+@@ -9,7 +9,7 @@ Release:        1
+ License:        BSD and GPLv2+ and BSD with advertising
+ Summary:        PAM
+ Url:            http://www.linux-pam.org/
+-Group:          System/Base
++Group:          Security/Access Control
+ Source0:        Linux-PAM-%{version}.tar.bz2
+ Source1:        system-auth
+ Source2:        other
+@@ -34,7 +34,7 @@ having to recompile programs that handle authentication.
+ 
+ %package -n pam-modules-extra
+ Summary:        Extra modules provided by PAM not used in the base system
+-Group:          System/Base
++Group:          Security/Access Control
+ Requires:       pam = %{version}
+ 
+ %description -n pam-modules-extra
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0014-resetting-manifest-requested-domain-to-floor.patch b/recipes-extended/pam/libpam/0014-resetting-manifest-requested-domain-to-floor.patch
new file mode 100644
index 00000000..f4c61cc6
--- /dev/null
+++ b/recipes-extended/pam/libpam/0014-resetting-manifest-requested-domain-to-floor.patch
@@ -0,0 +1,69 @@
+From 7708f7f5845f8ff34598d3cae0e8c361c1456b98 Mon Sep 17 00:00:00 2001
+From: Alexandru Cornea <alexandru.cornea@intel.com>
+Date: Mon, 1 Jul 2013 21:46:20 +0300
+Subject: [PATCH 14/20] resetting manifest requested domain to floor
+
+---
+ packaging/pam.manifest | 5 +++++
+ packaging/pam.spec     | 5 +++++
+ 2 files changed, 10 insertions(+)
+ create mode 100644 packaging/pam.manifest
+
+diff --git a/packaging/pam.manifest b/packaging/pam.manifest
+new file mode 100644
+index 0000000..017d22d
+--- /dev/null
++++ b/packaging/pam.manifest
+@@ -0,0 +1,5 @@
++<manifest>
++ <request>
++    <domain name="_"/>
++ </request>
++</manifest>
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+index 9b8a90a..5402e7a 100644
+--- a/packaging/pam.spec
++++ b/packaging/pam.spec
+@@ -13,6 +13,7 @@ Group:          Security/Access Control
+ Source0:        Linux-PAM-%{version}.tar.bz2
+ Source1:        system-auth
+ Source2:        other
++Source1001: 	pam.manifest
+ 
+ BuildRequires:  autoconf
+ BuildRequires:  automake
+@@ -58,6 +59,7 @@ PAM-aware applications and modules for use with PAM.
+ 
+ %prep
+ %setup -q -n Linux-PAM-%{version}
++cp %{SOURCE1001} .
+ 
+ libtoolize -f #--copy --force && aclocal && autoheader
+ autoreconf
+@@ -107,6 +109,7 @@ fi
+ 
+ 
+ %files
++%manifest %{name}.manifest
+ %license Copyright
+ %{_sbindir}/pam_tally
+ %{_sbindir}/pam_tally2
+@@ -149,6 +152,7 @@ fi
+ %{_pamconfdir}/other
+ 
+ %files -n pam-modules-extra
++%manifest %{name}.manifest
+ %{_moduledir}/pam_access.so
+ %{_moduledir}/pam_debug.so
+ %{_moduledir}/pam_echo.so
+@@ -177,6 +181,7 @@ fi
+ %{_moduledir}/pam_warn.so
+ 
+ %files devel
++%manifest %{name}.manifest
+ %{_includedir}/security/*
+ %{_libdir}/libpam.so
+ %{_libdir}/libpam_misc.so
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0015-build-locale-package.patch b/recipes-extended/pam/libpam/0015-build-locale-package.patch
new file mode 100644
index 00000000..84a20dd1
--- /dev/null
+++ b/recipes-extended/pam/libpam/0015-build-locale-package.patch
