diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2013-11-04 17:08:47 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2018-05-31 22:57:36 +0200 |
commit | 76fc4757ac91ac7947a01fb7b53dddf9a78a01d1 (patch) | |
tree | 9b98e6e193c7870cb27ac861394c1c4592850922 /extra/source | |
parent | 9664bee729d487bcc0a0bc35859f8e13d5421c75 (diff) | |
download | current-76fc4757ac91ac7947a01fb7b53dddf9a78a01d1.tar.gz |
Slackware 14.1slackware-14.1
Mon Nov 4 17:08:47 UTC 2013
Slackware 14.1 x86_64 stable is released!
It's been another interesting release cycle here at Slackware bringing
new features like support for UEFI machines, updated compilers and
development tools, the switch from MySQL to MariaDB, and many more
improvements throughout the system. Thanks to the team, the upstream
developers, the dedicated Slackware community, and everyone else who
pitched in to help make this release a reality.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Have fun! :-)
Diffstat (limited to 'extra/source')
43 files changed, 1399 insertions, 4306 deletions
diff --git a/extra/source/bash-completion/bash-completion.SlackBuild b/extra/source/bash-completion/bash-completion.SlackBuild index 5fa23f6c..7a4634f8 100755 --- a/extra/source/bash-completion/bash-completion.SlackBuild +++ b/extra/source/bash-completion/bash-completion.SlackBuild @@ -22,9 +22,9 @@ # Slackware build script for bash-completion -VERSION=2.0 +VERSION=2.1 ARCH=noarch -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} CWD=$(pwd) TMP=${TMP:-/tmp} @@ -46,9 +46,6 @@ find . \ # Fixup sh completion for us zcat $CWD/fixup-sh-script-completions.diff.gz | patch -p1 --verbose || exit 1 -# Support the XFCE package set -zcat $CWD/slackpkg-slapt-get-Update-the-list-of-package-sets.patch.gz | patch -p1 --verbose || exit 1 - ./configure \ --prefix=/usr \ --sysconfdir=/etc \ diff --git a/extra/source/bash-completion/slackpkg-slapt-get-Update-the-list-of-package-sets.patch b/extra/source/bash-completion/slackpkg-slapt-get-Update-the-list-of-package-sets.patch deleted file mode 100644 index da7f08e6..00000000 --- a/extra/source/bash-completion/slackpkg-slapt-get-Update-the-list-of-package-sets.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 371fb91b213c3bb4b86eb22e09701ec1be18b7dd Mon Sep 17 00:00:00 2001 -From: Igor Murzov <e-mail@date.by> -Date: Wed, 25 Jul 2012 02:39:23 +0400 -Subject: [PATCH] slackpkg, slapt-get: Update the list of package sets. - -Xfce has its own package set in Slackware-14.0. ---- - completions/slackpkg | 4 ++-- - completions/slapt-get | 2 +- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/completions/slackpkg b/completions/slackpkg -index 1be2f95..dab9c6d 100644 ---- a/completions/slackpkg -+++ b/completions/slackpkg -@@ -70,14 +70,14 @@ _slackpkg() - remove) - _filedir - COMPREPLY+=( $( compgen -W 'a ap d e f k kde kdei l n t tcl x -- xap y' -- "$cur" ) ) -+ xap xfce y' -- "$cur" ) ) - COMPREPLY+=( $( cd /var/log/packages; compgen -f -- "$cur" ) ) - return - ;; - install|reinstall|upgrade|blacklist|download) - _filedir - COMPREPLY+=( $( compgen -W 'a ap d e f k kde kdei l n t tcl x -- xap y' -- "$cur" ) ) -+ xap xfce y' -- "$cur" ) ) - COMPREPLY+=( $( cut -f 6 -d\ "${WORKDIR}/pkglist" 2> /dev/null | \ - grep "^$cur" ) ) - return -diff --git a/completions/slapt-get b/completions/slapt-get -index ff42660..93d110b 100644 ---- a/completions/slapt-get -+++ b/completions/slapt-get -@@ -70,7 +70,7 @@ _slapt_get() - ;; - set) # --install-set - COMPREPLY=( $( compgen -W 'a ap d e f k kde kdei l n t tcl x -- xap y' -- "$cur" ) ) -+ xap xfce y' -- "$cur" ) ) - return - ;; - esac --- -1.7.11.1 - diff --git a/extra/source/brltty/brltty.SlackBuild b/extra/source/brltty/brltty.SlackBuild index 513c0989..4678d34a 100755 --- a/extra/source/brltty/brltty.SlackBuild +++ b/extra/source/brltty/brltty.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright 2010, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -30,7 +30,7 @@ if [ ! -d $TMP ]; then fi PKG=/tmp/package-brltty -VERSION=4.4 +VERSION=4.5 BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: @@ -56,6 +56,8 @@ rm -rf brltty-$VERSION tar xvf $CWD/brltty-$VERSION.tar.?z* || exit 1 cd brltty-$VERSION +zcat $CWD/brltty.brlapi.pyx.diff.gz | patch -p1 --verbose || exit 1 + sh autogen chown -R root:root . @@ -72,6 +74,8 @@ find . -perm 600 -exec chmod 644 {} \; --infodir=/usr/info \ --mandir=/usr/man \ --sysconfdir=/etc \ + --localstatedir=/var \ + --disable-java-bindings \ --build=$ARCH-slackware-linux make -j2 || exit 1 make install INSTALL_ROOT=$PKG || exit 1 diff --git a/extra/source/brltty/brltty.brlapi.pyx.diff b/extra/source/brltty/brltty.brlapi.pyx.diff new file mode 100644 index 00000000..be58ca6c --- /dev/null +++ b/extra/source/brltty/brltty.brlapi.pyx.diff @@ -0,0 +1,11 @@ +--- ./Bindings/Python/brlapi.pyx.orig 2013-04-01 15:37:26.000000000 -0500 ++++ ./Bindings/Python/brlapi.pyx 2013-09-09 18:01:39.196869555 -0500 +@@ -497,7 +497,7 @@ + if (type(dots) == unicode): + dots = dots.encode('latin1') + if (len(dots) < dispSize): +- dots = dots + b"".center(dispSize - len(dots), '\0') ++ dots = dots + "".center(dispSize - len(dots), '\0') + c_dots = dots + c_udots = <unsigned char *>c_dots + c_brlapi.Py_BEGIN_ALLOW_THREADS diff --git a/extra/source/emacspeak/emacspeak.SlackBuild b/extra/source/emacspeak/emacspeak.SlackBuild index f6d04773..151bbd99 100755 --- a/extra/source/emacspeak/emacspeak.SlackBuild +++ b/extra/source/emacspeak/emacspeak.SlackBuild @@ -74,8 +74,8 @@ find . -perm 511 -exec chmod 755 {} \; find . -perm 711 -exec chmod 755 {} \; find . -perm 555 -exec chmod 755 {} \; -# Patch to use Tcl 8.5: -zcat $CWD/emacspeak.tcl8.5.diff.gz | patch -p1 || exit 1 +# Patch to use Tcl 8.6: +zcat $CWD/emacspeak.tcl8.6.diff.gz | patch -p1 || exit 1 # Compile the main program against Emacs: make config diff --git a/extra/source/emacspeak/emacspeak.tcl8.5.diff b/extra/source/emacspeak/emacspeak.tcl8.6.diff index 41a003e2..9cfe0374 100644 --- a/extra/source/emacspeak/emacspeak.tcl8.5.diff +++ b/extra/source/emacspeak/emacspeak.tcl8.6.diff @@ -5,7 +5,7 @@ LABEL=1.1 DIST=software-dtk-$(LABEL) -TCL_VERSION=8.4 -+TCL_VERSION=8.5 ++TCL_VERSION=8.6 CFLAGS+=-O3 -fpic -pedantic -ansi -Wall -I/usr/include/tcl$(TCL_VERSION) CPPFLAGS+=-DSTDC_HEADERS=1 -Dclock_t=long -DRETSIGTYPE=void INSTALL=install @@ -16,7 +16,7 @@ LIBPARENTDIR = ${PREFIX}/share/emacs/site-lisp LIBDIR =$(LIBPARENTDIR)/emacspeak/servers/linux-espeak -TCL_VERSION = 8.4 -+TCL_VERSION = 8.5 ++TCL_VERSION = 8.6 TCL_INCLUDE= /usr/include/tcl$(TCL_VERSION) CXXFLAGS+= -g -O2 -fPIC -DPIC -pedantic -ansi -Wall -Wno-long-long -I$(TCL_INCLUDE) @@ -27,7 +27,7 @@ LIBDIR =$(LIBPARENTDIR)/emacspeak/servers/linux-outloud -TCL_VERSION=8.4 -+TCL_VERSION=8.5 ++TCL_VERSION=8.6 TCL_INCLUDE=/usr/include/tcl$(TCL_VERSION) #CFLAGS+= -g -O2 -fPIC -DPIC -pedantic -ansi -Wall -Wno-long-long -I$(TCL_INCLUDE) CFLAGS+= -m32 -g -O2 -fPIC -DPIC -pedantic -ansi -Wall -Wno-long-long -I$(TCL_INCLUDE) diff --git a/extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild b/extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild index 48c7acea..ed2a324d 100755 --- a/extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild +++ b/extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012 Eric Hameleers, Eindhoven, NL +# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Eric Hameleers, Eindhoven, NL # All rights reserved. # # Permission to use, copy, modify, and distribute this software for @@ -70,6 +70,30 @@ # * Minor update. # 11.2.202.236-1:19/jun/2012 by Eric Hameleers <alien@slackware.com> # * Minor update. +# 11.2.202.238-1:15/aug/2012 by Eric Hameleers <alien@slackware.com> +# * Security update. +# 11.2.202.243-1:10/oct/2012 by Eric Hameleers <alien@slackware.com> +# * Update. +# 11.2.202.251-1:08/nov/2012 by Eric Hameleers <alien@slackware.com> +# * Update. +# 11.2.202.258-1:13/dec/2012 by Eric Hameleers <alien@slackware.com> +# * Update. +# 11.2.202.261-1:12/jan/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-01. +# 11.2.202.270-1:12/feb/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-04. +# 11.2.202.273-1:01/mar/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-08. +# 11.2.202.275-1:13/mar/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-09. +# 11.2.202.280-1:10/apr/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-11. +# 11.2.202.285-1:15/may/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-14. +# 11.2.202.291-1:12/jun/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-16. +# 11.2.202.297-1:21/jul/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-17. # # Run 'sh flashplayer-plugin.SlackBuild' to build a Slackware package. # The package (.txz) and .txt file as well as build logs are created in /tmp . @@ -80,7 +104,7 @@ # Set initial variables: PRGNAM=flashplayer-plugin -VERSION=${VERSION:-"11.2.202.236"} +VERSION=${VERSION:-"11.2.202.297"} MAJVER=$(echo $VERSION | cut -d. -f1) BUILD=${BUILD:-1} TAG=${TAG:-"alien"} @@ -93,23 +117,18 @@ TMP=${TMP:-/tmp/build} PKG=$TMP/package-$PRGNAM OUTPUT=${OUTPUT:-/tmp} -if [ -z "$ARCH" ]; then - case "$( uname -m )" in - i?86) export ARCH=i386 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; - esac -fi - -case "$ARCH" in +# Automatically determine the architecture we're building on: +MARCH=${ARCH:-$( uname -m )} +case "$MARCH" in x86_64) LIBDIRSUFFIX="64" ARCHBITS="64" + export ARCH=x86_64 ;; i?86) LIBDIRSUFFIX="" ARCHBITS="32" + export ARCH=i386 ;; *) echo "Unsupported architecture '$ARCH'" @@ -117,7 +136,7 @@ case "$ARCH" in ;; esac -SOURCE="$SRCDIR/install_flash_player_${VERSION}_linux.${ARCH}.tar.gz" +SOURCE="$SRCDIR/install_flash_player_${VERSION}_linux_${ARCH}.tar.gz" SRCURL="http://fpdownload.macromedia.com/get/flashplayer/pdc/${VERSION}/install_flash_player_${MAJVER}_linux.${ARCH}.tar.gz" ## @@ -198,6 +217,9 @@ esac ## Move lib to lib64 if needed: #[ "$ARCH" = "x86_64" ] && mv usr/lib usr/lib${LIBDIRSUFFIX} +# Remove 32-bit bogus compatibility in 64-bit package: +[ "$ARCH" = "x86_64" ] && rm -rf $PKG/usr/lib + # Install the plugin to the mozilla plugins dir and fix library file attributes: mkdir -p usr/lib${LIBDIRSUFFIX}/mozilla/plugins mv libflashplayer.so usr/lib${LIBDIRSUFFIX}/mozilla/plugins/ diff --git a/extra/source/grub/grub-0.97-x86_64.patch b/extra/source/grub/grub-0.97-x86_64.patch deleted file mode 100644 index 480e38fc..00000000 --- a/extra/source/grub/grub-0.97-x86_64.patch +++ /dev/null @@ -1,809 +0,0 @@ -diff -Naur grub-0.97.orig/docs/multiboot.h grub-0.97.patched/docs/multiboot.h ---- grub-0.97.orig/docs/multiboot.h 2003-07-09 05:45:36.000000000 -0600 -+++ grub-0.97.patched/docs/multiboot.h 2006-08-26 22:44:02.000000000 -0600 -@@ -44,76 +44,81 @@ - /* Do not include here in boot.S. */ - - /* Types. */ -+#ifndef __x86_64__ -+typedef unsigned long UINT32; -+#else -+typedef unsigned UINT32; -+#endif - - /* The Multiboot header. */ - typedef struct multiboot_header - { -- unsigned long magic; -- unsigned long flags; -- unsigned long checksum; -- unsigned long header_addr; -- unsigned long load_addr; -- unsigned long load_end_addr; -- unsigned long bss_end_addr; -- unsigned long entry_addr; -+ UINT32 magic; -+ UINT32 flags; -+ UINT32 checksum; -+ UINT32 header_addr; -+ UINT32 load_addr; -+ UINT32 load_end_addr; -+ UINT32 bss_end_addr; -+ UINT32 entry_addr; - } multiboot_header_t; - - /* The symbol table for a.out. */ - typedef struct aout_symbol_table - { -- unsigned long tabsize; -- unsigned long strsize; -- unsigned long addr; -- unsigned long reserved; -+ UINT32 tabsize; -+ UINT32 strsize; -+ UINT32 addr; -+ UINT32 reserved; - } aout_symbol_table_t; - - /* The section header table for ELF. */ - typedef struct elf_section_header_table - { -- unsigned long num; -- unsigned long size; -- unsigned long addr; -- unsigned long shndx; -+ UINT32 num; -+ UINT32 size; -+ UINT32 addr; -+ UINT32 shndx; - } elf_section_header_table_t; - - /* The Multiboot information. */ - typedef struct multiboot_info - { -- unsigned long flags; -- unsigned long mem_lower; -- unsigned long mem_upper; -- unsigned long boot_device; -- unsigned long cmdline; -- unsigned long mods_count; -- unsigned long mods_addr; -+ UINT32 flags; -+ UINT32 mem_lower; -+ UINT32 mem_upper; -+ UINT32 boot_device; -+ UINT32 cmdline; -+ UINT32 mods_count; -+ UINT32 mods_addr; - union - { - aout_symbol_table_t aout_sym; - elf_section_header_table_t elf_sec; - } u; -- unsigned long mmap_length; -- unsigned long mmap_addr; -+ UINT32 mmap_length; -+ UINT32 mmap_addr; - } multiboot_info_t; - - /* The module structure. */ - typedef struct module - { -- unsigned long mod_start; -- unsigned long mod_end; -- unsigned long string; -- unsigned long reserved; -+ UINT32 mod_start; -+ UINT32 mod_end; -+ UINT32 string; -+ UINT32 reserved; - } module_t; - - /* The memory map. Be careful that the offset 0 is base_addr_low - but no size. */ - typedef struct memory_map - { -- unsigned long size; -- unsigned long base_addr_low; -- unsigned long base_addr_high; -- unsigned long length_low; -- unsigned long length_high; -- unsigned long type; -+ UINT32 size; -+ UINT32 base_addr_low; -+ UINT32 base_addr_high; -+ UINT32 length_low; -+ UINT32 length_high; -+ UINT32 type; - } memory_map_t; - - #endif /* ! ASM */ -diff -Naur grub-0.97.orig/docs/x86_64.txt grub-0.97.patched/docs/x86_64.txt ---- grub-0.97.orig/docs/x86_64.txt 1969-12-31 17:00:00.000000000 -0700 -+++ grub-0.97.patched/docs/x86_64.txt 2006-10-10 10:39:42.000000000 -0600 -@@ -0,0 +1,81 @@ -+[PATCH] - Make GRUB recognize and boot an x86_64 elf image -+ -+ -+HOW IT WORKS -+------------ -+* Grub interface is unchanged. -+* Upon passing an elf-x86_64 file via "kernel=", GRUB will load and parse it -+ correctly. -+* Upon the "boot" directive, GRUB will switch from protected 32-bit -+ mode to long 64-bit mode and transfer control to the image's entrypoint. -+ -+ -+INSTALL -+------- -+cd grub-0.97 -+patch -p1 < grub-x86_64-elf.patch -+./configure -+make -+su -c "make install" -+ -+Note: You do not need to re-install your bootsectors, but you WILL need -+ to copy the modified stage2 file(s) from /usr/share/grub to -+ your actual boot filesystem (usually /boot/grub for GNU/Linux). -+ -+ -+WHY? -+---- -+Because in our world, all elves and elf images are created equal, and have -+been endowed with the ability to be bootable. :-) -+ -+ -+THE NITTY GRITTY - GRUB SIDE -+---------------------------- -+* Since paging is manditory in 64-bit long mode, the first 4GB of physical -+ memory (whether present or not) is identity mapped into the linear -+ address space using 2MB pages. -+* Paging data structures are written to physical 0x70000-0x75fff in the -+ same area reserved for the raw device buffer. This happens after the -+ "boot" command is issued so the raw device buffer won't mind. Paging -+ can be relocated and reconfigured after the kernel is running. -+* Header files have been added to describe the x86_64 elf image structure. -+ -+ -+THE NITTY GRITTY - KERNEL SIDE -+------------------------------ -+* Parameters passed to the assembly entrypoint are unchanged including -+ magic number and pointer to multiboot info structure. -+* The assembly entrypoint should be designated as ".code64". -+* The Global Descriptor Table (GDT) shared by the GRUB and KERNEL sides -+ has been expanded to include 3 additional 64-bit ('L' bit set) segments: -+ 0x28 (code) and 0x30 (data). -+* An updated "multiboot.h" file is provided to reflect the difference in -+ "unsigned long" sizes between i386 and x86_64 architectures for use by -+ the client kernel. -+ -+ -+CAVEATS -+------- -+Possible collisions with existing GRUB patch sets are unknown. Use "darcs" -+and worry not. -+ -+ http://abridgegame.org/darcs -+ -+(An intelligent alternative to cvs and greying hair in the distributed -+post-mainframe age.) -+ -+ -+DOCUMENTATION CHANGES -+--------------------- -+This is it. Sorry, stuff to do. -+ -+ -+APOLOGIES TO GRUB2 -+------------------ -+We would have liked to use GRUB2 for this, but needed it today for our -+kernel. Of course there is probably no technical reason why this -+functionality cannot be in included in GRUB2 at a future time. Thank you -+for a way cool bootloader and may all your boots be bogon (and Vogon) free. -+ -+<mcnster@gmail.com> -+October 10, 2006 -diff -Naur grub-0.97.orig/grub/asmstub.c grub-0.97.patched/grub/asmstub.c ---- grub-0.97.orig/grub/asmstub.c 2005-02-16 13:45:14.000000000 -0700 -+++ grub-0.97.patched/grub/asmstub.c 2006-08-26 22:43:24.000000000 -0600 -@@ -313,6 +313,12 @@ - stop (); - } - -+void -+multi_boot_64bit_doit (int start, int mb_info) -+{ -+ stop (); -+} -+ - /* sets it to linear or wired A20 operation */ - void - gateA20 (int linear) -diff -Naur grub-0.97.orig/stage2/asm.S grub-0.97.patched/stage2/asm.S ---- grub-0.97.orig/stage2/asm.S 2004-06-19 10:55:22.000000000 -0600 -+++ grub-0.97.patched/stage2/asm.S 2006-09-25 14:59:48.000000000 -0600 -@@ -1809,6 +1809,54 @@ - /* error */ - call EXT_C(stop) - -+ENTRY(multi_boot_64bit_doit) -+ call EXT_C(stop_floppy) -+ -+ /* dont squash these! */ -+ movl 0x8(%esp), %esi -+ movl 0x4(%esp), %edi -+ -+ cli -+ -+ mov %cr0, %eax -+ and $0x7fffffff, %eax -+ mov %eax, %cr0 -+ -+ /* enable pae */ -+ mov %cr4, %eax -+ or $0x20, %eax -+ mov %eax, %cr4 -+ -+ /* load cr3 with pml4 */ -+ mov $PML4, %eax -+ mov %eax, %cr3 -+ -+ /* trigger long mode */ -+ mov $0xc0000080, %ecx -+ rdmsr -+ or $0x100, %eax -+ wrmsr -+ -+ /* enable paging to actually switch modes */ -+ mov %cr0, %eax -+ or $0x80000000, %eax -+ mov %eax, %cr0 -+ -+ /* jump to relocation, flush prefetch queue, and reload %cs */ -+ ljmp $0x28, $longmode -+.code64 -+longmode: -+ mov $0x2BADB002, %eax -+ -+ mov %rsi, %rbx -+ and $0xffffffff, %rsi -+ -+ and $0xffffffff, %rdi -+ call *%rdi -+ /* NOTREACHED */ -+ call EXT_C(stop) -+ -+.code32 - #endif /* ! STAGE1_5 */ - - /* -@@ -2341,27 +2389,35 @@ - - .p2align 2 /* force 4-byte alignment */ - gdt: -- .word 0, 0 -+ .word 0, 0 /* 0x0000 */ - .byte 0, 0, 0, 0 - -- /* code segment */ -+ /* code segment */ /* 0x0008 */ - .word 0xFFFF, 0 - .byte 0, 0x9A, 0xCF, 0 - -- /* data segment */ -+ /* data segment */ /* 0x0010 */ - .word 0xFFFF, 0 - .byte 0, 0x92, 0xCF, 0 - -- /* 16 bit real mode CS */ -+ /* 16 bit real mode CS */ /* 0x0018 */ - .word 0xFFFF, 0 - .byte 0, 0x9E, 0, 0 - -- /* 16 bit real mode DS */ -+ /* 16 bit real mode DS/SS */ /* 0x0020 */ - .word 0xFFFF, 0 - .byte 0, 0x92, 0, 0 - -+ /* 64 bit long mode CS */ /* 0x0028 */ -+ .word 0xFFFF, 0 -+ .byte 0, 0x9A, 0xAF, 0 -+ -+ /* 64-bit long mode SS */ /* 0x0030 */ -+ .word 0xFFFF, 0 -+ .byte 0, 0x92, 0xAF, 0 - - /* this is the GDT descriptor */ - gdtdesc: -- .word 0x27 /* limit */ -+ .word 0x33 /* limit */ - .long gdt /* addr */ -+ .long 0 /* in case we go to 64-bit mode */ -diff -Naur grub-0.97.orig/stage2/boot.c grub-0.97.patched/stage2/boot.c ---- grub-0.97.orig/stage2/boot.c 2004-03-30 04:44:08.000000000 -0700 -+++ grub-0.97.patched/stage2/boot.c 2006-08-25 22:20:17.000000000 -0600 -@@ -23,10 +23,11 @@ - - #include "freebsd.h" - #include "imgact_aout.h" --#include "i386-elf.h" -+#include "elf.h" - - static int cur_addr; - entry_func entry_addr; -+unsigned long_64bit_mode = 0; - static struct mod_list mll[99]; - static int linux_mem_size; - -@@ -50,7 +51,7 @@ - { - struct multiboot_header *mb; - struct exec *aout; -- Elf32_Ehdr *elf; -+ Elf_Ehdr *elf; - } - pu; - /* presuming that MULTIBOOT_SEARCH is large enough to encompass an -@@ -100,21 +101,25 @@ - || pu.elf->e_ident[EI_OSABI] == ELFOSABI_FREEBSD - || grub_strcmp (pu.elf->e_ident + EI_BRAND, "FreeBSD") == 0 - || suggested_type == KERNEL_TYPE_NETBSD) -- && len > sizeof (Elf32_Ehdr) -- && BOOTABLE_I386_ELF ((*((Elf32_Ehdr *) buffer)))) -+ && len > SIZEOF_ELF_EHDR (pu.elf) -+ && (BOOTABLE_I386_ELF ((*((Elf32_Ehdr *) buffer))) -+ || BOOTABLE_X86_64_ELF ((*((Elf64_Ehdr *) buffer))))) - { -+ if (BOOTABLE_X86_64_ELF ((*((Elf64_Ehdr *) buffer)))) -+ long_64bit_mode = 1; -+ - if (type == KERNEL_TYPE_MULTIBOOT) -- entry_addr = (entry_func) pu.elf->e_entry; -+ entry_addr = (entry_func) E_ENTRY (pu.elf); - else -- entry_addr = (entry_func) (pu.elf->e_entry & 0xFFFFFF); -+ entry_addr = (entry_func) (E_ENTRY (pu.elf) & 0xFFFFFF); - - if (entry_addr < (entry_func) 0x100000) - errnum = ERR_BELOW_1MB; - - /* don't want to deal with ELF program header at some random - place in the file -- this generally won't happen */ -- if (pu.elf->e_phoff == 0 || pu.elf->e_phnum == 0 -- || ((pu.elf->e_phoff + (pu.elf->e_phentsize * pu.elf->e_phnum)) -+ if (E_PHOFF (pu.elf) == 0 || E_PHNUM (pu.elf) == 0 -+ || ((E_PHOFF (pu.elf) + (E_PHENTSIZE (pu.elf) * E_PHNUM (pu.elf))) - >= len)) - errnum = ERR_EXEC_FORMAT; - str = "elf"; -@@ -590,39 +595,38 @@ - /* ELF executable */ - { - unsigned loaded = 0, memaddr, memsiz, filesiz; -- Elf32_Phdr *phdr; -+ Elf_Phdr *phdr; - - /* reset this to zero for now */ - cur_addr = 0; - - /* scan for program segments */ -- for (i = 0; i < pu.elf->e_phnum; i++) -+ for (i = 0; i < E_PHNUM (pu.elf); i++) - { -- phdr = (Elf32_Phdr *) -- (pu.elf->e_phoff + ((int) buffer) -- + (pu.elf->e_phentsize * i)); -- if (phdr->p_type == PT_LOAD) -+ phdr = (Elf_Phdr *) (E_PHOFF (pu.elf) + ((int) buffer) -+ + (E_PHENTSIZE (pu.elf) * i)); -+ if (P_TYPE (pu.elf, phdr) == PT_LOAD) - { - /* offset into file */ -- grub_seek (phdr->p_offset); -- filesiz = phdr->p_filesz; -+ grub_seek (P_OFFSET (pu.elf, phdr)); -+ filesiz = P_FILESZ (pu.elf, phdr); - - if (type == KERNEL_TYPE_FREEBSD || type == KERNEL_TYPE_NETBSD) -- memaddr = RAW_ADDR (phdr->p_paddr & 0xFFFFFF); -+ memaddr = RAW_ADDR (P_PADDR (pu.elf, phdr) & 0xFFFFFF); - else -- memaddr = RAW_ADDR (phdr->p_paddr); -+ memaddr = RAW_ADDR (P_PADDR (pu.elf, phdr)); - -- memsiz = phdr->p_memsz; -+ memsiz = P_MEMSZ (pu.elf, phdr); - if (memaddr < RAW_ADDR (0x100000)) - errnum = ERR_BELOW_1MB; - - /* If the memory range contains the entry address, get the - physical address here. */ - if (type == KERNEL_TYPE_MULTIBOOT -- && (unsigned) entry_addr >= phdr->p_vaddr -- && (unsigned) entry_addr < phdr->p_vaddr + memsiz) -+ && (unsigned) entry_addr >= P_VADDR (pu.elf, phdr) -+ && (unsigned) entry_addr < P_VADDR (pu.elf, phdr) + memsiz) - real_entry_addr = (entry_func) ((unsigned) entry_addr -- + memaddr - phdr->p_vaddr); -+ + memaddr - P_VADDR (pu.elf, phdr)); - - /* make sure we only load what we're supposed to! */ - if (filesiz > memsiz) -@@ -654,26 +658,26 @@ - else - { - /* Load ELF symbols. */ -- Elf32_Shdr *shdr = NULL; -+ Elf_Shdr *shdr = NULL; - int tab_size, sec_size; - int symtab_err = 0; - -- mbi.syms.e.num = pu.elf->e_shnum; -- mbi.syms.e.size = pu.elf->e_shentsize; -- mbi.syms.e.shndx = pu.elf->e_shstrndx; -+ mbi.syms.e.num = E_SHNUM (pu.elf); -+ mbi.syms.e.size = E_SHENTSIZE (pu.elf); -+ mbi.syms.e.shndx = E_SHSTRNDX (pu.elf); - - /* We should align to a 4K boundary here for good measure. */ - if (align_4k) - cur_addr = (cur_addr + 0xFFF) & 0xFFFFF000; - -- tab_size = pu.elf->e_shentsize * pu.elf->e_shnum; -+ tab_size = E_SHENTSIZE (pu.elf) * E_SHNUM (pu.elf); - -- grub_seek (pu.elf->e_shoff); -+ grub_seek (E_SHOFF (pu.elf)); - if (grub_read ((char *) RAW_ADDR (cur_addr), tab_size) - == tab_size) - { - mbi.syms.e.addr = cur_addr; -- shdr = (Elf32_Shdr *) mbi.syms.e.addr; -+ shdr = (Elf_Shdr *) mbi.syms.e.addr; - cur_addr += tab_size; - - printf (", shtab=0x%x", cur_addr); -@@ -682,20 +686,20 @@ - { - /* This section is a loaded section, - so we don't care. */ -- if (shdr[i].sh_addr != 0) -+ if (SH_ADDR_AT (pu.elf, shdr, i) != 0) - continue; - - /* This section is empty, so we don't care. */ -- if (shdr[i].sh_size == 0) -+ if (SH_SIZE_AT (pu.elf, shdr, i) == 0) - continue; - - /* Align the section to a sh_addralign bits boundary. */ -- cur_addr = ((cur_addr + shdr[i].sh_addralign) & -- - (int) shdr[i].sh_addralign); -+ cur_addr = ((cur_addr + SH_ADDRALIGN_AT (pu.elf, shdr, i)) & -+ - (int) SH_ADDRALIGN_AT (pu.elf, shdr, i)); - -- grub_seek (shdr[i].sh_offset); -+ grub_seek (SH_OFFSET_AT (pu.elf, shdr, i)); - -- sec_size = shdr[i].sh_size; -+ sec_size = SH_SIZE_AT (pu.elf, shdr, i); - - if (! (memcheck (cur_addr, sec_size) - && (grub_read ((char *) RAW_ADDR (cur_addr), -@@ -706,7 +710,7 @@ - break; - } - -- shdr[i].sh_addr = cur_addr; -+ SET_SH_ADDR_AT (pu.elf, shdr, i, cur_addr); - cur_addr += sec_size; - } - } -diff -Naur grub-0.97.orig/stage2/builtins.c grub-0.97.patched/stage2/builtins.c ---- grub-0.97.orig/stage2/builtins.c 2005-02-15 14:58:23.000000000 -0700 -+++ grub-0.97.patched/stage2/builtins.c 2006-09-25 14:59:16.000000000 -0600 -@@ -81,6 +81,7 @@ - /* Prototypes for allowing straightfoward calling of builtins functions - inside other functions. */ - static int configfile_func (char *arg, int flags); -+static void multi_boot_64bit (int entry_addr, int mbi); - - /* Initialize the data for builtins. */ - void -@@ -297,8 +298,11 @@ - break; - - case KERNEL_TYPE_MULTIBOOT: -- /* Multiboot */ -- multi_boot ((int) entry_addr, (int) &mbi); -+ -+ if (long_64bit_mode) -+ multi_boot_64bit((int) entry_addr, (int) &mbi); -+ else -+ multi_boot ((int) entry_addr, (int) &mbi); - break; - - default: -@@ -309,6 +313,73 @@ - return 0; - } - -+#define TABLE_BITS 0x7 /* user, r/w, present */ -+#define PAGE_BITS 0x87 /* not pat, not global, not dirty, not accessed, user, r/w, present */ -+ -+#define NOT_PRESENT_TABLE 0x6 -+#define NOT_PRESENT_PAGE 0x86 -+ -+ -+static void -+multi_boot_64bit (int entry_addr, int mbi) -+{ -+ unsigned *pml4 = PML4; -+ unsigned *pdpt0x000 = PDPT0x000; -+ unsigned *pd0x000_000 = PD0x000_000; -+ unsigned *pd0x000_001 = PD0x000_001; -+ unsigned *pd0x000_002 = PD0x000_002; -+ unsigned *pd0x000_003 = PD0x000_003; -+ int i; -+ unsigned long base; -+ -+ /* identity map 1st 4 GB */ -+ -+ for (i = 0; i < 512; i++) -+ { -+ pml4[i * 2 + 0] = NOT_PRESENT_TABLE; -+ pml4[i * 2 + 1] = 0; -+ -+ pdpt0x000[i * 2 + 0] = NOT_PRESENT_TABLE; -+ pdpt0x000[i * 2 + 1] = 0; -+ -+ pd0x000_000[i * 2 + 0] = NOT_PRESENT_PAGE; -+ pd0x000_000[i * 2 + 1] = 0; -+ pd0x000_001[i * 2 + 0] = NOT_PRESENT_PAGE; -+ pd0x000_001[i * 2 + 1] = 0; -+ pd0x000_002[i * 2 + 0] = NOT_PRESENT_PAGE; -+ pd0x000_002[i * 2 + 1] = 0; -+ pd0x000_003[i * 2 + 0] = NOT_PRESENT_PAGE; -+ pd0x000_003[i * 2 + 1] = 0; -+ } -+ -+ pml4[0x000 * 2 + 0] = PDPT0x000 + TABLE_BITS; -+ pml4[0x000 * 2 + 1] = 0; -+ -+ pdpt0x000[0x000 * 2 + 0] = PD0x000_000 + TABLE_BITS; -+ pdpt0x000[0x000 * 2 + 1] = 0; -+ pdpt0x000[0x001 * 2 + 0] = PD0x000_001 + TABLE_BITS; -+ pdpt0x000[0x001 * 2 + 1] = 0; -+ pdpt0x000[0x002 * 2 + 0] = PD0x000_002 + TABLE_BITS; -+ pdpt0x000[0x002 * 2 + 1] = 0; -+ pdpt0x000[0x003 * 2 + 0] = PD0x000_003 + TABLE_BITS; -+ pdpt0x000[0x003 * 2 + 1] = 0; -+ -+ for (i = 0, base = 0; i < 1005; i++, base += 0x200000) -+ { -+ pd0x000_000[i * 2 + 0] = base + PAGE_BITS; -+ pd0x000_000[i * 2 + 1] = 0; -+ pd0x000_001[i * 2 + 0] = base + (1 * 0x200 * 0x20000) + PAGE_BITS; -+ pd0x000_001[i * 2 + 1] = 0; -+ pd0x000_002[i * 2 + 0] = base + (2 * 0x200 * 0x20000) + PAGE_BITS; -+ pd0x000_002[i * 2 + 1] = 0; -+ pd0x000_003[i * 2 + 0] = base + (3 * 0x200 * 0x20000) + PAGE_BITS; -+ pd0x000_003[i * 2 + 1] = 0; -+ } -+ -+ multi_boot_64bit_doit (entry_addr, mbi); -+ /* NOTREACHED */ -+} -+ - static struct builtin builtin_boot = - { - "boot", -diff -Naur grub-0.97.orig/stage2/elf.h grub-0.97.patched/stage2/elf.h ---- grub-0.97.orig/stage2/elf.h 1969-12-31 17:00:00.000000000 -0700 -+++ grub-0.97.patched/stage2/elf.h 2006-08-25 21:58:37.000000000 -0600 -@@ -0,0 +1,79 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2001,2002,2006 Free Software Foundation, Inc. -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ */ -+ -+ -+#include "i386-elf.h" -+#include "x86-64-elf.h" -+ -+ -+typedef union -+{ -+ unsigned char e_ident[EI_NIDENT]; -+ Elf32_Ehdr elf32; -+ Elf64_Ehdr elf64; -+} -+Elf_Ehdr; -+ -+ -+typedef union -+{ -+ Elf32_Phdr elf32; -+ Elf64_Phdr elf64; -+} -+Elf_Phdr; -+ -+ -+typedef union -+{ -+ Elf32_Shdr elf32; -+ Elf64_Shdr elf64; -+} -+Elf_Shdr; -+ -+ -+#define SIZEOF_ELF_EHDR(h) (h->e_ident[EI_CLASS] == ELFCLASS32 ? sizeof (Elf32_Ehdr) : sizeof (Elf64_Ehdr)) -+ -+#define E_ENTRY(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_entry : h->elf64.e_entry)) -+#define E_PHOFF(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_phoff : h->elf64.e_phoff)) -+#define E_PHNUM(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_phnum : h->elf64.e_phnum)) -+#define E_PHENTSIZE(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_phentsize : h->elf64.e_phentsize)) -+#define E_SHNUM(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_shnum : h->elf64.e_shnum)) -+#define E_SHENTSIZE(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_shentsize : h->elf64.e_shentsize)) -+#define E_SHSTRNDX(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_shstrndx : h->elf64.e_shstrndx)) -+#define E_SHOFF(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_shoff : h->elf64.e_shoff)) -+ -+#define P_TYPE(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_type : p->elf64.p_type)) -+#define P_OFFSET(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_offset : p->elf64.p_offset)) -+#define P_PADDR(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_paddr : p->elf64.p_paddr)) -+#define P_MEMSZ(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_memsz : p->elf64.p_memsz)) -+#define P_VADDR(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_vaddr : p->elf64.p_vaddr)) -+#define P_FILESZ(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_filesz : p->elf64.p_filesz)) -+ -+#define SH_ADDR_AT(h, sh, i) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? ((&(sh->elf32))[i]).sh_addr : ((&(sh->elf64))[i]).sh_addr)) -+#define SH_SIZE_AT(h, sh, i) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? ((&(sh->elf32))[i]).sh_size : ((&(sh->elf64))[i]).sh_size)) -+#define SH_ADDRALIGN_AT(h, sh, i) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? ((&(sh->elf32))[i]).sh_addralign : ((&(sh->elf64))[i]).sh_addralign)) -+#define SH_OFFSET_AT(h, sh, i) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? ((&(sh->elf32))[i]).sh_offset : ((&(sh->elf64))[i]).sh_offset)) -+ -+#define SET_SH_ADDR_AT(h, sh, i, v) \ -+ { \ -+ if (h->e_ident[EI_CLASS] == ELFCLASS32) \ -+ ((&(sh->elf32))[i]).sh_addr = v; \ -+ else \ -+ ((&(sh->elf64))[i]).sh_addr = v; \ -+ } -diff -Naur grub-0.97.orig/stage2/shared.h grub-0.97.patched/stage2/shared.h ---- grub-0.97.orig/stage2/shared.h 2004-06-19 10:40:09.000000000 -0600 -+++ grub-0.97.patched/stage2/shared.h 2006-09-25 14:54:53.000000000 -0600 -@@ -70,6 +70,13 @@ - - #define BOOT_PART_TABLE RAW_ADDR (0x07be) - -+#define PML4 0x70000 -+#define PDPT0x000 0x71000 -+#define PD0x000_000 0x72000 -+#define PD0x000_001 0x73000 -+#define PD0x000_002 0x74000 -+#define PD0x000_003 0x75000 -+ - /* - * BIOS disk defines - */ -@@ -692,6 +699,8 @@ - - extern entry_func entry_addr; - -+extern unsigned long_64bit_mode; -+ - /* Enter the stage1.5/stage2 C code after the stack is set up. */ - void cmain (void); - -@@ -739,6 +748,9 @@ - /* booting a multiboot executable */ - void multi_boot (int start, int mb_info) __attribute__ ((noreturn)); - -+/* boot into 64-bit long mode */ -+void multi_boot_64bit_doit (int start, int mb_info) __attribute__ ((noreturn)); -+ - /* If LINEAR is nonzero, then set the Intel processor to linear mode. - Otherwise, bit 20 of all memory accesses is always forced to zero, - causing a wraparound effect for bugwards compatibility with the -diff -Naur grub-0.97.orig/stage2/x86-64-elf.h grub-0.97.patched/stage2/x86-64-elf.h ---- grub-0.97.orig/stage2/x86-64-elf.h 1969-12-31 17:00:00.000000000 -0700 -+++ grub-0.97.patched/stage2/x86-64-elf.h 2006-08-26 21:45:22.000000000 -0600 -@@ -0,0 +1,86 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2001,2002,2006 Free Software Foundation, Inc. -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ */ -+ -+ -+typedef unsigned short Elf64_Half; -+typedef unsigned long Elf64_Word; -+typedef unsigned long long Elf64_Off; -+typedef unsigned long long Elf64_Addr; -+typedef unsigned long long Elf64_Xword; -+ -+ -+typedef struct -+{ -+ unsigned char e_ident[EI_NIDENT]; /* basic identification block */ -+ Elf64_Half e_type; /* file types */ -+ Elf64_Half e_machine; /* machine types */ -+ Elf64_Word e_version; /* use same as "EI_VERSION" above */ -+ Elf64_Addr e_entry; /* entry point of the program */ -+ Elf64_Off e_phoff; /* program header table file offset */ -+ Elf64_Off e_shoff; /* section header table file offset */ -+ Elf64_Word e_flags; /* flags */ -+ Elf64_Half e_ehsize; /* elf header size in bytes */ -+ Elf64_Half e_phentsize; /* program header entry size */ -+ Elf64_Half e_phnum; /* number of entries in program header */ -+ Elf64_Half e_shentsize; /* section header entry size */ -+ Elf64_Half e_shnum; /* number of entries in section header */ -+ Elf64_Half e_shstrndx; /* section header table index */ -+} -+Elf64_Ehdr; -+ -+ -+typedef struct -+{ -+ Elf64_Word p_type; -+ Elf64_Word p_flags; -+ Elf64_Off p_offset; -+ Elf64_Addr p_vaddr; -+ Elf64_Addr p_paddr; -+ Elf64_Xword p_filesz; -+ Elf64_Xword p_memsz; -+ Elf64_Xword p_align; -+} -+Elf64_Phdr; -+ -+ -+typedef struct -+{ -+ Elf64_Word sh_name; /* Section name (string tbl index) */ -+ Elf64_Word sh_type; /* Section type */ -+ Elf64_Xword sh_flags; /* Section flags */ -+ Elf64_Addr sh_addr; /* Section virtual addr at execution */ -+ Elf64_Off sh_offset; /* Section file offset */ -+ Elf64_Xword sh_size; /* Section size in bytes */ -+ Elf64_Word sh_link; /* Link to another section */ -+ Elf64_Word sh_info; /* Additional section information */ -+ Elf64_Xword sh_addralign; /* Section alignment */ -+ Elf64_Xword sh_entsize; /* Entry size if section holds table */ -+} -+Elf64_Shdr; -+ -+#define ELFCLASS64 2 -+ -+#define EM_X86_64 0x3e -+ -+#define BOOTABLE_X86_64_ELF(h) \ -+ ((h.e_ident[EI_MAG0] == ELFMAG0) & (h.e_ident[EI_MAG1] == ELFMAG1) \ -+ & (h.e_ident[EI_MAG2] == ELFMAG2) & (h.e_ident[EI_MAG3] == ELFMAG3) \ -+ & (h.e_ident[EI_CLASS] == ELFCLASS64) & (h.e_ident[EI_DATA] == ELFDATA2LSB) \ -+ & (h.e_ident[EI_VERSION] == EV_CURRENT) & (h.e_type == ET_EXEC) \ -+ & (h.e_machine == EM_X86_64) & (h.e_version == EV_CURRENT)) diff --git a/extra/source/grub/grub.SlackBuild b/extra/source/grub/grub.SlackBuild deleted file mode 100755 index 417cb636..00000000 --- a/extra/source/grub/grub.SlackBuild +++ /dev/null @@ -1,121 +0,0 @@ -#!/bin/sh - -# Copyright 2009 Patrick J. Volkerding, Sebeka, MN, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - -VERSION=0.97 -GCVER=1.28 -ARCH=${ARCH:-x86_64} -BUILD=7 - -NUMJOBS=${NUMJOBS:-" -j7 "} - -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" -elif [ "$ARCH" = "s390" ]; then - SLKCFLAGS="-O2" -elif [ "$ARCH" = "x86_64" ]; then - SLKCFLAGS="-O2" -fi - -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-grub - -rm -rf $PKG -mkdir -p $PKG $TMP -cd $TMP -rm -rf grub-$VERSION -tar xvf $CWD/grub-$VERSION.tar.gz || exit 1 -cd grub-$VERSION || exit 1 - -# This is needed for the optional (but now default) increase in -# inode size from 128 to 256 bytes with ext2 and ext3: -zcat $CWD/grub_support_256byte_inode.patch.gz | patch -p1 --verbose || exit 1 - -zcat $CWD/grub-0.97-x86_64.patch.gz | patch -p1 || exit 1 - -chown -R root:root . -find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; - -CFLAGS="$SLKCFLAGS" \ -./configure \ - --prefix=/usr \ - --infodir=/usr/info \ - --mandir=/usr/man - -make $NUMJOBS || make || exit 1 -make install DESTDIR=$PKG || exit 1 - -find $PKG | xargs file | grep -e "executable" -e "shared object" \ - | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - -# Compress and if needed symlink the man pages: -if [ -d $PKG/usr/man ]; then - ( cd $PKG/usr/man - for manpagedir in $(find . -type d -name "man*") ; do - ( cd $manpagedir - for eachpage in $( find . -type l -maxdepth 1) ; do - ln -s $( readlink $eachpage ).gz $eachpage.gz - rm $eachpage - done - gzip -9 *.? - ) - done - ) -fi - -# Compress info pages and purge "dir" file from the package: -if [ -d $PKG/usr/info ]; then - ( cd $PKG/usr/info - rm -f dir - gzip -9 * - ) -fi - -mkdir -p $PKG/usr/doc/grub-$VERSION -cp -a \ - AUTHORS BUGS COPYING INSTALL MAINTENANCE NEWS README THANKS TODO \ - $PKG/usr/doc/grub-$VERSION - -mkdir -p $PKG/install -cat $CWD/slack-desc > $PKG/install/slack-desc - -# Add Kent's grubconfig tool: -cd $TMP -rm -rf grubconfig-$GCVER -tar xf $CWD/grubconfig-${GCVER}.tar.gz || exit 1 -cd grubconfig-$GCVER || exit 1 -zcat $CWD/grubconfig_localefix.patch.gz | patch || exit 1 -chown -R root:root . -chmod 644 README -chmod 755 grubconfig -mkdir -p $PKG/usr/doc/grubconfig-${GCVER} -cp -a README $PKG/usr/doc/grubconfig-${GCVER} -cp -a grubconfig $PKG/usr/sbin/grubconfig - -cd $PKG -/sbin/makepkg -l y -c n $TMP/grub-$VERSION-$ARCH-$BUILD.txz - diff --git a/extra/source/grub/grub_support_256byte_inode.patch b/extra/source/grub/grub_support_256byte_inode.patch deleted file mode 100644 index bef3bc18..00000000 --- a/extra/source/grub/grub_support_256byte_inode.patch +++ /dev/null @@ -1,94 +0,0 @@ -diff -Nrup a/stage2/fsys_ext2fs.c b/stage2/fsys_ext2fs.c ---- a/stage2/fsys_ext2fs.c 2004-08-08 20:19:18.000000000 +0200 -+++ b/stage2/fsys_ext2fs.c 2008-01-30 14:27:20.000000000 +0100 -@@ -79,7 +79,52 @@ struct ext2_super_block - __u32 s_rev_level; /* Revision level */ - __u16 s_def_resuid; /* Default uid for reserved blocks */ - __u16 s_def_resgid; /* Default gid for reserved blocks */ -- __u32 s_reserved[235]; /* Padding to the end of the block */ -+ /* -+ * These fields are for EXT2_DYNAMIC_REV superblocks only. -+ * -+ * Note: the difference between the compatible feature set and -+ * the incompatible feature set is that if there is a bit set -+ * in the incompatible feature set that the kernel doesn't -+ * know about, it should refuse to mount the filesystem. -+ * -+ * e2fsck's requirements are more strict; if it doesn't know -+ * about a feature in either the compatible or incompatible -+ * feature set, it must abort and not try to meddle with -+ * things it doesn't understand... -+ */ -+ __u32 s_first_ino; /* First non-reserved inode */ -+ __u16 s_inode_size; /* size of inode structure */ -+ __u16 s_block_group_nr; /* block group # of this superblock */ -+ __u32 s_feature_compat; /* compatible feature set */ -+ __u32 s_feature_incompat; /* incompatible feature set */ -+ __u32 s_feature_ro_compat; /* readonly-compatible feature set */ -+ __u8 s_uuid[16]; /* 128-bit uuid for volume */ -+ char s_volume_name[16]; /* volume name */ -+ char s_last_mounted[64]; /* directory where last mounted */ -+ __u32 s_algorithm_usage_bitmap; /* For compression */ -+ /* -+ * Performance hints. Directory preallocation should only -+ * happen if the EXT2_FEATURE_COMPAT_DIR_PREALLOC flag is on. -+ */ -+ __u8 s_prealloc_blocks; /* Nr of blocks to try to preallocate*/ -+ __u8 s_prealloc_dir_blocks; /* Nr to preallocate for dirs */ -+ __u16 s_reserved_gdt_blocks;/* Per group table for online growth */ -+ /* -+ * Journaling support valid if EXT2_FEATURE_COMPAT_HAS_JOURNAL set. -+ */ -+ __u8 s_journal_uuid[16]; /* uuid of journal superblock */ -+ __u32 s_journal_inum; /* inode number of journal file */ -+ __u32 s_journal_dev; /* device number of journal file */ -+ __u32 s_last_orphan; /* start of list of inodes to delete */ -+ __u32 s_hash_seed[4]; /* HTREE hash seed */ -+ __u8 s_def_hash_version; /* Default hash version to use */ -+ __u8 s_jnl_backup_type; /* Default type of journal backup */ -+ __u16 s_reserved_word_pad; -+ __u32 s_default_mount_opts; -+ __u32 s_first_meta_bg; /* First metablock group */ -+ __u32 s_mkfs_time; /* When the filesystem was created */ -+ __u32 s_jnl_blocks[17]; /* Backup of the journal inode */ -+ __u32 s_reserved[172]; /* Padding to the end of the block */ - }; - - struct ext2_group_desc -@@ -218,6 +263,9 @@ struct ext2_dir_entry - #define EXT2_ADDR_PER_BLOCK(s) (EXT2_BLOCK_SIZE(s) / sizeof (__u32)) - #define EXT2_ADDR_PER_BLOCK_BITS(s) (log2(EXT2_ADDR_PER_BLOCK(s))) - -+#define EXT2_INODE_SIZE(s) (SUPERBLOCK->s_inode_size) -+#define EXT2_INODES_PER_BLOCK(s) (EXT2_BLOCK_SIZE(s)/EXT2_INODE_SIZE(s)) -+ - /* linux/ext2_fs.h */ - #define EXT2_BLOCK_SIZE_BITS(s) ((s)->s_log_block_size + 10) - /* kind of from ext2/super.c */ -@@ -553,7 +601,7 @@ ext2fs_dir (char *dirname) - gdp = GROUP_DESC; - ino_blk = gdp[desc].bg_inode_table + - (((current_ino - 1) % (SUPERBLOCK->s_inodes_per_group)) -- >> log2 (EXT2_BLOCK_SIZE (SUPERBLOCK) / sizeof (struct ext2_inode))); -+ >> log2 (EXT2_INODES_PER_BLOCK (SUPERBLOCK))); - #ifdef E2DEBUG - printf ("inode table fsblock=%d\n", ino_blk); - #endif /* E2DEBUG */ -@@ -565,13 +613,12 @@ ext2fs_dir (char *dirname) - /* reset indirect blocks! */ - mapblock2 = mapblock1 = -1; - -- raw_inode = INODE + -- ((current_ino - 1) -- & (EXT2_BLOCK_SIZE (SUPERBLOCK) / sizeof (struct ext2_inode) - 1)); -+ raw_inode = (struct ext2_inode *)((char *)INODE + -+ ((current_ino - 1) & (EXT2_INODES_PER_BLOCK (SUPERBLOCK) - 1)) * -+ EXT2_INODE_SIZE (SUPERBLOCK)); - #ifdef E2DEBUG - printf ("ipb=%d, sizeof(inode)=%d\n", -- (EXT2_BLOCK_SIZE (SUPERBLOCK) / sizeof (struct ext2_inode)), -- sizeof (struct ext2_inode)); -+ EXT2_INODES_PER_BLOCK (SUPERBLOCK), EXT2_INODE_SIZE (SUPERBLOCK)); - printf ("inode=%x, raw_inode=%x\n", INODE, raw_inode); - printf ("offset into inode table block=%d\n", (int) raw_inode - (int) INODE); - for (i = (unsigned char *) INODE; i <= (unsigned char *) raw_inode; diff --git a/extra/source/grub/grubconfig_localefix.patch b/extra/source/grub/grubconfig_localefix.patch deleted file mode 100644 index 6c1d4e9f..00000000 --- a/extra/source/grub/grubconfig_localefix.patch +++ /dev/null @@ -1,32 +0,0 @@ ---- /usr/sbin/grubconfig 2006-03-24 09:28:41.000000000 +0100 -+++ _developpement/debug/grubconfig 2007-05-12 16:51:57.000000000 +0200 -@@ -53,6 +53,10 @@ - rm -rf $TMP $BOOT_TMP - mkdir -p $TMP $BOOT_TMP - -+# We need to ensure the output is in english in order to match the devices -+# with fdisk. -+export LC_ALL=C -+ - PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin - - # Menu to check if we want to use VESA framebuffer support: -@@ -475,7 +479,8 @@ - chmod 644 $BOOT/grub/$grub_config - message=yes - installcolor; -- umount $BOOT_TMP 2>$TMP/null && rmdir $BOOT_TMP -+ umount $BOOT_TMP 2> $TMP/null -+ rmdir $BOOT_TMP 2> $TMP/null - rm -rf $TMP - } - -@@ -1004,8 +1009,6 @@ - KILL=NO - fi - simplegrub -- umount $BOOT_TMP 2>$TMP/null -- rm -rf $TMP $BOOT_TMP - chroot_umount - exit - fi diff --git a/extra/source/grub/slack-desc b/extra/source/grub/slack-desc deleted file mode 100644 index f3bead79..00000000 --- a/extra/source/grub/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -grub: grub (GNU GRUB Legacy bootloader) -grub: -grub: This is the legacy (0.9x) version of GNU GRUB, the GRand Unified -grub: Bootloader. GRUB is an alternative to other familiar bootloaders -grub: such as LILO. Unlike LILO, it loads a kernel through direct file- -grub: system support rather than a block list so it does not need to be -grub: updated if a new kernel is installed. -grub: -grub: Also included is Kent Robotti's 'grubconfig' tool (similar to the -grub: Slackware 'liloconfig' setup tool). -grub: diff --git a/extra/source/pam/make-pam-solibs-for-chrome.sh b/extra/source/pam/make-pam-solibs-for-chrome.sh deleted file mode 100755 index e7cd4c9e..00000000 --- a/extra/source/pam/make-pam-solibs-for-chrome.sh +++ /dev/null @@ -1,84 +0,0 @@ -#!/bin/sh - -# Copyright 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -# This expects to find a file pam-*.txz in the local directory that -# will contain a usable PAM shared library to satify the requirement -# for that library. To get whatever is actually using PAM working is -# going to need more PAM structure installed, but luckily I've yet to -# encounter what needs it and everything works fine with only the -# libpam.so.0 installed. - -if ! ls pam-*-*-*.txz 1> /dev/null 2> /dev/null ; then - echo "FAIL: no Slackware pam txz package found." - exit 1 -fi - -PKGNAM=google-chrome-pam-solibs -VERSION=${VERSION:-$(echo pam-*-*-*.txz | cut -f 2 -d -)} -ARCH=${ARCH:-$(echo pam-*-*-*.txz | cut -f 3 -d -)} -BUILD=${BUILD:-$(echo pam-*-*-*.txz | cut -f 4 -d - | cut -f 1 -d .)} - -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-$PKGNAM -rm -rf $PKG -mkdir -p $TMP $PKG - -cd $PKG -mkdir tmp -( cd tmp - explodepkg $CWD/pam-$VERSION-$ARCH-$BUILD.txz - sh install/doinst.sh -) -mkdir -p $PKG/opt/google/chrome -if [ -d tmp/lib64 ]; then - cp -a tmp/lib64/libpam.so.0* $PKG/opt/google/chrome -else - cp -a tmp/lib/libpam.so.0* $PKG/opt/google/chrome -fi -rm -rf $PKG/tmp - -mkdir -p $PKG/install -cat << EOF > $PKG/install/slack-desc -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - |-----handy-ruler------------------------------------------------------| -google-chrome-pam-solibs: google-chrome-pam-solibs (libpam.so.0) -google-chrome-pam-solibs: -google-chrome-pam-solibs: This is a package that provides libpam.so.0 to satisfy the library -google-chrome-pam-solibs: requirement for Google Chrome when that is installed in the -google-chrome-pam-solibs: usual /opt/google/chrome directory. It does not provide any other -google-chrome-pam-solibs: PAM features, and cannot be used to compile against or by other -google-chrome-pam-solibs: programs. If you need real PAM for some reason (like to compile -google-chrome-pam-solibs: Chromium), please see the pam.SlackBuild in the source directory. -google-chrome-pam-solibs: -google-chrome-pam-solibs: -google-chrome-pam-solibs: -EOF - -cd $PKG -/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD$TAG.txz - diff --git a/extra/source/pam/pam.SlackBuild b/extra/source/pam/pam.SlackBuild deleted file mode 100755 index bbea0617..00000000 --- a/extra/source/pam/pam.SlackBuild +++ /dev/null @@ -1,173 +0,0 @@ -#!