diff options
author | Kai Knoblich <kai@FreeBSD.org> | 2019-05-12 12:11:26 +0000 |
---|---|---|
committer | Kai Knoblich <kai@FreeBSD.org> | 2019-05-12 12:11:26 +0000 |
commit | 428da0e419444a027d0aafa5132107618076d46c (patch) | |
tree | 7a30c55332bb4db9970aa8de4a7d5a2830460c77 /sysutils/google-compute-engine-oslogin | |
parent | 5cc37e829d6db491f2734d47682683f8e090d591 (diff) | |
download | ports-428da0e419444a027d0aafa5132107618076d46c.tar.gz ports-428da0e419444a027d0aafa5132107618076d46c.zip |
sysutils/google-compute-engine-oslogin: Update to 1.5.2
* Pass maintainership to submitter
* Remove all patches because they're merged by upstream
While I'm here:
* Pet portlint
* Strip info from another shared library to level up port compliance
Changelog since 1.4.3:
* Fix alternate challenge section for two factor authentication.
* Fix FreeBSD compatibility issues in the control file.
* Use pam_group to provide users with default groups.
* Add compat.h to support FreeBSD.
* Exit immediately after a two factor authentication failure.
* Add support for Google phone prompt challenges.
PR: 237496
Submitted by: Lucas Kanashiro <lucas.kanashiro@collabora.com>
Approved by: Helen Koike (previous maintainer)
Notes
Notes:
svn path=/head/; revision=501379
Diffstat (limited to 'sysutils/google-compute-engine-oslogin')
8 files changed, 10 insertions, 255 deletions
diff --git a/sysutils/google-compute-engine-oslogin/Makefile b/sysutils/google-compute-engine-oslogin/Makefile index 6aa6e6a3cdab..830f0508c02d 100644 --- a/sysutils/google-compute-engine-oslogin/Makefile +++ b/sysutils/google-compute-engine-oslogin/Makefile @@ -1,14 +1,14 @@ # $FreeBSD$ PORTNAME= google-compute-engine-oslogin -DISTVERSION= 1.4.3 +DISTVERSION= 1.5.2 CATEGORIES= sysutils -MAINTAINER= helen.koike@collabora.com +MAINTAINER= lucas.kanashiro@collabora.com COMMENT= OS Login Guest Environment for Google Compute Engine LICENSE= APACHE20 -LICENSE_FILE= ${WRKSRC}/../LICENSE +LICENSE_FILE= ${WRKSRC}/../../LICENSE LIB_DEPENDS= libcurl.so:ftp/curl \ libjson-c.so:devel/json-c @@ -20,14 +20,15 @@ USE_LDCONFIG= yes USE_GITHUB= yes GH_ACCOUNT= GoogleCloudPlatform GH_PROJECT= compute-image-packages -GH_TAGNAME= 20190124 +GH_TAGNAME= 20190416 + MAKE_ARGS= JSON_INCLUDE_PATH=${LOCALBASE}/include/json-c \ BIN_INSTALL_PATH=/bin \ PAM_INSTALL_PATH=/lib \ AUTHKEYS_INSTALL_PATH=/bin \ NSS_LIBRARY_SONAME=nss_oslogin.so.1 -WRKSRC_SUBDIR= google_compute_engine_oslogin +WRKSRC_SUBDIR= packages/google-compute-engine-oslogin PLIST_SUB= DISTVERSION=${DISTVERSION} @@ -42,6 +43,7 @@ post-install: ${LN} -sf libnss_cache_${PORTNAME}-${DISTVERSION}.so ${STAGEDIR}${PREFIX}/lib/nss_cache_oslogin.so.1 ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/google_authorized_keys \ ${STAGEDIR}${PREFIX}/lib/libnss_google-compute-engine-oslogin-${DISTVERSION}.so \ + ${STAGEDIR}${PREFIX}/lib/libnss_cache_google-compute-engine-oslogin-${DISTVERSION}.so \ ${STAGEDIR}${PREFIX}/lib/pam_oslogin_admin.so \ ${STAGEDIR}${PREFIX}/lib/pam_oslogin_login.so diff --git a/sysutils/google-compute-engine-oslogin/distinfo b/sysutils/google-compute-engine-oslogin/distinfo index d9d525004d9a..a03a5e7e62df 100644 --- a/sysutils/google-compute-engine-oslogin/distinfo +++ b/sysutils/google-compute-engine-oslogin/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1550662804 -SHA256 (GoogleCloudPlatform-compute-image-packages-1.4.3-20190124_GH0.tar.gz) = 09637f951245729c66eb5b7b9ed49bead31349b29829baf5c8a4e5d45405a2f4 -SIZE (GoogleCloudPlatform-compute-image-packages-1.4.3-20190124_GH0.tar.gz) = 126211 +TIMESTAMP = 1556630405 +SHA256 (GoogleCloudPlatform-compute-image-packages-1.5.2-20190416_GH0.tar.gz) = cef65af726b7c32db9035266804e0393b54196fabd1007026554bae2d9540de4 +SIZE (GoogleCloudPlatform-compute-image-packages-1.5.2-20190416_GH0.tar.gz) = 130216 diff --git a/sysutils/google-compute-engine-oslogin/files/patch-libnss__cache__oslogin_nss__cache__oslogin.c b/sysutils/google-compute-engine-oslogin/files/patch-libnss__cache__oslogin_nss__cache__oslogin.c deleted file mode 100644 index 52cc76b7ada9..000000000000 --- a/sysutils/google-compute-engine-oslogin/files/patch-libnss__cache__oslogin_nss__cache__oslogin.c +++ /dev/null @@ -1,47 +0,0 @@ ---- libnss_cache_oslogin/nss_cache_oslogin.c.orig 2018-10-11 16:53:23 UTC -+++ libnss_cache_oslogin/nss_cache_oslogin.c -@@ -16,6 +16,7 @@ - - #include "nss_cache_oslogin.h" - -+#include <nsswitch.h> - #include <sys/mman.h> - - // Locking implementation: use pthreads. -@@ -32,7 +33,7 @@ static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZ - - static FILE *p_file = NULL; - static char p_filename[NSS_CACHE_OSLOGIN_PATH_LENGTH] = -- "/etc/oslogin_passwd.cache"; -+ "%%PREFIX%%/etc/oslogin_passwd.cache"; - #ifdef BSD - extern int fgetpwent_r(FILE *, struct passwd *, char *, size_t, - struct passwd **); -@@ -434,4 +435,27 @@ enum nss_status _nss_cache_oslogin_getpwnam_r(const ch - NSS_CACHE_OSLOGIN_UNLOCK(); - - return ret; -+} -+ -+NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r); -+NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r); -+NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r); -+NSS_METHOD_PROTOTYPE(__nss_compat_setpwent); -+NSS_METHOD_PROTOTYPE(__nss_compat_endpwent); -+ -+static ns_mtab methods[] = { -+ { NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, (void*)_nss_cache_oslogin_getpwnam_r }, -+ { NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, (void*)_nss_cache_oslogin_getpwuid_r }, -+ { NSDB_PASSWD, "getpwent_r", __nss_compat_getpwent_r, (void*)_nss_cache_oslogin_getpwent_r }, -+ { NSDB_PASSWD, "endpwent", __nss_compat_endpwent, (void*)_nss_cache_oslogin_endpwent }, -+ { NSDB_PASSWD, "setpwent", __nss_compat_setpwent, (void*)_nss_cache_oslogin_setpwent }, -+}; -+ -+ns_mtab * -+nss_module_register (const char *name, unsigned int *size, -+ nss_module_unregister_fn *unregister) -+{ -+ *size = sizeof (methods) / sizeof (methods[0]); -+ *unregister = NULL; -+ return (methods); - } diff --git a/sysutils/google-compute-engine-oslogin/files/patch-nss__cache_nss__cache.cc b/sysutils/google-compute-engine-oslogin/files/patch-nss__cache_nss__cache.cc deleted file mode 100644 index a1da710d0bf1..000000000000 --- a/sysutils/google-compute-engine-oslogin/files/patch-nss__cache_nss__cache.cc +++ /dev/null @@ -1,13 +0,0 @@ ---- nss_cache/nss_cache.cc.orig 2018-06-11 17:16:50 UTC -+++ nss_cache/nss_cache.cc -@@ -31,8 +31,8 @@ using oslogin_utils::MutexLock; - using oslogin_utils::NssCache; - - // File paths for the nss cache file. --static const char kDefaultFilePath[] = "/etc/oslogin_passwd.cache"; --static const char kDefaultBackupFilePath[] = "/etc/oslogin_passwd.cache.bak"; -+static const char kDefaultFilePath[] = "%%PREFIX%%/etc/oslogin_passwd.cache"; -+static const char kDefaultBackupFilePath[] = "%%PREFIX%%/etc/oslogin_passwd.cache.bak"; - - // Local NSS Cache size. This affects the maximum number of passwd entries per - // http request. diff --git a/sysutils/google-compute-engine-oslogin/files/patch-nss__module_nss__oslogin.cc b/sysutils/google-compute-engine-oslogin/files/patch-nss__module_nss__oslogin.cc deleted file mode 100644 index ec257fa73e78..000000000000 --- a/sysutils/google-compute-engine-oslogin/files/patch-nss__module_nss__oslogin.cc +++ /dev/null @@ -1,41 +0,0 @@ ---- nss_module/nss_oslogin.cc.orig 2018-10-11 16:53:23 UTC -+++ nss_module/nss_oslogin.cc -@@ -16,6 +16,7 @@ - #include <errno.h> - #include <grp.h> - #include <nss.h> -+#include <nsswitch.h> - #include <pthread.h> - #include <pwd.h> - #include <sys/types.h> -@@ -103,4 +104,30 @@ int _nss_oslogin_getpwnam_r(const char *name, struct p - // nss_getpwent_r() is intentionally left unimplemented. This functionality is - // now covered by the nss_cache binary and nss_cache module. - -+void _nss_oslogin_getpwent_r() {} -+void _nss_oslogin_endpwent() {} -+void _nss_oslogin_setpwent() {} -+ -+NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r); -+NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r); -+NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r); -+NSS_METHOD_PROTOTYPE(__nss_compat_setpwent); -+NSS_METHOD_PROTOTYPE(__nss_compat_endpwent); -+ -+static ns_mtab methods[] = { -+ { NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, (void*)_nss_oslogin_getpwnam_r }, -+ { NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, (void*)_nss_oslogin_getpwuid_r }, -+ { NSDB_PASSWD, "getpwent_r", __nss_compat_getpwent_r, (void*)_nss_oslogin_getpwent_r }, -+ { NSDB_PASSWD, "endpwent", __nss_compat_endpwent, (void*)_nss_oslogin_endpwent }, -+ { NSDB_PASSWD, "setpwent", __nss_compat_setpwent, (void*)_nss_oslogin_setpwent }, -+}; -+ -+ns_mtab * -+nss_module_register (const char *name, unsigned int *size, -+ nss_module_unregister_fn *unregister) -+{ -+ *size = sizeof (methods) / sizeof (methods[0]); -+ *unregister = NULL; -+ return (methods); -+} - } // extern "C" diff --git a/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__admin.cc b/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__admin.cc deleted file mode 100644 index 810b8f0e048e..000000000000 --- a/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__admin.cc +++ /dev/null @@ -1,28 +0,0 @@ ---- pam_module/pam_oslogin_admin.cc.orig 2019-01-24 19:28:43 UTC -+++ pam_module/pam_oslogin_admin.cc -@@ -14,7 +14,6 @@ - - #define PAM_SM_ACCOUNT - #include <security/pam_appl.h> --#include <security/pam_ext.h> - #include <security/pam_modules.h> - #include <sys/stat.h> - #include <sys/types.h> -@@ -50,7 +49,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, in - int pam_result = PAM_SUCCESS; - const char *user_name; - if ((pam_result = pam_get_user(pamh, &user_name, NULL)) != PAM_SUCCESS) { -- pam_syslog(pamh, LOG_INFO, "Could not get pam user."); -+ syslog(LOG_INFO, "Could not get pam user."); - return pam_result; - } - -@@ -81,7 +80,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, in - if (HttpGet(url.str(), &response, &http_code) && http_code == 200 && - ParseJsonToSuccess(response)) { - if (!file_exists) { -- pam_syslog(pamh, LOG_INFO, -+ syslog(LOG_INFO, - "Granting sudo permissions to organization user %s.", - user_name); - std::ofstream sudoers_file; diff --git a/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__login.cc b/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__login.cc deleted file mode 100644 index 144de95e3512..000000000000 --- a/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__login.cc +++ /dev/null @@ -1,89 +0,0 @@ ---- pam_module/pam_oslogin_login.cc.orig 2019-02-20 12:34:55 UTC -+++ pam_module/pam_oslogin_login.cc -@@ -14,7 +14,6 @@ - - #define PAM_SM_ACCOUNT - #include <security/pam_appl.h> --#include <security/pam_ext.h> - #include <security/pam_modules.h> - #include <sys/stat.h> - #include <sys/types.h> -@@ -53,7 +52,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, in - int pam_result = PAM_PERM_DENIED; - const char *user_name; - if ((pam_result = pam_get_user(pamh, &user_name, NULL)) != PAM_SUCCESS) { -- pam_syslog(pamh, LOG_INFO, "Could not get pam user."); -+ syslog(LOG_INFO, "Could not get pam user."); - return pam_result; - } - string str_user_name(user_name); -@@ -100,7 +99,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, in - chown(users_filename.c_str(), 0, 0); - chmod(users_filename.c_str(), S_IRUSR | S_IWUSR | S_IRGRP); - } -- pam_syslog(pamh, LOG_INFO, -+ syslog(LOG_INFO, - "Granting login permission for organization user %s.", - user_name); - pam_result = PAM_SUCCESS; -@@ -108,7 +107,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, in - if (file_exists) { - remove(users_filename.c_str()); - } -- pam_syslog(pamh, LOG_INFO, -+ syslog(LOG_INFO, - "Denying login permission for organization user %s.", - user_name); - -@@ -128,7 +127,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh - { - const char* user_name; - if (pam_get_user(pamh, &user_name, NULL) != PAM_SUCCESS) { -- pam_syslog(pamh, LOG_INFO, "Could not get pam user."); -+ syslog(LOG_INFO, "Could not get pam user."); - return PAM_PERM_DENIED; - } - -@@ -155,7 +154,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh - - response = ""; - if (!StartSession(email, &response)) { -- pam_syslog(pamh, LOG_ERR, -+ syslog(LOG_ERR, - "Bad response from the two-factor start session request: %s", - response.empty() ? "empty response" : response.c_str()); - return PAM_PERM_DENIED; -@@ -163,7 +162,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh - - string status; - if (!ParseJsonToKey(response, "status", &status)) { -- pam_syslog(pamh, LOG_ERR, -+ syslog(LOG_ERR, - "Failed to parse status from start session response"); - return PAM_PERM_DENIED; - } -@@ -179,7 +178,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh - - std::vector<oslogin_utils::Challenge> challenges; - if (!ParseJsonToChallenges(response, &challenges)) { -- pam_syslog(pamh, LOG_ERR, -+ syslog(LOG_ERR, - "Failed to parse challenge values from JSON response"); - return PAM_PERM_DENIED; - } -@@ -242,13 +241,13 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh - pam_error(pamh, "Unable to get user input"); - } - } else { -- pam_syslog(pamh, LOG_ERR, "Unsupported challenge type %s", -+ syslog(LOG_ERR, "Unsupported challenge type %s", - challenge.type.c_str()); - return PAM_PERM_DENIED; - } - - if (!ContinueSession(email, user_token, session_id, challenge, &response)) { -- pam_syslog(pamh, LOG_ERR, -+ syslog(LOG_ERR, - "Bad response from two-factor continue session request: %s", - response.empty() ? "empty response" : response.c_str()); - return PAM_PERM_DENIED; diff --git a/sysutils/google-compute-engine-oslogin/files/patch-utils_oslogin__utils.cc b/sysutils/google-compute-engine-oslogin/files/patch-utils_oslogin__utils.cc deleted file mode 100644 index 6804b502d1cc..000000000000 --- a/sysutils/google-compute-engine-oslogin/files/patch-utils_oslogin__utils.cc +++ /dev/null @@ -1,29 +0,0 @@ ---- utils/oslogin_utils.cc.orig 2019-01-24 19:28:43 UTC -+++ utils/oslogin_utils.cc -@@ -23,8 +23,7 @@ - #include <iostream> - #include <sstream> - --#ifdef __GNUC__ --#if __GNUC__ > 4 || \ -+#if defined(__clang__) || __GNUC__ > 4 || \ - (__GNUC__ == 4 && (__GNUC_MINOR__ > 9 || \ - (__GNUC_MINOR__ == 9 && \ - __GNUC_PATCHLEVEL__ > 0))) -@@ -34,7 +33,6 @@ - #include <boost/regex.hpp> - #define Regex boost - #endif --#endif - - #include "oslogin_utils.h" - -@@ -292,7 +290,7 @@ bool ValidatePasswd(struct passwd* result, BufferManag - } - } - if (strlen(result->pw_shell) == 0) { -- if (!buf->AppendString("/bin/bash", &result->pw_shell, errnop)) { -+ if (!buf->AppendString("/bin/sh", &result->pw_shell, errnop)) { - return false; - } - } |