@@ -0,0 +1,61 @@
+From e59a7c8f368344f18c2c4dd9eec95130ea783892 Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Mon, 22 Jul 2013 10:22:03 -0400
+Subject: [PATCH 15/20] build locale package
+
+---
+ packaging/pam.changes | 3 +++
+ packaging/pam.spec    | 5 ++++-
+ 2 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/packaging/pam.changes b/packaging/pam.changes
+index 92fa9a8..f6a52b2 100644
+--- a/packaging/pam.changes
++++ b/packaging/pam.changes
+@@ -1,3 +1,6 @@
++* Mon Jul 22 2013 Anas Nashif <anas.nashif@intel.com> accepted/tizen/20130710.215322@b4d6d0b
++- build locale package
++
+ * Fri Mar 22 2013 Anas Nashif <anas.nashif@intel.com> submit/trunk/20130203.013415@f3ed55f
+ - Fixed package groups
+ 
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+index 5402e7a..5c418cd 100644
+--- a/packaging/pam.spec
++++ b/packaging/pam.spec
+@@ -24,6 +24,7 @@ BuildRequires:  gcc
+ BuildRequires:  libtool
+ BuildRequires:  net-tools
+ BuildRequires:  zlib-devel
++BuildRequires:  gettext-tools
+ Requires(post): /sbin/ldconfig
+ Requires(post): /usr/bin/install
+ Requires(postun): /sbin/ldconfig
+@@ -72,7 +73,6 @@ CFLAGS="-fPIC %{optflags} " ; export CFLAGS
+         --includedir=%{_includedir}/security \
+         --enable-isadir=../..%{_moduledir} \
+         --disable-audit \
+-        --disable-nls \
+         --with-db-uniquename=_pam \
+         --with-libiconv-prefix=/usr \
+         --enable-read-both-confs &&
+@@ -96,6 +96,8 @@ install -d -m 0755 %{buildroot}%{_pamconfdir}
+ install -m 0644 %{SOURCE1} %{buildroot}%{_pamconfdir}/
+ install -m 0644 %{SOURCE2} %{buildroot}%{_pamconfdir}/
+ 
++%find_lang Linux-PAM
++
+ %post
+ /sbin/ldconfig
+ if [ ! -a /var/log/faillog ] ; then
+@@ -107,6 +109,7 @@ fi
+ 
+ %postun -p /sbin/ldconfig
+ 
++%lang_package -f Linux-PAM
+ 
+ %files
+ %manifest %{name}.manifest
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0016-optimize-package-groups.patch b/recipes-extended/pam/libpam/0016-optimize-package-groups.patch
new file mode 100644
index 00000000..c73437fe
--- /dev/null
+++ b/recipes-extended/pam/libpam/0016-optimize-package-groups.patch
@@ -0,0 +1,36 @@
+From 792be7ce64749c9cc5712c21cd0c347046cbfe06 Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Thu, 1 Aug 2013 16:28:00 -0400
+Subject: [PATCH 16/20] optimize package groups
+
+---
+ packaging/pam.changes | 3 +++
+ packaging/pam.spec    | 1 -
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/packaging/pam.changes b/packaging/pam.changes
+index f6a52b2..be6647f 100644
+--- a/packaging/pam.changes
++++ b/packaging/pam.changes
+@@ -1,3 +1,6 @@
++* Thu Aug 01 2013 Anas Nashif <anas.nashif@intel.com> accepted/tizen/20130722.203006@d9d7f57
++- Update package groups
++
+ * Mon Jul 22 2013 Anas Nashif <anas.nashif@intel.com> accepted/tizen/20130710.215322@b4d6d0b
+ - build locale package
+ 
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+index 5c418cd..8ad3593 100644
+--- a/packaging/pam.spec
++++ b/packaging/pam.spec
+@@ -48,7 +48,6 @@ default Tizen install.