/bin/sh - -# Copyright 2010 Vincent Batts, vbatts@hashbangbash.com -# Copyright 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -# Call the church police! ;-) -SRCNAM=Linux-PAM -PKGNAM=pam -PAMRHVER=${PAMRHVER:-$(echo pam-redhat-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1,2 -d - | rev)} -VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} - -# Automatically determine the architecture we're building on: -if [ -z "$ARCH" ]; then - case "$( uname -m )" in - i?86) export ARCH=i486 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; - esac -fi - -NUMJOBS=${NUMJOBS:--j7} - -if [ "$ARCH" = "i386" ]; then - SLKCFLAGS="-O2 -march=i386 -mcpu=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "s390" ]; then - SLKCFLAGS="-O2" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "x86_64" ]; then - SLKCFLAGS="-O2 -fPIC" - LIBDIRSUFFIX="64" -else - SLKCFLAGS="-O2" - LIBDIRSUFFIX="" -fi - -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-$PKGNAM - -rm -rf $PKG -mkdir -p $TMP $PKG - -cd $TMP -rm -rf $SRCNAM-$VERSION -tar xvf $CWD/$SRCNAM-$VERSION.tar.?z* || exit 1 -cd $SRCNAM-$VERSION || exit 1 - -# Better take the Red Hat added modules and patches, because that's very -# likely to be the most standard as far as PAM goes: -tar xvf $CWD/pam-redhat-$PAMRHVER.tar.?z* || exit 1 -mv pam-redhat-$PAMRHVER/{CHANGELOG*,COPYING*,README*} . -mv pam-redhat-$PAMRHVER/* modules -zcat $CWD/patches/pam-1.0.90-redhat-modules.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.0.91-std-noclose.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.0-notally.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.1-faillock.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.2-noflex.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.3-faillock-screensaver.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.3-limits-nosetreuid.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.3-limits-range.patch.gz | patch -p0 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.3-nouserenv.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.3-pwhistory-incomplete.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.3-securetty-console.patch.gz | patch -p0 --verbose || exit 1 - -# Churn some patches from .am -> .in: -autoreconf -f - -# Make these 2 man pages or the build falls over later on: -( cd modules/pam_faillock - xmlto man faillock.8.xml - xmlto man pam_faillock.8.xml -) - -chown -R root:root . -find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; - -CFLAGS="$SLKCFLAGS" \ -CXXFLAGS="$SLKCFLAGS" \ -./configure \ - --prefix=/ \ - --libdir=/lib${LIBDIRSUFFIX} \ - --sysconfdir=/etc \ - --includedir=/usr/include/security \ - --datarootdir=/usr/share \ - --localstatedir=/var \ - --mandir=/usr/man \ - --docdir=/usr/doc/$PKGNAM-$VERSION \ - --enable-read-both-confs \ - --disable-prelude \ - --disable-selinux \ - --build=$ARCH-slackware-linux || exit 1 - -make $NUMJOBS || make || exit 1 -make install DESTDIR=$PKG || exit 1 - -# this is a pam helper, that can only be called from pam -chown root:shadow $PKG/sbin/unix_chkpwd -chmod g+s $PKG/sbin/unix_chkpwd - -# Strip binaries: -( cd $PKG - find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null -) - -# Compress and if needed symlink the man pages: -if [ -d $PKG/usr/man ]; then - ( cd $PKG/usr/man - for manpagedir in $(find . -type d -name "man*") ; do - ( cd $manpagedir - for eachpage in $( find . -type l -maxdepth 1) ; do - ln -s $( readlink $eachpage ).gz $eachpage.gz - rm $eachpage - done - gzip -9 *.? - ) - done - ) -fi - -mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION -cp -a \ - AUTHORS COPYING* Copyright NEWS README* \ - $PKG/usr/doc/$PKGNAM-$VERSION - -# If there's a ChangeLog, installing at least part of the recent history -# is useful, but don't let it get totally out of control: -if [ -r ChangeLog ]; then - DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) - cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog - touch -r ChangeLog $DOCSDIR/ChangeLog -fi -if [ -r CHANGELOG ]; then - DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) - cat CHANGELOG | head -n 1000 > $DOCSDIR/CHANGELOG - touch -r CHANGELOG $DOCSDIR/CHANGELOG -fi -rm -f $PKG/usr/doc/$PKGNAM-$VERSION/index.html - -mkdir -p $PKG/install -cat $CWD/slack-desc > $PKG/install/slack-desc - -cd $PKG -/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD$TAG.txz - diff --git a/extra/source/pam/patches/pam-1.0.90-redhat-modules.patch b/extra/source/pam/patches/pam-1.0.90-redhat-modules.patch deleted file mode 100644 index 3ad41ccc..00000000 --- a/extra/source/pam/patches/pam-1.0.90-redhat-modules.patch +++ /dev/null @@ -1,23 +0,0 @@ -diff -up Linux-PAM-1.0.90/modules/Makefile.am.redhat-modules Linux-PAM-1.0.90/modules/Makefile.am ---- Linux-PAM-1.0.90/modules/Makefile.am.redhat-modules 2008-11-29 08:27:35.000000000 +0100 -+++ Linux-PAM-1.0.90/modules/Makefile.am 2008-12-16 13:40:16.000000000 +0100 -@@ -3,6 +3,7 @@ - # - - SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \ -+ pam_chroot pam_console pam_postgresok \ - pam_env pam_exec pam_faildelay pam_filter pam_ftp \ - pam_group pam_issue pam_keyinit pam_lastlog pam_limits \ - pam_listfile pam_localuser pam_loginuid pam_mail \ -diff -up Linux-PAM-1.0.90/configure.in.redhat-modules Linux-PAM-1.0.90/configure.in ---- Linux-PAM-1.0.90/configure.in.redhat-modules 2008-12-02 16:25:01.000000000 +0100 -+++ Linux-PAM-1.0.90/configure.in 2008-12-16 13:39:11.000000000 +0100 -@@ -531,6 +531,8 @@ AC_CONFIG_FILES([Makefile libpam/Makefil - libpam_misc/Makefile conf/Makefile conf/pam_conv1/Makefile \ - po/Makefile.in \ - modules/Makefile \ -+ modules/pam_chroot/Makefile modules/pam_console/Makefile \ -+ modules/pam_postgresok/Makefile \ - modules/pam_access/Makefile modules/pam_cracklib/Makefile \ - modules/pam_debug/Makefile modules/pam_deny/Makefile \ - modules/pam_echo/Makefile modules/pam_env/Makefile \ diff --git a/extra/source/pam/patches/pam-1.0.91-std-noclose.patch b/extra/source/pam/patches/pam-1.0.91-std-noclose.patch deleted file mode 100644 index 73594849..00000000 --- a/extra/source/pam/patches/pam-1.0.91-std-noclose.patch +++ /dev/null @@ -1,98 +0,0 @@ -diff -up Linux-PAM-1.0.91/modules/pam_mkhomedir/pam_mkhomedir.c.std-noclose Linux-PAM-1.0.91/modules/pam_mkhomedir/pam_mkhomedir.c ---- Linux-PAM-1.0.91/modules/pam_mkhomedir/pam_mkhomedir.c.std-noclose 2009-03-03 14:56:01.000000000 +0100 -+++ Linux-PAM-1.0.91/modules/pam_mkhomedir/pam_mkhomedir.c 2009-03-26 10:02:15.000000000 +0100 -@@ -131,13 +131,21 @@ create_homedir (pam_handle_t *pamh, int - if (child == 0) { - int i; - struct rlimit rlim; -+ int dummyfds[2]; - static char *envp[] = { NULL }; - char *args[] = { NULL, NULL, NULL, NULL, NULL }; - -+ /* replace std file descriptors with a dummy pipe */ -+ if (pipe(dummyfds) == 0) { -+ dup2(dummyfds[0], STDIN_FILENO); -+ dup2(dummyfds[1], STDOUT_FILENO); -+ dup2(dummyfds[1], STDERR_FILENO); -+ } -+ - if (getrlimit(RLIMIT_NOFILE, &rlim)==0) { - if (rlim.rlim_max >= MAX_FD_NO) - rlim.rlim_max = MAX_FD_NO; -- for (i=0; i < (int)rlim.rlim_max; i++) { -+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) { - close(i); - } - } -diff -up Linux-PAM-1.0.91/modules/pam_unix/support.c.std-noclose Linux-PAM-1.0.91/modules/pam_unix/support.c ---- Linux-PAM-1.0.91/modules/pam_unix/support.c.std-noclose 2009-03-03 14:56:01.000000000 +0100 -+++ Linux-PAM-1.0.91/modules/pam_unix/support.c 2009-03-26 10:08:59.000000000 +0100 -@@ -443,13 +443,16 @@ static int _unix_run_helper_binary(pam_h - - /* reopen stdin as pipe */ - dup2(fds[0], STDIN_FILENO); -+ /* and replace also the stdout/err as the helper will -+ not write anything there */ -+ dup2(fds[1], STDOUT_FILENO); -+ dup2(fds[1], STDERR_FILENO); - - if (getrlimit(RLIMIT_NOFILE,&rlim)==0) { - if (rlim.rlim_max >= MAX_FD_NO) - rlim.rlim_max = MAX_FD_NO; -- for (i=0; i < (int)rlim.rlim_max; i++) { -- if (i != STDIN_FILENO) -- close(i); -+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) { -+ close(i); - } - } - -diff -up Linux-PAM-1.0.91/modules/pam_unix/pam_unix_passwd.c.std-noclose Linux-PAM-1.0.91/modules/pam_unix/pam_unix_passwd.c ---- Linux-PAM-1.0.91/modules/pam_unix/pam_unix_passwd.c.std-noclose 2009-03-03 14:56:01.000000000 +0100 -+++ Linux-PAM-1.0.91/modules/pam_unix/pam_unix_passwd.c 2009-03-26 10:07:06.000000000 +0100 -@@ -175,13 +175,16 @@ static int _unix_run_update_binary(pam_h - - /* reopen stdin as pipe */ - dup2(fds[0], STDIN_FILENO); -+ /* and replace also the stdout/err as the helper will -+ not write anything there */ -+ dup2(fds[1], STDOUT_FILENO); -+ dup2(fds[1], STDERR_FILENO); - - if (getrlimit(RLIMIT_NOFILE,&rlim)==0) { - if (rlim.rlim_max >= MAX_FD_NO) - rlim.rlim_max = MAX_FD_NO; -- for (i=0; i < (int)rlim.rlim_max; i++) { -- if (i != STDIN_FILENO) -- close(i); -+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) { -+ close(i); - } - } - -diff -up Linux-PAM-1.0.91/modules/pam_unix/pam_unix_acct.c.std-noclose Linux-PAM-1.0.91/modules/pam_unix/pam_unix_acct.c ---- Linux-PAM-1.0.91/modules/pam_unix/pam_unix_acct.c.std-noclose 2009-03-03 14:56:01.000000000 +0100 -+++ Linux-PAM-1.0.91/modules/pam_unix/pam_unix_acct.c 2009-03-26 10:05:41.000000000 +0100 -@@ -100,16 +100,18 @@ int _unix_run_verify_binary(pam_handle_t - - /* reopen stdout as pipe */ - dup2(fds[1], STDOUT_FILENO); -+ /* and replace also the stdin, stderr so we do not exec the helper with -+ tty as stdin, it will not read anything from there anyway */ -+ dup2(fds[0], STDIN_FILENO); -+ dup2(fds[1], STDERR_FILENO); - - /* XXX - should really tidy up PAM here too */ - - if (getrlimit(RLIMIT_NOFILE,&rlim)==0) { - if (rlim.rlim_max >= MAX_FD_NO) - rlim.rlim_max = MAX_FD_NO; -- for (i=0; i < (int)rlim.rlim_max; i++) { -- if (i != STDOUT_FILENO) { -- close(i); -- } -+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) { -+ close(i); - } - } - diff --git a/extra/source/pam/patches/pam-1.1.0-notally.patch b/extra/source/pam/patches/pam-1.1.0-notally.patch deleted file mode 100644 index 9327eecb..00000000 --- a/extra/source/pam/patches/pam-1.1.0-notally.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up Linux-PAM-1.1.0/modules/Makefile.am.notally Linux-PAM-1.1.0/modules/Makefile.am ---- Linux-PAM-1.1.0/modules/Makefile.am.notally 2009-07-27 17:39:25.000000000 +0200 -+++ Linux-PAM-1.1.0/modules/Makefile.am 2009-09-01 17:40:16.000000000 +0200 -@@ -10,7 +10,7 @@ SUBDIRS = pam_access pam_cracklib pam_de - pam_mkhomedir pam_motd pam_namespace pam_nologin \ - pam_permit pam_pwhistory pam_rhosts pam_rootok pam_securetty \ - pam_selinux pam_sepermit pam_shells pam_stress \ -- pam_succeed_if pam_tally pam_tally2 pam_time pam_timestamp \ -+ pam_succeed_if pam_tally2 pam_time pam_timestamp \ - pam_tty_audit pam_umask \ - pam_unix pam_userdb pam_warn pam_wheel pam_xauth - diff --git a/extra/source/pam/patches/pam-1.1.1-faillock.patch b/extra/source/pam/patches/pam-1.1.1-faillock.patch deleted file mode 100644 index 46f30374..00000000 --- a/extra/source/pam/patches/pam-1.1.1-faillock.patch +++ /dev/null @@ -1,1712 +0,0 @@ -diff -up Linux-PAM-1.1.1/configure.in.faillock Linux-PAM-1.1.1/configure.in ---- Linux-PAM-1.1.1/configure.in.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/configure.in 2010-09-17 15:58:41.000000000 +0200 -@@ -539,7 +539,7 @@ AC_CONFIG_FILES([Makefile libpam/Makefil - modules/pam_access/Makefile modules/pam_cracklib/Makefile \ - modules/pam_debug/Makefile modules/pam_deny/Makefile \ - modules/pam_echo/Makefile modules/pam_env/Makefile \ -- modules/pam_faildelay/Makefile \ -+ modules/pam_faildelay/Makefile modules/pam_faillock/Makefile \ - modules/pam_filter/Makefile modules/pam_filter/upperLOWER/Makefile \ - modules/pam_ftp/Makefile modules/pam_group/Makefile \ - modules/pam_issue/Makefile modules/pam_keyinit/Makefile \ -diff -up Linux-PAM-1.1.1/doc/sag/pam_faillock.xml.faillock Linux-PAM-1.1.1/doc/sag/pam_faillock.xml ---- Linux-PAM-1.1.1/doc/sag/pam_faillock.xml.faillock 2010-09-17 16:05:56.000000000 +0200 -+++ Linux-PAM-1.1.1/doc/sag/pam_faillock.xml 2010-09-17 16:08:26.000000000 +0200 -@@ -0,0 +1,38 @@ -+<?xml version='1.0' encoding='UTF-8'?> -+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" -+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd"> -+<section id='sag-pam_faillock'> -+ <title>pam_faillock - temporarily locking access based on failed authentication attempts during an interval</title> -+ <cmdsynopsis> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_faillock-cmdsynopsisauth"]/*)'/> -+ </cmdsynopsis> -+ <cmdsynopsis> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_faillock-cmdsynopsisacct"]/*)'/> -+ </cmdsynopsis> -+ <section id='sag-pam_faillock-description'> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-description"]/*)'/> -+ </section> -+ <section id='sag-pam_faillock-options'> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-options"]/*)'/> -+ </section> -+ <section id='sag-pam_faillock-types'> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-types"]/*)'/> -+ </section> -+ <section id='sag-pam_faillock-return_values'> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-return_values"]/*)'/> -+ </section> -+ <section id='sag-pam_faillock-examples'> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-examples"]/*)'/> -+ </section> -+ <section id='sag-pam_faillock-author'> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-author"]/*)'/> -+ </section> -+</section> -diff -up Linux-PAM-1.1.1/modules/Makefile.am.faillock Linux-PAM-1.1.1/modules/Makefile.am ---- Linux-PAM-1.1.1/modules/Makefile.am.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/Makefile.am 2010-09-17 15:58:41.000000000 +0200 -@@ -3,7 +3,7 @@ - # - - SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \ -- pam_chroot pam_console pam_postgresok \ -+ pam_chroot pam_console pam_postgresok pam_faillock \ - pam_env pam_exec pam_faildelay pam_filter pam_ftp \ - pam_group pam_issue pam_keyinit pam_lastlog pam_limits \ - pam_listfile pam_localuser pam_loginuid pam_mail \ -diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.c.faillock Linux-PAM-1.1.1/modules/pam_faillock/faillock.c ---- Linux-PAM-1.1.1/modules/pam_faillock/faillock.c.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/faillock.c 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,147 @@ -+/* -+ * Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com> -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, and the entire permission notice in its entirety, -+ * including the disclaimer of warranties. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote -+ * products derived from this software without specific prior -+ * written permission. -+ * -+ * ALTERNATIVELY, this product may be distributed under the terms of -+ * the GNU Public License, in which case the provisions of the GPL are -+ * required INSTEAD OF the above restrictions. (This clause is -+ * necessary due to a potential bad interaction between the GPL and -+ * the restrictions contained in a BSD-style copyright.) -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+#include "config.h" -+#include <string.h> -+#include <stdlib.h> -+#include <unistd.h> -+#include <errno.h> -+#include <sys/types.h> -+#include <sys/stat.h> -+#include <sys/file.h> -+#include <fcntl.h> -+#include <security/pam_modutil.h> -+ -+#include "faillock.h" -+ -+int -+open_tally (const char *dir, const char *user, int create) -+{ -+ char *path; -+ int flags = O_RDWR; -+ int fd; -+ -+ if (strstr(user, "../") != NULL) -+ /* just a defensive programming as the user must be a -+ * valid user on the system anyway -+ */ -+ return -1; -+ path = malloc(strlen(dir) + strlen(user) + 2); -+ if (path == NULL) -+ return -1; -+ -+ strcpy(path, dir); -+ if (*dir && dir[strlen(dir) - 1] != '/') { -+ strcat(path, "/"); -+ } -+ strcat(path, user); -+ -+ if (create) { -+ flags |= O_CREAT; -+ } -+ -+ fd = open(path, flags, 0600); -+ -+ if (fd != -1) -+ while (flock(fd, LOCK_EX) == -1 && errno == EINTR); -+ -+ return fd; -+} -+ -+#define CHUNK_SIZE (64 * sizeof(struct tally)) -+#define MAX_RECORDS 1024 -+ -+int -+read_tally(int fd, struct tally_data *tallies) -+{ -+ void *data = NULL, *newdata; -+ unsigned int count = 0; -+ ssize_t chunk = 0; -+ -+ do { -+ newdata = realloc(data, count * sizeof(struct tally) + CHUNK_SIZE); -+ if (newdata == NULL) { -+ free(data); -+ return -1; -+ } -+ -+ data = newdata; -+ -+ chunk = pam_modutil_read(fd, (char *)data + count * sizeof(struct tally), CHUNK_SIZE); -+ if (chunk < 0) { -+ free(data); -+ return -1; -+ } -+ -+ count += chunk/sizeof(struct tally); -+ -+ if (count >= MAX_RECORDS) -+ break; -+ } -+ while (chunk == CHUNK_SIZE); -+ -+ tallies->records = data; -+ tallies->count = count; -+ -+ return 0; -+} -+ -+int -+update_tally(int fd, struct tally_data *tallies) -+{ -+ void *data = tallies->records; -+ unsigned int count = tallies->count; -+ ssize_t chunk; -+ -+ if (tallies->count > MAX_RECORDS) { -+ data = tallies->records + (count - MAX_RECORDS); -+ count = MAX_RECORDS; -+ } -+ -+ if (lseek(fd, 0, SEEK_SET) == (off_t)-1) { -+ return -1; -+ } -+ -+ chunk = pam_modutil_write(fd, data, count * sizeof(struct tally)); -+ -+ if (chunk != (ssize_t)(count * sizeof(struct tally))) { -+ return -1; -+ } -+ -+ if (ftruncate(fd, count * sizeof(struct tally)) == -1) -+ return -1; -+ -+ return 0; -+} -diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.h.faillock Linux-PAM-1.1.1/modules/pam_faillock/faillock.h ---- Linux-PAM-1.1.1/modules/pam_faillock/faillock.h.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/faillock.h 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,72 @@ -+/* -+ * Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com> -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, and the entire permission notice in its entirety, -+ * including the disclaimer of warranties. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote -+ * products derived from this software without specific prior -+ * written permission. -+ * -+ * ALTERNATIVELY, this product may be distributed under the terms of -+ * the GNU Public License, in which case the provisions of the GPL are -+ * required INSTEAD OF the above restrictions. (This clause is -+ * necessary due to a potential bad interaction between the GPL and -+ * the restrictions contained in a BSD-style copyright.) -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+/* -+ * faillock.h - authentication failure data file record structure -+ * -+ * Each record in the file represents an instance of login failure of -+ * the user at the recorded time -+ */ -+ -+ -+#ifndef _FAILLOCK_H -+#define _FAILLOCK_H -+ -+#include <stdint.h> -+ -+#define TALLY_STATUS_VALID 0x1 /* the tally file entry is valid */ -+#define TALLY_STATUS_RHOST 0x2 /* the source is rhost */ -+#define TALLY_STATUS_TTY 0x4 /* the source is tty - if both TALLY_FLAG_RHOST and TALLY_FLAG_TTY are not set the source is service */ -+ -+struct tally { -+ char source[52]; /* rhost or tty of the login failure (not necessarily NULL terminated) */ -+ uint16_t reserved; /* reserved for future use */ -+ uint16_t status; /* record status */ -+ uint64_t time; /* time of the login failure */ -+}; -+/* 64 bytes per entry */ -+ -+struct tally_data { -+ struct tally *records; /* array of tallies */ -+ unsigned int count; /* number of records */ -+}; -+ -+#define FAILLOCK_DEFAULT_TALLYDIR "/var/run/faillock" -+ -+int open_tally(const char *dir, const char *user, int create); -+int read_tally(int fd, struct tally_data *tallies); -+int update_tally(int fd, struct tally_data *tallies); -+#endif -+ -diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml.faillock Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml ---- Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,123 @@ -+<?xml version="1.0" encoding='UTF-8'?> -+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" -+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> -+ -+<refentry id="faillock"> -+ -+ <refmeta> -+ <refentrytitle>faillock</refentrytitle> -+ <manvolnum>8</manvolnum> -+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo> -+ </refmeta> -+ -+ <refnamediv id="pam_faillock-name"> -+ <refname>faillock</refname> -+ <refpurpose>Tool for displaying and modifying the authentication failure record files</refpurpose> -+ </refnamediv> -+ -+ <refsynopsisdiv> -+ <cmdsynopsis id="faillock-cmdsynopsis"> -+ <command>faillock</command> -+ <arg choice="opt"> -+ --dir <replaceable>/path/to/tally-directory</replaceable> -+ </arg> -+ <arg choice="opt"> -+ --user <replaceable>username</replaceable> -+ </arg> -+ <arg choice="opt"> -+ --reset -+ </arg> -+ </cmdsynopsis> -+ </refsynopsisdiv> -+ -+ <refsect1 id="faillock-description"> -+ -+ <title>DESCRIPTION</title> -+ -+ <para> -+ The <emphasis>pam_faillock.so</emphasis> module maintains a list of -+ failed authentication attempts per user during a specified interval -+ and locks the account in case there were more than -+ <replaceable>deny</replaceable> consecutive failed authentications. -+ It stores the failure records into per-user files in the tally -+ directory. -+ </para> -+ <para> -+ The <command>faillock</command> command is an application which -+ can be used to examine and modify the contents of the -+ the tally files. It can display the recent failed authentication -+ attempts of the <replaceable>username</replaceable> or clear the tally -+ files of all or individual <replaceable>usernames</replaceable>. -+ </para> -+ </refsect1> -+ -+ <refsect1 id="faillock-options"> -+ -+ <title>OPTIONS</title> -+ <variablelist> -+ <varlistentry> -+ <term> -+ <option>--dir <replaceable>/path/to/tally-directory</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ The directory where the user files with the failure records are kept. The -+ default is <filename>/var/run/faillock</filename>. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>--user <replaceable>username</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ The user whose failure records should be displayed or cleared. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>--reset</option> -+ </term> -+ <listitem> -+ <para> -+ Instead of displaying the user's failure records, clear them. -+ </para> -+ </listitem> -+ </varlistentry> -+ </variablelist> -+ </refsect1> -+ -+ <refsect1 id="faillock-files"> -+ <title>FILES</title> -+ <variablelist> -+ <varlistentry> -+ <term><filename>/var/run/faillock/*</filename></term> -+ <listitem> -+ <para>the files logging the authentication failures for users</para> -+ </listitem> -+ </varlistentry> -+ </variablelist> -+ </refsect1> -+ -+ <refsect1 id='faillock-see_also'> -+ <title>SEE ALSO</title> -+ <para> -+ <citerefentry> -+ <refentrytitle>pam_faillock</refentrytitle><manvolnum>8</manvolnum> -+ </citerefentry>, -+ <citerefentry> -+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum> -+ </citerefentry> -+ </para> -+ </refsect1> -+ -+ <refsect1 id='faillock-author'> -+ <title>AUTHOR</title> -+ <para> -+ faillock was written by Tomas Mraz. -+ </para> -+ </refsect1> -+ -+</refentry> -diff -up Linux-PAM-1.1.1/modules/pam_faillock/main.c.faillock Linux-PAM-1.1.1/modules/pam_faillock/main.c ---- Linux-PAM-1.1.1/modules/pam_faillock/main.c.