[pkgsrc/trunk]: pkgsrc/security/pam-pwauth_suid -add DESTDIR support, from Bl...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/security/pam-pwauth_suid -add DESTDIR support, from Bl...
From: drochner <drochner%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 05:16:05 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/1728aec6afa0
branches:  trunk
changeset: 532965:1728aec6afa0
user:      drochner <drochner%pkgsrc.org@localhost>
date:      Wed Sep 05 20:29:05 2007 +0000

description:
-add DESTDIR support, from Blair Sadewitz
 (I didn't adopt the libtool change for now because it is not clear for
 be whether that PAM modules is useful for non-NetBSD.)
-block SIGCHLD while the forked helper process is running, so that a
 calling process with a SIGCHLD handler won't steal the exit status
 which is used to report success of the authentication.
 This makes the "dropbear" ssh server usable if started with user
 privileges.
bump revision to 1.1

diffstat:

 security/pam-pwauth_suid/Makefile                |  22 +++++++++++++------
 security/pam-pwauth_suid/files/pam_pwauth_suid.c |  26 +++++++++++++++++++----
 2 files changed, 36 insertions(+), 12 deletions(-)

diffs (119 lines):

diff -r 9f0029320b71 -r 1728aec6afa0 security/pam-pwauth_suid/Makefile
--- a/security/pam-pwauth_suid/Makefile Wed Sep 05 20:23:23 2007 +0000
+++ b/security/pam-pwauth_suid/Makefile Wed Sep 05 20:29:05 2007 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.2 2007/03/24 19:21:31 joerg Exp $
+# $NetBSD: Makefile,v 1.3 2007/09/05 20:29:05 drochner Exp $
 
-DISTNAME=      pam-pwauth_suid-1.0
+DISTNAME=      pam-pwauth_suid-1.1
 CATEGORIES=    security
 DISTFILES=     # empty
 
@@ -9,7 +9,10 @@
 
 NO_CHECKSUM=   yes
 WRKSRC=                ${WRKDIR}
-CFLAGS+=       -DPATH_HELPER=\"${PREFIX}/libexec/pwauth_suid_helper\"
+
+HLPDEF+= -DPATH_HELPER=\"${DESTDIR}${PREFIX}/libexec/pwauth_suid_helper\"
+
+PKG_DESTDIR_SUPPORT=   user-destdir
 
 INSTALLATION_DIRS=     lib/security libexec
 
@@ -19,13 +22,18 @@
 
 do-build:
        (cd ${WRKSRC} && \
-        ${CC} ${CFLAGS} -shared pam_pwauth_suid.c -o pam_pwauth_suid.so.0 && \
+        ${CC} ${CFLAGS} -c -fPIC ${HLPDEF} pam_pwauth_suid.c && \
+        ${LD} -shared pam_pwauth_suid.o -o pam_pwauth_suid.so.0 && \
         ${CC} ${CFLAGS} pwauth_suid_helper.c -o pwauth_suid_helper -lcrypt)
 
 do-install:
-       ${INSTALL_DATA} ${WRKSRC}/pam_pwauth_suid.so.0 ${PREFIX}/lib/security
-       ${INSTALL_PROGRAM} ${WRKSRC}/pwauth_suid_helper ${PREFIX}/libexec
-       ${CHMOD} 04555 ${PREFIX}/libexec/pwauth_suid_helper
+       ${INSTALL_DATA_DIR} ${DESTDIR}${PREFIX}/lib/security
+       ${INSTALL_DATA} ${WRKSRC}/pam_pwauth_suid.so.0 \
+               ${DESTDIR}${PREFIX}/lib/security
+       ${INSTALL_PROGRAM_DIR} ${DESTDIR}${PREFIX}/libexec
+       ${INSTALL_PROGRAM} ${WRKSRC}/pwauth_suid_helper \
+               ${DESTDIR}${PREFIX}/libexec
+       ${CHMOD} 04555 ${DESTDIR}${PREFIX}/libexec/pwauth_suid_helper
 
 .include "../../mk/pam.buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"
diff -r 9f0029320b71 -r 1728aec6afa0 security/pam-pwauth_suid/files/pam_pwauth_suid.c
--- a/security/pam-pwauth_suid/files/pam_pwauth_suid.c  Wed Sep 05 20:23:23 2007 +0000
+++ b/security/pam-pwauth_suid/files/pam_pwauth_suid.c  Wed Sep 05 20:29:05 2007 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: pam_pwauth_suid.c,v 1.1.1.1 2007/01/08 18:39:44 drochner Exp $ */
+/* $NetBSD: pam_pwauth_suid.c,v 1.2 2007/09/05 20:29:05 drochner Exp $ */
 
 #include <sys/types.h>
 #include <security/pam_appl.h>
@@ -8,23 +8,32 @@
 #include <string.h>
 #include <sys/wait.h>
 #include <errno.h>
+#include <signal.h>
 
 static int
 askhelper(const char *user, const char *pass)
 {
        int fd[2];
+       sigset_t chldsig, omask;
        pid_t pid, rpid;
        ssize_t res;
        size_t pwlen;
-       int s;
+       int err, s;
 
        if (pipe(fd) < 0)
                return errno;
 
+       /* make sure only we get the exit status of the helper */
+       sigemptyset(&chldsig);
+       sigaddset(&chldsig, SIGCHLD);
+       if (sigprocmask(SIG_BLOCK, &chldsig, &omask) < 0)
+               return errno;
+
        pid = vfork();
        switch (pid) {
                case -1:
-                       return errno;
+                       err = errno;
+                       goto error;
                case 0: /* child, feed it through its stdin */
                        (void)dup2(fd[0], STDIN_FILENO);
                        (void)close(fd[0]);
@@ -38,18 +47,25 @@
 
        pwlen = strlen(pass);
        res = write(fd[1], pass, pwlen);
-       if (res != pwlen)
-               return (res == -1 ? errno : EIO);
+       if (res != pwlen) {
+               err = (res == -1 ? errno : EIO);
+               goto error;
+       }
 
        (void)close(fd[1]); /* now child gets an EOF */
 
        rpid = waitpid(pid, &s, 0);
+       sigprocmask(SIG_SETMASK, &omask, 0);
        if (rpid != pid)
                return errno;
        if (!WIFEXITED(s) || WEXITSTATUS(s))
                return EAUTH;
 
        return 0;
+
+error:
+       sigprocmask(SIG_SETMASK, &omask, 0);
+       return err;
 }
 
 PAM_EXTERN int

Prev by Date: [pkgsrc/trunk]: pkgsrc/textproc/php5-xsl others say changing DEPENDS and addi...
Next by Date: [pkgsrc/trunk]: pkgsrc/archivers/p7zip Changes 4.53:
Previous by Thread: [pkgsrc/trunk]: pkgsrc/textproc/php5-xsl others say changing DEPENDS and addi...
Next by Thread: [pkgsrc/trunk]: pkgsrc/archivers/p7zip Changes 4.53:
Indexes:

Home | Main Index | Thread Index | Old Index