8.32. Linux-PAM-1.5.2

8.32.1. Introduction to Linux PAM

The Linux PAM package contains Pluggable Authentication Modules used to enable the local system administrator to choose how applications authenticate users.

Approximate build time: 0.4 SBU

Required disk space: 39,000 KB

8.32.2. Installation of Linux PAM

Create the PKGBUILD for the Linux PAM package with the following commands:

mkdir /sources/linux-pam
cd /sources/linux-pam
cat > PKGBUILD << "REALEOF"
# Maintainer: Linux From Scratch <lfs-dev@lists.linuxfromscratch.org>

pkgname="linux-pam"
pkgver="1.5.2"
pkgrel="1"
pkgdesc="The Linux PAM package contains Pluggable Authentication Modules used to enable the local system administrator to choose how applications authenticate users."
arch=('i686' 'x86'
      'x86_64')
url="http://www.gnu.org/software/${pkgname}/"
license=('GPL')
makedepends=('bash'
             'binutils'
             'coreutils'
             'gawk'
             'gettext'
             'gcc'
             'glibc'
             'grep'
             'libnsl'
             'libtirpc'
             'sed'
             'shadow')
# $(pacman -Q db >/dev/null 2>&1 && echo 'db')
depends=('db'
         'glibc'
         'libnsl'
         'libtirpc'
         'shadow')
# optdepends=$(pacman -Q db >/dev/null 2>&1 || echo 'db: Use Berkely DB for backend')
source=("https://github.com/${pkgname}/${pkgname}/releases/download/v${pkgver}/Linux-PAM-${pkgver}.tar.xz"
        "https://github.com/${pkgname}/${pkgname}/releases/download/v${pkgver}/Linux-PAM-${pkgver}-docs.tar.xz")
md5sums=('895e8adfa14af334f679bbeb28503f66'
         'ceb3dc248cb2f49a40904b93cb91db1b')
noextract=("Linux-PAM-${pkgver}-docs.tar.xz")
backup=('etc/pam.d/system-account'
        'etc/pam.d/system-auth'
        'etc/pam.d/system-session'
        'etc/pam.d/system-password'
        'etc/pam.d/other')

prepare(){
  cd "Linux-PAM-${pkgver}"
  tar -xf "../Linux-PAM-${pkgver}-docs.tar.xz" --strip-components=1
}

build(){
  cd "Linux-PAM-${pkgver}"
  ./configure --prefix=/usr                    \
              --sbindir=/usr/sbin              \
              --sysconfdir=/etc                \
              --libdir=/usr/lib                \
              --enable-securedir=/usr/lib/security \
              --docdir="/usr/share/doc/Linux-PAM-${pkgver}"
  make
}

package(){
  cd "Linux-PAM-${pkgver}"
  make DESTDIR="${pkgdir}" install
# Remove systemd specific files
  rm -rf "${pkgdir}/usr/lib/systemd"
  chmod -v 4755 "${pkgdir}/usr/sbin/unix_chkpwd"

# /etc/pam.d files
  install -vdm755 "${pkgdir}/etc/pam.d"
  cat > "${pkgdir}/etc/pam.d/system-account" << "EOF"
# Begin /etc/pam.d/system-account

account   required    pam_unix.so

# End /etc/pam.d/system-account
EOF

  cat > "${pkgdir}/etc/pam.d/system-auth" << "EOF"
# Begin /etc/pam.d/system-auth

auth      required    pam_unix.so
auth      optional    pam_cap.so

# End /etc/pam.d/system-auth
EOF

  cat > "${pkgdir}/etc/pam.d/system-session" << "EOF"
# Begin /etc/pam.d/system-session

session   required    pam_unix.so

# End /etc/pam.d/system-session
EOF

  cat > "${pkgdir}/etc/pam.d/system-password" << "EOF"
# Begin /etc/pam.d/system-password

# use sha512 hash for encryption, use shadow, and use any previously
# defined authentication token (chosen password) set by prior module
password  required    pam_unix.so       sha512 shadow try_first_pass

# End /etc/pam.d/system-password
EOF

  cat > "${pkgdir}/etc/pam.d/other" << "EOF"
# Begin /etc/pam.d/other

auth        required        pam_warn.so
auth        required        pam_deny.so
account     required        pam_warn.so
account     required        pam_deny.so
password    required        pam_warn.so
password    required        pam_deny.so
session     required        pam_warn.so
session     required        pam_deny.so

# End /etc/pam.d/other
EOF
}
REALEOF

8.32.3. Contents

Installed Program: faillock, mkhomedir_helper, pam_namespace_helper, pam_timestamp_check, pwhistory_helper, unix_chkpwd and unix_update

Installed Libraries: libpam.so, libpamc.so and libpam_misc.so

Installed Directories: /etc/security, /usr/lib/security, /usr/include/security and /usr/share/doc/Linux-PAM-1.5.2

Short Descriptions

faillock	displays and modifies the authentication failure record files
mkhomedir_helper	is a helper binary that creates home directories
pam_namespace_helper	is a helper program used to configure a private namespace for a user session
pwhistory_helper	is a helper program that transfers password hashes from passwd or shadow to opasswd
pam_timestamp_check	is used to check if the default timestamp is valid
unix_chkpwd	is a helper binary that verifies the password of the current user
unix_update	is a helper binary that updates the password of a given user
`libpam.so`	provides the interfaces between applications and the PAM modules

Prev
Libnsl-2.0.0
Next
CrackLib-2.10.3
Up
Home

Linux From Scratch (w/Pacman) - Version r12.3-6-wip

Chapter 8. Installing Basic System Software

8.32. Linux-PAM-1.5.2

8.32.1. Introduction to Linux PAM

8.32.2. Installation of Linux PAM

8.32.3. Contents

Short Descriptions