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/main.c 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,231 @@ -+/* -+ * Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com> -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, and the entire permission notice in its entirety, -+ * including the disclaimer of warranties. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote -+ * products derived from this software without specific prior -+ * written permission. -+ * -+ * ALTERNATIVELY, this product may be distributed under the terms of -+ * the GNU Public License, in which case the provisions of the GPL are -+ * required INSTEAD OF the above restrictions. (This clause is -+ * necessary due to a potential bad interaction between the GPL and -+ * the restrictions contained in a BSD-style copyright.) -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+#include "config.h" -+ -+#include <stdio.h> -+#include <stdlib.h> -+#include <string.h> -+#include <dirent.h> -+#include <errno.h> -+#include <pwd.h> -+#include <time.h> -+#ifdef HAVE_LIBAUDIT -+#include <libaudit.h> -+#endif -+ -+#include "faillock.h" -+ -+struct options { -+ unsigned int reset; -+ const char *dir; -+ const char *user; -+ const char *progname; -+}; -+ -+static int -+args_parse(int argc, char **argv, struct options *opts) -+{ -+ int i; -+ memset(opts, 0, sizeof(*opts)); -+ -+ opts->dir = FAILLOCK_DEFAULT_TALLYDIR; -+ opts->progname = argv[0]; -+ -+ for (i = 1; i < argc; ++i) { -+ -+ if (strcmp(argv[i], "--dir") == 0) { -+ ++i; -+ if (i >= argc || strlen(argv[i]) == 0) { -+ fprintf(stderr, "%s: No directory supplied.\n", argv[0]); -+ return -1; -+ } -+ opts->dir = argv[i]; -+ } -+ else if (strcmp(argv[i], "--user") == 0) { -+ ++i; -+ if (i >= argc || strlen(argv[i]) == 0) { -+ fprintf(stderr, "%s: No user name supplied.\n", argv[0]); -+ return -1; -+ } -+ opts->user = argv[i]; -+ } -+ else if (strcmp(argv[i], "--reset") == 0) { -+ opts->reset = 1; -+ } -+ else { -+ fprintf(stderr, "%s: Unknown option: %s\n", argv[0], argv[i]); -+ return -1; -+ } -+ } -+ return 0; -+} -+ -+static void -+usage(const char *progname) -+{ -+ fprintf(stderr, _("Usage: %s [--dir /path/to/tally-directory] [--user username] [--reset]\n"), -+ progname); -+} -+ -+static int -+do_user(struct options *opts, const char *user) -+{ -+ int fd; -+ int rv; -+ struct tally_data tallies; -+ -+ fd = open_tally(opts->dir, user, 0); -+ -+ if (fd == -1) { -+ if (errno == ENOENT) { -+ return 0; -+ } -+ else { -+ fprintf(stderr, "%s: Error opening the tally file for %s:", -+ opts->progname, user); -+ perror(NULL); -+ return 3; -+ } -+ } -+ if (opts->reset) { -+#ifdef HAVE_LIBAUDIT -+ char buf[64]; -+ int audit_fd; -+#endif -+ -+ while ((rv=ftruncate(fd, 0)) == -1 && errno == EINTR); -+ if (rv == -1) { -+ fprintf(stderr, "%s: Error clearing the tally file for %s:", -+ opts->progname, user); -+ perror(NULL); -+#ifdef HAVE_LIBAUDIT -+ } -+ if ((audit_fd=audit_open()) >= 0) { -+ struct passwd *pwd; -+ -+ if ((pwd=getpwnam(user)) != NULL) { -+ snprintf(buf, sizeof(buf), "faillock reset uid=%u", -+ pwd->pw_uid); -+ audit_log_user_message(audit_fd, AUDIT_USER_ACCT, -+ buf, NULL, NULL, NULL, rv == 0); -+ } -+ close(audit_fd); -+ } -+ if (rv == -1) { -+#endif -+ close(fd); -+ return 4; -+ } -+ } -+ else { -+ unsigned int i; -+ -+ memset(&tallies, 0, sizeof(tallies)); -+ if ((rv=read_tally(fd, &tallies)) == -1) { -+ fprintf(stderr, "%s: Error reading the tally file for %s:", -+ opts->progname, user); -+ perror(NULL); -+ close(fd); -+ return 5; -+ } -+ -+ printf("%s:\n", user); -+ printf("%-19s %-5s %-48s %-5s\n", "When", "Type", "Source", "Valid"); -+ -+ for (i = 0; i < tallies.count; i++) { -+ struct tm *tm; -+ char timebuf[80]; -+ uint16_t status = tallies.records[i].status; -+ time_t when = tallies.records[i].time; -+ -+ tm = localtime(&when); -+ strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S", tm); -+ printf("%-19s %-5s %-52.52s %s\n", timebuf, -+ status & TALLY_STATUS_RHOST ? "RHOST" : (status & TALLY_STATUS_TTY ? "TTY" : "SVC"), -+ tallies.records[i].source, status & TALLY_STATUS_VALID ? "V":"I"); -+ } -+ free(tallies.records); -+ } -+ close(fd); -+ return 0; -+} -+ -+static int -+do_allusers(struct options *opts) -+{ -+ struct dirent **userlist; -+ int rv, i; -+ -+ rv = scandir(opts->dir, &userlist, NULL, alphasort); -+ if (rv < 0) { -+ fprintf(stderr, "%s: Error reading tally directory: ", opts->progname); -+ perror(NULL); -+ return 2; -+ } -+ -+ for (i = 0; i < rv; i++) { -+ if (userlist[i]->d_name[0] == '.') { -+ if ((userlist[i]->d_name[1] == '.' && userlist[i]->d_name[2] == '\0') || -+ userlist[i]->d_name[1] == '\0') -+ continue; -+ } -+ do_user(opts, userlist[i]->d_name); -+ free(userlist[i]); -+ } -+ free(userlist); -+ -+ return 0; -+} -+ -+ -+/*-----------------------------------------------------------------------*/ -+int -+main (int argc, char *argv[]) -+{ -+ struct options opts; -+ -+ if (args_parse(argc, argv, &opts)) { -+ usage(argv[0]); -+ return 1; -+ } -+ -+ if (opts.user == NULL) { -+ return do_allusers(&opts); -+ } -+ -+ return do_user(&opts, opts.user); -+} -+ -diff -up Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am.faillock Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am ---- Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,43 @@ -+# -+# Copyright (c) 2005, 2006, 2007, 2009 Thorsten Kukuk <kukuk@thkukuk.de> -+# Copyright (c) 2008 Red Hat, Inc. -+# Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com> -+# -+ -+CLEANFILES = *~ -+MAINTAINERCLEANFILES = $(MANS) README -+ -+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_faillock -+ -+man_MANS = pam_faillock.8 faillock.8 -+XMLS = README.xml pam_faillock.8.xml faillock.8.xml -+ -+TESTS = tst-pam_faillock -+ -+securelibdir = $(SECUREDIR) -+secureconfdir = $(SCONFIGDIR) -+ -+noinst_HEADERS = faillock.h -+ -+faillock_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include -+pam_faillock_la_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include -+ -+pam_faillock_la_LDFLAGS = -no-undefined -avoid-version -module -+pam_faillock_la_LIBADD = -L$(top_builddir)/libpam -lpam $(LIBAUDIT) -+if HAVE_VERSIONING -+ pam_faillock_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map -+endif -+ -+faillock_LDADD = -L$(top_builddir)/libpam -lpam $(LIBAUDIT) -+ -+securelib_LTLIBRARIES = pam_faillock.la -+sbin_PROGRAMS = faillock -+ -+pam_faillock_la_SOURCES = pam_faillock.c faillock.c -+faillock_SOURCES = main.c faillock.c -+ -+if ENABLE_REGENERATE_MAN -+noinst_DATA = README -+README: pam_faillock.8.xml -+-include $(top_srcdir)/Make.xml.rules -+endif -diff -up Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c.faillock Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c ---- Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,550 @@ -+/* -+ * Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com> -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, and the entire permission notice in its entirety, -+ * including the disclaimer of warranties. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote -+ * products derived from this software without specific prior -+ * written permission. -+ * -+ * ALTERNATIVELY, this product may be distributed under the terms of -+ * the GNU Public License, in which case the provisions of the GPL are -+ * required INSTEAD OF the above restrictions. (This clause is -+ * necessary due to a potential bad interaction between the GPL and -+ * the restrictions contained in a BSD-style copyright.) -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+#include "config.h" -+#include <stdio.h> -+#include <string.h> -+#include <unistd.h> -+#include <stdint.h> -+#include <stdlib.h> -+#include <errno.h> -+#include <time.h> -+#include <pwd.h> -+#include <syslog.h> -+ -+#ifdef HAVE_LIBAUDIT -+#include <libaudit.h> -+#endif -+ -+#include <security/pam_modules.h> -+#include <security/pam_modutil.h> -+#include <security/pam_ext.h> -+ -+#include "faillock.h" -+ -+#define PAM_SM_AUTH -+#define PAM_SM_ACCOUNT -+ -+#define FAILLOCK_ACTION_PREAUTH 0 -+#define FAILLOCK_ACTION_AUTHSUCC 1 -+#define FAILLOCK_ACTION_AUTHFAIL 2 -+ -+#define FAILLOCK_FLAG_DENY_ROOT 0x1 -+#define FAILLOCK_FLAG_AUDIT 0x2 -+#define FAILLOCK_FLAG_SILENT 0x4 -+#define FAILLOCK_FLAG_NO_LOG_INFO 0x8 -+#define FAILLOCK_FLAG_UNLOCKED 0x10 -+ -+#define MAX_TIME_INTERVAL 604800 /* 7 days */ -+ -+struct options { -+ unsigned int action; -+ unsigned int flags; -+ unsigned short deny; -+ unsigned int fail_interval; -+ unsigned int unlock_time; -+ unsigned int root_unlock_time; -+ const char *dir; -+ const char *user; -+ int failures; -+ uint64_t latest_time; -+ uid_t uid; -+ uint64_t now; -+}; -+ -+static void -+args_parse(pam_handle_t *pamh, int argc, const char **argv, -+ int flags, struct options *opts) -+{ -+ int i; -+ memset(opts, 0, sizeof(*opts)); -+ -+ opts->dir = FAILLOCK_DEFAULT_TALLYDIR; -+ opts->deny = 3; -+ opts->fail_interval = 900; -+ opts->unlock_time = 600; -+ opts->root_unlock_time = MAX_TIME_INTERVAL+1; -+ -+ for (i = 0; i < argc; ++i) { -+ -+ if (strncmp(argv[i], "dir=", 4) == 0) { -+ if (argv[i][4] != '/') { -+ pam_syslog(pamh, LOG_ERR, -+ "Tally directory is not absolute path (%s); keeping default", argv[i]); -+ } else { -+ opts->dir = argv[i]+4; -+ } -+ } -+ else if (strncmp(argv[i], "deny=", 5) == 0) { -+ if (sscanf(argv[i]+5, "%hu", &opts->deny) != 1) { -+ pam_syslog(pamh, LOG_ERR, -+ "Bad number supplied for deny argument"); -+ } -+ } -+ else if (strncmp(argv[i], "fail_interval=", 14) == 0) { -+ unsigned int temp; -+ if (sscanf(argv[i]+14, "%u", &temp) != 1 || -+ temp > MAX_TIME_INTERVAL) { -+ pam_syslog(pamh, LOG_ERR, -+ "Bad number supplied for fail_interval argument"); -+ } else { -+ opts->fail_interval = temp; -+ } -+ } -+ else if (strncmp(argv[i], "unlock_time=", 12) == 0) { -+ unsigned int temp; -+ if (sscanf(argv[i]+12, "%u", &temp) != 1 || -+ temp > MAX_TIME_INTERVAL) { -+ pam_syslog(pamh, LOG_ERR, -+ "Bad number supplied for unlock_time argument"); -+ } else { -+ opts->unlock_time = temp; -+ } -+ } -+ else if (strncmp(argv[i], "root_unlock_time=", 17) == 0) { -+ unsigned int temp; -+ if (sscanf(argv[i]+17, "%u", &temp) != 1 || -+ temp > MAX_TIME_INTERVAL) { -+ pam_syslog(pamh, LOG_ERR, -+ "Bad number supplied for root_unlock_time argument"); -+ } else { -+ opts->root_unlock_time = temp; -+ } -+ } -+ else if (strcmp(argv[i], "preauth") == 0) { -+ opts->action = FAILLOCK_ACTION_PREAUTH; -+ } -+ else if (strcmp(argv[i], "authfail") == 0) { -+ opts->action = FAILLOCK_ACTION_AUTHFAIL; -+ } -+ else if (strcmp(argv[i], "authsucc") == 0) { -+ opts->action = FAILLOCK_ACTION_AUTHSUCC; -+ } -+ else if (strcmp(argv[i], "even_deny_root") == 0) { -+ opts->flags |= FAILLOCK_FLAG_DENY_ROOT; -+ } -+ else if (strcmp(argv[i], "audit") == 0) { -+ opts->flags |= FAILLOCK_FLAG_AUDIT; -+ } -+ else if (strcmp(argv[i], "silent") == 0) { -+ opts->flags |= FAILLOCK_FLAG_SILENT; -+ } -+ else if (strcmp(argv[i], "no_log_info") == 0) { -+ opts->flags |= FAILLOCK_FLAG_NO_LOG_INFO; -+ } -+ else { -+ pam_syslog(pamh, LOG_ERR, "Unknown option: %s", argv[i]); -+ } -+ } -+ -+ if (opts->root_unlock_time == MAX_TIME_INTERVAL+1) -+ opts->root_unlock_time = opts->unlock_time; -+ if (flags & PAM_SILENT) -+ opts->flags |= FAILLOCK_FLAG_SILENT; -+} -+ -+static int get_pam_user(pam_handle_t *pamh, struct options *opts) -+{ -+ const char *user; -+ int rv; -+ struct passwd *pwd; -+ -+ if ((rv=pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS) { -+ return rv; -+ } -+ -+ if (*user == '\0') { -+ return PAM_IGNORE; -+ } -+ -+ if ((pwd=pam_modutil_getpwnam(pamh, user)) == NULL) { -+ if (opts->flags & FAILLOCK_FLAG_AUDIT) { -+ pam_syslog(pamh, LOG_ERR, "User unknown: %s", user); -+ } -+ else { -+ pam_syslog(pamh, LOG_ERR, "User unknown"); -+ } -+ return PAM_IGNORE; -+ } -+ opts->user = user; -+ opts->uid = pwd->pw_uid; -+ return PAM_SUCCESS; -+} -+ -+static int -+check_tally(pam_handle_t *pamh, struct options *opts, struct tally_data *tallies, int *fd) -+{ -+ int tfd; -+ unsigned int i; -+ uint64_t latest_time; -+ int failures; -+ -+ opts->now = time(NULL); -+ -+ tfd = open_tally(opts->dir, opts->user, 0); -+ -+ *fd = tfd; -+ -+ if (tfd == -1) { -+ if (errno == EACCES || errno == ENOENT) { -+ return PAM_SUCCESS; -+ } -+ pam_syslog(pamh, LOG_ERR, "Error opening the tally file for %s: %m", opts->user); -+ return PAM_SYSTEM_ERR; -+ } -+ -+ if (read_tally(tfd, tallies) != 0) { -+ pam_syslog(pamh, LOG_ERR, "Error reading the tally file for %s: %m", opts->user); -+ return PAM_SYSTEM_ERR; -+ } -+ -+ if (opts->uid == 0 && !(opts->flags & FAILLOCK_FLAG_DENY_ROOT)) { -+ return PAM_SUCCESS; -+ } -+ -+ latest_time = 0; -+ for(i = 0; i < tallies->count; i++) { -+ if ((tallies->records[i].status & TALLY_STATUS_VALID) && -+ tallies->records[i].time > latest_time) -+ latest_time = tallies->records[i].time; -+ } -+ -+ opts->latest_time = latest_time; -+ -+ failures = 0; -+ for(i = 0; i < tallies->count; i++) { -+ if ((tallies->records[i].status & TALLY_STATUS_VALID) && -+ latest_time - tallies->records[i].time < opts->fail_interval) { -+ ++failures; -+ } -+ } -+ -+ opts->failures = failures; -+ -+ if (opts->uid == 0 && !(opts->flags & FAILLOCK_FLAG_DENY_ROOT)) { -+ return PAM_SUCCESS; -+ } -+ -+ if (opts->deny && failures >= opts->deny) { -+ if ((opts->uid && latest_time + opts->unlock_time < opts->now) || -+ (!opts->uid && latest_time + opts->root_unlock_time < opts->now)) { -+#ifdef HAVE_LIBAUDIT -+ if (opts->action != FAILLOCK_ACTION_PREAUTH) { /* do not audit in preauth */ -+ char buf[64]; -+ int audit_fd; -+ -+ audit_fd = audit_open(); -+ /* If there is an error & audit support is in the kernel report error */ -+ if ((audit_fd < 0) && !(errno == EINVAL || errno == EPROTONOSUPPORT || -+ errno == EAFNOSUPPORT)) -+ return PAM_SYSTEM_ERR; -+ -+ snprintf(buf, sizeof(buf), "pam_faillock uid=%u ", opts->uid); -+ audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_UNLOCK_TIMED, buf, -+ NULL, NULL, NULL, 1); -+ } -+#endif -+ opts->flags |= FAILLOCK_FLAG_UNLOCKED; -+ return PAM_SUCCESS; -+ } -+ return PAM_AUTH_ERR; -+ } -+ return PAM_SUCCESS; -+} -+ -+static void -+reset_tally(pam_handle_t *pamh, struct options *opts, int *fd) -+{ -+ int rv; -+ -+ while ((rv=ftruncate(*fd, 0)) == -1 && errno == EINTR); -+ if (rv == -1) { -+ pam_syslog(pamh, LOG_ERR, "Error clearing the tally file for %s: %m", opts->user); -+ } -+} -+ -+static int -+write_tally(pam_handle_t *pamh, struct options *opts, struct tally_data *tallies, int *fd) -+{ -+ struct tally *records; -+ unsigned int i; -+ int failures; -+ unsigned int oldest; -+ uint64_t oldtime; -+ const void *source = NULL; -+ -+ if (*fd == -1) { -+ *fd = open_tally(opts->dir, opts->user, 1); -+ } -+ if (*fd == -1) { -+ if (errno == EACCES) { -+ return PAM_SUCCESS; -+ } -+ pam_syslog(pamh, LOG_ERR, "Error opening the tally file for %s: %m", opts->user); -+ return PAM_SYSTEM_ERR; -+ } -+ -+ oldtime = 0; -+ oldest = 0; -+ failures = 0; -+ -+ for (i = 0; i < tallies->count; ++i) { -+ if (tallies->records[i].time < oldtime) { -+ oldtime = tallies->records[i].time; -+ oldest = i; -+ } -+ if (opts->flags & FAILLOCK_FLAG_UNLOCKED || -+ opts->now - tallies->records[i].time >= opts->fail_interval ) { -+ tallies->records[i].status &= ~TALLY_STATUS_VALID; -+ } else { -+ ++failures; -+ } -+ } -+ -+ if (oldest >= tallies->count || (tallies->records[oldest].status & TALLY_STATUS_VALID)) { -+ oldest = tallies->count; -+ -+ if ((records=realloc(tallies->records, (oldest+1) * sizeof (*tallies->records))) == NULL) { -+ pam_syslog(pamh, LOG_CRIT, "Error allocating memory for tally records: %m"); -+ return PAM_BUF_ERR; -+ } -+ -+ ++tallies->count; -+ tallies->records = records; -+ } -+ -+ memset(&tallies->records[oldest], 0, sizeof (*tallies->records)); -+ -+ tallies->records[oldest].status = TALLY_STATUS_VALID; -+ if (pam_get_item(pamh, PAM_RHOST, &source) != PAM_SUCCESS || source == NULL) { -+ if (pam_get_item(pamh, PAM_TTY, &source) != PAM_SUCCESS || source == NULL) { -+ if (pam_get_item(pamh, PAM_SERVICE, &source) != PAM_SUCCESS || source == NULL) { -+ source = ""; -+ } -+ } -+ else { -+ tallies->records[oldest].status |= TALLY_STATUS_TTY; -+ } -+ } -+ else { -+ tallies->records[oldest].status |= TALLY_STATUS_RHOST; -+ } -+ -+ strncpy(tallies->records[oldest].source, source, sizeof(tallies->records[oldest].source)); -+ /* source does not have to be null terminated */ -+ -+ tallies->records[oldest].time = opts->now; -+ -+ ++failures; -+ -+ if (opts->deny && failures == opts->deny) { -+#ifdef HAVE_LIBAUDIT -+ char buf[64]; -+ int audit_fd; -+ -+ audit_fd = audit_open(); -+ /* If there is an error & audit support is in the kernel report error */ -+ if ((audit_fd < 0) && !(errno == EINVAL || errno == EPROTONOSUPPORT || -+ errno == EAFNOSUPPORT)) -+ return PAM_SYSTEM_ERR; -+ -+ snprintf(buf, sizeof(buf), "pam_faillock uid=%u ", opts->uid); -+ audit_log_user_message(audit_fd, AUDIT_ANOM_LOGIN_FAILURES, buf, -+ NULL, NULL, NULL, 1); -+ -+ if (opts->uid != 0 || (opts->flags & FAILLOCK_FLAG_DENY_ROOT)) { -+ audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_LOCK, buf, -+ NULL, NULL, NULL, 1); -+ } -+ close(audit_fd); -+#endif -+ if (!(opts->flags & FAILLOCK_FLAG_NO_LOG_INFO)) { -+ pam_syslog(pamh, LOG_INFO, "Consecutive login failures for user %s account temporarily locked", -+ opts->user); -+ } -+ } -+ -+ if (update_tally(*fd, tallies) == 0) -+ return PAM_SUCCESS; -+ -+ return PAM_SYSTEM_ERR; -+} -+ -+static void -+faillock_message(pam_handle_t *pamh, struct options *opts) -+{ -+ int64_t left; -+ -+ if (!(opts->flags & FAILLOCK_FLAG_SILENT)) { -+ if (opts->uid) { -+ left = opts->latest_time + opts->unlock_time - opts->now; -+ } -+ else { -+ left = opts->latest_time + opts->root_unlock_time - opts->now; -+ } -+ -+ left /= 60; /* minutes */ -+ -+ pam_info(pamh, _("Account temporarily locked due to %d failed logins"), -+ opts->failures); -+ pam_info(pamh, _("(%d minutes left to unlock)"), (int)left); -+ } -+} -+ -+static void -+tally_cleanup(struct tally_data *tallies, int fd) -+{ -+ if (fd != -1) { -+ close(fd); -+ } -+ -+ free(tallies->records); -+} -+ -+/*---------------------------------------------------------------------*/ -+ -+PAM_EXTERN int -+pam_sm_authenticate(pam_handle_t *pamh, int flags, -+ int argc, const char **argv) -+{ -+ struct options opts; -+ int rv, fd = -1; -+ struct tally_data tallies; -+ -+ memset(&tallies, 0, sizeof(tallies)); -+ -+ args_parse(pamh, argc, argv, flags, &opts); -+ -+ pam_fail_delay(pamh, 2000000); /* 2 sec delay for on failure */ -+ -+ if ((rv=get_pam_user(pamh, &opts)) != PAM_SUCCESS) { -+ return rv; -+ } -+ -+ switch (opts.action) { -+ case FAILLOCK_ACTION_PREAUTH: -+ rv = check_tally(pamh, &opts, &tallies, &fd); -+ if (rv == PAM_AUTH_ERR && !(opts.flags & FAILLOCK_FLAG_SILENT)) { -+ faillock_message(pamh, &opts); -+ } -+ break; -+ -+ case FAILLOCK_ACTION_AUTHSUCC: -+ rv = check_tally(pamh, &opts, &tallies, &fd); -+ if (rv == PAM_SUCCESS && fd != -1) { -+ reset_tally(pamh, &opts, &fd); -+ } -+ break; -+ -+ case FAILLOCK_ACTION_AUTHFAIL: -+ rv = check_tally(pamh, &opts, &tallies, &fd); -+ if (rv == PAM_SUCCESS) { -+ rv = PAM_IGNORE; /* this return value should be ignored */ -+ write_tally(pamh, &opts, &tallies, &fd); -+ } -+ break; -+ } -+ -+ tally_cleanup(&tallies, fd); -+ -+ return rv; -+} -+ -+/*---------------------------------------------------------------------*/ -+ -+PAM_EXTERN int -+pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED, -+ int argc UNUSED, const char **argv UNUSED) -+{ -+ return PAM_SUCCESS; -+} -+ -+/*---------------------------------------------------------------------*/ -+ -+PAM_EXTERN int -+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, -+ int argc, const char **argv) -+{ -+ struct options opts; -+ int rv, fd = -1; -+ struct tally_data tallies; -+ -+ memset(&tallies, 0, sizeof(tallies)); -+ -+ args_parse(pamh, argc, argv, flags, &opts); -+ -+ opts.action = FAILLOCK_ACTION_AUTHSUCC; -+ -+ if ((rv=get_pam_user(pamh, &opts)) != PAM_SUCCESS) { -+ return rv; -+ } -+ -+ check_tally(pamh, &opts, &tallies, &fd); -+ if (fd != -1) { -+ reset_tally(pamh, &opts, &fd); -+ } -+ -+ tally_cleanup(&tallies, fd); -+ -+ return PAM_SUCCESS; -+} -+ -+/*-----------------------------------------------------------------------*/ -+ -+#ifdef PAM_STATIC -+ -+/* static module data */ -+ -+struct pam_module _pam_faillock_modstruct = { -+ MODULE_NAME, -+#ifdef PAM_SM_AUTH -+ pam_sm_authenticate, -+ pam_sm_setcred, -+#else -+ NULL, -+ NULL, -+#endif -+#ifdef PAM_SM_ACCOUNT -+ pam_sm_acct_mgmt, -+#else -+ NULL, -+#endif -+ NULL, -+ NULL, -+ NULL, -+}; -+ -+#endif /* #ifdef PAM_STATIC */ -+ -diff -up Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml.faillock Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml ---- Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,396 @@ -+<?xml version="1.0" encoding='UTF-8'?