LogoopenSUSE Build Service > Projects
Sign Up | Log In

View File pam_mount.spec of Package pam_mount.3055 (Project DISCONTINUED:openSUSE:11.3:Update)

# spec file for package pam_mount (Version 1.34)
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/

# norootforbuild

Name:           pam_mount
BuildRequires:  perl-XML-Parser perl-XML-Writer
BuildRequires:  libtool pam-devel >= 0.99 pkg-config >= 0.19
BuildRequires:  libxml2-devel >= 2.6 openssl-devel >= 0.9.7
BuildRequires:  libHX-devel >= 3.4
BuildRequires:  linux-kernel-headers >= 2.6
Summary:        A PAM Module that can Mount Volumes for a User Session
Version:        1.34
Release:        3.2.1
Recommends:     cryptsetup
Recommends:     cifs-mount
Requires:       util-linux
License:        LGPLv2.1+
Prefix:         /usr
Group:          System/Libraries
Source:         %{name}-%{version}.tar.bz2
Source1:        convert_pam_mount_conf.pl
Source2:        convert_keyhash.pl
Source3:        mount.crypt
Source4:        mount.encfs13
Source5:        baselibs.conf
Patch1:         pam_mount-0.47-enable-logout-kill.dif
Patch2:         fix-segfault.dif
Patch3:         40e1b19511a1b0c17f0fbf4f6e6e47f209aee1c4.diff
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
Url:            http://pam-mount.sourceforge.net/
Requires(pre):	coreutils, perl-XML-Writer, perl-XML-Parser
Requires(post):	coreutils, perl-XML-Writer, perl-XML-Parser

This module is aimed at environments with central file servers that a
user wishes to mount on login and unmount on logout, such as
(semi-)diskless stations where many users can logon.

The module also supports mounting local filesystems of any kind the
normal mount utility supports, with extra code to make sure certain
volumes are set up properly because often they need more than just a
mount call, such as encrypted volumes. This includes SMB/CIFS, FUSE,
dm-crypt and LUKS.

%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1

%{suse_update_config -f}
autoreconf --verbose --force --install
%configure --with-slibdir=/%{_lib} %{?_with_selinux:--with-selinux}
%{__make} %{?_smp_mflags}

make install DESTDIR=${RPM_BUILD_ROOT}
# Remove static and libtool version
rm -f ${RPM_BUILD_ROOT}/%{_lib}/security/pam_mount.{a,la}
#install the docs
mkdir -p ${RPM_BUILD_ROOT}/%_docdir/%{name}/examples
cp doc/bugs.txt doc/changelog.txt LICENSE* doc/faq.txt doc/todo.txt doc/options.txt doc/pam_mount.txt ${RPM_BUILD_ROOT}/%_docdir/%name/
install -m 755 %{SOURCE1} ${RPM_BUILD_ROOT}/%_docdir/%{name}/examples/
install -m 755 %{SOURCE2} ${RPM_BUILD_ROOT}/%_docdir/%{name}/examples/
# move /sbin/mount.crypt to /usr/sbin/mount.crypt and put a wrapper script to /sbin/mount.crypt
# The same for mount.encfs13
mkdir -p ${RPM_BUILD_ROOT}/usr/sbin/
mv ${RPM_BUILD_ROOT}/sbin/mount.crypt ${RPM_BUILD_ROOT}/usr/sbin/
mv ${RPM_BUILD_ROOT}/sbin/mount.encfs13 ${RPM_BUILD_ROOT}/usr/sbin/
ln -s /usr/sbin/mount.crypt ${RPM_BUILD_ROOT}/usr/sbin/umount.crypt
ln -s /usr/sbin/mount.encfs13 ${RPM_BUILD_ROOT}/usr/sbin/umount.encfs13
install -m755 %{SOURCE3} ${RPM_BUILD_ROOT}/sbin/
install -m755 %{SOURCE4} ${RPM_BUILD_ROOT}/sbin/

if [ -e etc/security/pam_mount.conf ]
        cp etc/security/pam_mount.conf.xml %_docdir/%{name}/examples/
	%_docdir/%{name}/examples/convert_pam_mount_conf.pl \
	-i etc/security/pam_mount.conf -o etc/security/pam_mount.conf.xml
if [ $1 -gt 1 ]
	for v in `rpm -q --queryformat "%{VERSION} " %{name}`; do
		if echo "$v" | grep -E "^0\." - ; then
			%_docdir/%{name}/examples/convert_keyhash.pl \
			-i etc/security/pam_mount.conf.xml