+ 
+ %package devel
+ Summary:        Files needed for developing PAM-aware applications and modules for PAM
+-Group:          Development/Libraries
+ Requires:       pam = %{version}
+ 
+ %description devel
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0017-fixed-license.patch b/recipes-extended/pam/libpam/0017-fixed-license.patch
new file mode 100644
index 00000000..012f2d07
--- /dev/null
+++ b/recipes-extended/pam/libpam/0017-fixed-license.patch
@@ -0,0 +1,45 @@
+From fd1ec3bd9cbceed1e8651efc44611ba556968f99 Mon Sep 17 00:00:00 2001
+From: Anas Nashif <anas.nashif@intel.com>
+Date: Fri, 2 Aug 2013 11:07:52 -0400
+Subject: [PATCH 17/20] fixed license
+
+---
+ packaging/pam.changes | 3 +++
+ packaging/pam.spec    | 4 ++--
+ 2 files changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/packaging/pam.changes b/packaging/pam.changes
+index be6647f..9384291 100644
+--- a/packaging/pam.changes
++++ b/packaging/pam.changes
+@@ -1,3 +1,6 @@
++* Fri Aug 02 2013 Anas Nashif <anas.nashif@intel.com> submit/tizen/20130802.145428@792be7c
++- fixed license
++
+ * Thu Aug 01 2013 Anas Nashif <anas.nashif@intel.com> accepted/tizen/20130722.203006@d9d7f57
+ - Update package groups
+ 
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+index 8ad3593..c18b282 100644
+--- a/packaging/pam.spec
++++ b/packaging/pam.spec
+@@ -6,14 +6,14 @@
+ Name:           pam
+ Version:        1.1.6
+ Release:        1
+-License:        BSD and GPLv2+ and BSD with advertising
++License:        GPL-2.0+ or BSD-3-Clause
+ Summary:        PAM
+ Url:            http://www.linux-pam.org/
+ Group:          Security/Access Control
+ Source0:        Linux-PAM-%{version}.tar.bz2
+ Source1:        system-auth
+ Source2:        other
+-Source1001: 	pam.manifest
++Source1001:     pam.manifest
+ 
+ BuildRequires:  autoconf
+ BuildRequires:  automake
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0018-Add-a-pam-module-to-set-smack-label-PTREL-549.patch b/recipes-extended/pam/libpam/0018-Add-a-pam-module-to-set-smack-label-PTREL-549.patch
new file mode 100644
index 00000000..b2680295
--- /dev/null
+++ b/recipes-extended/pam/libpam/0018-Add-a-pam-module-to-set-smack-label-PTREL-549.patch
@@ -0,0 +1,135 @@
+From e9fdd38aa536be354b972b74e4fef8f961e7c73d Mon Sep 17 00:00:00 2001
+From: Michael Leibowitz <michael.leibowitz@intel.com>
+Date: Thu, 20 Feb 2014 16:49:35 -0800
+Subject: [PATCH 18/20] Add a pam module to set smack label (PTREL-549)
+
+After some back and forth, this was deemed to be sufficient for now, as
+other solutions where wrong in an equal number of cases, but where
+substantially more complicated.
+
+Adds a session module that just sets context to "User"
+
+Change-Id: I5a72fee29519d89d6b8ea60cd970d0438a0cb7cd
+Signed-off-by: Michael Leibowitz <michael.leibowitz@intel.com>
+---
+ configure.in                  |  4 ++++
+ modules/Makefile.am           |  2 +-
+ modules/pam_smack/Makefile.am | 11 +++++++++++
+ modules/pam_smack/pam_smack.c | 31 +++++++++++++++++++++++++++++++
+ packaging/pam.spec            |  2 ++
+ 5 files changed, 49 insertions(+), 1 deletion(-)
+ create mode 100644 modules/pam_smack/Makefile.am
+ create mode 100644 modules/pam_smack/pam_smack.c
+
+diff --git a/configure.in b/configure.in
+index ae762a2..2749f0c 100644
+--- a/configure.in
++++ b/configure.in
+@@ -498,6 +498,9 @@ if test ! -z "$LIBSELINUX" ; then
+     LIBS=$BACKUP_LIBS
+ fi
+ 
++dnl hacks for pam_smack
++PKG_CHECK_MODULES([LIBSMACK], [libsmack])
++
+ dnl Checks for header files.
