Overview

File pam-afs-session.spec of Package pam-afs-session

%if !0%{?usrmerged}
%define libdir /%{_lib}
%else
%ifarch x86_64
%define libdir %{_libdir}
%else
%define libdir /%{_lib}
%endif
%endif

Name:           pam-afs-session
Version:        2.6
Release:        1
License:        https://www.eyrie.org/~eagle/software/pam-afs-session/license.html
Group:          Productivity/Networking/Security
Summary:       	The pam-afs-session PAM module is intended for use with a Kerberos v5 PAM module to obtain an AFS PAG and AFS tokens on login. It puts every new session in a PAG regardless of whether it was authenticated with Kerberos and either uses Heimdal's libkafs or runs a configurable external program to obtain tokens. It supports using Heimdal's libkafs for the AFS interface and falls back to an internal implementation if libkafs isn't available
URL:		http://www.eyrie.org/~eagle/software/pam-afs-session/
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
Autoreqprov: 	on
Source0:	pam-afs-session-%{version}.tar.gz
Source1:	README.SUSE

Requires:      pam
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: bison
BuildRequires: flex
BuildRequires: krb5-devel 
BuildRequires: libtool
BuildRequires: pam-devel
BuildRequires: zlib


%description
pam-afs-session is a PAM module that isolates each login in a separate AFS PAG (so that they will not trample on each other's AFS tokens) and supports either running an external program to obtain AFS tokens from a Kerberos v5 ticket cache or using Heimdal's libkafs library. It does not obtain tickets itself and must be used in conjunction with a Kerberos v5 PAM module to obtain tokens (setting up PAGs can be done without any Kerberos implementations). It provides only the setcred and session PAM functions. 
 There are two ways this module can obtain tokens: 
 If you have Heimdal's libkafs library available and build this module with Kerberos support (passing --with-kerberos to configure), the module can call libkafs's krb5_afslog function to obtain tokens directly. If you are using Heimdal and obtaining tokens from Kerberos tickets, this is the recommended configuration, since it means the PAM module doesn't have to fork an external process. If built in the fashion described above, this will be the default unless program is set in the module configuration. 
 Otherwise, the module will run an arbitrary external program to obtain tokens. This is the most flexible option, works with MIT Kerberos in conjunction with the aklog program from OpenAFS or the afslog program from Heimdal, and can support programs that obtain AFS tokens via some means other than a Kerberos ticket cache created on login. 
 For the AFS system call layer, pam-afs-session supports linking with the Heimdal libkafs library or the libkopenafs library that will ship with later versions of OpenAFS and provides a similar interface. As a fallback, and to support a low-dependency build, it also comes with a simple AFS system call implementation for either Linux or platforms that use syscall to call AFS functions. To use the built-in system call interface on Linux, the system must run a new enough version of OpenAFS or Arla to support AFS system calls through ioctl on a file in proc. On other systems, configure must be able to find the AFS header afs/param.h in order to get the system call numbers for that platform. 
 Right now, this module will probably only work on Linux, Solaris, HP-UX, and Mac OS X, and will require gcc to even attempt to build on any other platform. Other PAM implementations will likely require some porting work. 
 The module can optionally be linked with Kerberos libraries to obtain configuration information from krb5.conf, to support the kdestroy option, and to use libkafs's functions for obtaining tokens. Either MIT Kerberos or Heimdal should work.

Authors:
--------
    Russ Allbery
    see http://www.eyrie.org/~eagle/software/pam-afs-session/

%prep
%setup -q -n pam-afs-session-%{version} -b 0

%build
./autogen

./configure --libdir=/%{libdir} --mandir=%{_mandir} --docdir=%{_docdir}/%name

make


%install

make DESTDIR=%{buildroot} install

gzip %{buildroot}/%{_mandir}/man5/pam_afs_session.5
mkdir -p %{buildroot}/%{_docdir}/%name
install -m 644 LICENSE %{buildroot}/%{_docdir}/%name
install -m 644 NEWS    %{buildroot}/%{_docdir}/%name
install -m 644 README  %{buildroot}/%{_docdir}/%name
install -m 644 TODO    %{buildroot}/%{_docdir}/%name
rm %{buildroot}/%{libdir}/security/pam_afs_session.la

cp -a %{S:1} %{buildroot}/%{_docdir}/%name

%clean
rm -rf %{buildroot}

%files
%defattr(-,root,root)
%{libdir}/security/pam_afs_session.so
%dir %{libdir}/security
%doc %{_docdir}/%name
%doc %{_mandir}/*/*

#  
#       CHANGELOG  
#  
  
%changelog  
* Tue Jul 28 2015 hanke@rzg.mpg.de
- update to version 2.5
* Tue Jul 07 2009 hanke@rzg.mpg.de
- updated to the latest patch-level
* Mon May 18 2009 hanke@rzg.mpg.de
- unified spec-file. Fixed for Mandriva.
* Wed May 13 2009 hanke@rzg.mpg.de
- update to version 1.7
* Fri Jan 04 2008 hanke@rzg.mpg.de
- fix 32/64Bit.
* Thu Jan 03 2008 hanke@rzg.mpg.de
- removed requirement pam-krb5
* Wed Jan 02 2008 hanke@rzg.mpg.de  
- differentiate between 32 and 64bit version.  
* Mon Oct 29 2007 hanke@rzg.mpg.de  
- initial version.
openSUSE Build Service is sponsored by
Places