File pam_pkcs11.spec of Package pam_pkcs11

# spec file for package pam_pkcs11
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via

# norootforbuild

Name:           pam_pkcs11
Version:        0.6.6
Release:        1
Group:          Productivity/Security
License:        LGPLv2.1+
Summary:        PKCS #11 PAM Module
Source:         %{name}-%{version}.tar.bz2
Source1:        pam_pkcs11-common-auth-smartcard.pam
Source2:        baselibs.conf
Patch1:         %{name}-0.5.3-nss-conf.patch
Patch3:         %{name}-0.6.0-nss-autoconf.patch
BuildRequires:  curl-devel libxslt mozilla-nss-devel openldap2-devel openssl-devel pam-devel pcsc-lite-devel pkg-config
BuildRoot:      %{_tmppath}/%{name}-%{version}-build

This Linux PAM module allows X.509 a certificate-based user
authentication. The certificate and its dedicated private key are
thereby accessed by means of an appropriate PKCS #11 module. For the
verification of the users' certificates, locally stored CA certificates
as well as online or locally accessible CRLs are used.

Additionally, the package includes pam_pkcs11-related tools: *
   pkcs11_eventmgr: Generates actions on card insert, removal, or
   time-out events

* pklogin_finder: Gets the login name that maps to a certificate

* pkcs11_inspect: Inspects the contents of a certificate

* make_hash_links: Creates hash link directories for storing CAs and

    Mario Strasser <>
    Juan Antonio Martinez <>
    Antti Tapaninen <>
    Timo Sirainen <>
    Ludovic Rousseau <>
    Andreas Jellinghaus <>
    Dominik Fischer <>
    Ville Skyttä <>

%setup -q
%patch1 -p1
%patch3 -p1
cp -a %{S:1} common-auth-smartcard
mv po/pt_br.po po/pt_BR.po
sed -i s/pt_br/pt_BR/ configure

make %{?jobs:-j%jobs}

mkdir -p $RPM_BUILD_ROOT/%{_lib}
mv $RPM_BUILD_ROOT%{_libdir}/security $RPM_BUILD_ROOT/%{_lib}
rm $RPM_BUILD_ROOT%{_libdir}/pam_pkcs11/*.*a $RPM_BUILD_ROOT/%{_lib}/security/*.*a
# Hardcoded defaults... no sysconfdir
install -dm 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam_pkcs11/cacerts
install -dm 755 $RPM_BUILD_ROOT%{_sysconfdir}/pam_pkcs11/crls
cd etc
for conf in *.conf.example ; do
    install -m 644 ${conf} $RPM_BUILD_ROOT%{_sysconfdir}/pam_pkcs11/${conf%.example}
cd ..
mkdir -p $RPM_BUILD_ROOT%{_docdir}/%{name}
cp -a AUTHORS COPYING ChangeLog ChangeLog.svn NEWS README TODO doc/pam_pkcs11.html doc/mappers_api.html doc/api doc/README.autologin doc/README.mappers $RPM_BUILD_ROOT%{_docdir}/%{name}
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
cp common-auth-smartcard $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/
%find_lang %{name}


%files -f  %{name}.lang
%defattr (-, root, root)
%doc %{_docdir}/%{name}
%doc %{_mandir}/man?/*.*
%dir %{_sysconfdir}/pam_pkcs11
%dir %{_sysconfdir}/pam_pkcs11/cacerts
%dir %{_sysconfdir}/pam_pkcs11/crls
%config(noreplace) %{_sysconfdir}/pam_pkcs11/*.conf
%config(noreplace) %{_sysconfdir}/pam.d/common-auth-smartcard