> -+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" -+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> -+ -+<refentry id="pam_faillock"> -+ -+ <refmeta> -+ <refentrytitle>pam_faillock</refentrytitle> -+ <manvolnum>8</manvolnum> -+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo> -+ </refmeta> -+ -+ <refnamediv id="pam_faillock-name"> -+ <refname>pam_faillock</refname> -+ <refpurpose>Module counting authentication failures during a specified interval</refpurpose> -+ </refnamediv> -+ -+ <refsynopsisdiv> -+ <cmdsynopsis id="pam_faillock-cmdsynopsisauth"> -+ <command>auth ... pam_faillock.so</command> -+ <arg choice="req"> -+ preauth|authfail|authsucc -+ </arg> -+ <arg choice="opt"> -+ dir=<replaceable>/path/to/tally-directory</replaceable> -+ </arg> -+ <arg choice="opt"> -+ even_deny_root -+ </arg> -+ <arg choice="opt"> -+ deny=<replaceable>n</replaceable> -+ </arg> -+ <arg choice="opt"> -+ fail_interval=<replaceable>n</replaceable> -+ </arg> -+ <arg choice="opt"> -+ unlock_time=<replaceable>n</replaceable> -+ </arg> -+ <arg choice="opt"> -+ root_unlock_time=<replaceable>n</replaceable> -+ </arg> -+ <arg choice="opt"> -+ audit -+ </arg> -+ <arg choice="opt"> -+ silent -+ </arg> -+ <arg choice="opt"> -+ no_log_info -+ </arg> -+ </cmdsynopsis> -+ <cmdsynopsis id="pam_faillock-cmdsynopsisacct"> -+ <command>account ... pam_faillock.so</command> -+ <arg choice="opt"> -+ dir=<replaceable>/path/to/tally-directory</replaceable> -+ </arg> -+ <arg choice="opt"> -+ no_log_info -+ </arg> -+ </cmdsynopsis> -+ </refsynopsisdiv> -+ -+ <refsect1 id="pam_faillock-description"> -+ -+ <title>DESCRIPTION</title> -+ -+ <para> -+ This module maintains a list of failed authentication attempts per -+ user during a specified interval and locks the account in case -+ there were more than <replaceable>deny</replaceable> consecutive -+ failed authentications. -+ </para> -+ <para> -+ Normally, failed attempts to authenticate <emphasis>root</emphasis> will -+ <emphasis remap='B'>not</emphasis> cause the root account to become -+ blocked, to prevent denial-of-service: if your users aren't given -+ shell accounts and root may only login via <command>su</command> or -+ at the machine console (not telnet/rsh, etc), this is safe. -+ </para> -+ </refsect1> -+ -+ <refsect1 id="pam_faillock-options"> -+ -+ <title>OPTIONS</title> -+ <variablelist> -+ <varlistentry> -+ <term> -+ <option>{preauth|authfail|authsucc}</option> -+ </term> -+ <listitem> -+ <para> -+ This argument must be set accordingly to the position of this module -+ instance in the PAM stack. -+ </para> -+ <para> -+ The <emphasis>preauth</emphasis> argument must be used when the module -+ is called before the modules which ask for the user credentials such -+ as the password. The module just examines whether the user should -+ be blocked from accessing the service in case there were anomalous -+ number of failed consecutive authentication attempts recently. This -+ call is optional if <emphasis>authsucc</emphasis> is used. -+ </para> -+ <para> -+ The <emphasis>authfail</emphasis> argument must be used when the module -+ is called after the modules which determine the authentication outcome, -+ failed. Unless the user is already blocked due to previous authentication -+ failures, the module will record the failure into the appropriate user -+ tally file. -+ </para> -+ <para> -+ The <emphasis>authsucc</emphasis> argument must be used when the module -+ is called after the modules which determine the authentication outcome, -+ succeded. Unless the user is already blocked due to previous authentication -+ failures, the module will then clear the record of the failures in the -+ respective user tally file. Otherwise it will return authentication error. -+ If this call is not done, the pam_faillock will not distinguish between -+ consecutive and non-consecutive failed authentication attempts. The -+ <emphasis>preauth</emphasis> call must be used in such case. Due to -+ complications in the way the PAM stack can be configured it is also -+ possible to call <emphasis>pam_faillock</emphasis> as an account module. -+ In such configuration the module must be also called in the -+ <emphasis>preauth</emphasis> stage. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>dir=<replaceable>/path/to/tally-directory</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ The directory where the user files with the failure records are kept. The -+ default is <filename>/var/run/faillock</filename>. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>audit</option> -+ </term> -+ <listitem> -+ <para> -+ Will log the user name into the system log if the user is not found. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>silent</option> -+ </term> -+ <listitem> -+ <para> -+ Don't print informative messages. This option is implicite -+ in the <emphasis>authfail</emphasis> and <emphasis>authsucc</emphasis> -+ functions. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>no_log_info</option> -+ </term> -+ <listitem> -+ <para> -+ Don't log informative messages via <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>deny=<replaceable>n</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ Deny access if the number of consecutive authentication failures -+ for this user during the recent interval exceeds -+ <replaceable>n</replaceable>. The default is 3. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>fail_interval=<replaceable>n</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ The length of the interval during which the consecutive -+ authentication failures must happen for the user account -+ lock out is <replaceable>n</replaceable> seconds. -+ The default is 900 (15 minutes). -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>unlock_time=<replaceable>n</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ The access will be reenabled after -+ <replaceable>n</replaceable> seconds after the lock out. -+ The default is 600 (10 minutes). -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>even_deny_root</option> -+ </term> -+ <listitem> -+ <para> -+ Root account can become locked as well as regular accounts. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>root_unlock_time=<replaceable>n</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ This option implies <option>even_deny_root</option> option. -+ Allow access after <replaceable>n</replaceable> seconds -+ to root account after the account is locked. In case the -+ option is not specified the value is the same as of the -+ <option>unlock_time</option> option. -+ </para> -+ </listitem> -+ </varlistentry> -+ </variablelist> -+ </refsect1> -+ -+ <refsect1 id="pam_faillock-types"> -+ <title>MODULE TYPES PROVIDED</title> -+ <para> -+ The <option>auth</option> and <option>account</option> module types are -+ provided. -+ </para> -+ </refsect1> -+ -+ <refsect1 id='pam_faillock-return_values'> -+ <title>RETURN VALUES</title> -+ <variablelist> -+ <varlistentry> -+ <term>PAM_AUTH_ERR</term> -+ <listitem> -+ <para> -+ A invalid option was given, the module was not able -+ to retrieve the user name, no valid counter file -+ was found, or too many failed logins. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term>PAM_SUCCESS</term> -+ <listitem> -+ <para> -+ Everything was successful. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term>PAM_IGNORE</term> -+ <listitem> -+ <para> -+ User not present in passwd database. -+ </para> -+ </listitem> -+ </varlistentry> -+ </variablelist> -+ </refsect1> -+ -+ <refsect1 id='pam_faillock-notes'> -+ <title>NOTES</title> -+ <para> -+ <emphasis>pam_faillock</emphasis> setup in the PAM stack is different -+ from the <emphasis>pam_tally2</emphasis> module setup. -+ </para> -+ <para> -+ There is no setuid wrapper for access to the data file such as when the -+ <emphasis remap='B'>pam_faillock.so</emphasis> module is called from -+ a screensaver. As this would make it impossible to share PAM configuration -+ with such services the following workaround is used: If the data file -+ cannot be opened because of insufficient permissions -+ (<errorcode>EACCES</errorcode>) the module returns -+ <errorcode>PAM_SUCCESS</errorcode>. -+ </para> -+ <para> -+ Note that using the module in <option>preauth</option> without the -+ <option>silent</option> option or with <emphasis>requisite</emphasis> -+ control field leaks an information about existence or -+ non-existence of an user account in the system because -+ the failures are not recorded for the unknown users. The message -+ about the user account being locked is never displayed for nonexisting -+ user accounts allowing the adversary to infer that a particular account -+ is not existing on a system. -+ </para> -+ </refsect1> -+ -+ <refsect1 id='pam_faillock-examples'> -+ <title>EXAMPLES</title> -+ <para> -+ Here are two possible configuration examples for <filename>/etc/pam.d/login</filename>. -+ They make <emphasis>pam_faillock</emphasis> to lock the account after 4 consecutive -+ failed logins during the default interval of 15 minutes. Root account will be locked -+ as well. The accounts will be automatically unlocked after 20 minutes. -+ </para> -+ <para> -+ In the first example the module is called only in the <emphasis>auth</emphasis> -+ phase and the module does not print any information about the account blocking -+ by <emphasis>pam_faillock</emphasis>. The <emphasis>preauth</emphasis> call can -+ be added to tell the user that his login is blocked by the module and also to abort -+ the authentication without even asking for password in such case. -+ </para> -+ <programlisting> -+auth required pam_securetty.so -+auth required pam_env.so -+auth required pam_nologin.so -+# optionally call: auth requisite pam_faillock.so preauth deny=4 even_deny_root unlock_time=1200 -+# to display the message about account being locked -+auth [success=1 default=bad] pam_unix.so -+auth [default=die] pam_faillock.so authfail deny=4 even_deny_root unlock_time=1200 -+auth sufficient pam_faillock.so authsucc deny=4 even_deny_root unlock_time=1200 -+auth required pam_deny.so -+account required pam_unix.so -+password required pam_unix.so shadow -+session required pam_selinux.so close -+session required pam_loginuid.so -+session required pam_unix.so -+session required pam_selinux.so open -+ </programlisting> -+ <para> -+ In the second example the module is called both in the <emphasis>auth</emphasis> -+ and <emphasis>account</emphasis> phases and the module gives the authenticating -+ user message when the account is locked -+ </para> -+ <programlisting> -+auth required pam_securetty.so -+auth required pam_env.so -+auth required pam_nologin.so -+auth required pam_faillock.so preauth silent deny=4 even_deny_root unlock_time=1200 -+# optionally use requisite above if you do not want to prompt for the password -+# on locked accounts, possibly with removing the silent option as well -+auth sufficient pam_unix.so -+auth [default=die] pam_faillock.so authfail deny=4 even_deny_root unlock_time=1200 -+auth required pam_deny.so -+account required pam_faillock.so -+# if you drop the above call to pam_faillock.so the lock will be done also -+# on non-consecutive authentication failures -+account required pam_unix.so -+password required pam_unix.so shadow -+session required pam_selinux.so close -+session required pam_loginuid.so -+session required pam_unix.so -+session required pam_selinux.so open -+ </programlisting> -+ </refsect1> -+ -+ <refsect1 id="pam_faillock-files"> -+ <title>FILES</title> -+ <variablelist> -+ <varlistentry> -+ <term><filename>/var/run/faillock/*</filename></term> -+ <listitem> -+ <para>the files logging the authentication failures for users</para> -+ </listitem> -+ </varlistentry> -+ </variablelist> -+ </refsect1> -+ -+ <refsect1 id='pam_faillock-see_also'> -+ <title>SEE ALSO</title> -+ <para> -+ <citerefentry> -+ <refentrytitle>faillock</refentrytitle><manvolnum>8</manvolnum> -+ </citerefentry>, -+ <citerefentry> -+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum> -+ </citerefentry>, -+ <citerefentry> -+ <refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum> -+ </citerefentry>, -+ <citerefentry> -+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum> -+ </citerefentry> -+ </para> -+ </refsect1> -+ -+ <refsect1 id='pam_faillock-author'> -+ <title>AUTHOR</title> -+ <para> -+ pam_faillock was written by Tomas Mraz. -+ </para> -+ </refsect1> -+ -+</refentry> -diff -up Linux-PAM-1.1.1/modules/pam_faillock/README.xml.faillock Linux-PAM-1.1.1/modules/pam_faillock/README.xml ---- Linux-PAM-1.1.1/modules/pam_faillock/README.xml.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/README.xml 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,46 @@ -+<?xml version="1.0" encoding='UTF-8'?> -+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" -+"http://www.docbook.org/xml/4.3/docbookx.dtd" -+[ -+<!-- -+<!ENTITY pamaccess SYSTEM "pam_faillock.8.xml"> -+--> -+]> -+ -+<article> -+ -+ <articleinfo> -+ -+ <title> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="pam_faillock.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_faillock-name"]/*)'/> -+ </title> -+ -+ </articleinfo> -+ -+ <section> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-description"]/*)'/> -+ </section> -+ -+ <section> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-options"]/*)'/> -+ </section> -+ -+ <section> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-notes"]/*)'/> -+ </section> -+ -+ <section> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-examples"]/*)'/> -+ </section> -+ -+ <section> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-author"]/*)'/> -+ </section> -+ -+</article> -diff -up Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock.faillock Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock ---- Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,2 @@ -+#!/bin/sh -+../../tests/tst-dlopen .libs/pam_faillock.so diff --git a/extra/source/pam/patches/pam-1.1.2-noflex.patch b/extra/source/pam/patches/pam-1.1.2-noflex.patch deleted file mode 100644 index fc965559..00000000 --- a/extra/source/pam/patches/pam-1.1.2-noflex.patch +++ /dev/null @@ -1,27 +0,0 @@ -diff -up Linux-PAM-1.1.2/doc/Makefile.am.noflex Linux-PAM-1.1.2/doc/Makefile.am ---- Linux-PAM-1.1.2/doc/Makefile.am.noflex 2008-02-04 16:05:51.000000000 +0100 -+++ Linux-PAM-1.1.2/doc/Makefile.am 2010-09-20 10:40:59.000000000 +0200 -@@ -2,7 +2,7 @@ - # Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de> - # - --SUBDIRS = man specs sag adg mwg -+SUBDIRS = man sag adg mwg - - CLEANFILES = *~ - -diff -up Linux-PAM-1.1.2/Makefile.am.noflex Linux-PAM-1.1.2/Makefile.am ---- Linux-PAM-1.1.2/Makefile.am.noflex 2010-07-08 14:04:19.000000000 +0200 -+++ Linux-PAM-1.1.2/Makefile.am 2010-09-20 10:04:56.000000000 +0200 -@@ -5,9 +5,9 @@ - AUTOMAKE_OPTIONS = 1.9 gnu dist-bzip2 check-news - - if STATIC_MODULES --SUBDIRS = modules libpam libpamc libpam_misc tests po conf doc examples xtests -+SUBDIRS = modules libpam libpamc libpam_misc tests po doc examples xtests - else --SUBDIRS = libpam tests libpamc libpam_misc modules po conf doc examples xtests -+SUBDIRS = libpam tests libpamc libpam_misc modules po doc examples xtests - endif - - CLEANFILES = *~ diff --git a/extra/source/pam/patches/pam-1.1.3-faillock-screensaver.patch b/extra/source/pam/patches/pam-1.1.3-faillock-screensaver.patch deleted file mode 100644 index 249d2850..00000000 --- a/extra/source/pam/patches/pam-1.1.3-faillock-screensaver.patch +++ /dev/null @@ -1,167 +0,0 @@ -diff -up Linux-PAM-1.1.3/modules/pam_faillock/faillock.c.screensaver Linux-PAM-1.1.3/modules/pam_faillock/faillock.c ---- Linux-PAM-1.1.3/modules/pam_faillock/faillock.c.screensaver 2010-11-10 11:46:07.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_faillock/faillock.c 2010-11-10 11:46:07.000000000 +0100 -@@ -41,13 +41,14 @@ - #include <sys/types.h> - #include <sys/stat.h> - #include <sys/file.h> -+#include <sys/stat.h> - #include <fcntl.h> - #include <security/pam_modutil.h> - - #include "faillock.h" - - int --open_tally (const char *dir, const char *user, int create) -+open_tally (const char *dir, const char *user, uid_t uid, int create) - { - char *path; - int flags = O_RDWR; -@@ -69,8 +70,18 @@ open_tally (const char *dir, const char - - fd = open(path, flags, 0600); - -- if (fd != -1) -+ free(path); -+ -+ if (fd != -1) { -+ struct stat st; -+ - while (flock(fd, LOCK_EX) == -1 && errno == EINTR); -+ if (fstat(fd, &st) == 0) { -+ if (st.st_uid != uid) { -+ fchown(fd, uid, -1); -+ } -+ } -+ } - - return fd; - } -diff -up Linux-PAM-1.1.3/modules/pam_faillock/faillock.h.screensaver Linux-PAM-1.1.3/modules/pam_faillock/faillock.h ---- Linux-PAM-1.1.3/modules/pam_faillock/faillock.h.screensaver 2010-11-10 11:46:07.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_faillock/faillock.h 2010-11-10 11:46:07.000000000 +0100 -@@ -45,6 +45,7 @@ - #define _FAILLOCK_H - - #include <stdint.h> -+#include <sys/types.h> - - #define TALLY_STATUS_VALID 0x1 /* the tally file entry is valid */ - #define TALLY_STATUS_RHOST 0x2 /* the source is rhost */ -@@ -65,7 +66,7 @@ struct tally_data { - - #define FAILLOCK_DEFAULT_TALLYDIR "/var/run/faillock" - --int open_tally(const char *dir, const char *user, int create); -+int open_tally(const char *dir, const char *user, uid_t uid, int create); - int read_tally(int fd, struct tally_data *tallies); - int update_tally(int fd, struct tally_data *tallies); - #endif -diff -up Linux-PAM-1.1.3/modules/pam_faillock/main.c.screensaver Linux-PAM-1.1.3/modules/pam_faillock/main.c ---- Linux-PAM-1.1.3/modules/pam_faillock/main.c.screensaver 2010-11-10 11:46:07.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_faillock/main.c 2010-11-10 11:46:07.000000000 +0100 -@@ -106,8 +106,11 @@ do_user(struct options *opts, const char - int fd; - int rv; - struct tally_data tallies; -+ struct passwd *pwd; - -- fd = open_tally(opts->dir, user, 0); -+ pwd = getpwnam(user); -+ -+ fd = open_tally(opts->dir, user, pwd != NULL ? pwd->pw_uid : 0, 0); - - if (fd == -1) { - if (errno == ENOENT) { -@@ -134,9 +137,8 @@ do_user(struct options *opts, const char - #ifdef HAVE_LIBAUDIT - } - if ((audit_fd=audit_open()) >= 0) { -- struct passwd *pwd; - -- if ((pwd=getpwnam(user)) != NULL) { -+ if (pwd != NULL) { - snprintf(buf, sizeof(buf), "faillock reset uid=%u", - pwd->pw_uid); - audit_log_user_message(audit_fd, AUDIT_USER_ACCT, -diff -up Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.c.screensaver Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.c ---- Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.c.screensaver 2010-11-10 11:46:07.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.c 2010-11-10 11:46:07.000000000 +0100 -@@ -213,7 +213,7 @@ check_tally(pam_handle_t *pamh, struct o - - opts->now = time(NULL); - -- tfd = open_tally(opts->dir, opts->user, 0); -+ tfd = open_tally(opts->dir, opts->user, opts->uid, 0); - - *fd = tfd; - -@@ -289,9 +289,14 @@ reset_tally(pam_handle_t *pamh, struct o - { - int rv; - -- while ((rv=ftruncate(*fd, 0)) == -1 && errno == EINTR); -- if (rv == -1) { -- pam_syslog(pamh, LOG_ERR, "Error clearing the tally file for %s: %m", opts->user); -+ if (*fd == -1) { -+ *fd = open_tally(opts->dir, opts->user, opts->uid, 1); -+ } -+ else { -+ while ((rv=ftruncate(*fd, 0)) == -1 && errno == EINTR); -+ if (rv == -1) { -+ pam_syslog(pamh, LOG_ERR, "Error clearing the tally file for %s: %m", opts->user); -+ } - } - } - -@@ -306,7 +311,7 @@ write_tally(pam_handle_t *pamh, struct o - const void *source = NULL; - - if (*fd == -1) { -- *fd = open_tally(opts->dir, opts->user, 1); -+ *fd = open_tally(opts->dir, opts->user, opts->uid, 1); - } - if (*fd == -1) { - if (errno == EACCES) { -@@ -463,7 +468,7 @@ pam_sm_authenticate(pam_handle_t *pamh, - - case FAILLOCK_ACTION_AUTHSUCC: - rv = check_tally(pamh, &opts, &tallies, &fd); -- if (rv == PAM_SUCCESS && fd != -1) { -+ if (rv == PAM_SUCCESS) { - reset_tally(pamh, &opts, &fd); - } - break; -@@ -511,10 +516,8 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int - return rv; - } - -- check_tally(pamh, &opts, &tallies, &fd); -- if (fd != -1) { -- reset_tally(pamh, &opts, &fd); -- } -+ check_tally(pamh, &opts, &tallies, &fd); /* for auditing */ -+ reset_tally(pamh, &opts, &fd); - - tally_cleanup(&tallies, fd); - -diff -up Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.8.xml.screensaver Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.8.xml ---- Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.8.xml.screensaver 2010-11-10 11:46:07.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.8.xml 2010-11-10 11:47:14.000000000 +0100 -@@ -277,13 +277,9 @@ - from the <emphasis>pam_tally2</emphasis> module setup. - </para> - <para> -- There is no setuid wrapper for access to the data file such as when the -- <emphasis remap='B'>pam_faillock.so</emphasis> module is called from -- a screensaver. As this would make it impossible to share PAM configuration -- with such services the following workaround is used: If the data file -- cannot be opened because of insufficient permissions -- (<errorcode>EACCES</errorcode>) the module returns -- <errorcode>PAM_SUCCESS</errorcode>. -+ The individual files with the failure records are created as owned by -+ the user. This allows <emphasis remap='B'>pam_faillock.so</emphasis> module -+ to work correctly when it is called from a screensaver. - </para> - <para> - Note that using the module in <option>preauth</option> without the diff --git a/extra/source/pam/patches/pam-1.1.3-limits-nosetreuid.patch b/extra/source/pam/patches/pam-1.1.3-limits-nosetreuid.patch deleted file mode 100644 index 885690d0..00000000 --- a/extra/source/pam/patches/pam-1.1.3-limits-nosetreuid.patch +++ /dev/null @@ -1,64 +0,0 @@ -diff -up Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c.nosetreuid Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c ---- Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c.nosetreuid 2009-02-20 14:27:14.