jim.lai/OpenBMC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Your Name
2026-04-23 17:07:55 +08:00
commit b7e39e063b
16725 changed files with 1625565 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
poky/meta/recipes-extended/pam/libpam/0001-examples-Replace-use-of-termio.h-with-termios.h.patch
+39
View File
@@ -0,0 +1,39 @@
From 9b96fcfa5748934b8b6a4db4ee25a5e3165905c0 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Sat, 1 Jul 2023 07:48:17 -0700
Subject: [PATCH] examples: Replace use of termio.h with termios.h
Fixes build with musl and makes it portable
Upstream-Status: Backport [https://github.com/linux-pam/linux-pam/commit/5374f677e4cae669eb9accf2449178b602e8a40a]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
examples/tty_conv.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/examples/tty_conv.c b/examples/tty_conv.c
index 23f0684..db22500 100644
--- a/examples/tty_conv.c
+++ b/examples/tty_conv.c
@@ -6,7 +6,8 @@
#include <string.h>
#include <errno.h>
#include <unistd.h>
-#include <termio.h>
+#include <termios.h>
+#include <sys/ioctl.h>
#include <security/pam_appl.h>
/***************************************
@@ -16,7 +17,7 @@
***************************************/
static void echoOff(int fd, int off)
{
- struct termio tty;
+ struct termios tty;
if (ioctl(fd, TCGETA, &tty) < 0)
{
fprintf(stderr, "TCGETA failed: %s\n", strerror(errno));
--
2.41.0
poky/meta/recipes-extended/pam/libpam/99_pam
+1
View File
@@ -0,0 +1 @@
d root root 0755 /run/sepermit none
poky/meta/recipes-extended/pam/libpam/libpam-xtests.patch
+37
View File
@@ -0,0 +1,37 @@
This patch is used to create a new sub package libpam-xtests to do more checks.
Upstream-Status: Pending
Signed-off-by: Kang Kai <kai.kang@windriver.com>
Index: Linux-PAM-1.3.0/xtests/Makefile.am
===================================================================
--- Linux-PAM-1.3.0.orig/xtests/Makefile.am
+++ Linux-PAM-1.3.0/xtests/Makefile.am
@@ -7,7 +7,7 @@ AM_CFLAGS = -DLIBPAM_COMPILE -I$(top_src
LDADD = $(top_builddir)/libpam/libpam.la \
$(top_builddir)/libpam_misc/libpam_misc.la
-CLEANFILES = *~ $(XTESTS)
+CLEANFILES = *~
EXTRA_DIST = run-xtests.sh tst-pam_dispatch1.pamd tst-pam_dispatch2.pamd \
tst-pam_dispatch3.pamd tst-pam_dispatch4.pamd \
@@ -51,3 +51,18 @@ EXTRA_PROGRAMS = $(XTESTS)
xtests: $(XTESTS) run-xtests.sh
"$(srcdir)"/run-xtests.sh "$(srcdir)" ${XTESTS} ${NOSRCTESTS}
+
+all: $(XTESTS)
+
+install: install_xtests
+
+install_xtests:
+ $(INSTALL) -d $(DESTDIR)$(pkgdatadir)/xtests
+ for file in $(EXTRA_DIST) ; do \
+ $(INSTALL) $(srcdir)/$$file $(DESTDIR)$(pkgdatadir)/xtests ; \
+ done
+ for file in $(XTESTS); do \
+ $(INSTALL) .libs/$$file $(DESTDIR)$(pkgdatadir)/xtests ; \
+ done
+
+.PHONY: all install_xtests
poky/meta/recipes-extended/pam/libpam/pam-volatiles.conf
+1
View File
@@ -0,0 +1 @@
d /run/sepermit 0755 root root - -
poky/meta/recipes-extended/pam/libpam/pam.d/common-account
+25
View File
@@ -0,0 +1,25 @@
#
# /etc/pam.d/common-account - authorization settings common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authorization modules that define