%defattr(-, root, root)
%docdir %_docdir/%name
%config(noreplace) %{_sysconfdir}/security/pam_mount.conf.xml
%doc %{_mandir}/man1/pmt-fd0ssh.1.gz
%doc %{_mandir}/man5/pam_mount.conf.5.gz
%doc %{_mandir}/man8/*.8.gz
%if 0%{?_with_selinux:1}
%policy %_sysconfdir/selinux/strict/src/policy/macros/%{name}_macros.te
%policy %_sysconfdir/selinux/strict/src/policy/file_contexts/misc/%name.fc

* Fri Aug 20 2010 lars@samba.org
- rdconf: do not warn about missing fskeyhash when no fskey specified;
  (bnc#626127); http://bugs.debian.org/580430
* Mon Jul 26 2010 mc@suse.de
- fix segfault in pam_mount when executed from ssh
* Tue Jun  1 2010 mc@suse.de
- use full paths in wrapper scripts (bnc#607200)
* Wed Apr  7 2010 jengelh@medozas.de
- update to version 1.34
  * decrease login refcount on logout when no volumes are defined
- tag provided mount.{crypt,encfs13} wrappers as #!/bin/bash (not
  /bin/sh) because they use [[/]] and =~; use ${0##*/} over
  extra calling basename.
* Sun Jan 10 2010 jengelh@medozas.de
- update to version 1.33
  * avoid multi-free of auth token when pam_mount is rerun in a
    PAM stack
  * avoid NULL dereference when there is an empty line in mtab
- adjust BuildRequires as upstream really requires
- package baselibs.conf
- convert PreReq to Requires(pre,post)
- remove CFLAGS="$RPM_OPT_FLAGS", it is implicit
- use _smp_mflags
* Fri Dec 18 2009 mc@suse.de
- update to version 1.32
  * luserconf: fix skipping luser volume mounting
  * config: allow arbitrary source paths for tmpfs
  * fix a potential strlen(NULL) on login
  * umount.crypt: do not remove entry from /etc/mtab twice
  * luserconf: delayed parsing and mounting of luserconf volumes
  * documentation fixes
* Thu Nov 19 2009 mc@suse.de
- backport some code to fix the sudo crash (bnc#544154)
* Mon Jul 27 2009 mc@novell.com
- update to version 1.27
  * mounting: stdout from mount programs is now discarded
  * config: do parse <cryptumount> elements from .xml
  * mount: pass fstype to NFS mount program
  * config: map "nfs4" fstype to NFSMOUNT
  * pam_mount: PAM function return code audit
  * config: warn about ignored "server" attribute in <volume>
  * config: print error message on config file syntax error
* Wed Jun 24 2009 sbrabec@suse.cz
- Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164).
* Mon May 11 2009 mc@suse.de
- update to version 1.25
  - fix splitting of "NTDOMAIN\username" strings
  - config: broaden variable expansion to resolve a case where it
    did not do expected expansion with AUFS
  - mount.crypt: write options, not "defaults" to /etc/mtab
  - mount.crypt: keysize truncation must happen later
  - mount.crypt: pass -o ro/rw down to mount program
  - mount.crypt: support for -o remount
  - mount.crypt: support overriding keysize
  - mount.crypt: must pass -s option to cryptsetup
  - mount.crypt: add "Deprecated Mount options" section to manpage
  - pam_mount: fix a double free that can happen when stale entries are in cmtab
  - pam_mount: first-time overriding of mntoptions failed to work
  - pmvarrun: do not segfault when no username is specified (corner-case)
  - pmvarrun: recognize internal _PMT_DEBUG_LEVEL env var
  - mtab: automatically ignore and remove stale entries from cmtab
  - pam_mount: fix unexpected termination after pam_mount ran
  - doc: list support contacts in man page
* Wed Feb 18 2009 mc@suse.de
- update to version 1.18
  * lot of fixes and new Features.
    see /usr/share/doc/packages/pam_mount/changelog.txt
    for details
* Thu Jan 29 2009 crrodriguez@suse.de
- reduce buildRequires after libHX changes
* Mon Jan 12 2009 mc@suse.de
- fix <logout> feature (bnc#461333)
  * enable automatic wait, term and kill. Required to terminate
  * add <logout> during convert to converted config
- remove passwdehd. (CVE-2008-5138) (bnc#465303)
  does not work at all with new config format.
- recognize required and deny options for luserconf
* Tue Nov  4 2008 mc@suse.de
- fix failing convert script. (bnc#438842)
* Mon Oct 27 2008 mc@suse.de
- remove lsof callback from convert script. lsof is not needed
  in this version of pam_mount. (bnc#438842)
* Tue Oct 14 2008 mc@suse.de
- fix checking deny options
* Mon Oct 13 2008 mc@suse.de
- replace also options which are specified in a volume
* Thu Sep 25 2008 mc@suse.de
- fix reading the key from harddisk.
- using losteup command directly (bnc#427343)
* Fri Sep  5 2008 mc@suse.de
- version 0.47
  - mount.crypt: add missing null command to conform to sh syntax
    (SF bug #2089446)
  - conf: fix printing of strings when luser volume options were not ok
  - conf: re-add luserconf security checks
  - add support for encfs 1.3.x (1.4.x already has been in for long)
  - conf: add the "noroot" attribute for <volume> to force mounting with
    the unprivileged user account (required for FUSE filesystems)
  - replace fixed-size buffers and arrays with dynamic ones (complete)
    (obsolets pam_mount-0.45-bump-max-par.diff)
* Mon Sep  1 2008 mc@suse.de
- version 0.45
  * fix double-freeing the authentication token
  * use ofl instead of lsof/fuser
  * kill-on-logout support (terminate processes that would stand in the
    way of unmounting)
    (remove suse patch which supports this)
  * mount.crypt: auto-detect necessity for running losetup
* Mon Aug 18 2008 mc@suse.de
- version 0.44
  - mount.crypt: fix option slurping
  - properly handle simple sgrp config items
  - src: correct error check in run_lsof()
  - conf: check that slash follows home tilde
  - conf: wildcard inadvertently matched root sometimes
* Mon Aug 11 2008 mc@suse.de
- version 0.43
  - remove davfs support
  - pass fsck definition from pam_mount.conf.xml to mount.crypt
  - document pam_mount.conf.xml defaults
  - do not call fsck from within pam_mount for encrypted devices,
    let mount.crypt do it
* Mon Jun 23 2008 mc@suse.de
- version 0.41
  - add missing pgrp/sgrp attribute handling for simple user control
  - mount.crypt: handle arbitrary argument order
  - correct extended sgrp handling
  - manpages: add missing description for <fsck>, and reorder <path>
  - the documentation in pam_mount.conf.xml has been reworked and
    split off into pam_mount.conf(5).
  - extensive user selection for <volume> (revised)
  - case-insensitive matching for user, pgrp, sgrp
  - fixed segfault when more than one volume was defined
  - extended user selection for <volume>
  - fix an unwanted inversion for handling <options allow=" (nonempty) ">
  - store per-volume option list in ordered form --
    essentially fixes the problem of "user" (implies noeexec)
    overriding "exec"
  - fix null pointer deref (from new UID/GID range support)
  - mount.crypt uses normal sleep from coreutils again
  - truecrypt 5.x is not supported because the truecrypt CLI component
    that pam_mount requires was removed
  - <volume> tag in pam_mount.conf.xml supports UID and GID ranges now