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c 2010-11-11 12:31:04.000000000 +0100 -@@ -103,7 +103,6 @@ struct pam_limit_s { - /* argument parsing */ - - #define PAM_DEBUG_ARG 0x0001 --#define PAM_DO_SETREUID 0x0002 - #define PAM_UTMP_EARLY 0x0004 - #define PAM_NO_AUDIT 0x0008 - -@@ -127,8 +126,6 @@ _pam_parse (const pam_handle_t *pamh, in - ctrl |= PAM_DEBUG_ARG; - } else if (!strncmp(*argv,"conf=",5)) { - pl->conf_file = *argv+5; -- } else if (!strncmp(*argv,"change_uid",10)) { -- ctrl |= PAM_DO_SETREUID; - } else if (!strcmp(*argv,"utmp_early")) { - ctrl |= PAM_UTMP_EARLY; - } else if (!strcmp(*argv,"noaudit")) { -@@ -777,10 +774,6 @@ out: - return retval; - } - -- if (ctrl & PAM_DO_SETREUID) { -- setreuid(pwd->pw_uid, -1); -- } -- - retval = setup_limits(pamh, pwd->pw_name, pwd->pw_uid, ctrl, pl); - if (retval & LOGIN_ERR) - pam_error(pamh, _("Too many logins for '%s'."), pwd->pw_name); -diff -up Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml.nosetreuid Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml ---- Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml.nosetreuid 2009-06-01 09:03:20.000000000 +0200 -+++ Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml 2010-11-11 12:32:35.000000000 +0100 -@@ -23,9 +23,6 @@ - <cmdsynopsis id="pam_limits-cmdsynopsis"> - <command>pam_limits.so</command> - <arg choice="opt"> -- change_uid -- </arg> -- <arg choice="opt"> - conf=<replaceable>/path/to/limits.conf</replaceable> - </arg> - <arg choice="opt"> -@@ -72,19 +69,6 @@ - <variablelist> - <varlistentry> - <term> -- <option>change_uid</option> -- </term> -- <listitem> -- <para> -- Change real uid to the user for who the limits are set up. Use this -- option if you have problems like login not forking a shell for user -- who has no processes. Be warned that something else may break when -- you do this. -- </para> -- </listitem> -- </varlistentry> -- <varlistentry> -- <term> - <option>conf=<replaceable>/path/to/limits.conf</replaceable></option> - </term> - <listitem> diff --git a/extra/source/pam/patches/pam-1.1.3-limits-range.patch b/extra/source/pam/patches/pam-1.1.3-limits-range.patch deleted file mode 100644 index c357eb28..00000000 --- a/extra/source/pam/patches/pam-1.1.3-limits-range.patch +++ /dev/null @@ -1,351 +0,0 @@ -Index: modules/pam_limits/limits.conf.5.xml -=================================================================== -RCS file: /cvsroot/pam/Linux-PAM/modules/pam_limits/limits.conf.5.xml,v -retrieving revision 1.9 -retrieving revision 1.11 -diff -u -p -r1.9 -r1.11 ---- modules/pam_limits/limits.conf.5.xml 20 Feb 2009 13:27:14 -0000 1.9 -+++ modules/pam_limits/limits.conf.5.xml 14 Dec 2010 08:40:40 -0000 1.11 -@@ -53,7 +53,38 @@ - <listitem> - <para> - the wildcard <emphasis remap='B'>%</emphasis>, for maxlogins limit only, -- can also be used with <emphasis remap='b'>%group</emphasis> syntax. -+ can also be used with <emphasis remap='B'>%group</emphasis> syntax. If the -+ <emphasis remap='B'>%</emphasis> wildcard is used alone it is identical -+ to using <emphasis remap='B'>*</emphasis> with maxsyslogins limit. With -+ a group specified after <emphasis remap='B'>%</emphasis> it limits the total -+ number of logins of all users that are member of the group. -+ </para> -+ </listitem> -+ <listitem> -+ <para> -+ an uid range specified as <replaceable><min_uid></replaceable><emphasis -+ remap='B'>:</emphasis><replaceable><max_uid></replaceable>. If min_uid -+ is omitted, the match is exact for the max_uid. If max_uid is omitted, all -+ uids greater than or equal min_uid match. -+ </para> -+ </listitem> -+ <listitem> -+ <para> -+ a gid range specified as <emphasis -+ remap='B'>@</emphasis><replaceable><min_gid></replaceable><emphasis -+ remap='B'>:</emphasis><replaceable><max_gid></replaceable>. If min_gid -+ is omitted, the match is exact for the max_gid. If max_gid is omitted, all -+ gids greater than or equal min_gid match. For the exact match all groups including -+ the user's supplementary groups are examined. For the range matches only -+ the user's primary group is examined. -+ </para> -+ </listitem> -+ <listitem> -+ <para> -+ a gid specified as <emphasis -+ remap='B'>%:</emphasis><replaceable><gid></replaceable> applicable -+ to maxlogins limit only. It limits the total number of logins of all users -+ that are member of the group with the specified gid. - </para> - </listitem> - </itemizedlist> -@@ -182,7 +213,7 @@ - <varlistentry> - <term><option>maxsyslogins</option></term> - <listitem> -- <para>maximum number of logins on system</para> -+ <para>maximum number of all logins on system</para> - </listitem> - </varlistentry> - <varlistentry> -@@ -272,12 +303,15 @@ - </para> - <programlisting> - * soft core 0 --* hard rss 10000 -+* hard nofile 512 - @student hard nproc 20 - @faculty soft nproc 20 - @faculty hard nproc 50 - ftp hard nproc 0 - @student - maxlogins 4 -+:123 hard cpu 5000 -+@500: soft cpu 10000 -+600:700 hard locks 10 - </programlisting> - </refsect1> - -Index: modules/pam_limits/pam_limits.c -=================================================================== -RCS file: /cvsroot/pam/Linux-PAM/modules/pam_limits/pam_limits.c,v -retrieving revision 1.48 -retrieving revision 1.49 -diff -u -p -r1.48 -r1.49 ---- modules/pam_limits/pam_limits.c 18 Nov 2010 09:37:32 -0000 1.48 -+++ modules/pam_limits/pam_limits.c 14 Dec 2010 08:40:40 -0000 1.49 -@@ -55,6 +55,12 @@ - #define LIMITS_DEF_DEFAULT 4 /* limit was set by an default entry */ - #define LIMITS_DEF_NONE 5 /* this limit was not set yet */ - -+#define LIMIT_RANGE_ERR -1 /* error in specified uid/gid range */ -+#define LIMIT_RANGE_NONE 0 /* no range specified */ -+#define LIMIT_RANGE_ONE 1 /* exact uid/gid specified (:max_uid)*/ -+#define LIMIT_RANGE_MIN 2 /* only minimum uid/gid specified (min_uid:) */ -+#define LIMIT_RANGE_MM 3 /* both min and max uid/gid specified (min_uid:max_uid) */ -+ - static const char *limits_def_names[] = { - "USER", - "GROUP", -@@ -520,8 +526,57 @@ process_limit (const pam_handle_t *pamh, - return; - } - --static int parse_config_file(pam_handle_t *pamh, const char *uname, int ctrl, -- struct pam_limit_s *pl) -+static int -+parse_uid_range(pam_handle_t *pamh, const char *domain, -+ uid_t *min_uid, uid_t *max_uid) -+{ -+ const char *range = domain; -+ char *pmax; -+ char *endptr; -+ int rv = LIMIT_RANGE_MM; -+ -+ if ((pmax=strchr(range, ':')) == NULL) -+ return LIMIT_RANGE_NONE; -+ ++pmax; -+ -+ if (range[0] == '@' || range[0] == '%') -+ ++range; -+ -+ if (range[0] == ':') -+ rv = LIMIT_RANGE_ONE; -+ else { -+ errno = 0; -+ *min_uid = strtoul (range, &endptr, 10); -+ if (errno != 0 || (range == endptr) || *endptr != ':') { -+ pam_syslog(pamh, LOG_DEBUG, -+ "wrong min_uid/gid value in '%s'", domain); -+ return LIMIT_RANGE_ERR; -+ } -+ } -+ -+ if (*pmax == '\0') { -+ if (rv == LIMIT_RANGE_ONE) -+ return LIMIT_RANGE_ERR; -+ else -+ return LIMIT_RANGE_MIN; -+ } -+ -+ errno = 0; -+ *max_uid = strtoul (pmax, &endptr, 10); -+ if (errno != 0 || (pmax == endptr) || *endptr != '\0') { -+ pam_syslog(pamh, LOG_DEBUG, -+ "wrong max_uid/gid value in '%s'", domain); -+ return LIMIT_RANGE_ERR; -+ } -+ -+ if (rv == LIMIT_RANGE_ONE) -+ *min_uid = *max_uid; -+ return rv; -+} -+ -+static int -+parse_config_file(pam_handle_t *pamh, const char *uname, uid_t uid, gid_t gid, -+ int ctrl, struct pam_limit_s *pl) - { - FILE *fil; - char buf[LINE_LENGTH]; -@@ -543,8 +598,10 @@ static int parse_config_file(pam_handle_ - char item[LINE_LENGTH]; - char value[LINE_LENGTH]; - int i; -+ int rngtype; - size_t j; - char *tptr,*line; -+ uid_t min_uid = (uid_t)-1, max_uid = (uid_t)-1; - - line = buf; - /* skip the leading white space */ -@@ -572,6 +629,11 @@ static int parse_config_file(pam_handle_ - for(j=0; j < strlen(ltype); j++) - ltype[j]=tolower(ltype[j]); - -+ if ((rngtype=parse_uid_range(pamh, domain, &min_uid, &max_uid)) < 0) { -+ pam_syslog(pamh, LOG_WARNING, "invalid uid range '%s' - skipped", domain); -+ continue; -+ } -+ - if (i == 4) { /* a complete line */ - for(j=0; j < strlen(item); j++) - item[j]=tolower(item[j]); -@@ -581,47 +643,133 @@ static int parse_config_file(pam_handle_ - if (strcmp(uname, domain) == 0) /* this user have a limit */ - process_limit(pamh, LIMITS_DEF_USER, ltype, item, value, ctrl, pl); - else if (domain[0]=='@') { -- if (ctrl & PAM_DEBUG_ARG) { -+ if (ctrl & PAM_DEBUG_ARG) { - pam_syslog(pamh, LOG_DEBUG, - "checking if %s is in group %s", - uname, domain + 1); -- } -- if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) -- process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl, -+ } -+ switch(rngtype) { -+ case LIMIT_RANGE_NONE: -+ if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) -+ process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl, -+ pl); -+ break; -+ case LIMIT_RANGE_ONE: -+ if (pam_modutil_user_in_group_nam_gid(pamh, uname, (gid_t)max_uid)) -+ process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl, - pl); -+ break; -+ case LIMIT_RANGE_MM: -+ if (gid > (gid_t)max_uid) -+ break; -+ /* fallthrough */ -+ case LIMIT_RANGE_MIN: -+ if (gid >= (gid_t)min_uid) -+ process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl, -+ pl); -+ } - } else if (domain[0]=='%') { -- if (ctrl & PAM_DEBUG_ARG) { -+ if (ctrl & PAM_DEBUG_ARG) { - pam_syslog(pamh, LOG_DEBUG, - "checking if %s is in group %s", - uname, domain + 1); -- } -- if (strcmp(domain,"%") == 0) -- process_limit(pamh, LIMITS_DEF_ALL, ltype, item, value, ctrl, -- pl); -- else if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) { -- strcpy(pl->login_group, domain+1); -- process_limit(pamh, LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl, -- pl); - } -- } else if (strcmp(domain, "*") == 0) -- process_limit(pamh, LIMITS_DEF_DEFAULT, ltype, item, value, ctrl, -- pl); -+ switch(rngtype) { -+ case LIMIT_RANGE_NONE: -+ if (strcmp(domain,"%") == 0) -+ process_limit(pamh, LIMITS_DEF_ALL, ltype, item, value, ctrl, -+ pl); -+ else if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) { -+ strcpy(pl->login_group, domain+1); -+ process_limit(pamh, LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl, -+ pl); -+ } -+ break; -+ case LIMIT_RANGE_ONE: -+ if (pam_modutil_user_in_group_nam_gid(pamh, uname, (gid_t)max_uid)) { -+ struct group *grp; -+ grp = pam_modutil_getgrgid(pamh, (gid_t)max_uid); -+ strncpy(pl->login_group, grp->gr_name, sizeof(pl->login_group)); -+ pl->login_group[sizeof(pl->login_group)-1] = '\0'; -+ process_limit(pamh, LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl, -+ pl); -+ } -+ break; -+ case LIMIT_RANGE_MIN: -+ case LIMIT_RANGE_MM: -+ pam_syslog(pamh, LOG_WARNING, "range unsupported for %%group matching - ignored"); -+ } -+ } else { -+ switch(rngtype) { -+ case LIMIT_RANGE_NONE: -+ if (strcmp(domain, "*") == 0) -+ process_limit(pamh, LIMITS_DEF_DEFAULT, ltype, item, value, ctrl, -+ pl); -+ break; -+ case LIMIT_RANGE_ONE: -+ if (uid != max_uid) -+ break; -+ /* fallthrough */ -+ case LIMIT_RANGE_MM: -+ if (uid > max_uid) -+ break; -+ /* fallthrough */ -+ case LIMIT_RANGE_MIN: -+ if (uid >= min_uid) -+ process_limit(pamh, LIMITS_DEF_USER, ltype, item, value, ctrl, pl); -+ } -+ } - } else if (i == 2 && ltype[0] == '-') { /* Probably a no-limit line */ - if (strcmp(uname, domain) == 0) { - if (ctrl & PAM_DEBUG_ARG) { - pam_syslog(pamh, LOG_DEBUG, "no limits for '%s'", uname); - } -- fclose(fil); -- return PAM_IGNORE; -- } else if (domain[0] == '@' && pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) { -+ } else if (domain[0] == '@') { -+ switch(rngtype) { -+ case LIMIT_RANGE_NONE: -+ if (!pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) -+ continue; /* next line */ -+ break; -+ case LIMIT_RANGE_ONE: -+ if (!pam_modutil_user_in_group_nam_gid(pamh, uname, (gid_t)max_uid)) -+ continue; /* next line */ -+ break; -+ case LIMIT_RANGE_MM: -+ if (gid > (gid_t)max_uid) -+ continue; /* next line */ -+ /* fallthrough */ -+ case LIMIT_RANGE_MIN: -+ if (gid < (gid_t)min_uid) -+ continue; /* next line */ -+ } - if (ctrl & PAM_DEBUG_ARG) { - pam_syslog(pamh, LOG_DEBUG, - "no limits for '%s' in group '%s'", - uname, domain+1); - } -- fclose(fil); -- return PAM_IGNORE; -+ } else { -+ switch(rngtype) { -+ case LIMIT_RANGE_NONE: -+ continue; /* next line */ -+ case LIMIT_RANGE_ONE: -+ if (uid != max_uid) -+ continue; /* next line */ -+ break; -+ case LIMIT_RANGE_MM: -+ if (uid > max_uid) -+ continue; /* next line */ -+ /* fallthrough */ -+ case LIMIT_RANGE_MIN: -+ if (uid >= min_uid) -+ break; -+ continue; /* next line */ -+ } -+ if (ctrl & PAM_DEBUG_ARG) { -+ pam_syslog(pamh, LOG_DEBUG, "no limits for '%s'", uname); -+ } - } -+ fclose(fil); -+ return PAM_IGNORE; - } else { - pam_syslog(pamh, LOG_WARNING, "invalid line '%s' - skipped", line); - } -@@ -731,7 +879,7 @@ pam_sm_open_session (pam_handle_t *pamh, - return PAM_ABORT; - } - -- retval = parse_config_file(pamh, pwd->pw_name, ctrl, pl); -+ retval = parse_config_file(pamh, pwd->pw_name, pwd->pw_uid, pwd->pw_gid, ctrl, pl); - if (retval == PAM_IGNORE) { - D(("the configuration file ('%s') has an applicable '<domain> -' entry", CONF_FILE)); - return PAM_SUCCESS; -@@ -755,7 +903,7 @@ pam_sm_open_session (pam_handle_t *pamh, - /* Parse the *.conf files. */ - for (i = 0; globbuf.gl_pathv[i] != NULL; i++) { - pl->conf_file = globbuf.gl_pathv[i]; -- retval = parse_config_file(pamh, pwd->pw_name, ctrl, pl); -+ retval = parse_config_file(pamh, pwd->pw_name, pwd->pw_uid, pwd->pw_gid, ctrl, pl); - if (retval == PAM_IGNORE) { - D(("the configuration file ('%s') has an applicable '<domain> -' entry", pl->conf_file)); - globfree(&globbuf); diff --git a/extra/source/pam/patches/pam-1.1.3-nouserenv.patch b/extra/source/pam/patches/pam-1.1.3-nouserenv.patch deleted file mode 100644 index f3a742c8..00000000 --- a/extra/source/pam/patches/pam-1.1.3-nouserenv.patch +++ /dev/null @@ -1,27 +0,0 @@ -diff -up pam/modules/pam_env/pam_env.c.nouserenv pam/modules/pam_env/pam_env.c ---- pam/modules/pam_env/pam_env.c.nouserenv 2010-10-20 09:59:30.000000000 +0200 -+++ pam/modules/pam_env/pam_env.c 2010-11-01 14:42:01.000000000 +0100 -@@ -10,7 +10,7 @@ - #define DEFAULT_READ_ENVFILE 1 - - #define DEFAULT_USER_ENVFILE ".pam_environment" --#define DEFAULT_USER_READ_ENVFILE 1 -+#define DEFAULT_USER_READ_ENVFILE 0 - - #include "config.h" - -diff -up pam/modules/pam_env/pam_env.8.xml.nouserenv pam/modules/pam_env/pam_env.8.xml ---- pam/modules/pam_env/pam_env.8.xml.nouserenv 2010-10-20 09:59:30.000000000 +0200 -+++ pam/modules/pam_env/pam_env.8.xml 2010-11-01 14:42:01.000000000 +0100 -@@ -147,7 +147,10 @@ - <listitem> - <para> - Turns on or off the reading of the user specific environment -- file. 0 is off, 1 is on. By default this option is on. -+ file. 0 is off, 1 is on. By default this option is off as user -+ supplied environment variables in the PAM environment could affect -+ behavior of subsequent modules in the stack without the consent -+ of the system administrator. - </para> - </listitem> - </varlistentry> diff --git a/extra/source/pam/patches/pam-1.1.3-pwhistory-incomplete.patch b/extra/source/pam/patches/pam-1.1.3-pwhistory-incomplete.patch deleted file mode 100644 index 6117b26e..00000000 --- a/extra/source/pam/patches/pam-1.1.3-pwhistory-incomplete.patch +++ /dev/null @@ -1,54 +0,0 @@ -diff -up Linux-PAM-1.1.3/modules/pam_pwhistory/pam_pwhistory.c.incomplete Linux-PAM-1.1.3/modules/pam_pwhistory/pam_pwhistory.c ---- Linux-PAM-1.1.3/modules/pam_pwhistory/pam_pwhistory.c.incomplete 2008-12-18 14:09:36.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_pwhistory/pam_pwhistory.c 2010-11-11 14:45:02.000000000 +0100 -@@ -187,12 +187,13 @@ pam_sm_chauthtok (pam_handle_t *pamh, in - { - retval = pam_get_authtok (pamh, PAM_AUTHTOK, &newpass, NULL); - if (retval != PAM_SUCCESS && retval != PAM_TRY_AGAIN) -- return retval; -+ { -+ if (retval == PAM_CONV_AGAIN) -+ retval = PAM_INCOMPLETE; -+ return retval; -+ } - tries++; - -- if (newpass == NULL || retval == PAM_TRY_AGAIN) -- continue; -- - if (options.debug) - { - if (newpass) -@@ -201,12 +202,8 @@ pam_sm_chauthtok (pam_handle_t *pamh, in - pam_syslog (pamh, LOG_DEBUG, "got no auth token"); - } - -- if (retval != PAM_SUCCESS || newpass == NULL) -- { -- if (retval == PAM_CONV_AGAIN) -- retval = PAM_INCOMPLETE; -- return retval; -- } -+ if (newpass == NULL || retval == PAM_TRY_AGAIN) -+ continue; - - if (options.debug) - pam_syslog (pamh, LOG_DEBUG, "check against old password file"); -@@ -219,7 +216,6 @@ pam_sm_chauthtok (pam_handle_t *pamh, in - newpass = NULL; - /* Remove password item, else following module will use it */ - pam_set_item (pamh, PAM_AUTHTOK, (void *) NULL); -- continue; - } - } - -@@ -230,8 +226,7 @@ pam_sm_chauthtok (pam_handle_t *pamh, in - return PAM_MAXTRIES; - } - -- /* Remember new password */ -- return pam_set_item (pamh, PAM_AUTHTOK, newpass); -+ return PAM_SUCCESS; - } - - diff --git a/extra/source/pam/patches/pam-1.1.3-securetty-console.patch b/extra/source/pam/patches/pam-1.1.3-securetty-console.patch deleted file mode 100644 index 94fa6ecf..00000000 --- a/extra/source/pam/patches/pam-1.1.3-securetty-console.patch +++ /dev/null @@ -1,120 +0,0 @@ -Index: modules/pam_securetty/pam_securetty.8.xml -=================================================================== -RCS file: /cvsroot/pam/Linux-PAM/modules/pam_securetty/pam_securetty.8.xml,v -retrieving revision 1.4 -retrieving revision 1.6 -diff -u -p -r1.4 -r1.6 ---- modules/pam_securetty/pam_securetty.8.xml 18 Aug 2008 13:29:25 -0000 1.4 -+++ modules/pam_securetty/pam_securetty.8.xml 25 Nov 2010 16:58:59 -0000 1.6 -@@ -33,7 +33,9 @@ - user is logging in on a "secure" tty, as defined by the listing - in <filename>/etc/securetty</filename>. pam_securetty also checks - to make sure that <filename>/etc/securetty</filename> is a plain -- file and not world writable. -+ file and not world writable. It will also allow root logins on -+ the tty specified with <option>console=</option> switch on the -+ kernel command line. - </para> - <para> - This module has no effect on non-root users and requires that the -@@ -61,6 +63,18 @@ - </para> - </listitem> - </varlistentry> -+ <varlistentry> -+ <term> -+ <option>noconsole</option> -+ </term> -+ <listitem> -+ <para> -+ Do not automatically allow root logins on the kernel console -+ device, as specified on the kernel command line, if it is -+ not also specified in the <filename>/etc/securetty</filename> file. -+ </para> -+ </listitem> -+ </varlistentry> - </variablelist> - </refsect1> - -Index: modules/pam_securetty/pam_securetty.c -=================================================================== -RCS file: /cvsroot/pam/Linux-PAM/modules/pam_securetty/pam_securetty.c,v -retrieving revision 1.14 -retrieving revision 1.15 -diff -u -p -r1.14 -r1.15 ---- modules/pam_securetty/pam_securetty.c 10 Sep 2009 10:19:58 -0000 1.14 -+++ modules/pam_securetty/pam_securetty.c 24 Nov 2010 12:28:01 -0000 1.15 -@@ -2,6 +2,7 @@ - - #define SECURETTY_FILE "/etc/securetty" - #define TTY_PREFIX "/dev/" -+#define CMDLINE_FILE "/proc/cmdline" - - /* - * by Elliot Lee <sopwith@redhat.com>, Red Hat Software. -@@ -22,6 +23,7 @@ - #include <pwd.h> - #include <string.h> - #include <ctype.h> -+#include <limits.h> - - /* - * here, we make a definition for the externally accessible function -@@ -38,6 +40,7 @@ - #include <security/pam_ext.h> - - #define PAM_DEBUG_ARG 0x0001 -+#define PAM_NOCONSOLE_ARG 0x0002 - - static int - _pam_parse (const pam_handle_t *pamh, int argc, const char **argv) -@@ -51,6 +54,8 @@ _pam_parse (const pam_handle_t *pamh, in - - if (!strcmp(*argv,"debug")) - ctrl |= PAM_DEBUG_ARG; -+ else if (!strcmp(*argv, "noconsole")) -+ ctrl |= PAM_NOCONSOLE_ARG; - else { - pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv); - } -@@ -144,6 +149,40 @@ securetty_perform_check (pam_handle_t *p - } - fclose(ttyfile); - -+ if (retval && !(ctrl & PAM_NOCONSOLE_ARG)) { -+ FILE *cmdlinefile; -+ -+ /* Allow access from the kernel console, if enabled */ -+ cmdlinefile = fopen(CMDLINE_FILE, "r"); -+ -+ if (cmdlinefile != NULL) { -+ char line[LINE_MAX], *p; -+ -+ line[0] = 0; -+ fgets(line, sizeof(line), cmdlinefile); -+ fclose(cmdlinefile); -+ -+ for (p = line; p; p = strstr(p+1, "console=")) { -+ char *e; -+ -+ /* Test whether this is a beginning of a word? */ -+ if (p > line && p[-1] != ' ') -+ continue; -+ -+ /* Ist this our console? */ -+ if (strncmp(p + 8, uttyname, strlen(uttyname))) -+ continue; -+ -+ /* Is there any garbage after the TTY name? */ -+ e = p + 8 + strlen(uttyname); -+ if (*e == ',' || *e == ' ' || *e == '\n' || *e == 0) { -+ retval = 0; -+ break; -+ } -+ } -+ } -+ } -+ - if (retval) { - pam_syslog(pamh, LOG_WARNING, "access denied: tty '%s' is not secure !", - uttyname); diff --git a/extra/source/pam/slack-desc b/extra/source/pam/slack-desc deleted file mode 100644 index 8b57bc0d..00000000 --- a/extra/source/pam/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -pam: pam (Pluggable Authentication Modules) -pam: -pam: PAM = Pluggable Authentication Modules. Basically, it is a flexible -pam: mechanism for authenticating users. PAM provides a way to develop -pam: programs that are independent of authentication scheme. However, -pam: these programs will need "authentication modules" (and libpam) at -pam: run-time in order to work. -pam: -pam: -pam: Homepage: http://www.kernel.org/pub/linux/libs/pam/ -pam: diff --git a/extra/source/partitionmanager/fetch-source.sh b/extra/source/partitionmanager/fetch-source.sh new file mode 100755 index 00000000..b7bb6566 --- /dev/null +++ b/extra/source/partitionmanager/fetch-source.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +NAME_VERSION=partitionmanager-1.0.3 +SVN_DATE=$(date +%Y%m%d) + +# Remove old sources if exist +rm -R --force ${NAME_VERSION} + +# Checkout svn trunk +svn -r {${SVN_DATE}} export svn://anonsvn.kde.org/home/kde/trunk/extragear/sysadmin/partitionmanager/ ${NAME_VERSION} + +# Move downloaded directory to match output tarball name: +mv ${NAME_VERSION} ${NAME_VERSION}_${SVN_DATE}svn + +# Create source tarball +tar cvf ${NAME_VERSION}_${SVN_DATE}svn.tar ${NAME_VERSION}_${SVN_DATE}svn + +# Compress source tarball +xz -9 -v ${NAME_VERSION}_${SVN_DATE}svn.tar + +# Delete temporary directories +rm -R --force ${NAME_VERSION}_${SVN_DATE}svn diff --git a/extra/source/partitionmanager/partitionmanager.SlackBuild b/extra/source/partitionmanager/partitionmanager.SlackBuild index 371ef22f..8035f522 100755 --- a/extra/source/partitionmanager/partitionmanager.SlackBuild +++ b/extra/source/partitionmanager/partitionmanager.