# the central access policy for use on the system. The default is to
# only deny service to users whose accounts are expired in /etc/shadow.
#
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
# To take advantage of this, it is recommended that you configure any
# local modules either before or after the default block, and use
# pam-auth-update to manage selection of other modules. See
# pam-auth-update(8) for details.
#
# here are the per-package modules (the "Primary" block)
account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
# here's the fallback if no module succeeds
account requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
account required pam_permit.so
# and here are more per-package modules (the "Additional" block)
# end of pam-auth-update config
poky/meta/recipes-extended/pam/libpam/pam.d/common-auth
+18
View File
@@ -0,0 +1,18 @@
#
# /etc/pam.d/common-auth - authentication settings common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authentication modules that define
# the central authentication scheme for use on the system
# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
# traditional Unix authentication mechanisms.
# here are the per-package modules (the "Primary" block)
auth [success=1 default=ignore] pam_unix.so nullok_secure
# here's the fallback if no module succeeds
auth requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
auth required pam_permit.so
# and here are more per-package modules (the "Additional" block)
poky/meta/recipes-extended/pam/libpam/pam.d/common-password
+23
View File
@@ -0,0 +1,23 @@
#
# /etc/pam.d/common-password - password-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define the services to be
# used to change user passwords. The default is pam_unix.
# Explanation of pam_unix options:
#
# The "sha512" option enables salted SHA512 passwords. Without this option,
# the default is Unix crypt. Prior releases used the option "md5".
#
# See the pam_unix manpage for other options.
# here are the per-package modules (the "Primary" block)
password [success=1 default=ignore] pam_unix.so sha512
# here's the fallback if no module succeeds
password requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
password required pam_permit.so
# and here are more per-package modules (the "Additional" block)
poky/meta/recipes-extended/pam/libpam/pam.d/common-session
+19
View File
@@ -0,0 +1,19 @@
#
# /etc/pam.d/common-session - session-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive).
#
# here are the per-package modules (the "Primary" block)
session [default=1] pam_permit.so
# here's the fallback if no module succeeds
session requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
session required pam_permit.so
# and here are more per-package modules (the "Additional" block)
session required pam_unix.so
poky/meta/recipes-extended/pam/libpam/pam.d/common-session-noninteractive
+19
View File
@@ -0,0 +1,19 @@
#
# /etc/pam.d/common-session-noninteractive - session-related modules
# common to all non-interactive services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of all non-interactive sessions.
#
# here are the per-package modules (the "Primary" block)
session [default=1] pam_permit.so
# here's the fallback if no module succeeds
session requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
session required pam_permit.so
# and here are more per-package modules (the "Additional" block)
session required pam_unix.so
poky/meta/recipes-extended/pam/libpam/pam.d/other
+24
View File
@@ -0,0 +1,24 @@
#
# /etc/pam.d/other - specify the PAM fallback behaviour
#
# Note that this file is used for any unspecified service; for example
#if /etc/pam.d/cron specifies no session modules but cron calls
#pam_open_session, the session module out of /etc/pam.d/other is
#used.
# We use pam_warn.so to generate syslog notes that the 'other'
#fallback rules are being used (as a hint to suggest you should setup
#specific PAM rules for the service and aid to debugging). Then to be
#secure, deny access to all services by default.
auth required pam_warn.so
auth required pam_deny.so
account required pam_warn.so
account required pam_deny.so
password required pam_warn.so
password required pam_deny.so
session required pam_warn.so
session required pam_deny.so
poky/meta/recipes-extended/pam/libpam/run-ptest
+32
View File
@@ -0,0 +1,32 @@
#! /bin/sh
cd tests
export srcdir=.
failed=0
all=0
for f in tst-*; do
"./$f" > /dev/null 2>&1
case "$?" in
0)
echo "PASS: $f"
all=$((all + 1))
;;
77)
echo "SKIP: $f"
;;
*)
echo "FAIL: $f"
failed=$((failed + 1))
all=$((all + 1))
;;
esac
done
if [ "$failed" -eq 0 ] ; then
echo "All $all tests passed"
else
echo "$failed of $all tests failed"
fi
unset srcdir