  - fix HAVE_LIBCRYPTO regression;
    crypto was always disabled even if openssl present
- remove pam_mount-0.35-fix-configure.dif (is upstream now)
* Tue Apr 22 2008 mc@suse.de
- use upstream fix for bnc#381292
* Fri Apr 18 2008 mc@suse.de
- fix configure (bnc#381292)
* Thu Apr 10 2008 ro@suse.de
- added baselibs.conf file to build xxbit packages
  for multilib support
* Mon Apr  7 2008 mc@suse.de
- update to version 0.35
  - mount.crypt: fix loop device detection
  - mount.crypt: wait for dm devices to show up
  - fixed: mount flag and value were one argument
  - pmvarrun: support unprivileged mode
  - Support for SSH keyboard-interactive authenticated volumes
  - documentation updates
* Wed Apr  2 2008 mc@suse.de
- update to version 0.32
- notify about unknown options in /etc/pam.d/*
- support "debug" option for pam_mount in /etc/pam.d/*
- mount.crypt: detect loop devices by major number
- Fixed parsing of old-style pam_mount.conf with spaces in group names,
  copy-and-paste typos and a missing return value. Added workaround for
  CIFS volumes within NFS mounts with "root_squash" option.
- allow --keyfile to be used for non-LUKS too
- luksClose is the same as Remove (in umount.crypt)
- convert "local" fstype entries from old configuration format correctly.
- fixed parsing of old pam_mount.conf with spaces in group names
- fixed: When no volumes were to be mounted, return value
  was not PAM_SUCCESS.
* Mon Oct  8 2007 mc@suse.de
- update to version 0.29
  * pam_mount switched to an XML configuration.
  * added truecrypt support
  * add an "invert" attribute
  * split group matching into multiple attributes
  * properly detect loop64 support
  * NT domain placeholders
  * Implement the "soft_try_pass" option
  * add "nullok" option
  * --keyfile option added to mount.crypt
* Fri Sep 21 2007 mc@suse.de
- remove the loopdevice for the image too
* Thu Sep 20 2007 mc@suse.de
- add required dependencies [#326802]
* Wed Apr  4 2007 crivera@suse.de
- Don't package mount_ehd, it's only for
  OpenBSD. Fixes 256214.
* Thu Mar 29 2007 mc@suse.de
- add zlib-devel to BuildRequires
* Tue Mar 13 2007 mc@suse.de
- fix reference counting of pmvarrun app
* Tue Jan 23 2007 mc@suse.de
- fix umount encrypted homedirectories
* Thu Jan 18 2007 mc@suse.de
- disable debug
- increase MAX_PAR to be able to read longer keys
* Fri Jan 12 2007 mc@suse.de
- add patch to kill all remaining user processes before
  unmounting crypted partition
* Fri Dec  8 2006 dgollub@suse.de
- use UID of specified user for owner change of mount point
* Tue Sep 12 2006 mc@suse.de
- Update to 0.18
  * fixes memory corruptions, zero termination, segfaults
  * A crash on x86_64 has been fixed. pam_mount now changes
    to the root directory before attempting to (un)mount
* Mon Jul 31 2006 kukuk@suse.de
- Update to version 0.16
  bugfix release
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Thu Dec 22 2005 varkoly@suse.de
- Update to version 0.10.0
* Mon Dec 19 2005 ro@suse.de
- added symlinks to package
* Mon Jul 11 2005 schubi@suse.de
- Update to version 0.9.25
* Mon Apr 11 2005 kukuk@suse.de
- Update to version 0.9.22 [Bug #65110]
* Thu Jan 15 2004 kukuk@suse.de
- Build as user
- Add pam-devel to neededforbuild
* Mon Jan 12 2004 kukuk@suse.de
- Update to version 0.9.9
* Mon Oct 27 2003 kukuk@suse.de
- Update to version 0.9.6 [Bug #32216]
* Wed May 28 2003 kukuk@suse.de
- Initial package