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # Redistribution and use of this script, with or without modification, is @@ -20,7 +20,7 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=1.0.2 +VERSION=1.0.3_20130328svn BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: diff --git a/extra/source/tigervnc/patches/tigervnc11-java7.patch b/extra/source/tigervnc/patches/tigervnc11-java7.patch new file mode 100644 index 00000000..6f30060d --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-java7.patch @@ -0,0 +1,12 @@ +diff -up tigervnc-1.1.0/java/src/com/tigervnc/vncviewer/Makefile.java7 tigervnc-1.1.0/java/src/com/tigervnc/vncviewer/Makefile +--- tigervnc-1.1.0/java/src/com/tigervnc/vncviewer/Makefile.java7 2012-03-27 14:20:20.107009796 +0200 ++++ tigervnc-1.1.0/java/src/com/tigervnc/vncviewer/Makefile 2012-03-27 14:20:25.959966078 +0200 +@@ -4,7 +4,7 @@ + + CP = cp + JC = javac +-JCFLAGS = -target 1.5 -classpath ../../../ ++JCFLAGS = -target 1.7 -classpath ../../../ + JAR = jar + ARCHIVE = VncViewer.jar + MANIFEST = MANIFEST.MF diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg110.patch b/extra/source/tigervnc/patches/tigervnc11-xorg110.patch new file mode 100644 index 00000000..d70d6f91 --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-xorg110.patch @@ -0,0 +1,88 @@ +diff -up xserver/configure.ac.vnc xserver/configure.ac +--- xserver/configure.ac.vnc 2012-07-19 20:22:21.774770804 -0400 ++++ xserver/configure.ac 2012-07-19 20:24:42.293014083 -0400 +@@ -72,6 +71,7 @@ dnl forcing an entire recompile.x + AC_CONFIG_HEADERS(include/version-config.h) + + AM_PROG_AS ++AC_PROG_CXX + AC_PROG_LN_S + AC_LIBTOOL_WIN32_DLL + AC_DISABLE_STATIC +@@ -1560,6 +1560,14 @@ if test "x$XVFB" = xyes; then + AC_SUBST([XVFB_SYS_LIBS]) + fi + ++dnl Xvnc DDX ++AC_SUBST([XVNC_CPPFLAGS], ["-DHAVE_DIX_CONFIG_H $XEXT_INC $FB_INC $MI_INC $RENDER_INC $RANDR_INC $MIEXT_DAMAGE_INC"]) ++AC_SUBST([XVNC_LIBS], ["$FB_LIB $FIXES_LIB $XEXT_LIB $CONFIG_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $MAIN_LIB"]) ++AC_SUBST([XVNC_SYS_LIBS], ["$GLX_SYS_LIBS"]) ++ ++dnl This is necessary to allow Xvnc to statically link with GnuTLS ++AC_ARG_VAR(GNUTLS_LDFLAGS, [Custom linker flags for using GnuTLS, e.g. -L{GnuTLS directory}/lib -lgnutls]) ++AC_SUBST(GNUTLS_LDFLAGS) + + dnl Xnest DDX + +@@ -1595,6 +1603,8 @@ if test "x$XORG" = xauto; then + fi + AC_MSG_RESULT([$XORG]) + ++AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version]) ++ + if test "x$XORG" = xyes; then + XORG_DDXINCS='-I$(top_srcdir)/hw/xfree86 -I$(top_srcdir)/hw/xfree86/include -I$(top_srcdir)/hw/xfree86/common' + XORG_OSINCS='-I$(top_srcdir)/hw/xfree86/os-support -I$(top_srcdir)/hw/xfree86/os-support/bus -I$(top_srcdir)/os' +@@ -1813,7 +1823,6 @@ if test "x$XORG" = xyes; then + AC_DEFINE(XORG_SERVER, 1, [Building Xorg server]) + AC_DEFINE(XORGSERVER, 1, [Building Xorg server]) + AC_DEFINE(XFree86Server, 1, [Building XFree86 server]) +- AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version]) + AC_DEFINE(NEED_XF86_TYPES, 1, [Need XFree86 typedefs]) + AC_DEFINE(NEED_XF86_PROTOTYPES, 1, [Need XFree86 helper functions]) + AC_DEFINE(__XSERVERNAME__, "Xorg", [Name of X server]) +@@ -2279,6 +2288,7 @@ hw/dmx/Makefile + hw/dmx/man/Makefile + hw/vfb/Makefile + hw/vfb/man/Makefile ++hw/vnc/Makefile + hw/xnest/Makefile + hw/xnest/man/Makefile + hw/xwin/Makefile +diff -up xserver/hw/Makefile.am.vnc xserver/hw/Makefile.am +--- xserver/hw/Makefile.am.vnc 2012-07-19 20:22:28.575685781 -0400 ++++ xserver/hw/Makefile.am 2012-07-19 20:22:31.483649426 -0400 +@@ -33,7 +33,8 @@ SUBDIRS = \ + $(XNEST_SUBDIRS) \ + $(DMX_SUBDIRS) \ + $(KDRIVE_SUBDIRS) \ +- $(XQUARTZ_SUBDIRS) ++ $(XQUARTZ_SUBDIRS) \ ++ vnc + + DIST_SUBDIRS = dmx xfree86 vfb xnest xwin xquartz kdrive + +diff -up xserver/include/extinit.h.vnc xserver/include/extinit.h +--- xserver/include/extinit.h.vnc 2012-07-19 20:25:50.465161815 -0400 ++++ xserver/include/extinit.h 2012-07-19 20:25:52.490136499 -0400 +@@ -81,6 +81,8 @@ extern void DPMSExtensionInit(void); + extern Bool noGEExtension; + extern void GEExtensionInit(void); + ++extern void vncExtensionInit(void); ++ + #ifdef GLXEXT + extern _X_EXPORT Bool noGlxExtension; + extern void GlxExtensionInit(void); +diff -up xserver/mi/miinitext.c.vnc xserver/mi/miinitext.c +--- xserver/mi/miinitext.c.vnc 2012-07-19 20:22:30.000000000 -0400 ++++ xserver/mi/miinitext.c 2012-07-19 20:26:48.560435524 -0400 +@@ -293,6 +293,7 @@ static ExtensionModule staticExtensions[ + #ifdef XSELINUX + {SELinuxExtensionInit, SELINUX_EXTENSION_NAME, &noSELinuxExtension}, + #endif ++ {vncExtensionInit, "VNC", NULL}, + }; + + static ExtensionModule *ExtensionModuleList = NULL; + diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg111.patch b/extra/source/tigervnc/patches/tigervnc11-xorg111.patch new file mode 100644 index 00000000..690ca6be --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-xorg111.patch @@ -0,0 +1,236 @@ +diff -up xserver/hw/vnc/Input.cc.xorg111 xserver/hw/vnc/Input.cc +--- xserver/hw/vnc/Input.cc.xorg111 2011-08-09 23:16:36.000000000 +0200 ++++ xserver/hw/vnc/Input.cc 2011-11-11 11:59:14.226819903 +0100 +@@ -82,10 +82,11 @@ static KeyCode KeysymToKeycode(KeySymsPt + /* Event queue is shared between all devices. */ + #if XORG == 15 + static xEvent *eventq = NULL; +-#else ++#elif XORG < 111 + static EventList *eventq = NULL; + #endif + ++#if XORG < 111 + static void initEventq(void) + { + /* eventq is never free()-ed because it exists during server life. */ +@@ -100,7 +101,9 @@ static void initEventq(void) + #endif + } + } ++#endif /* XORG < 111 */ + ++#if XORG < 111 + static void enqueueEvents(DeviceIntPtr dev, int n) + { + int i; +@@ -122,6 +125,7 @@ static void enqueueEvents(DeviceIntPtr d + ); + } + } ++#endif /* XORG < 111 */ + + InputDevice::InputDevice(rfb::VNCServerST *_server) + : server(_server), oldButtonMask(0) +@@ -141,12 +145,17 @@ InputDevice::InputDevice(rfb::VNCServerS + keyboardProc, TRUE); + RegisterKeyboardDevice(keyboardDev); + #endif ++#if XORG < 111 + initEventq(); ++#endif + } + + void InputDevice::PointerButtonAction(int buttonMask) + { +- int i, n; ++ int i; ++#if XORG < 111 ++ int n; ++#endif + #if XORG >= 110 + ValuatorMask mask; + #endif +@@ -160,13 +169,17 @@ void InputDevice::PointerButtonAction(in + #if XORG < 110 + n = GetPointerEvents(eventq, pointerDev, action, i + 1, + POINTER_RELATIVE, 0, 0, NULL); +-#else ++ enqueueEvents(pointerDev, n); ++#elif XORG < 111 + valuator_mask_set_range(&mask, 0, 0, NULL); + n = GetPointerEvents(eventq, pointerDev, action, i + 1, + POINTER_RELATIVE, &mask); +-#endif + enqueueEvents(pointerDev, n); +- ++#else ++ valuator_mask_set_range(&mask, 0, 0, NULL); ++ QueuePointerEvents(pointerDev, action, i + 1, ++ POINTER_RELATIVE, &mask); ++#endif + } + } + +@@ -175,7 +188,10 @@ void InputDevice::PointerButtonAction(in + + void InputDevice::PointerMove(const rfb::Point &pos) + { +- int n, valuators[2]; ++ int valuators[2]; ++#if XORG < 111 ++ int n; ++#endif + #if XORG >= 110 + ValuatorMask mask; + #endif +@@ -190,12 +206,16 @@ void InputDevice::PointerMove(const rfb: + #if XORG < 110 + n = GetPointerEvents(eventq, pointerDev, MotionNotify, 0, POINTER_ABSOLUTE, 0, + 2, valuators); +-#else ++ enqueueEvents(pointerDev, n); ++#elif XORG < 111 + valuator_mask_set_range(&mask, 0, 2, valuators); + n = GetPointerEvents(eventq, pointerDev, MotionNotify, 0, POINTER_ABSOLUTE, + &mask); +-#endif + enqueueEvents(pointerDev, n); ++#else ++ valuator_mask_set_range(&mask, 0, 2, valuators); ++ QueuePointerEvents(pointerDev, MotionNotify, 0, POINTER_ABSOLUTE, &mask); ++#endif + + cursorPos = pos; + } +@@ -299,14 +319,20 @@ void InputDevice::initInputDevice(void) + static inline void pressKey(DeviceIntPtr dev, int kc, bool down, const char *msg) + { + int action; ++#if XORG < 111 + unsigned int n; ++#endif + + if (msg != NULL) + vlog.debug("%s %d %s", msg, kc, down ? "down" : "up"); + + action = down ? KeyPress : KeyRelease; +- n = GetKeyboardEvents(eventq, dev, action, kc); ++#if XORG < 111 ++ n = GetKeyboardEvents(eventq, dev, action, kc, NULL); + enqueueEvents(dev, n); ++#else ++ QueueKeyboardEvents(dev, action, kc, NULL); ++#endif + } + + #define IS_PRESSED(keyc, keycode) \ +@@ -341,8 +367,11 @@ public: + int state, maxKeysPerMod, keycode; + #if XORG >= 17 + KeyCode *modmap = NULL; +- ++#if XORG >= 111 ++ state = XkbStateFieldFromRec(&dev->master->key->xkbInfo->state); ++#else /* XORG >= 111 */ + state = XkbStateFieldFromRec(&dev->u.master->key->xkbInfo->state); ++#endif /* XORG >= 111 */ + #else + KeyClassPtr keyc = dev->key; + state = keyc->state; +@@ -380,7 +409,11 @@ public: + #if XORG >= 17 + KeyCode *modmap = NULL; + ++#if XORG >= 111 ++ keyc = dev->master->key; ++#else /* XORG >= 111 */ + keyc = dev->u.master->key; ++#endif /* XORG >= 111 */ + state = XkbStateFieldFromRec(&keyc->xkbInfo->state); + #else + keyc = dev->key; +@@ -596,7 +629,11 @@ void InputDevice::keyEvent(rdr::U32 keys + } + + #if XORG >= 17 ++#if XORG >= 111 ++ keyc = keyboardDev->master->key; ++#else /* XORG >= 111 */ + keyc = keyboardDev->u.master->key; ++#endif /* XORG >= 111 */ + + keymap = XkbGetCoreMap(keyboardDev); + if (!keymap) { +@@ -753,7 +790,11 @@ ModeSwitchFound: + XkbApplyMappingChange(keyboardDev, keymap, minKeyCode, + maxKeyCode - minKeyCode + 1, + NULL, serverClient); ++#if XORG >= 111 ++ XkbCopyDeviceKeymap(keyboardDev->master, keyboardDev); ++#else + XkbCopyDeviceKeymap(keyboardDev->u.master, keyboardDev); ++#endif + #endif /* XORG < 17 */ + break; + } +diff -up xserver/hw/vnc/xorg-version.h.xorg111 xserver/hw/vnc/xorg-version.h +--- xserver/hw/vnc/xorg-version.h.xorg111 2011-08-09 23:16:36.000000000 +0200 ++++ xserver/hw/vnc/xorg-version.h 2011-11-11 11:55:32.255835319 +0100 +@@ -36,6 +36,8 @@ + #define XORG 19 + #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (10 * 100000) + (99 * 1000)) + #define XORG 110 ++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (11 * 100000) + (99 * 1000)) ++#define XORG 111 + #else + #error "X.Org newer than 1.10 is not supported" + #endif +diff -up xserver/hw/vnc/xvnc.cc.xorg111 xserver/hw/vnc/xvnc.cc +--- xserver/hw/vnc/xvnc.cc.xorg111 2011-08-09 23:16:36.000000000 +0200 ++++ xserver/hw/vnc/xvnc.cc 2011-11-11 11:55:32.256835319 +0100 +@@ -211,7 +211,11 @@ static void vfbFreeFramebufferMemory(vfb + + extern "C" { + ++#if XORG < 111 + void ddxGiveUp() ++#else ++void ddxGiveUp(enum ExitCode error) ++#endif + { + int i; + +@@ -221,9 +225,17 @@ void ddxGiveUp() + } + + void ++#if XORG < 111 + AbortDDX() ++#else ++AbortDDX(enum ExitCode error) ++#endif + { ++#if XORG < 111 + ddxGiveUp(); ++#else ++ ddxGiveUp(error); ++#endif + } + + #ifdef __DARWIN__ +@@ -668,8 +680,13 @@ vfbUninstallColormap(ColormapPtr pmap) + { + if (pmap->mid != pmap->pScreen->defColormap) + { ++#if XORG < 111 + curpmap = (ColormapPtr) LookupIDByType(pmap->pScreen->defColormap, + RT_COLORMAP); ++#else ++ dixLookupResourceByType((pointer *) &curpmap, pmap->pScreen->defColormap, ++ RT_COLORMAP, serverClient, DixUnknownAccess); ++#endif + (*pmap->pScreen->InstallColormap)(curpmap); + } + } + diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg112.patch b/extra/source/tigervnc/patches/tigervnc11-xorg112.patch new file mode 100644 index 00000000..2931cd7e --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-xorg112.patch @@ -0,0 +1,429 @@ +diff -up xserver/hw/vnc/vncExtInit.cc.xorg112 xserver/hw/vnc/vncExtInit.cc +--- xserver/hw/vnc/vncExtInit.cc.xorg112 2011-08-09 23:16:36.000000000 +0200 ++++ xserver/hw/vnc/vncExtInit.cc 2012-03-27 12:54:56.937271323 +0200 +@@ -56,6 +56,7 @@ extern "C" { + #include "XserverDesktop.h" + #include "vncHooks.h" + #include "vncExtInit.h" ++#include "xorg-version.h" + + extern "C" { + +@@ -360,10 +361,16 @@ void vncClientCutText(const char* str, i + ev.window = cur->window; + ev.time = GetTimeInMillis(); + if (cur->client->swapped) { ++#if XORG < 112 + int n; + swaps(&ev.sequenceNumber, n); + swapl(&ev.window, n); + swapl(&ev.time, n); ++#else ++ swaps(&ev.sequenceNumber); ++ swapl(&ev.window); ++ swapl(&ev.time); ++#endif + } + WriteToClient(cur->client, sizeof(xVncExtClientCutTextNotifyEvent), + (char *)&ev); +@@ -406,9 +413,14 @@ void vncQueryConnect(XserverDesktop* des + ev.sequenceNumber = cur->client->sequence; + ev.window = cur->window; + if (cur->client->swapped) { ++#if XORG < 112 + int n; + swaps(&ev.sequenceNumber, n); + swapl(&ev.window, n); ++#else ++ swaps(&ev.sequenceNumber); ++ swapl(&ev.window); ++#endif + } + WriteToClient(cur->client, sizeof(xVncExtQueryConnectNotifyEvent), + (char *)&ev); +@@ -449,10 +461,16 @@ static void SendSelectionChangeEvent(Ato + ev.window = cur->window; + ev.selection = selection; + if (cur->client->swapped) { ++#if XORG < 112 + int n; + swaps(&ev.sequenceNumber, n); + swapl(&ev.window, n); + swapl(&ev.selection, n); ++#else ++ swaps(&ev.sequenceNumber); ++ swapl(&ev.window); ++ swapl(&ev.selection); ++#endif + } + WriteToClient(cur->client, sizeof(xVncExtSelectionChangeNotifyEvent), + (char *)&ev); +@@ -473,7 +491,6 @@ static int ProcVncExtSetParam(ClientPtr + param.buf[stuff->paramLen] = 0; + + xVncExtSetParamReply rep; +- int n; + rep.type = X_Reply; + rep.length = 0; + rep.success = 0; +@@ -514,8 +531,14 @@ static int ProcVncExtSetParam(ClientPtr + + deny: + if (client->swapped) { ++#if XORG < 112 ++ int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.length); ++#endif + } + WriteToClient(client, sizeof(xVncExtSetParamReply), (char *)&rep); + return (client->noClientException); +@@ -523,9 +546,13 @@ deny: + + static int SProcVncExtSetParam(ClientPtr client) + { +- register char n; + REQUEST(xVncExtSetParamReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_AT_LEAST_SIZE(xVncExtSetParamReq); + return ProcVncExtSetParam(client); + } +@@ -539,7 +566,6 @@ static int ProcVncExtGetParam(ClientPtr + param.buf[stuff->paramLen] = 0; + + xVncExtGetParamReply rep; +- int n; + rep.type = X_Reply; + rep.sequenceNumber = client->sequence; + rep.success = 0; +@@ -557,9 +583,16 @@ static int ProcVncExtGetParam(ClientPtr + rep.length = (len + 3) >> 2; + rep.valueLen = len; + if (client->swapped) { ++#if XORG < 112 ++ int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); + swaps(&rep.valueLen, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.length); ++ swaps(&rep.valueLen); ++#endif + } + WriteToClient(client, sizeof(xVncExtGetParamReply), (char *)&rep); + if (value) +@@ -570,9 +603,13 @@ static int ProcVncExtGetParam(ClientPtr + + static int SProcVncExtGetParam(ClientPtr client) + { +- register char n; + REQUEST(xVncExtGetParamReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_AT_LEAST_SIZE(xVncExtGetParamReq); + return ProcVncExtGetParam(client); + } +@@ -586,7 +623,6 @@ static int ProcVncExtGetParamDesc(Client + param.buf[stuff->paramLen] = 0; + + xVncExtGetParamDescReply rep; +- int n; + rep.type = X_Reply; + rep.sequenceNumber = client->sequence; + rep.success = 0; +@@ -601,9 +637,16 @@ static int ProcVncExtGetParamDesc(Client + rep.length = (len + 3) >> 2; + rep.descLen = len; + if (client->swapped) { ++#if XORG < 112 ++ int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); + swaps(&rep.descLen, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.length); ++ swaps(&rep.descLen); ++#endif + } + WriteToClient(client, sizeof(xVncExtGetParamDescReply), (char *)&rep); + if (desc) +@@ -613,9 +656,13 @@ static int ProcVncExtGetParamDesc(Client + + static int SProcVncExtGetParamDesc(ClientPtr client) + { +- register char n; + REQUEST(xVncExtGetParamDescReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_AT_LEAST_SIZE(xVncExtGetParamDescReq); + return ProcVncExtGetParamDesc(client); + } +@@ -626,7 +673,6 @@ static int ProcVncExtListParams(ClientPt + REQUEST_SIZE_MATCH(xVncExtListParamsReq); + + xVncExtListParamsReply rep; +- int n; + rep.type = X_Reply; + rep.sequenceNumber = client->sequence; + +@@ -642,9 +688,16 @@ static int ProcVncExtListParams(ClientPt + rep.length = (len + 3) >> 2; + rep.nParams = nParams; + if (client->swapped) { ++#if XORG < 112 ++ int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); + swaps(&rep.nParams, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.length); ++ swaps(&rep.nParams); ++#endif + } + WriteToClient(client, sizeof(xVncExtListParamsReply), (char *)&rep); + rdr::U8* data = new rdr::U8[len]; +@@ -664,9 +717,13 @@ static int ProcVncExtListParams(ClientPt + + static int SProcVncExtListParams(ClientPtr client) + { +- register char n; + REQUEST(xVncExtListParamsReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_SIZE_MATCH(xVncExtListParamsReq); + return ProcVncExtListParams(client); + } +@@ -689,11 +746,19 @@ static int ProcVncExtSetServerCutText(Cl + + static int SProcVncExtSetServerCutText(ClientPtr client) + { +- register char n; + REQUEST(xVncExtSetServerCutTextReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_AT_LEAST_SIZE(xVncExtSetServerCutTextReq); ++#if XORG < 112 + swapl(&stuff->textLen, n); ++#else ++ swapl(&stuff->textLen); ++#endif + return ProcVncExtSetServerCutText(client); + } + +@@ -703,15 +768,21 @@ static int ProcVncExtGetClientCutText(Cl + REQUEST_SIZE_MATCH(xVncExtGetClientCutTextReq); + + xVncExtGetClientCutTextReply rep; +- int n; + rep.type = X_Reply; + rep.length = (clientCutTextLen + 3) >> 2; + rep.sequenceNumber = client->sequence; + rep.textLen = clientCutTextLen; + if (client->swapped) { ++#if XORG < 112 ++ int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); + swapl(&rep.textLen, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.length); ++ swapl(&rep.textLen); ++#endif + } + WriteToClient(client, sizeof(xVncExtGetClientCutTextReply), (char *)&rep); + if (clientCutText) +@@ -721,9 +792,13 @@ static int ProcVncExtGetClientCutText(Cl + + static int SProcVncExtGetClientCutText(ClientPtr client) + { +- register char n; + REQUEST(xVncExtGetClientCutTextReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_SIZE_MATCH(xVncExtGetClientCutTextReq); + return ProcVncExtGetClientCutText(client); + } +@@ -753,12 +828,21 @@ static int ProcVncExtSelectInput(ClientP + + static int SProcVncExtSelectInput(ClientPtr client) + { +- register char n; + REQUEST(xVncExtSelectInputReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_SIZE_MATCH(xVncExtSelectInputReq); ++#if XORG < 112 + swapl(&stuff->window, n); + swapl(&stuff->mask, n); ++#else ++ swapl(&stuff->window); ++ swapl(&stuff->mask); ++#endif + return ProcVncExtSelectInput(client); + } + +@@ -804,9 +888,14 @@ static int ProcVncExtConnect(ClientPtr c + rep.length = 0; + rep.sequenceNumber = client->sequence; + if (client->swapped) { ++#if XORG < 112 + int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.length); ++#endif + } + WriteToClient(client, sizeof(xVncExtConnectReply), (char *)&rep); + return (client->noClientException); +@@ -814,9 +903,13 @@ static int ProcVncExtConnect(ClientPtr c + + static int SProcVncExtConnect(ClientPtr client) + { +- register char n; + REQUEST(xVncExtConnectReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_AT_LEAST_SIZE(xVncExtConnectReq); + return ProcVncExtConnect(client); + } +@@ -836,7 +929,6 @@ static int ProcVncExtGetQueryConnect(Cli + qcTimeout = 0; + + xVncExtGetQueryConnectReply rep; +- int n; + rep.type = X_Reply; + rep.sequenceNumber = client->sequence; + rep.timeout = qcTimeout; +@@ -845,11 +937,20 @@ static int ProcVncExtGetQueryConnect(Cli + rep.opaqueId = (CARD32)(long)queryConnectId; + rep.length = (rep.userLen + rep.addrLen + 3) >> 2; + if (client->swapped) { ++#if XORG < 112 ++ int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.userLen, n); + swapl(&rep.addrLen, n); + swapl(&rep.timeout, n); + swapl(&rep.opaqueId, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.userLen); ++ swapl(&rep.addrLen); ++ swapl(&rep.timeout); ++ swapl(&rep.opaqueId); ++#endif + } + WriteToClient(client, sizeof(xVncExtGetQueryConnectReply), (char *)&rep); + if (qcTimeout) +@@ -861,9 +962,13 @@ static int ProcVncExtGetQueryConnect(Cli + + static int SProcVncExtGetQueryConnect(ClientPtr client) + { +- register char n; + REQUEST(xVncExtGetQueryConnectReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_SIZE_MATCH(xVncExtGetQueryConnectReq); + return ProcVncExtGetQueryConnect(client); + } +@@ -888,10 +993,15 @@ static int ProcVncExtApproveConnect(Clie + + static int SProcVncExtApproveConnect(ClientPtr client) + { +- register char n; + REQUEST(xVncExtApproveConnectReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); + swapl(&stuff->opaqueId, n); ++#else ++ swaps(&stuff->length); ++ swapl(&stuff->opaqueId); ++#endif + REQUEST_SIZE_MATCH(xVncExtApproveConnectReq); + return ProcVncExtApproveConnect(client); + } +diff -up xserver/hw/vnc/xf86vncModule.cc.xorg112 xserver/hw/vnc/xf86vncModule.cc +--- xserver/hw/vnc/xf86vncModule.cc.xorg112 2011-08-09 23:16:36.000000000 +0200 ++++ xserver/hw/vnc/xf86vncModule.cc 2012-03-27 12:54:56.938271322 +0200 +@@ -26,6 +26,8 @@ + #include <rfb/Logger_stdio.h> + #include <rfb/LogWriter.h> + ++#include "xorg-version.h" ++ + extern "C" { + #define class c_class + #define private c_private +@@ -89,7 +91,12 @@ static void vncExtensionInitWithParams(I + ScrnInfoPtr pScrn = xf86Screens[scr]; + + for (ParameterIterator i(Configuration::global()); i.param; i.next()) { +- char* val = xf86FindOptionValue(pScrn->options, i.param->getName()); ++ const char *val; ++#if XORG < 112 ++ val = xf86FindOptionValue(pScrn->options, i.param->getName()); ++#else ++ val = xf86FindOptionValue((XF86OptionPtr)pScrn->options, i.param->getName()); ++#endif + if (val) + i.param->setParam(val); + } +diff -up xserver/hw/vnc/xorg-version.h.xorg112 xserver/hw/vnc/xorg-version.h +--- xserver/hw/vnc/xorg-version.h.xorg112 2012-03-27 12:55:27.576240843 +0200 ++++ xserver/hw/vnc/xorg-version.h 2012-03-27 12:56:07.541204026 +0200 +@@ -38,6 +38,8 @@ + #define XORG 110 + #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (11 * 100000) + (99 * 1000)) + #define XORG 111 ++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (12 * 100000) + (99 * 1000)) ++#define XORG 112 + #else + #error "X.Org newer than 1.10 is not supported" + #endif diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg113.patch b/extra/source/tigervnc/patches/tigervnc11-xorg113.patch new file mode 100644 index 00000000..12ce549d --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-xorg113.patch @@ -0,0 +1,171 @@ +diff -up xserver/hw/vnc/Makefile.am.xorg113 xserver/hw/vnc/Makefile.am +--- xserver/hw/vnc/Makefile.am.xorg113 2012-07-19 21:42:46.297455970 -0400 ++++ xserver/hw/vnc/Makefile.am 2012-07-19 21:19:22.526005528 -0400 +@@ -62,7 +62,7 @@ EXTRA_DIST = Xvnc.man + BUILT_SOURCES = $(nodist_Xvnc_SOURCES) + + fb.h: $(top_srcdir)/fb/fb.h +- cat $(top_srcdir)/fb/fb.h | sed -e 's,and,c_and,' -e 's,xor,c_xor,' > $(srcdir)/fb.h ++ cat $(top_srcdir)/fb/fb.h | sed -e 's,and,c_and,g' -e 's,xor,c_xor,g' > $(srcdir)/fb.h + + pixman.h: $(includedir)/pixman-1/pixman.h + cat $(includedir)/pixman-1/pixman.h | sed 's/xor/c_xor/' > $(srcdir)/pixman.h +diff -up xserver/hw/vnc/vncHooks.cc.xorg113 xserver/hw/vnc/vncHooks.cc +--- xserver/hw/vnc/vncHooks.cc.xorg113 2012-07-19 21:31:37.191820942 -0400 ++++ xserver/hw/vnc/vncHooks.cc 2012-07-19 21:36:00.327531293 -0400 +@@ -116,7 +116,7 @@ static DevPrivateKeyRec vncHooksGCKeyRec + + // screen functions + +-static Bool vncHooksCloseScreen(int i, ScreenPtr pScreen); ++static Bool vncHooksCloseScreen(ScreenPtr pScreen); + static Bool vncHooksCreateGC(GCPtr pGC); + static void vncHooksCopyWindow(WindowPtr pWin, DDXPointRec ptOldOrg, + RegionPtr pOldRegion); +@@ -133,7 +133,7 @@ static Bool vncHooksDisplayCursor( + DeviceIntPtr pDev, + #endif + ScreenPtr pScreen, CursorPtr cursor); +-static void vncHooksBlockHandler(int i, pointer blockData, pointer pTimeout, ++static void vncHooksBlockHandler(ScreenPtr pScreen_, pointer pTimeout, + pointer pReadmask); + #ifdef RENDER + static void vncHooksComposite(CARD8 op, PicturePtr pSrc, PicturePtr pMask, +@@ -335,7 +335,7 @@ Bool vncHooksInit(ScreenPtr pScreen, Xse + // CloseScreen - unwrap the screen functions and call the original CloseScreen + // function + +-static Bool vncHooksCloseScreen(int i, ScreenPtr pScreen_) ++static Bool vncHooksCloseScreen(ScreenPtr pScreen_) + { + SCREEN_UNWRAP(pScreen_, CloseScreen); + +@@ -366,7 +366,7 @@ static Bool vncHooksCloseScreen(int i, S + + DBGPRINT((stderr,"vncHooksCloseScreen: unwrapped screen functions\n")); + +- return (*pScreen->CloseScreen)(i, pScreen); ++ return (*pScreen->CloseScreen)(pScreen); + } + + // CreateGC - wrap the "GC funcs" +@@ -531,14 +531,14 @@ static Bool vncHooksDisplayCursor( + // BlockHandler - ignore any changes during the block handler - it's likely + // these are just drawing the cursor. + +-static void vncHooksBlockHandler(int i, pointer blockData, pointer pTimeout, ++static void vncHooksBlockHandler(ScreenPtr pScreen_, pointer pTimeout, + pointer pReadmask) + { +- SCREEN_UNWRAP(screenInfo.screens[i], BlockHandler); ++ SCREEN_UNWRAP(pScreen_, BlockHandler); + + vncHooksScreen->desktop->ignoreHooks(true); + +- (*pScreen->BlockHandler) (i, blockData, pTimeout, pReadmask); ++ (*pScreen->BlockHandler) (pScreen, pTimeout, pReadmask); + + vncHooksScreen->desktop->ignoreHooks(false); + +diff -up xserver/hw/vnc/xf86vncModule.cc.xorg113 xserver/hw/vnc/xf86vncModule.cc +--- xserver/hw/vnc/xf86vncModule.cc.xorg113 2012-07-19 21:19:27.558942606 -0400 ++++ xserver/hw/vnc/xf86vncModule.cc 2012-07-19 21:19:27.574942408 -0400 +@@ -53,8 +53,6 @@ ExtensionModule vncExt = + { + vncExtensionInitWithParams, + "VNC", +- NULL, +- NULL, + NULL + }; + +diff -up xserver/hw/vnc/xorg-version.h.xorg113 xserver/hw/vnc/xorg-version.h +--- xserver/hw/vnc/xorg-version.h.xorg113 2012-07-19 21:19:27.560942582 -0400 ++++ xserver/hw/vnc/xorg-version.h 2012-07-19 21:19:27.576942382 -0400 +@@ -40,6 +40,8 @@ + #define XORG 111 + #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (12 * 100000) + (99 * 1000)) + #define XORG 112 ++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (13 * 