+ AC_HEADER_DIRENT
+ AC_HEADER_STDC
+@@ -625,6 +628,7 @@ AC_CONFIG_FILES([Makefile libpam/Makefile libpamc/Makefile libpamc/test/Makefile
+ 	modules/pam_unix/Makefile modules/pam_userdb/Makefile \
+ 	modules/pam_warn/Makefile modules/pam_wheel/Makefile \
+ 	modules/pam_xauth/Makefile doc/Makefile doc/specs/Makefile \
++	modules/pam_smack/Makefile \
+ 	doc/man/Makefile doc/sag/Makefile doc/adg/Makefile \
+ 	doc/mwg/Makefile examples/Makefile tests/Makefile \
+ 	xtests/Makefile])
+diff --git a/modules/Makefile.am b/modules/Makefile.am
+index 0c80cea..885a4ad 100644
+--- a/modules/Makefile.am
++++ b/modules/Makefile.am
+@@ -11,7 +11,7 @@ SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \
+ 	pam_selinux pam_sepermit pam_shells pam_stress \
+ 	pam_succeed_if pam_tally pam_tally2 pam_time pam_timestamp \
+ 	pam_tty_audit pam_umask \
+-	pam_unix pam_userdb pam_warn pam_wheel pam_xauth
++	pam_unix pam_userdb pam_warn pam_wheel pam_xauth pam_smack
+ 
+ CLEANFILES = *~
+ 
+diff --git a/modules/pam_smack/Makefile.am b/modules/pam_smack/Makefile.am
+new file mode 100644
+index 0000000..4a415d9
+--- /dev/null
++++ b/modules/pam_smack/Makefile.am
+@@ -0,0 +1,11 @@
++securelibdir = $(SECUREDIR)
++secureconfdir = $(SCONFIGDIR)
++
++AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include @LIBSMACK_CFLAGS@
++AM_LDFLAGS = -no-undefined -avoid-version -module
++if HAVE_VERSIONING
++  AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
++endif
++securelib_LTLIBRARIES = pam_smack.la
++pam_smack_la_LIBADD = $(top_builddir)/libpam/libpam.la @LIBSMACK_LIBS@
++pam_smack_la_SOURCES = pam_smack.c
+diff --git a/modules/pam_smack/pam_smack.c b/modules/pam_smack/pam_smack.c
+new file mode 100644
+index 0000000..4fde36e
+--- /dev/null
++++ b/modules/pam_smack/pam_smack.c
+@@ -0,0 +1,31 @@
++#define _GNU_SOURCE
++#include <syslog.h>
++#include <sys/smack.h>
++
++#define PAM_SM_SESSION
++#include <security/pam_modules.h>
++#include <security/pam_modutil.h>
++
++
++PAM_EXTERN int 
++pam_sm_open_session (pam_handle_t *pamh,
++		     int flags,
++		     int argc,
++		     const char **argv)
++{
++  if (smack_smackfs_path ()) {
++    int rc = smack_set_label_for_self ("User");
++    if (rc) {
++      pam_syslog (pamh, LOG_WARNING, "couldn't set label");
++    }
++  }
++
++  return PAM_SUCCESS;
++}
++
++PAM_EXTERN int
++pam_sm_close_session (pam_handle_t *pamh, int flags,
++                      int argc, const char **argv)
++{
++  return PAM_IGNORE;
++}
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+index c18b282..e7f679b 100644
+--- a/packaging/pam.spec
++++ b/packaging/pam.spec
+@@ -25,6 +25,7 @@ BuildRequires:  libtool
+ BuildRequires:  net-tools
+ BuildRequires:  zlib-devel
+ BuildRequires:  gettext-tools
++BuildRequires:  smack-devel
+ Requires(post): /sbin/ldconfig
+ Requires(post): /usr/bin/install
+ Requires(postun): /sbin/ldconfig
+@@ -181,6 +182,7 @@ fi
+ %{_moduledir}/pam_unix_passwd.so
+ %{_moduledir}/pam_unix_session.so
+ %{_moduledir}/pam_warn.so
++%{_moduledir}/pam_smack.so
+ 
+ %files devel
+ %manifest %{name}.manifest
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0019-adding-.changes.patch b/recipes-extended/pam/libpam/0019-adding-.changes.patch
new file mode 100644
index 00000000..ce07099f
--- /dev/null
+++ b/recipes-extended/pam/libpam/0019-adding-.changes.patch
@@ -0,0 +1,26 @@
+From d2a097ba110167aeb4cfffe62042fb7119f27f30 Mon Sep 17 00:00:00 2001
+From: Michael Leibowitz <michael.leibowitz@intel.com>
+Date: Mon, 24 Feb 2014 14:53:02 -0800
+Subject: [PATCH 19/20] adding .changes
+
+Change-Id: I51c91b81cd5109ff9befa0e9d793e124928af28a
+Signed-off-by: Michael Leibowitz <michael.leibowitz@intel.com>
+---
+ packaging/pam.changes | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/packaging/pam.changes b/packaging/pam.changes
+index 9384291..17283ca 100644
+--- a/packaging/pam.changes
++++ b/packaging/pam.changes
+@@ -1,3 +1,7 @@
++* Mon Feb 24 2014 Michael Leibowitz <michael.leibowitz@intel.com> accepted/tizen/ivi/genivi/20140131.034623@e9fdd38
++- Add a pam module to set smack label (PTREL-549)
++- fixed license
++
+ * Fri Aug 02 2013 Anas Nashif <anas.nashif@intel.com> submit/tizen/20130802.145428@792be7c
+ - fixed license
+ 
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/0020-Packaging-spec-cleanup.patch b/recipes-extended/pam/libpam/0020-Packaging-spec-cleanup.patch
new file mode 100644
index 00000000..3db8cfda
--- /dev/null
+++ b/recipes-extended/pam/libpam/0020-Packaging-spec-cleanup.patch
@@ -0,0 +1,33 @@
+From 00107b54a1f8f846b0defd1a00b04e5f72990959 Mon Sep 17 00:00:00 2001
+From: Ronan Le Martret <ronan@fridu.net>
+Date: Wed, 5 Mar 2014 09:52:39 +0100
+Subject: [PATCH 20/20] Packaging: spec cleanup.
+
+Change-Id: I3cc5abeac491670b4551c47f2acd87138e6e5bde
+Signed-off-by: Ronan Le Martret <ronan@fridu.net>
+---
+ packaging/pam.spec | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/packaging/pam.spec b/packaging/pam.spec
+index e7f679b..96aa0e1 100644
+--- a/packaging/pam.spec
++++ b/packaging/pam.spec
+@@ -62,13 +62,11 @@ PAM-aware applications and modules for use with PAM.
+ %setup -q -n Linux-PAM-%{version}
+ cp %{SOURCE1001} .
+ 
+-libtoolize -f #--copy --force && aclocal && autoheader
+-autoreconf
+ 
+ %build
+ CFLAGS="-fPIC %{optflags} " ; export CFLAGS
+ 
+-%configure \
++%reconfigure \
+         --libdir=%{_libdir} \
+         --includedir=%{_includedir}/security \
+         --enable-isadir=../..%{_moduledir} \
+-- 
+1.8.1.4
+
diff --git a/recipes-extended/pam/libpam/other b/recipes-extended/pam/libpam/other
new file mode 100644
index 00000000..50c6e52c
--- /dev/null
+++ b/recipes-extended/pam/libpam/other
@@ -0,0 +1,5 @@
+#%PAM-1.0
+auth       required   pam_deny.so
+account    required   pam_deny.so
+password   required   pam_deny.so
+session    required   pam_deny.so
diff --git a/recipes-extended/pam/libpam/system-auth b/recipes-extended/pam/libpam/system-auth
new file mode 100644
index 00000000..4f8b4f08
--- /dev/null
+++ b/recipes-extended/pam/libpam/system-auth
@@ -0,0 +1,16 @@
+#%PAM-1.0
+auth        required      pam_env.so
+auth        sufficient    pam_unix.so try_first_pass nullok
+auth        required      pam_deny.so
+
+account     required      pam_unix.so
+
+# cracklib is disabled in the build.
+# password    required      pam_cracklib.so try_first_pass retry=3 type=
+password    sufficient    pam_unix.so try_first_pass nullok sha512 shadow
+password    required      pam_deny.so
+
+session     optional      pam_keyinit.so revoke
+session     required      pam_limits.so
+session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
+session     required      pam_unix.so
diff --git a/recipes-extended/pam/libpam_1.1.6.bbappend b/recipes-extended/pam/libpam_1.1.6.bbappend
new file mode 100644
index 00000000..120576d0
--- /dev/null
+++ b/recipes-extended/pam/libpam_1.1.6.bbappend
@@ -0,0 +1,35 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/libpam"
+
+SRC_URI += "file://system-auth \
+            file://other \
+            file://0001-add-packaging.patch \
+            file://0002-fix-includes.patch \
+            file://0003-add-missing-files.patch \
+            file://0004-Update-to-1.1.6.patch \
+            file://0006-Update-to-1.1.6.patch \
+            file://0007-Move-pam_mkhomedir.so-to-main-package-systemd-needs-.patch \
+            file://0008-remove-manifest-macro.patch \
+            file://0009-remove-manifest-macro.patch \
+            file://0010-remove-manifest.patch \
+            file://0011-remove-non-existant-manifest-macro.patch \
+            file://0012-Add-multi-lib-support.patch \
+            file://0013-Fixed-package-groups.patch \
+            file://0014-resetting-manifest-requested-domain-to-floor.patch \
+            file://0015-build-locale-package.patch \
+            file://0016-optimize-package-groups.patch \
+            file://0017-fixed-license.patch \
+            file://0018-Add-a-pam-module-to-set-smack-label-PTREL-549.patch \
+            file://0019-adding-.changes.patch \
+            file://0020-Packaging-spec-cleanup.patch \
+            "
+
+# Patch fail:
+# 0005-add-missing-DESTDIR.patch
+
+do_install_append() {
+    install -d -m 0755 ${D}/etc/pam.d
+    install -m 0644 ${WORKDIR}/system-auth ${D}/etc/pam.d
+    install -m 0644 ${WORKDIR}/other ${D}/etc/pam.d
+}
+
+FILES_${PN} += " /etc/pam.d/system-auth /etc/pam.d/other"
+\ No newline at end of file
author	Kévin THIERRY <kevin.thierry@open.eurogiciel.org>	2014-05-22 18:33:01 +0200
committer	Kévin THIERRY <kevin.thierry@open.eurogiciel.org>	2014-05-22 09:36:32 -0700
commit	f4a36b3ca8e89f4bff8f7bb881ffa43c248f0581 (patch)
tree	a1fed30886b8c6e6a874c26bf3b07f391da78c1d /recipes-extended
parent	8d9be3c6e8080a58e7000240df34b4b09e60bc86 (diff)
download	meta-tizen-f4a36b3ca8e89f4bff8f7bb881ffa43c248f0581.tar.gz meta-tizen-f4a36b3ca8e89f4bff8f7bb881ffa43c248f0581.tar.bz2 meta-tizen-f4a36b3ca8e89f4bff8f7bb881ffa43c248f0581.zip