100000) + (99 * 1000)) ++#define XORG 113 + #else + #error "X.Org newer than 1.10 is not supported" + #endif +diff -up xserver/hw/vnc/xvnc.cc.xorg113 xserver/hw/vnc/xvnc.cc +--- xserver/hw/vnc/xvnc.cc.xorg113 2012-07-19 21:36:33.078121854 -0400 ++++ xserver/hw/vnc/xvnc.cc 2012-07-19 21:39:49.685663920 -0400 +@@ -267,7 +267,7 @@ OsVendorInit() + } + + void +-OsVendorFatalError() ++OsVendorFatalError(const char *f, va_list args) + { + } + +@@ -1135,9 +1135,9 @@ static Bool vncRandRSetConfig (ScreenPtr + #endif + + static Bool +-vfbCloseScreen(int index, ScreenPtr pScreen) ++vfbCloseScreen(ScreenPtr pScreen) + { +- vfbScreenInfoPtr pvfb = &vfbScreens[index]; ++ vfbScreenInfoPtr pvfb = &vfbScreens[pScreen->myNum]; + int i; + + pScreen->CloseScreen = pvfb->closeScreen; +@@ -1149,13 +1149,13 @@ vfbCloseScreen(int index, ScreenPtr pScr + for (i = 0; i < MAXSCREENS; i++) + InstalledMaps[i] = NULL; + +- return pScreen->CloseScreen(index, pScreen); ++ return pScreen->CloseScreen(pScreen); + } + + static Bool +-vfbScreenInit(int index, ScreenPtr pScreen, int argc, char **argv) ++vfbScreenInit(ScreenPtr pScreen, int argc, char **argv) + { +- vfbScreenInfoPtr pvfb = &vfbScreens[index]; ++ vfbScreenInfoPtr pvfb = &vfbScreens[pScreen->myNum]; + int dpi; + int ret; + void *pbits; +@@ -1167,8 +1167,8 @@ vfbScreenInit(int index, ScreenPtr pScre + + pbits = vfbAllocateFramebufferMemory(&pvfb->fb); + if (!pbits) return FALSE; +- vncFbptr[index] = pbits; +- vncFbstride[index] = pvfb->fb.paddedWidth; ++ vncFbptr[pScreen->myNum] = pbits; ++ vncFbstride[pScreen->myNum] = pvfb->fb.paddedWidth; + + miSetPixmapDepths(); + +diff -up xserver/include/screenint.h.xorg113 xserver/include/screenint.h +--- xserver/include/screenint.h.xorg113 2012-07-19 21:30:38.258557709 -0400 ++++ xserver/include/screenint.h 2012-07-19 21:30:45.415468235 -0400 +@@ -72,18 +72,18 @@ extern _X_EXPORT int AddGPUScreen(Bool ( + extern _X_EXPORT void RemoveGPUScreen(ScreenPtr pScreen); + + extern _X_EXPORT void +-AttachUnboundGPU(ScreenPtr pScreen, ScreenPtr newScreen); ++AttachUnboundGPU(ScreenPtr pScreen, ScreenPtr); + extern _X_EXPORT void + DetachUnboundGPU(ScreenPtr unbound); + + extern _X_EXPORT void +-AttachOutputGPU(ScreenPtr pScreen, ScreenPtr newScreen); ++AttachOutputGPU(ScreenPtr pScreen, ScreenPtr); + + extern _X_EXPORT void + DetachOutputGPU(ScreenPtr output); + + extern _X_EXPORT void +-AttachOffloadGPU(ScreenPtr pScreen, ScreenPtr newScreen); ++AttachOffloadGPU(ScreenPtr pScreen, ScreenPtr); + + extern _X_EXPORT void + DetachOffloadGPU(ScreenPtr slave); + diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg114.patch b/extra/source/tigervnc/patches/tigervnc11-xorg114.patch new file mode 100644 index 00000000..23c71001 --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-xorg114.patch @@ -0,0 +1,24 @@ +--- xserver/hw/vnc/xorg-version.h Mon Feb 18 08:28:49 2013 ++++ xserver/hw/vnc/xorg-version.h Mon Feb 18 08:28:43 2013 +@@ -42,8 +42,10 @@ + #define XORG 112 + #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (13 * 100000) + (99 * 1000)) + #define XORG 113 ++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (14 * 100000) + (99 * 1000)) ++#define XORG 114 + #else +-#error "X.Org newer than 1.10 is not supported" ++#error "X.Org newer than 1.14 is not supported" + #endif + + #endif +--- xserver/hw/vnc/xvnc.cc Tue Feb 19 08:50:20 2013 ++++ xserver/hw/vnc/xvnc.cc Tue Feb 19 08:50:27 2013 +@@ -54,7 +54,6 @@ + #include "servermd.h" + #include "fb.h" + #include "mi.h" +-#include "mibstore.h" + #include "colormapst.h" + #include "gcstruct.h" + #include "input.h" diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg_headers.patch b/extra/source/tigervnc/patches/tigervnc11-xorg_headers.patch new file mode 100644 index 00000000..2ef5bece --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-xorg_headers.patch @@ -0,0 +1,16 @@ +--- tigervnc-1.1.0/unix/xserver/hw/vnc/Makefile.am.orig 2011-08-09 23:16:36.000000000 +0200 ++++ tigervnc-1.1.0/unix/xserver/hw/vnc/Makefile.am 2012-07-29 14:14:55.078998592 +0200 +@@ -61,10 +61,10 @@ + BUILT_SOURCES = $(nodist_Xvnc_SOURCES) + + fb.h: $(top_srcdir)/fb/fb.h +- cat $(top_srcdir)/fb/fb.h | sed -e 's,and,c_and,' -e 's,xor,c_xor,' > $(srcdir)/fb.h ++ cat $(top_srcdir)/fb/fb.h | sed -e 's,and,c_and,g' -e 's,xor,c_xor,g' > $(srcdir)/fb.h + + pixman.h: $(includedir)/pixman-1/pixman.h +- cat $(includedir)/pixman-1/pixman.h | sed 's/xor/c_xor/' > $(srcdir)/pixman.h ++ cat $(includedir)/pixman-1/pixman.h | sed 's/xor/c_xor/g' > $(srcdir)/pixman.h + + fbrop.h: $(top_srcdir)/fb/fbrop.h +- cat $(top_srcdir)/fb/fbrop.h | sed -e 's,and,c_and,' -e 's,xor,c_xor,' > $(srcdir)/fbrop.h ++ cat $(top_srcdir)/fb/fbrop.h | sed -e 's,and,c_and,' -e 's,xor,c_xor,g' > $(srcdir)/fbrop.h diff --git a/extra/source/tigervnc/slack-desc b/extra/source/tigervnc/slack-desc new file mode 100644 index 00000000..e433dd5f --- /dev/null +++ b/extra/source/tigervnc/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +tigervnc: tigervnc (VNC server and client) +tigervnc: +tigervnc: Virtual Network Computing (VNC) is a remote display system which +tigervnc: allows you to view a desktop environment from anywhere on the Internet +tigervnc: and from a wide variety of machine architectures. +tigervnc: TigerVNC is a suite of VNC servers and clients that have a focus on +tigervnc: performance and remote display functionality. +tigervnc: +tigervnc: +tigervnc: tigervnc home: http://tigervnc.org/ +tigervnc: diff --git a/extra/source/tigervnc/tigervnc.SlackBuild b/extra/source/tigervnc/tigervnc.SlackBuild new file mode 100755 index 00000000..a269bc7c --- /dev/null +++ b/extra/source/tigervnc/tigervnc.SlackBuild @@ -0,0 +1,311 @@ +#!/bin/sh +# Copyright 2010, 2011, 2012, 2013 Eric Hameleers, Eindhoven. NL +# All rights reserved. +# +# Permission to use, copy, modify, and distribute this software for +# any purpose with or without fee is hereby granted, provided that +# the above copyright notice and this permission notice appear in all +# copies. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# ----------------------------------------------------------------------------- + + +PKGNAM=tigervnc +VERSION=${VERSION:-1.1.0} +BUILD=${BUILD:-1} +NUMJOBS=${NUMJOBS:" -j4 "} +TAG=${TAG:-} + +# Do we build the java applet (needs jdk)? +DO_APPLET=${DO_APPLET:-"NO"} + +# TigerVNC needs to use source of the X.Org server whose version matches +# that of your installed X.Org package: +XORG=${XORG:-$(X -version 2>&1 | grep "^X.Org X Server " | cut -f4 -d' ')} +MAXPATCHVER="$(echo $XORG | cut -f1,2 -d. | tr -d '.')" + +# OS Stamp into the binaries: +OSNAME="$(head -1 /etc/slackware-version)" +OSVENDOR="Slackware Linux Project" +BUILDER="Built by Alien BOB on $(date -u)" + +# This covers most filenames you'd want as documentation. Change if needed. +DOCS="LICENCE.TXT doc/TODO doc/*.txt doc/*.odt" +DOCS_XORG="COPYING ChangeLog" + +if [ -e $CWD/machine.conf ]; then + . $CWD/machine.conf ] +elif [ -e /etc/slackbuild/machine.conf ]; then + . /etc/slackbuild/machine.conf ] +else + # Automatically determine the architecture we're building on: + MARCH=$( uname -m ) + if [ -z "$ARCH" ]; then + case "$MARCH" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$MARCH ;; + esac + fi + # Set CFLAGS/CXXFLAGS and LIBDIRSUFFIX: + if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" + elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" + elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv5te" + LIBDIRSUFFIX="" + else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + fi +fi + +case "$ARCH" in + arm*) TARGET=$ARCH-slackware-linux-gnueabi ;; + *) TARGET=$ARCH-slackware-linux ;; +esac + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +rm -rf xorg-server-${XORG} +tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 +tar xvf $CWD/xorg-server-${XORG}.tar.?z* || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +# Move the xorg-server sources into the TigerVNC tree: +mv unix/xserver/hw/vnc ../xorg-server-${XORG}/hw/ +rm -rf unix/xserver/hw +mv ../xorg-server-${XORG}/* unix/xserver/ + +# We have patches for X.Org later than 1.10 which tigervnc does not have: +for PATCHVER in 111 112 113 114 ; do + if [ -e $CWD/patches/tigervnc$(echo $VERSION | cut -f1,2 -d. --output-delimiter=)-xorg${PATCHVER}.patch ]; then + cp $CWD/patches/tigervnc$(echo $VERSION | cut -f1,2 -d. --output-delimiter=)-xorg${PATCHVER}.patch unix/xserver${PATCHVER}.patch + fi +done + +if [ $MAXPATCHVER -gt 110 ]; then + if [ $MAXPATCHVER -lt 113 ]; then + # The sed magic in the hw/vnc Makefile needs some love: + # ... taken care of in the xserver113 patch if we ever move to X.Org 1.13. + cat $CWD/patches/tigervnc$(echo $VERSION | cut -f1,2 -d. --output-delimiter=)-xorg_headers.patch | patch -p1 --verbose || exit 1 + else + # We need to rewrite the xserver110.patch for X.Org 1.13 and newer: + cp $CWD/patches/tigervnc$(echo $VERSION | cut -f1,2 -d. --output-delimiter=)-xorg110.patch unix/xserver110.patch + fi +fi + +# Patch the xorg-server source to include building the vnc driver +cd unix/xserver + if [ $MAXPATCHVER -le 110 ]; then + # apply one of the tigervnc-provided patches: + cat ../xserver${MAXPATCHVER}.patch | patch -p1 --verbose || exit 1 + else + # these external patches are incremental and must be applied in order: + for PATCHVER in 110 111 112 113 114 ; do + if [ $PATCHVER -le $MAXPATCHVER -a -e ../xserver${PATCHVER}.patch ]; then + cat ../xserver${PATCHVER}.patch | patch -p1 --verbose || exit 1 + fi + done + fi +cd - + +# We use Java7: +cat $CWD/patches/tigervnc11-java7.patch | patch -p1 --verbose || exit 1 + +# Explicitly put the java applet into a directory named 'tigervnc': +sed -i -e 's#/vnc/class#/tigervnc/class#'g $(grep -rl vnc/class .) + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +export LDFLAGS="$SLKLDFLAGS -lpthread" +export CXXFLAGS="$SLKCFLAGS" +export CFLAGS="$SLKCFLAGS" + +echo -e "\n*** Building tigervnc ***\n" +autoreconf -vif +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --disable-static \ + --program-prefix= \ + --program-suffix= \ + --build=$TARGET + +make $NUMJOBS || make || exit 1 +make DESTDIR=$PKG install || exit 1 + +cd unix/xserver + echo -e "\n*** Building xserver ***\n" + export CXXFLAGS="$SLKCFLAGS -fpermissive" + autoreconf -vif + + # Default font paths to be used by the X server + DEF_FONTPATH="/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/misc,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic" + + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --mandir=/usr/man \ + --disable-dri \ + --disable-static \ + --disable-xorg --disable-xnest --disable-xvfb --disable-dmx \ + --disable-xwin --disable-xephyr --disable-kdrive \ + --disable-xinerama \ + --enable-composite \ + --enable-install-libxf86config \ + --enable-xcsecurity \ + --enable-glx-tls --enable-dri2 \ + --with-pic \ + --with-int10=x86emu \ + --with-default-font-path="${DEF_FONTPATH}" \ + --with-module-dir=/usr/lib${LIBDIRSUFFIX}/xorg/modules \ + --with-dri-driver-path=/usr/lib${LIBDIRSUFFIX}/xorg/modules/dri \ + --with-xkb-path=/etc/X11/xkb \ + --with-xkb-output=/var/lib/xkb \ + --disable-config-dbus \ + --disable-config-hal \ + --disable-config-udev \ + --disable-devel-docs \ + --disable-unit-tests \ + --without-dtrace \ + --with-os-name="$OSNAME" \ + --with-os-vendor="$OSVENDOR" \ + --with-builderstring="$BUILDER" \ + --build=$TARGET + + make $NUMJOBS || make || exit 1 + make -C hw/vnc DESTDIR=$PKG install +cd - + +if [ "$DO_APPLET" = "YES" ]; then + # Compile the java applet (needs the JDK... JRE is not enough): + cd java/src/com/tigervnc/vncviewer + make || exit 1 + cd - +fi + +# Create .png icons from the .svg file: +make -C media + +if [ "$DO_APPLET" = "YES" ]; then + # Install the java applet: + cd java/src/com/tigervnc/vncviewer + mkdir -p $PKG/usr/share/tigervnc/classes + install -m0755 VncViewer.jar $PKG/usr/share/tigervnc/classes/ + install -m0644 index.vnc $PKG/usr/share/tigervnc/classes/ + install -m0644 *.class $PKG/usr/share/tigervnc/classes/ + cd - +fi + +# Install menu entry: +mkdir -p $PKG/usr/share/{applications,icons/hicolor/{16x16,24x24,32x32,48x48}/apps} +for PSIZE in 16 24 32 48; do + install -m644 media/icons/tigervnc_${PSIZE}.png \ + $PKG/usr/share/icons/hicolor/${PSIZE}x${PSIZE}/apps/tigervnc.png +done +cat <<EOT > $PKG/usr/share/applications/tigervnc.desktop +[Desktop Entry] +Encoding=UTF-8 +Name=TigerVNC +GenericName=VNCViewer (RFB Client) +Comment=Connect to remote desktop +SwallowExec= +Exec=vncviewer +MimeType= +Icon=tigervnc +Path= +TerminalOptions= +Terminal=false +Type=Application +Categories=Network; +StartupWMClass=VNC Viewer: Connection Details +EOT + +# Add this to the doinst.sh: +! [ -d $PKG/install ] && mkdir -p $PKG/install +cat <<EOT >> $PKG/install/doinst.sh +# Update the desktop database: +if [ -x usr/bin/update-desktop-database ]; then + chroot . /usr/bin/update-desktop-database usr/share/applications 1>/dev/null 2>&1 +fi + +# Update the mime database: +if [ -x usr/bin/update-mime-database ]; then + chroot . /usr/bin/update-mime-database usr/share/mime 1>/dev/null 2>&1 +fi + +# Update hicolor theme cache: +if [ -d usr/share/icons/hicolor ]; then + if [ -x usr/bin/gtk-update-icon-cache ]; then + chroot . /usr/bin/gtk-update-icon-cache -f -t usr/share/icons/hicolor 1> /dev/null 2> /dev/null + fi +fi + +EOT + +# Add documentation: +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a $DOCS $PKG/usr/doc/$PKGNAM-$VERSION || true +for FIL in $(echo $DOCS_XORG); do cp -a unix/xserver/$FIL $PKG/usr/doc/$PKGNAM-$VERSION/${FIL}.xorg ; done +chown -R root:root $PKG/usr/doc/$PKGNAM-$VERSION +find $PKG/usr/doc -type f -exec chmod 644 {} \; + +# Compress the man page(s): +if [ -d $PKG/usr/man ]; then + find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; + for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +fi + +# Strip binaries (if any): +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Add a package description: +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +if [ -f $CWD/doinst.sh.gz ]; then + zcat $CWD/doinst.sh.gz >> $PKG/install/doinst.sh +fi + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txz + diff --git a/extra/source/tightvnc/doinst.sh b/extra/source/tightvnc/doinst.sh deleted file mode 100644 index 8ce980e5..00000000 --- a/extra/source/tightvnc/doinst.sh +++ /dev/null @@ -1,24 +0,0 @@ -# Handle the incoming configuration files: -config() { - NEW="$1" - OLD="$(dirname $NEW)/$(basename $NEW .new)" - # If there's no config file by that name, mv it over: - if [ ! -r $OLD ]; then - mv $NEW $OLD - elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then - # toss the redundant copy - rm $NEW - fi - # Otherwise, we leave the .new copy for the admin to consider... -} - -config etc/tightvncserver.conf.new -config etc/rc.d/rc.vncservers.new -config etc/rc.d/rc.vncservers.conf.new - -# Update the desktop database: -if [ -x usr/bin/update-desktop-database ]; then - chroot . /usr/bin/update-desktop-database usr/share/applications > /dev/null -2>&1 -fi - diff --git a/extra/source/tightvnc/slack-desc b/extra/source/tightvnc/slack-desc deleted file mode 100644 index 4003e63a..00000000 --- a/extra/source/tightvnc/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -tightvnc: tightvnc (remote control software) -tightvnc: -tightvnc: Virtual Network Computing (VNC) is a remote display system which -tightvnc: allows you to view a desktop environment from anywhere on the Internet -tightvnc: and from a wide variety of machine architectures. -tightvnc: TightVNC is an enhanced VNC distribution. This package contains a -tightvnc: client which will allow you to connect to other desktops running a -tightvnc: VNC or a TightVNC server. -tightvnc: -tightvnc: tightvnc home: http://www.tightvnc.com/ -tightvnc: diff --git a/extra/source/tightvnc/tightvnc.SlackBuild b/extra/source/tightvnc/tightvnc.SlackBuild deleted file mode 100755 index 526b8f3d..00000000 --- a/extra/source/tightvnc/tightvnc.SlackBuild +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/sh -# Copyright 2007-2009 Eric Hameleers, Eindhoven, NL -# All rights reserved. -# -# Permission to use, copy, modify, and distribute this software for -# any purpose with or without fee is hereby granted, provided that -# the above copyright notice and this permission notice appear in all -# copies. -# -# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR -# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF -# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT -# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# ----------------------------------------------------------------------------- -# -# Slackware SlackBuild script -# =========================== -# By: Eric Hameleers <alien@slackware.com> -# For: tightvnc -# Descr: remote control software -# URL: http://www.tightvnc.com/ -# ----------------------------------------------------------------------------- - -# Set initial variables: - -PRGNAM=tightvnc -VERSION=${VERSION:-1.3.10} -ARCH=${ARCH:-x86_64} -BUILD=${BUILD:-1} - -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-${PRGNAM} -rm -rf $PKG -mkdir -p $TMP $PKG - -case "$ARCH" in - i486) SLKCFLAGS="-O2 -march=i486 -mtune=i686" - SLKLDFLAGS=""; LIBDIRSUFFIX="" - ;; - s390) SLKCFLAGS="-O2" - SLKLDFLAGS=""; LIBDIRSUFFIX="" - ;; - x86_64) SLKCFLAGS="-O2 -fPIC" - SLKLDFLAGS="-L/usr/lib64"; LIBDIRSUFFIX="64" - ;; -esac - -# Explode the package framework: -cd $PKG - explodepkg $CWD/_$PRGNAM.tar.gz -cd - - -cd $TMP -rm -rf vnc_unixsrc -tar xvf $CWD/${PRGNAM}-${VERSION}_unixsrc.tar.?z* || exit 1 -cd vnc_unixsrc || exit 1 - -# Make sure ownerships and permissions are sane: -chown -R root:root . -find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; - -# Make vncserver use sane pathnames and executable permissions: -zcat $CWD/tightvnc.paths-and-perms.diff.gz | patch -p1 --verbose || exit 1 - -# Use xinit's Xclients script to start the session: -cat vnc-xclients.patch | sed -e 's/Red Hat /Slackware /' | patch || exit 1 - -xmkmf -a -make CDEBUGFLAGS="$SLKCFLAGS" World || exit 1 - -cd Xvnc - LDFLAGS="$SLKLDFLAGS" \ - CFLAGS="$SLKCFLAGS" \ - CXXFLAGS="$SLKCFLAGS" \ - ./configure - make EXTRA_LIBRARIES="-lwrap -lnss_nis" CDEBUGFLAGS="$SLKCFLAGS" \ - EXTRA_DEFINES="-DUSE_LIBWRAP=1" -cd - # end 'cd Xvnc' - -# Manually install files: -mkdir -p $PKG/usr/bin $PKG/usr/man/man1 -./vncinstall $PKG/usr/bin $PKG/usr/man - -mkdir -p $PKG/usr/share/tightvnc -cp -aR classes $PKG/usr/share/tightvnc/ - -mkdir $PKG/etc -cp -a tightvncserver.conf $PKG/etc/tightvncserver.conf.new - -# Add documentation: -mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION -cp -a \ - LICENCE.TXT README WhatsNew ChangeLog \ - $PKG/usr/doc/$PRGNAM-$VERSION -mv $PKG/install/README.1st $PKG/usr/doc/$PRGNAM-$VERSION - -# Compress the man page(s): -if [ -d $PKG/usr/man ]; then - find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; - for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done -fi - -# Strip binaries: -find $PKG | xargs file | grep -e "executable" -e "shared object" \ - | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - -# Add a package description: -mkdir -p $PKG/install -cat $CWD/slack-desc > $PKG/install/slack-desc -zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh - -# Build the package: -cd $PKG -/sbin/makepkg -l y -c n $TMP/${PRGNAM}-${VERSION}-${ARCH}-${BUILD}.txz - diff --git a/extra/source/tightvnc/tightvnc.paths-and-perms.diff b/extra/source/tightvnc/tightvnc.paths-and-perms.diff deleted file mode 100644 index b6eb14f1..00000000 --- a/extra/source/tightvnc/tightvnc.paths-and-perms.diff +++ /dev/null @@ -1,52 +0,0 @@ -diff -ur vnc_unixsrc.orig/tightvncserver.conf vnc_unixsrc/tightvncserver.conf ---- vnc_unixsrc.orig/tightvncserver.conf 2009-02-12 05:27:18.000000000 +0100 -+++ vnc_unixsrc/tightvncserver.conf 2009-06-02 23:55:22.000000000 +0200 -@@ -19,15 +19,15 @@ - # $geometry = "1024x768"; - # $depth = 24; - # $desktopName = "X"; --# $vncClasses = "/usr/local/vnc/classes"; -+# $vncClasses = "/usr/share/tightvnc/classes"; - # $vncUserDir = "$ENV{HOME}/.vnc"; --# $fontPath = "unix/:7100"; -+# $fontPath = "/usr/share/fonts/misc/,/usr/share/fonts/Type1/,/usr/share/fonts/75dpi/"; - # $authType = "-rfbauth $vncUserDir/passwd"; --# $colorPath = "/usr/lib/X11/rgb"; -+# $colorPath = "/usr/share/X11/rgb"; - - ## Here is another example of setting the font path: - # --# $fontPath = "/usr/lib/X11/fonts/misc/" -+# $fontPath = "unix/:7100"; - # $fontPath = "$fontPath,/usr/lib/X11/fonts/75dpi/"; - - ## You might wish to make your vnc directory under /tmp, to make sure -diff -ur vnc_unixsrc.orig/vncinstall vnc_unixsrc/vncinstall ---- vnc_unixsrc.orig/vncinstall 2002-03-19 12:44:02.000000000 +0100 -+++ vnc_unixsrc/vncinstall 2009-06-02 23:51:54.000000000 +0200 -@@ -47,7 +47,7 @@ - else - echo "Copying $f -> $bin_dst/`basename $f`" - cp -pf $f $bin_dst -- chmod 0555 $bin_dst/`basename $f` -+ chmod 0755 $bin_dst/`basename $f` - fi - - # Installing man pages -diff -ur vnc_unixsrc.orig/vncserver vnc_unixsrc/vncserver ---- vnc_unixsrc.orig/vncserver 2009-02-12 05:27:18.000000000 +0100 -+++ vnc_unixsrc/vncserver 2009-06-02 23:51:39.000000000 +0200 -@@ -32,10 +32,11 @@ - $geometry = "1024x768"; - $depth = 24; - $desktopName = "X"; --$vncClasses = "/usr/local/vnc/classes"; -+$vncClasses = "/usr/share/tightvnc/classes"; - $vncUserDir = "$ENV{HOME}/.vnc"; --$fontPath = "unix/:7100"; -+$fontPath = "/usr/share/fonts/misc/,/usr/share/fonts/Type1/,/usr/share/fonts/75dpi/"; - $authType = "-rfbauth $vncUserDir/passwd"; -+$colorPath = "/usr/share/X11/rgb"; - - # Read configuration from the system-wide and user files if present. - diff --git a/extra/source/wicd/slack-desc b/extra/source/wicd/slack-desc index 47cf875f..7a925975 100644 --- a/extra/source/wicd/slack-desc +++ b/extra/source/wicd/slack-desc @@ -15,5 +15,5 @@ wicd: - Profiles for each wireless network and wired network wicd: - Many encryption schemes, some of which include WEP/WPA/WPA2 wicd: - Compatible with wireless-tools wicd: -wicd: Homepage: http://wicd.net +wicd: Homepage: http://wicd.sourceforge.net wicd: diff --git a/extra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild b/extra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild index 8ea08738..b2dda17c 100755 --- a/extra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild +++ b/extra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -76,6 +76,14 @@ rm -rf $PKGNAM-$VERSION tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 cd $PKGNAM-$VERSION +# Remove obsolete references to mibstore.h and miInitializeBackingStore(): +grep -r -l '#include "mibstore.h"' * | while read file ; do + sed -i "s/#include \"mibstore.h\"//g" $file +done +grep -r -l 'miInitializeBackingStore(pScreen);' | while read file ; do + sed -i "s/miInitializeBackingStore(pScreen);//g" $file +done + chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ |