diff options
Diffstat (limited to 'extra')
44 files changed, 1399 insertions, 4312 deletions
diff --git a/extra/google-chrome/README b/extra/google-chrome/README index 36be68d6..7f01121e 100644 --- a/extra/google-chrome/README +++ b/extra/google-chrome/README @@ -39,11 +39,5 @@ cd /tmp upgradepkg --install-new google-chrome-10.0.648.151-x86_64-1.txz -Finally, please note that Google Chrome requires the PAM library libpam.so.0. -Installing the google-chrome-pam-solibs package in this directory will -allow these newer versions of Chrome to run without having to actually -switch the system to using PAM. If you need real PAM (to compile Chromium -for example), you can find it in /extra/source/pam/. - Enjoy! :-) diff --git a/extra/source/bash-completion/bash-completion.SlackBuild b/extra/source/bash-completion/bash-completion.SlackBuild index 5fa23f6c..7a4634f8 100755 --- a/extra/source/bash-completion/bash-completion.SlackBuild +++ b/extra/source/bash-completion/bash-completion.SlackBuild @@ -22,9 +22,9 @@ # Slackware build script for bash-completion -VERSION=2.0 +VERSION=2.1 ARCH=noarch -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} CWD=$(pwd) TMP=${TMP:-/tmp} @@ -46,9 +46,6 @@ find . \ # Fixup sh completion for us zcat $CWD/fixup-sh-script-completions.diff.gz | patch -p1 --verbose || exit 1 -# Support the XFCE package set -zcat $CWD/slackpkg-slapt-get-Update-the-list-of-package-sets.patch.gz | patch -p1 --verbose || exit 1 - ./configure \ --prefix=/usr \ --sysconfdir=/etc \ diff --git a/extra/source/bash-completion/slackpkg-slapt-get-Update-the-list-of-package-sets.patch b/extra/source/bash-completion/slackpkg-slapt-get-Update-the-list-of-package-sets.patch deleted file mode 100644 index da7f08e6..00000000 --- a/extra/source/bash-completion/slackpkg-slapt-get-Update-the-list-of-package-sets.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 371fb91b213c3bb4b86eb22e09701ec1be18b7dd Mon Sep 17 00:00:00 2001 -From: Igor Murzov <e-mail@date.by> -Date: Wed, 25 Jul 2012 02:39:23 +0400 -Subject: [PATCH] slackpkg, slapt-get: Update the list of package sets. - -Xfce has its own package set in Slackware-14.0. ---- - completions/slackpkg | 4 ++-- - completions/slapt-get | 2 +- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/completions/slackpkg b/completions/slackpkg -index 1be2f95..dab9c6d 100644 ---- a/completions/slackpkg -+++ b/completions/slackpkg -@@ -70,14 +70,14 @@ _slackpkg() - remove) - _filedir - COMPREPLY+=( $( compgen -W 'a ap d e f k kde kdei l n t tcl x -- xap y' -- "$cur" ) ) -+ xap xfce y' -- "$cur" ) ) - COMPREPLY+=( $( cd /var/log/packages; compgen -f -- "$cur" ) ) - return - ;; - install|reinstall|upgrade|blacklist|download) - _filedir - COMPREPLY+=( $( compgen -W 'a ap d e f k kde kdei l n t tcl x -- xap y' -- "$cur" ) ) -+ xap xfce y' -- "$cur" ) ) - COMPREPLY+=( $( cut -f 6 -d\ "${WORKDIR}/pkglist" 2> /dev/null | \ - grep "^$cur" ) ) - return -diff --git a/completions/slapt-get b/completions/slapt-get -index ff42660..93d110b 100644 ---- a/completions/slapt-get -+++ b/completions/slapt-get -@@ -70,7 +70,7 @@ _slapt_get() - ;; - set) # --install-set - COMPREPLY=( $( compgen -W 'a ap d e f k kde kdei l n t tcl x -- xap y' -- "$cur" ) ) -+ xap xfce y' -- "$cur" ) ) - return - ;; - esac --- -1.7.11.1 - diff --git a/extra/source/brltty/brltty.SlackBuild b/extra/source/brltty/brltty.SlackBuild index 513c0989..4678d34a 100755 --- a/extra/source/brltty/brltty.SlackBuild +++ b/extra/source/brltty/brltty.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright 2010, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -30,7 +30,7 @@ if [ ! -d $TMP ]; then fi PKG=/tmp/package-brltty -VERSION=4.4 +VERSION=4.5 BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: @@ -56,6 +56,8 @@ rm -rf brltty-$VERSION tar xvf $CWD/brltty-$VERSION.tar.?z* || exit 1 cd brltty-$VERSION +zcat $CWD/brltty.brlapi.pyx.diff.gz | patch -p1 --verbose || exit 1 + sh autogen chown -R root:root . @@ -72,6 +74,8 @@ find . -perm 600 -exec chmod 644 {} \; --infodir=/usr/info \ --mandir=/usr/man \ --sysconfdir=/etc \ + --localstatedir=/var \ + --disable-java-bindings \ --build=$ARCH-slackware-linux make -j2 || exit 1 make install INSTALL_ROOT=$PKG || exit 1 diff --git a/extra/source/brltty/brltty.brlapi.pyx.diff b/extra/source/brltty/brltty.brlapi.pyx.diff new file mode 100644 index 00000000..be58ca6c --- /dev/null +++ b/extra/source/brltty/brltty.brlapi.pyx.diff @@ -0,0 +1,11 @@ +--- ./Bindings/Python/brlapi.pyx.orig 2013-04-01 15:37:26.000000000 -0500 ++++ ./Bindings/Python/brlapi.pyx 2013-09-09 18:01:39.196869555 -0500 +@@ -497,7 +497,7 @@ + if (type(dots) == unicode): + dots = dots.encode('latin1') + if (len(dots) < dispSize): +- dots = dots + b"".center(dispSize - len(dots), '\0') ++ dots = dots + "".center(dispSize - len(dots), '\0') + c_dots = dots + c_udots = <unsigned char *>c_dots + c_brlapi.Py_BEGIN_ALLOW_THREADS diff --git a/extra/source/emacspeak/emacspeak.SlackBuild b/extra/source/emacspeak/emacspeak.SlackBuild index f6d04773..151bbd99 100755 --- a/extra/source/emacspeak/emacspeak.SlackBuild +++ b/extra/source/emacspeak/emacspeak.SlackBuild @@ -74,8 +74,8 @@ find . -perm 511 -exec chmod 755 {} \; find . -perm 711 -exec chmod 755 {} \; find . -perm 555 -exec chmod 755 {} \; -# Patch to use Tcl 8.5: -zcat $CWD/emacspeak.tcl8.5.diff.gz | patch -p1 || exit 1 +# Patch to use Tcl 8.6: +zcat $CWD/emacspeak.tcl8.6.diff.gz | patch -p1 || exit 1 # Compile the main program against Emacs: make config diff --git a/extra/source/emacspeak/emacspeak.tcl8.5.diff b/extra/source/emacspeak/emacspeak.tcl8.6.diff index 41a003e2..9cfe0374 100644 --- a/extra/source/emacspeak/emacspeak.tcl8.5.diff +++ b/extra/source/emacspeak/emacspeak.tcl8.6.diff @@ -5,7 +5,7 @@ LABEL=1.1 DIST=software-dtk-$(LABEL) -TCL_VERSION=8.4 -+TCL_VERSION=8.5 ++TCL_VERSION=8.6 CFLAGS+=-O3 -fpic -pedantic -ansi -Wall -I/usr/include/tcl$(TCL_VERSION) CPPFLAGS+=-DSTDC_HEADERS=1 -Dclock_t=long -DRETSIGTYPE=void INSTALL=install @@ -16,7 +16,7 @@ LIBPARENTDIR = ${PREFIX}/share/emacs/site-lisp LIBDIR =$(LIBPARENTDIR)/emacspeak/servers/linux-espeak -TCL_VERSION = 8.4 -+TCL_VERSION = 8.5 ++TCL_VERSION = 8.6 TCL_INCLUDE= /usr/include/tcl$(TCL_VERSION) CXXFLAGS+= -g -O2 -fPIC -DPIC -pedantic -ansi -Wall -Wno-long-long -I$(TCL_INCLUDE) @@ -27,7 +27,7 @@ LIBDIR =$(LIBPARENTDIR)/emacspeak/servers/linux-outloud -TCL_VERSION=8.4 -+TCL_VERSION=8.5 ++TCL_VERSION=8.6 TCL_INCLUDE=/usr/include/tcl$(TCL_VERSION) #CFLAGS+= -g -O2 -fPIC -DPIC -pedantic -ansi -Wall -Wno-long-long -I$(TCL_INCLUDE) CFLAGS+= -m32 -g -O2 -fPIC -DPIC -pedantic -ansi -Wall -Wno-long-long -I$(TCL_INCLUDE) diff --git a/extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild b/extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild index 48c7acea..ed2a324d 100755 --- a/extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild +++ b/extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012 Eric Hameleers, Eindhoven, NL +# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Eric Hameleers, Eindhoven, NL # All rights reserved. # # Permission to use, copy, modify, and distribute this software for @@ -70,6 +70,30 @@ # * Minor update. # 11.2.202.236-1:19/jun/2012 by Eric Hameleers <alien@slackware.com> # * Minor update. +# 11.2.202.238-1:15/aug/2012 by Eric Hameleers <alien@slackware.com> +# * Security update. +# 11.2.202.243-1:10/oct/2012 by Eric Hameleers <alien@slackware.com> +# * Update. +# 11.2.202.251-1:08/nov/2012 by Eric Hameleers <alien@slackware.com> +# * Update. +# 11.2.202.258-1:13/dec/2012 by Eric Hameleers <alien@slackware.com> +# * Update. +# 11.2.202.261-1:12/jan/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-01. +# 11.2.202.270-1:12/feb/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-04. +# 11.2.202.273-1:01/mar/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-08. +# 11.2.202.275-1:13/mar/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-09. +# 11.2.202.280-1:10/apr/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-11. +# 11.2.202.285-1:15/may/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-14. +# 11.2.202.291-1:12/jun/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-16. +# 11.2.202.297-1:21/jul/2013 by Eric Hameleers <alien@slackware.com> +# * Update fixes critical vulnerabilities. See APSB13-17. # # Run 'sh flashplayer-plugin.SlackBuild' to build a Slackware package. # The package (.txz) and .txt file as well as build logs are created in /tmp . @@ -80,7 +104,7 @@ # Set initial variables: PRGNAM=flashplayer-plugin -VERSION=${VERSION:-"11.2.202.236"} +VERSION=${VERSION:-"11.2.202.297"} MAJVER=$(echo $VERSION | cut -d. -f1) BUILD=${BUILD:-1} TAG=${TAG:-"alien"} @@ -93,23 +117,18 @@ TMP=${TMP:-/tmp/build} PKG=$TMP/package-$PRGNAM OUTPUT=${OUTPUT:-/tmp} -if [ -z "$ARCH" ]; then - case "$( uname -m )" in - i?86) export ARCH=i386 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; - esac -fi - -case "$ARCH" in +# Automatically determine the architecture we're building on: +MARCH=${ARCH:-$( uname -m )} +case "$MARCH" in x86_64) LIBDIRSUFFIX="64" ARCHBITS="64" + export ARCH=x86_64 ;; i?86) LIBDIRSUFFIX="" ARCHBITS="32" + export ARCH=i386 ;; *) echo "Unsupported architecture '$ARCH'" @@ -117,7 +136,7 @@ case "$ARCH" in ;; esac -SOURCE="$SRCDIR/install_flash_player_${VERSION}_linux.${ARCH}.tar.gz" +SOURCE="$SRCDIR/install_flash_player_${VERSION}_linux_${ARCH}.tar.gz" SRCURL="http://fpdownload.macromedia.com/get/flashplayer/pdc/${VERSION}/install_flash_player_${MAJVER}_linux.${ARCH}.tar.gz" ## @@ -198,6 +217,9 @@ esac ## Move lib to lib64 if needed: #[ "$ARCH" = "x86_64" ] && mv usr/lib usr/lib${LIBDIRSUFFIX} +# Remove 32-bit bogus compatibility in 64-bit package: +[ "$ARCH" = "x86_64" ] && rm -rf $PKG/usr/lib + # Install the plugin to the mozilla plugins dir and fix library file attributes: mkdir -p usr/lib${LIBDIRSUFFIX}/mozilla/plugins mv libflashplayer.so usr/lib${LIBDIRSUFFIX}/mozilla/plugins/ diff --git a/extra/source/grub/grub-0.97-x86_64.patch b/extra/source/grub/grub-0.97-x86_64.patch deleted file mode 100644 index 480e38fc..00000000 --- a/extra/source/grub/grub-0.97-x86_64.patch +++ /dev/null @@ -1,809 +0,0 @@ -diff -Naur grub-0.97.orig/docs/multiboot.h grub-0.97.patched/docs/multiboot.h ---- grub-0.97.orig/docs/multiboot.h 2003-07-09 05:45:36.000000000 -0600 -+++ grub-0.97.patched/docs/multiboot.h 2006-08-26 22:44:02.000000000 -0600 -@@ -44,76 +44,81 @@ - /* Do not include here in boot.S. */ - - /* Types. */ -+#ifndef __x86_64__ -+typedef unsigned long UINT32; -+#else -+typedef unsigned UINT32; -+#endif - - /* The Multiboot header. */ - typedef struct multiboot_header - { -- unsigned long magic; -- unsigned long flags; -- unsigned long checksum; -- unsigned long header_addr; -- unsigned long load_addr; -- unsigned long load_end_addr; -- unsigned long bss_end_addr; -- unsigned long entry_addr; -+ UINT32 magic; -+ UINT32 flags; -+ UINT32 checksum; -+ UINT32 header_addr; -+ UINT32 load_addr; -+ UINT32 load_end_addr; -+ UINT32 bss_end_addr; -+ UINT32 entry_addr; - } multiboot_header_t; - - /* The symbol table for a.out. */ - typedef struct aout_symbol_table - { -- unsigned long tabsize; -- unsigned long strsize; -- unsigned long addr; -- unsigned long reserved; -+ UINT32 tabsize; -+ UINT32 strsize; -+ UINT32 addr; -+ UINT32 reserved; - } aout_symbol_table_t; - - /* The section header table for ELF. */ - typedef struct elf_section_header_table - { -- unsigned long num; -- unsigned long size; -- unsigned long addr; -- unsigned long shndx; -+ UINT32 num; -+ UINT32 size; -+ UINT32 addr; -+ UINT32 shndx; - } elf_section_header_table_t; - - /* The Multiboot information. */ - typedef struct multiboot_info - { -- unsigned long flags; -- unsigned long mem_lower; -- unsigned long mem_upper; -- unsigned long boot_device; -- unsigned long cmdline; -- unsigned long mods_count; -- unsigned long mods_addr; -+ UINT32 flags; -+ UINT32 mem_lower; -+ UINT32 mem_upper; -+ UINT32 boot_device; -+ UINT32 cmdline; -+ UINT32 mods_count; -+ UINT32 mods_addr; - union - { - aout_symbol_table_t aout_sym; - elf_section_header_table_t elf_sec; - } u; -- unsigned long mmap_length; -- unsigned long mmap_addr; -+ UINT32 mmap_length; -+ UINT32 mmap_addr; - } multiboot_info_t; - - /* The module structure. */ - typedef struct module - { -- unsigned long mod_start; -- unsigned long mod_end; -- unsigned long string; -- unsigned long reserved; -+ UINT32 mod_start; -+ UINT32 mod_end; -+ UINT32 string; -+ UINT32 reserved; - } module_t; - - /* The memory map. Be careful that the offset 0 is base_addr_low - but no size. */ - typedef struct memory_map - { -- unsigned long size; -- unsigned long base_addr_low; -- unsigned long base_addr_high; -- unsigned long length_low; -- unsigned long length_high; -- unsigned long type; -+ UINT32 size; -+ UINT32 base_addr_low; -+ UINT32 base_addr_high; -+ UINT32 length_low; -+ UINT32 length_high; -+ UINT32 type; - } memory_map_t; - - #endif /* ! ASM */ -diff -Naur grub-0.97.orig/docs/x86_64.txt grub-0.97.patched/docs/x86_64.txt ---- grub-0.97.orig/docs/x86_64.txt 1969-12-31 17:00:00.000000000 -0700 -+++ grub-0.97.patched/docs/x86_64.txt 2006-10-10 10:39:42.000000000 -0600 -@@ -0,0 +1,81 @@ -+[PATCH] - Make GRUB recognize and boot an x86_64 elf image -+ -+ -+HOW IT WORKS -+------------ -+* Grub interface is unchanged. -+* Upon passing an elf-x86_64 file via "kernel=", GRUB will load and parse it -+ correctly. -+* Upon the "boot" directive, GRUB will switch from protected 32-bit -+ mode to long 64-bit mode and transfer control to the image's entrypoint. -+ -+ -+INSTALL -+------- -+cd grub-0.97 -+patch -p1 < grub-x86_64-elf.patch -+./configure -+make -+su -c "make install" -+ -+Note: You do not need to re-install your bootsectors, but you WILL need -+ to copy the modified stage2 file(s) from /usr/share/grub to -+ your actual boot filesystem (usually /boot/grub for GNU/Linux). -+ -+ -+WHY? -+---- -+Because in our world, all elves and elf images are created equal, and have -+been endowed with the ability to be bootable. :-) -+ -+ -+THE NITTY GRITTY - GRUB SIDE -+---------------------------- -+* Since paging is manditory in 64-bit long mode, the first 4GB of physical -+ memory (whether present or not) is identity mapped into the linear -+ address space using 2MB pages. -+* Paging data structures are written to physical 0x70000-0x75fff in the -+ same area reserved for the raw device buffer. This happens after the -+ "boot" command is issued so the raw device buffer won't mind. Paging -+ can be relocated and reconfigured after the kernel is running. -+* Header files have been added to describe the x86_64 elf image structure. -+ -+ -+THE NITTY GRITTY - KERNEL SIDE -+------------------------------ -+* Parameters passed to the assembly entrypoint are unchanged including -+ magic number and pointer to multiboot info structure. -+* The assembly entrypoint should be designated as ".code64". -+* The Global Descriptor Table (GDT) shared by the GRUB and KERNEL sides -+ has been expanded to include 3 additional 64-bit ('L' bit set) segments: -+ 0x28 (code) and 0x30 (data). -+* An updated "multiboot.h" file is provided to reflect the difference in -+ "unsigned long" sizes between i386 and x86_64 architectures for use by -+ the client kernel. -+ -+ -+CAVEATS -+------- -+Possible collisions with existing GRUB patch sets are unknown. Use "darcs" -+and worry not. -+ -+ http://abridgegame.org/darcs -+ -+(An intelligent alternative to cvs and greying hair in the distributed -+post-mainframe age.) -+ -+ -+DOCUMENTATION CHANGES -+--------------------- -+This is it. Sorry, stuff to do. -+ -+ -+APOLOGIES TO GRUB2 -+------------------ -+We would have liked to use GRUB2 for this, but needed it today for our -+kernel. Of course there is probably no technical reason why this -+functionality cannot be in included in GRUB2 at a future time. Thank you -+for a way cool bootloader and may all your boots be bogon (and Vogon) free. -+ -+<mcnster@gmail.com> -+October 10, 2006 -diff -Naur grub-0.97.orig/grub/asmstub.c grub-0.97.patched/grub/asmstub.c ---- grub-0.97.orig/grub/asmstub.c 2005-02-16 13:45:14.000000000 -0700 -+++ grub-0.97.patched/grub/asmstub.c 2006-08-26 22:43:24.000000000 -0600 -@@ -313,6 +313,12 @@ - stop (); - } - -+void -+multi_boot_64bit_doit (int start, int mb_info) -+{ -+ stop (); -+} -+ - /* sets it to linear or wired A20 operation */ - void - gateA20 (int linear) -diff -Naur grub-0.97.orig/stage2/asm.S grub-0.97.patched/stage2/asm.S ---- grub-0.97.orig/stage2/asm.S 2004-06-19 10:55:22.000000000 -0600 -+++ grub-0.97.patched/stage2/asm.S 2006-09-25 14:59:48.000000000 -0600 -@@ -1809,6 +1809,54 @@ - /* error */ - call EXT_C(stop) - -+ENTRY(multi_boot_64bit_doit) -+ call EXT_C(stop_floppy) -+ -+ /* dont squash these! */ -+ movl 0x8(%esp), %esi -+ movl 0x4(%esp), %edi -+ -+ cli -+ -+ mov %cr0, %eax -+ and $0x7fffffff, %eax -+ mov %eax, %cr0 -+ -+ /* enable pae */ -+ mov %cr4, %eax -+ or $0x20, %eax -+ mov %eax, %cr4 -+ -+ /* load cr3 with pml4 */ -+ mov $PML4, %eax -+ mov %eax, %cr3 -+ -+ /* trigger long mode */ -+ mov $0xc0000080, %ecx -+ rdmsr -+ or $0x100, %eax -+ wrmsr -+ -+ /* enable paging to actually switch modes */ -+ mov %cr0, %eax -+ or $0x80000000, %eax -+ mov %eax, %cr0 -+ -+ /* jump to relocation, flush prefetch queue, and reload %cs */ -+ ljmp $0x28, $longmode -+.code64 -+longmode: -+ mov $0x2BADB002, %eax -+ -+ mov %rsi, %rbx -+ and $0xffffffff, %rsi -+ -+ and $0xffffffff, %rdi -+ call *%rdi -+ /* NOTREACHED */ -+ call EXT_C(stop) -+ -+.code32 - #endif /* ! STAGE1_5 */ - - /* -@@ -2341,27 +2389,35 @@ - - .p2align 2 /* force 4-byte alignment */ - gdt: -- .word 0, 0 -+ .word 0, 0 /* 0x0000 */ - .byte 0, 0, 0, 0 - -- /* code segment */ -+ /* code segment */ /* 0x0008 */ - .word 0xFFFF, 0 - .byte 0, 0x9A, 0xCF, 0 - -- /* data segment */ -+ /* data segment */ /* 0x0010 */ - .word 0xFFFF, 0 - .byte 0, 0x92, 0xCF, 0 - -- /* 16 bit real mode CS */ -+ /* 16 bit real mode CS */ /* 0x0018 */ - .word 0xFFFF, 0 - .byte 0, 0x9E, 0, 0 - -- /* 16 bit real mode DS */ -+ /* 16 bit real mode DS/SS */ /* 0x0020 */ - .word 0xFFFF, 0 - .byte 0, 0x92, 0, 0 - -+ /* 64 bit long mode CS */ /* 0x0028 */ -+ .word 0xFFFF, 0 -+ .byte 0, 0x9A, 0xAF, 0 -+ -+ /* 64-bit long mode SS */ /* 0x0030 */ -+ .word 0xFFFF, 0 -+ .byte 0, 0x92, 0xAF, 0 - - /* this is the GDT descriptor */ - gdtdesc: -- .word 0x27 /* limit */ -+ .word 0x33 /* limit */ - .long gdt /* addr */ -+ .long 0 /* in case we go to 64-bit mode */ -diff -Naur grub-0.97.orig/stage2/boot.c grub-0.97.patched/stage2/boot.c ---- grub-0.97.orig/stage2/boot.c 2004-03-30 04:44:08.000000000 -0700 -+++ grub-0.97.patched/stage2/boot.c 2006-08-25 22:20:17.000000000 -0600 -@@ -23,10 +23,11 @@ - - #include "freebsd.h" - #include "imgact_aout.h" --#include "i386-elf.h" -+#include "elf.h" - - static int cur_addr; - entry_func entry_addr; -+unsigned long_64bit_mode = 0; - static struct mod_list mll[99]; - static int linux_mem_size; - -@@ -50,7 +51,7 @@ - { - struct multiboot_header *mb; - struct exec *aout; -- Elf32_Ehdr *elf; -+ Elf_Ehdr *elf; - } - pu; - /* presuming that MULTIBOOT_SEARCH is large enough to encompass an -@@ -100,21 +101,25 @@ - || pu.elf->e_ident[EI_OSABI] == ELFOSABI_FREEBSD - || grub_strcmp (pu.elf->e_ident + EI_BRAND, "FreeBSD") == 0 - || suggested_type == KERNEL_TYPE_NETBSD) -- && len > sizeof (Elf32_Ehdr) -- && BOOTABLE_I386_ELF ((*((Elf32_Ehdr *) buffer)))) -+ && len > SIZEOF_ELF_EHDR (pu.elf) -+ && (BOOTABLE_I386_ELF ((*((Elf32_Ehdr *) buffer))) -+ || BOOTABLE_X86_64_ELF ((*((Elf64_Ehdr *) buffer))))) - { -+ if (BOOTABLE_X86_64_ELF ((*((Elf64_Ehdr *) buffer)))) -+ long_64bit_mode = 1; -+ - if (type == KERNEL_TYPE_MULTIBOOT) -- entry_addr = (entry_func) pu.elf->e_entry; -+ entry_addr = (entry_func) E_ENTRY (pu.elf); - else -- entry_addr = (entry_func) (pu.elf->e_entry & 0xFFFFFF); -+ entry_addr = (entry_func) (E_ENTRY (pu.elf) & 0xFFFFFF); - - if (entry_addr < (entry_func) 0x100000) - errnum = ERR_BELOW_1MB; - - /* don't want to deal with ELF program header at some random - place in the file -- this generally won't happen */ -- if (pu.elf->e_phoff == 0 || pu.elf->e_phnum == 0 -- || ((pu.elf->e_phoff + (pu.elf->e_phentsize * pu.elf->e_phnum)) -+ if (E_PHOFF (pu.elf) == 0 || E_PHNUM (pu.elf) == 0 -+ || ((E_PHOFF (pu.elf) + (E_PHENTSIZE (pu.elf) * E_PHNUM (pu.elf))) - >= len)) - errnum = ERR_EXEC_FORMAT; - str = "elf"; -@@ -590,39 +595,38 @@ - /* ELF executable */ - { - unsigned loaded = 0, memaddr, memsiz, filesiz; -- Elf32_Phdr *phdr; -+ Elf_Phdr *phdr; - - /* reset this to zero for now */ - cur_addr = 0; - - /* scan for program segments */ -- for (i = 0; i < pu.elf->e_phnum; i++) -+ for (i = 0; i < E_PHNUM (pu.elf); i++) - { -- phdr = (Elf32_Phdr *) -- (pu.elf->e_phoff + ((int) buffer) -- + (pu.elf->e_phentsize * i)); -- if (phdr->p_type == PT_LOAD) -+ phdr = (Elf_Phdr *) (E_PHOFF (pu.elf) + ((int) buffer) -+ + (E_PHENTSIZE (pu.elf) * i)); -+ if (P_TYPE (pu.elf, phdr) == PT_LOAD) - { - /* offset into file */ -- grub_seek (phdr->p_offset); -- filesiz = phdr->p_filesz; -+ grub_seek (P_OFFSET (pu.elf, phdr)); -+ filesiz = P_FILESZ (pu.elf, phdr); - - if (type == KERNEL_TYPE_FREEBSD || type == KERNEL_TYPE_NETBSD) -- memaddr = RAW_ADDR (phdr->p_paddr & 0xFFFFFF); -+ memaddr = RAW_ADDR (P_PADDR (pu.elf, phdr) & 0xFFFFFF); - else -- memaddr = RAW_ADDR (phdr->p_paddr); -+ memaddr = RAW_ADDR (P_PADDR (pu.elf, phdr)); - -- memsiz = phdr->p_memsz; -+ memsiz = P_MEMSZ (pu.elf, phdr); - if (memaddr < RAW_ADDR (0x100000)) - errnum = ERR_BELOW_1MB; - - /* If the memory range contains the entry address, get the - physical address here. */ - if (type == KERNEL_TYPE_MULTIBOOT -- && (unsigned) entry_addr >= phdr->p_vaddr -- && (unsigned) entry_addr < phdr->p_vaddr + memsiz) -+ && (unsigned) entry_addr >= P_VADDR (pu.elf, phdr) -+ && (unsigned) entry_addr < P_VADDR (pu.elf, phdr) + memsiz) - real_entry_addr = (entry_func) ((unsigned) entry_addr -- + memaddr - phdr->p_vaddr); -+ + memaddr - P_VADDR (pu.elf, phdr)); - - /* make sure we only load what we're supposed to! */ - if (filesiz > memsiz) -@@ -654,26 +658,26 @@ - else - { - /* Load ELF symbols. */ -- Elf32_Shdr *shdr = NULL; -+ Elf_Shdr *shdr = NULL; - int tab_size, sec_size; - int symtab_err = 0; - -- mbi.syms.e.num = pu.elf->e_shnum; -- mbi.syms.e.size = pu.elf->e_shentsize; -- mbi.syms.e.shndx = pu.elf->e_shstrndx; -+ mbi.syms.e.num = E_SHNUM (pu.elf); -+ mbi.syms.e.size = E_SHENTSIZE (pu.elf); -+ mbi.syms.e.shndx = E_SHSTRNDX (pu.elf); - - /* We should align to a 4K boundary here for good measure. */ - if (align_4k) - cur_addr = (cur_addr + 0xFFF) & 0xFFFFF000; - -- tab_size = pu.elf->e_shentsize * pu.elf->e_shnum; -+ tab_size = E_SHENTSIZE (pu.elf) * E_SHNUM (pu.elf); - -- grub_seek (pu.elf->e_shoff); -+ grub_seek (E_SHOFF (pu.elf)); - if (grub_read ((char *) RAW_ADDR (cur_addr), tab_size) - == tab_size) - { - mbi.syms.e.addr = cur_addr; -- shdr = (Elf32_Shdr *) mbi.syms.e.addr; -+ shdr = (Elf_Shdr *) mbi.syms.e.addr; - cur_addr += tab_size; - - printf (", shtab=0x%x", cur_addr); -@@ -682,20 +686,20 @@ - { - /* This section is a loaded section, - so we don't care. */ -- if (shdr[i].sh_addr != 0) -+ if (SH_ADDR_AT (pu.elf, shdr, i) != 0) - continue; - - /* This section is empty, so we don't care. */ -- if (shdr[i].sh_size == 0) -+ if (SH_SIZE_AT (pu.elf, shdr, i) == 0) - continue; - - /* Align the section to a sh_addralign bits boundary. */ -- cur_addr = ((cur_addr + shdr[i].sh_addralign) & -- - (int) shdr[i].sh_addralign); -+ cur_addr = ((cur_addr + SH_ADDRALIGN_AT (pu.elf, shdr, i)) & -+ - (int) SH_ADDRALIGN_AT (pu.elf, shdr, i)); - -- grub_seek (shdr[i].sh_offset); -+ grub_seek (SH_OFFSET_AT (pu.elf, shdr, i)); - -- sec_size = shdr[i].sh_size; -+ sec_size = SH_SIZE_AT (pu.elf, shdr, i); - - if (! (memcheck (cur_addr, sec_size) - && (grub_read ((char *) RAW_ADDR (cur_addr), -@@ -706,7 +710,7 @@ - break; - } - -- shdr[i].sh_addr = cur_addr; -+ SET_SH_ADDR_AT (pu.elf, shdr, i, cur_addr); - cur_addr += sec_size; - } - } -diff -Naur grub-0.97.orig/stage2/builtins.c grub-0.97.patched/stage2/builtins.c ---- grub-0.97.orig/stage2/builtins.c 2005-02-15 14:58:23.000000000 -0700 -+++ grub-0.97.patched/stage2/builtins.c 2006-09-25 14:59:16.000000000 -0600 -@@ -81,6 +81,7 @@ - /* Prototypes for allowing straightfoward calling of builtins functions - inside other functions. */ - static int configfile_func (char *arg, int flags); -+static void multi_boot_64bit (int entry_addr, int mbi); - - /* Initialize the data for builtins. */ - void -@@ -297,8 +298,11 @@ - break; - - case KERNEL_TYPE_MULTIBOOT: -- /* Multiboot */ -- multi_boot ((int) entry_addr, (int) &mbi); -+ -+ if (long_64bit_mode) -+ multi_boot_64bit((int) entry_addr, (int) &mbi); -+ else -+ multi_boot ((int) entry_addr, (int) &mbi); - break; - - default: -@@ -309,6 +313,73 @@ - return 0; - } - -+#define TABLE_BITS 0x7 /* user, r/w, present */ -+#define PAGE_BITS 0x87 /* not pat, not global, not dirty, not accessed, user, r/w, present */ -+ -+#define NOT_PRESENT_TABLE 0x6 -+#define NOT_PRESENT_PAGE 0x86 -+ -+ -+static void -+multi_boot_64bit (int entry_addr, int mbi) -+{ -+ unsigned *pml4 = PML4; -+ unsigned *pdpt0x000 = PDPT0x000; -+ unsigned *pd0x000_000 = PD0x000_000; -+ unsigned *pd0x000_001 = PD0x000_001; -+ unsigned *pd0x000_002 = PD0x000_002; -+ unsigned *pd0x000_003 = PD0x000_003; -+ int i; -+ unsigned long base; -+ -+ /* identity map 1st 4 GB */ -+ -+ for (i = 0; i < 512; i++) -+ { -+ pml4[i * 2 + 0] = NOT_PRESENT_TABLE; -+ pml4[i * 2 + 1] = 0; -+ -+ pdpt0x000[i * 2 + 0] = NOT_PRESENT_TABLE; -+ pdpt0x000[i * 2 + 1] = 0; -+ -+ pd0x000_000[i * 2 + 0] = NOT_PRESENT_PAGE; -+ pd0x000_000[i * 2 + 1] = 0; -+ pd0x000_001[i * 2 + 0] = NOT_PRESENT_PAGE; -+ pd0x000_001[i * 2 + 1] = 0; -+ pd0x000_002[i * 2 + 0] = NOT_PRESENT_PAGE; -+ pd0x000_002[i * 2 + 1] = 0; -+ pd0x000_003[i * 2 + 0] = NOT_PRESENT_PAGE; -+ pd0x000_003[i * 2 + 1] = 0; -+ } -+ -+ pml4[0x000 * 2 + 0] = PDPT0x000 + TABLE_BITS; -+ pml4[0x000 * 2 + 1] = 0; -+ -+ pdpt0x000[0x000 * 2 + 0] = PD0x000_000 + TABLE_BITS; -+ pdpt0x000[0x000 * 2 + 1] = 0; -+ pdpt0x000[0x001 * 2 + 0] = PD0x000_001 + TABLE_BITS; -+ pdpt0x000[0x001 * 2 + 1] = 0; -+ pdpt0x000[0x002 * 2 + 0] = PD0x000_002 + TABLE_BITS; -+ pdpt0x000[0x002 * 2 + 1] = 0; -+ pdpt0x000[0x003 * 2 + 0] = PD0x000_003 + TABLE_BITS; -+ pdpt0x000[0x003 * 2 + 1] = 0; -+ -+ for (i = 0, base = 0; i < 1005; i++, base += 0x200000) -+ { -+ pd0x000_000[i * 2 + 0] = base + PAGE_BITS; -+ pd0x000_000[i * 2 + 1] = 0; -+ pd0x000_001[i * 2 + 0] = base + (1 * 0x200 * 0x20000) + PAGE_BITS; -+ pd0x000_001[i * 2 + 1] = 0; -+ pd0x000_002[i * 2 + 0] = base + (2 * 0x200 * 0x20000) + PAGE_BITS; -+ pd0x000_002[i * 2 + 1] = 0; -+ pd0x000_003[i * 2 + 0] = base + (3 * 0x200 * 0x20000) + PAGE_BITS; -+ pd0x000_003[i * 2 + 1] = 0; -+ } -+ -+ multi_boot_64bit_doit (entry_addr, mbi); -+ /* NOTREACHED */ -+} -+ - static struct builtin builtin_boot = - { - "boot", -diff -Naur grub-0.97.orig/stage2/elf.h grub-0.97.patched/stage2/elf.h ---- grub-0.97.orig/stage2/elf.h 1969-12-31 17:00:00.000000000 -0700 -+++ grub-0.97.patched/stage2/elf.h 2006-08-25 21:58:37.000000000 -0600 -@@ -0,0 +1,79 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2001,2002,2006 Free Software Foundation, Inc. -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ */ -+ -+ -+#include "i386-elf.h" -+#include "x86-64-elf.h" -+ -+ -+typedef union -+{ -+ unsigned char e_ident[EI_NIDENT]; -+ Elf32_Ehdr elf32; -+ Elf64_Ehdr elf64; -+} -+Elf_Ehdr; -+ -+ -+typedef union -+{ -+ Elf32_Phdr elf32; -+ Elf64_Phdr elf64; -+} -+Elf_Phdr; -+ -+ -+typedef union -+{ -+ Elf32_Shdr elf32; -+ Elf64_Shdr elf64; -+} -+Elf_Shdr; -+ -+ -+#define SIZEOF_ELF_EHDR(h) (h->e_ident[EI_CLASS] == ELFCLASS32 ? sizeof (Elf32_Ehdr) : sizeof (Elf64_Ehdr)) -+ -+#define E_ENTRY(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_entry : h->elf64.e_entry)) -+#define E_PHOFF(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_phoff : h->elf64.e_phoff)) -+#define E_PHNUM(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_phnum : h->elf64.e_phnum)) -+#define E_PHENTSIZE(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_phentsize : h->elf64.e_phentsize)) -+#define E_SHNUM(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_shnum : h->elf64.e_shnum)) -+#define E_SHENTSIZE(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_shentsize : h->elf64.e_shentsize)) -+#define E_SHSTRNDX(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_shstrndx : h->elf64.e_shstrndx)) -+#define E_SHOFF(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_shoff : h->elf64.e_shoff)) -+ -+#define P_TYPE(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_type : p->elf64.p_type)) -+#define P_OFFSET(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_offset : p->elf64.p_offset)) -+#define P_PADDR(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_paddr : p->elf64.p_paddr)) -+#define P_MEMSZ(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_memsz : p->elf64.p_memsz)) -+#define P_VADDR(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_vaddr : p->elf64.p_vaddr)) -+#define P_FILESZ(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_filesz : p->elf64.p_filesz)) -+ -+#define SH_ADDR_AT(h, sh, i) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? ((&(sh->elf32))[i]).sh_addr : ((&(sh->elf64))[i]).sh_addr)) -+#define SH_SIZE_AT(h, sh, i) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? ((&(sh->elf32))[i]).sh_size : ((&(sh->elf64))[i]).sh_size)) -+#define SH_ADDRALIGN_AT(h, sh, i) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? ((&(sh->elf32))[i]).sh_addralign : ((&(sh->elf64))[i]).sh_addralign)) -+#define SH_OFFSET_AT(h, sh, i) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? ((&(sh->elf32))[i]).sh_offset : ((&(sh->elf64))[i]).sh_offset)) -+ -+#define SET_SH_ADDR_AT(h, sh, i, v) \ -+ { \ -+ if (h->e_ident[EI_CLASS] == ELFCLASS32) \ -+ ((&(sh->elf32))[i]).sh_addr = v; \ -+ else \ -+ ((&(sh->elf64))[i]).sh_addr = v; \ -+ } -diff -Naur grub-0.97.orig/stage2/shared.h grub-0.97.patched/stage2/shared.h ---- grub-0.97.orig/stage2/shared.h 2004-06-19 10:40:09.000000000 -0600 -+++ grub-0.97.patched/stage2/shared.h 2006-09-25 14:54:53.000000000 -0600 -@@ -70,6 +70,13 @@ - - #define BOOT_PART_TABLE RAW_ADDR (0x07be) - -+#define PML4 0x70000 -+#define PDPT0x000 0x71000 -+#define PD0x000_000 0x72000 -+#define PD0x000_001 0x73000 -+#define PD0x000_002 0x74000 -+#define PD0x000_003 0x75000 -+ - /* - * BIOS disk defines - */ -@@ -692,6 +699,8 @@ - - extern entry_func entry_addr; - -+extern unsigned long_64bit_mode; -+ - /* Enter the stage1.5/stage2 C code after the stack is set up. */ - void cmain (void); - -@@ -739,6 +748,9 @@ - /* booting a multiboot executable */ - void multi_boot (int start, int mb_info) __attribute__ ((noreturn)); - -+/* boot into 64-bit long mode */ -+void multi_boot_64bit_doit (int start, int mb_info) __attribute__ ((noreturn)); -+ - /* If LINEAR is nonzero, then set the Intel processor to linear mode. - Otherwise, bit 20 of all memory accesses is always forced to zero, - causing a wraparound effect for bugwards compatibility with the -diff -Naur grub-0.97.orig/stage2/x86-64-elf.h grub-0.97.patched/stage2/x86-64-elf.h ---- grub-0.97.orig/stage2/x86-64-elf.h 1969-12-31 17:00:00.000000000 -0700 -+++ grub-0.97.patched/stage2/x86-64-elf.h 2006-08-26 21:45:22.000000000 -0600 -@@ -0,0 +1,86 @@ -+/* -+ * GRUB -- GRand Unified Bootloader -+ * Copyright (C) 2001,2002,2006 Free Software Foundation, Inc. -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -+ */ -+ -+ -+typedef unsigned short Elf64_Half; -+typedef unsigned long Elf64_Word; -+typedef unsigned long long Elf64_Off; -+typedef unsigned long long Elf64_Addr; -+typedef unsigned long long Elf64_Xword; -+ -+ -+typedef struct -+{ -+ unsigned char e_ident[EI_NIDENT]; /* basic identification block */ -+ Elf64_Half e_type; /* file types */ -+ Elf64_Half e_machine; /* machine types */ -+ Elf64_Word e_version; /* use same as "EI_VERSION" above */ -+ Elf64_Addr e_entry; /* entry point of the program */ -+ Elf64_Off e_phoff; /* program header table file offset */ -+ Elf64_Off e_shoff; /* section header table file offset */ -+ Elf64_Word e_flags; /* flags */ -+ Elf64_Half e_ehsize; /* elf header size in bytes */ -+ Elf64_Half e_phentsize; /* program header entry size */ -+ Elf64_Half e_phnum; /* number of entries in program header */ -+ Elf64_Half e_shentsize; /* section header entry size */ -+ Elf64_Half e_shnum; /* number of entries in section header */ -+ Elf64_Half e_shstrndx; /* section header table index */ -+} -+Elf64_Ehdr; -+ -+ -+typedef struct -+{ -+ Elf64_Word p_type; -+ Elf64_Word p_flags; -+ Elf64_Off p_offset; -+ Elf64_Addr p_vaddr; -+ Elf64_Addr p_paddr; -+ Elf64_Xword p_filesz; -+ Elf64_Xword p_memsz; -+ Elf64_Xword p_align; -+} -+Elf64_Phdr; -+ -+ -+typedef struct -+{ -+ Elf64_Word sh_name; /* Section name (string tbl index) */ -+ Elf64_Word sh_type; /* Section type */ -+ Elf64_Xword sh_flags; /* Section flags */ -+ Elf64_Addr sh_addr; /* Section virtual addr at execution */ -+ Elf64_Off sh_offset; /* Section file offset */ -+ Elf64_Xword sh_size; /* Section size in bytes */ -+ Elf64_Word sh_link; /* Link to another section */ -+ Elf64_Word sh_info; /* Additional section information */ -+ Elf64_Xword sh_addralign; /* Section alignment */ -+ Elf64_Xword sh_entsize; /* Entry size if section holds table */ -+} -+Elf64_Shdr; -+ -+#define ELFCLASS64 2 -+ -+#define EM_X86_64 0x3e -+ -+#define BOOTABLE_X86_64_ELF(h) \ -+ ((h.e_ident[EI_MAG0] == ELFMAG0) & (h.e_ident[EI_MAG1] == ELFMAG1) \ -+ & (h.e_ident[EI_MAG2] == ELFMAG2) & (h.e_ident[EI_MAG3] == ELFMAG3) \ -+ & (h.e_ident[EI_CLASS] == ELFCLASS64) & (h.e_ident[EI_DATA] == ELFDATA2LSB) \ -+ & (h.e_ident[EI_VERSION] == EV_CURRENT) & (h.e_type == ET_EXEC) \ -+ & (h.e_machine == EM_X86_64) & (h.e_version == EV_CURRENT)) diff --git a/extra/source/grub/grub.SlackBuild b/extra/source/grub/grub.SlackBuild deleted file mode 100755 index 417cb636..00000000 --- a/extra/source/grub/grub.SlackBuild +++ /dev/null @@ -1,121 +0,0 @@ -#!/bin/sh - -# Copyright 2009 Patrick J. Volkerding, Sebeka, MN, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - -VERSION=0.97 -GCVER=1.28 -ARCH=${ARCH:-x86_64} -BUILD=7 - -NUMJOBS=${NUMJOBS:-" -j7 "} - -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" -elif [ "$ARCH" = "s390" ]; then - SLKCFLAGS="-O2" -elif [ "$ARCH" = "x86_64" ]; then - SLKCFLAGS="-O2" -fi - -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-grub - -rm -rf $PKG -mkdir -p $PKG $TMP -cd $TMP -rm -rf grub-$VERSION -tar xvf $CWD/grub-$VERSION.tar.gz || exit 1 -cd grub-$VERSION || exit 1 - -# This is needed for the optional (but now default) increase in -# inode size from 128 to 256 bytes with ext2 and ext3: -zcat $CWD/grub_support_256byte_inode.patch.gz | patch -p1 --verbose || exit 1 - -zcat $CWD/grub-0.97-x86_64.patch.gz | patch -p1 || exit 1 - -chown -R root:root . -find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; - -CFLAGS="$SLKCFLAGS" \ -./configure \ - --prefix=/usr \ - --infodir=/usr/info \ - --mandir=/usr/man - -make $NUMJOBS || make || exit 1 -make install DESTDIR=$PKG || exit 1 - -find $PKG | xargs file | grep -e "executable" -e "shared object" \ - | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - -# Compress and if needed symlink the man pages: -if [ -d $PKG/usr/man ]; then - ( cd $PKG/usr/man - for manpagedir in $(find . -type d -name "man*") ; do - ( cd $manpagedir - for eachpage in $( find . -type l -maxdepth 1) ; do - ln -s $( readlink $eachpage ).gz $eachpage.gz - rm $eachpage - done - gzip -9 *.? - ) - done - ) -fi - -# Compress info pages and purge "dir" file from the package: -if [ -d $PKG/usr/info ]; then - ( cd $PKG/usr/info - rm -f dir - gzip -9 * - ) -fi - -mkdir -p $PKG/usr/doc/grub-$VERSION -cp -a \ - AUTHORS BUGS COPYING INSTALL MAINTENANCE NEWS README THANKS TODO \ - $PKG/usr/doc/grub-$VERSION - -mkdir -p $PKG/install -cat $CWD/slack-desc > $PKG/install/slack-desc - -# Add Kent's grubconfig tool: -cd $TMP -rm -rf grubconfig-$GCVER -tar xf $CWD/grubconfig-${GCVER}.tar.gz || exit 1 -cd grubconfig-$GCVER || exit 1 -zcat $CWD/grubconfig_localefix.patch.gz | patch || exit 1 -chown -R root:root . -chmod 644 README -chmod 755 grubconfig -mkdir -p $PKG/usr/doc/grubconfig-${GCVER} -cp -a README $PKG/usr/doc/grubconfig-${GCVER} -cp -a grubconfig $PKG/usr/sbin/grubconfig - -cd $PKG -/sbin/makepkg -l y -c n $TMP/grub-$VERSION-$ARCH-$BUILD.txz - diff --git a/extra/source/grub/grub_support_256byte_inode.patch b/extra/source/grub/grub_support_256byte_inode.patch deleted file mode 100644 index bef3bc18..00000000 --- a/extra/source/grub/grub_support_256byte_inode.patch +++ /dev/null @@ -1,94 +0,0 @@ -diff -Nrup a/stage2/fsys_ext2fs.c b/stage2/fsys_ext2fs.c ---- a/stage2/fsys_ext2fs.c 2004-08-08 20:19:18.000000000 +0200 -+++ b/stage2/fsys_ext2fs.c 2008-01-30 14:27:20.000000000 +0100 -@@ -79,7 +79,52 @@ struct ext2_super_block - __u32 s_rev_level; /* Revision level */ - __u16 s_def_resuid; /* Default uid for reserved blocks */ - __u16 s_def_resgid; /* Default gid for reserved blocks */ -- __u32 s_reserved[235]; /* Padding to the end of the block */ -+ /* -+ * These fields are for EXT2_DYNAMIC_REV superblocks only. -+ * -+ * Note: the difference between the compatible feature set and -+ * the incompatible feature set is that if there is a bit set -+ * in the incompatible feature set that the kernel doesn't -+ * know about, it should refuse to mount the filesystem. -+ * -+ * e2fsck's requirements are more strict; if it doesn't know -+ * about a feature in either the compatible or incompatible -+ * feature set, it must abort and not try to meddle with -+ * things it doesn't understand... -+ */ -+ __u32 s_first_ino; /* First non-reserved inode */ -+ __u16 s_inode_size; /* size of inode structure */ -+ __u16 s_block_group_nr; /* block group # of this superblock */ -+ __u32 s_feature_compat; /* compatible feature set */ -+ __u32 s_feature_incompat; /* incompatible feature set */ -+ __u32 s_feature_ro_compat; /* readonly-compatible feature set */ -+ __u8 s_uuid[16]; /* 128-bit uuid for volume */ -+ char s_volume_name[16]; /* volume name */ -+ char s_last_mounted[64]; /* directory where last mounted */ -+ __u32 s_algorithm_usage_bitmap; /* For compression */ -+ /* -+ * Performance hints. Directory preallocation should only -+ * happen if the EXT2_FEATURE_COMPAT_DIR_PREALLOC flag is on. -+ */ -+ __u8 s_prealloc_blocks; /* Nr of blocks to try to preallocate*/ -+ __u8 s_prealloc_dir_blocks; /* Nr to preallocate for dirs */ -+ __u16 s_reserved_gdt_blocks;/* Per group table for online growth */ -+ /* -+ * Journaling support valid if EXT2_FEATURE_COMPAT_HAS_JOURNAL set. -+ */ -+ __u8 s_journal_uuid[16]; /* uuid of journal superblock */ -+ __u32 s_journal_inum; /* inode number of journal file */ -+ __u32 s_journal_dev; /* device number of journal file */ -+ __u32 s_last_orphan; /* start of list of inodes to delete */ -+ __u32 s_hash_seed[4]; /* HTREE hash seed */ -+ __u8 s_def_hash_version; /* Default hash version to use */ -+ __u8 s_jnl_backup_type; /* Default type of journal backup */ -+ __u16 s_reserved_word_pad; -+ __u32 s_default_mount_opts; -+ __u32 s_first_meta_bg; /* First metablock group */ -+ __u32 s_mkfs_time; /* When the filesystem was created */ -+ __u32 s_jnl_blocks[17]; /* Backup of the journal inode */ -+ __u32 s_reserved[172]; /* Padding to the end of the block */ - }; - - struct ext2_group_desc -@@ -218,6 +263,9 @@ struct ext2_dir_entry - #define EXT2_ADDR_PER_BLOCK(s) (EXT2_BLOCK_SIZE(s) / sizeof (__u32)) - #define EXT2_ADDR_PER_BLOCK_BITS(s) (log2(EXT2_ADDR_PER_BLOCK(s))) - -+#define EXT2_INODE_SIZE(s) (SUPERBLOCK->s_inode_size) -+#define EXT2_INODES_PER_BLOCK(s) (EXT2_BLOCK_SIZE(s)/EXT2_INODE_SIZE(s)) -+ - /* linux/ext2_fs.h */ - #define EXT2_BLOCK_SIZE_BITS(s) ((s)->s_log_block_size + 10) - /* kind of from ext2/super.c */ -@@ -553,7 +601,7 @@ ext2fs_dir (char *dirname) - gdp = GROUP_DESC; - ino_blk = gdp[desc].bg_inode_table + - (((current_ino - 1) % (SUPERBLOCK->s_inodes_per_group)) -- >> log2 (EXT2_BLOCK_SIZE (SUPERBLOCK) / sizeof (struct ext2_inode))); -+ >> log2 (EXT2_INODES_PER_BLOCK (SUPERBLOCK))); - #ifdef E2DEBUG - printf ("inode table fsblock=%d\n", ino_blk); - #endif /* E2DEBUG */ -@@ -565,13 +613,12 @@ ext2fs_dir (char *dirname) - /* reset indirect blocks! */ - mapblock2 = mapblock1 = -1; - -- raw_inode = INODE + -- ((current_ino - 1) -- & (EXT2_BLOCK_SIZE (SUPERBLOCK) / sizeof (struct ext2_inode) - 1)); -+ raw_inode = (struct ext2_inode *)((char *)INODE + -+ ((current_ino - 1) & (EXT2_INODES_PER_BLOCK (SUPERBLOCK) - 1)) * -+ EXT2_INODE_SIZE (SUPERBLOCK)); - #ifdef E2DEBUG - printf ("ipb=%d, sizeof(inode)=%d\n", -- (EXT2_BLOCK_SIZE (SUPERBLOCK) / sizeof (struct ext2_inode)), -- sizeof (struct ext2_inode)); -+ EXT2_INODES_PER_BLOCK (SUPERBLOCK), EXT2_INODE_SIZE (SUPERBLOCK)); - printf ("inode=%x, raw_inode=%x\n", INODE, raw_inode); - printf ("offset into inode table block=%d\n", (int) raw_inode - (int) INODE); - for (i = (unsigned char *) INODE; i <= (unsigned char *) raw_inode; diff --git a/extra/source/grub/grubconfig_localefix.patch b/extra/source/grub/grubconfig_localefix.patch deleted file mode 100644 index 6c1d4e9f..00000000 --- a/extra/source/grub/grubconfig_localefix.patch +++ /dev/null @@ -1,32 +0,0 @@ ---- /usr/sbin/grubconfig 2006-03-24 09:28:41.000000000 +0100 -+++ _developpement/debug/grubconfig 2007-05-12 16:51:57.000000000 +0200 -@@ -53,6 +53,10 @@ - rm -rf $TMP $BOOT_TMP - mkdir -p $TMP $BOOT_TMP - -+# We need to ensure the output is in english in order to match the devices -+# with fdisk. -+export LC_ALL=C -+ - PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin - - # Menu to check if we want to use VESA framebuffer support: -@@ -475,7 +479,8 @@ - chmod 644 $BOOT/grub/$grub_config - message=yes - installcolor; -- umount $BOOT_TMP 2>$TMP/null && rmdir $BOOT_TMP -+ umount $BOOT_TMP 2> $TMP/null -+ rmdir $BOOT_TMP 2> $TMP/null - rm -rf $TMP - } - -@@ -1004,8 +1009,6 @@ - KILL=NO - fi - simplegrub -- umount $BOOT_TMP 2>$TMP/null -- rm -rf $TMP $BOOT_TMP - chroot_umount - exit - fi diff --git a/extra/source/grub/slack-desc b/extra/source/grub/slack-desc deleted file mode 100644 index f3bead79..00000000 --- a/extra/source/grub/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -grub: grub (GNU GRUB Legacy bootloader) -grub: -grub: This is the legacy (0.9x) version of GNU GRUB, the GRand Unified -grub: Bootloader. GRUB is an alternative to other familiar bootloaders -grub: such as LILO. Unlike LILO, it loads a kernel through direct file- -grub: system support rather than a block list so it does not need to be -grub: updated if a new kernel is installed. -grub: -grub: Also included is Kent Robotti's 'grubconfig' tool (similar to the -grub: Slackware 'liloconfig' setup tool). -grub: diff --git a/extra/source/pam/make-pam-solibs-for-chrome.sh b/extra/source/pam/make-pam-solibs-for-chrome.sh deleted file mode 100755 index e7cd4c9e..00000000 --- a/extra/source/pam/make-pam-solibs-for-chrome.sh +++ /dev/null @@ -1,84 +0,0 @@ -#!/bin/sh - -# Copyright 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -# This expects to find a file pam-*.txz in the local directory that -# will contain a usable PAM shared library to satify the requirement -# for that library. To get whatever is actually using PAM working is -# going to need more PAM structure installed, but luckily I've yet to -# encounter what needs it and everything works fine with only the -# libpam.so.0 installed. - -if ! ls pam-*-*-*.txz 1> /dev/null 2> /dev/null ; then - echo "FAIL: no Slackware pam txz package found." - exit 1 -fi - -PKGNAM=google-chrome-pam-solibs -VERSION=${VERSION:-$(echo pam-*-*-*.txz | cut -f 2 -d -)} -ARCH=${ARCH:-$(echo pam-*-*-*.txz | cut -f 3 -d -)} -BUILD=${BUILD:-$(echo pam-*-*-*.txz | cut -f 4 -d - | cut -f 1 -d .)} - -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-$PKGNAM -rm -rf $PKG -mkdir -p $TMP $PKG - -cd $PKG -mkdir tmp -( cd tmp - explodepkg $CWD/pam-$VERSION-$ARCH-$BUILD.txz - sh install/doinst.sh -) -mkdir -p $PKG/opt/google/chrome -if [ -d tmp/lib64 ]; then - cp -a tmp/lib64/libpam.so.0* $PKG/opt/google/chrome -else - cp -a tmp/lib/libpam.so.0* $PKG/opt/google/chrome -fi -rm -rf $PKG/tmp - -mkdir -p $PKG/install -cat << EOF > $PKG/install/slack-desc -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - |-----handy-ruler------------------------------------------------------| -google-chrome-pam-solibs: google-chrome-pam-solibs (libpam.so.0) -google-chrome-pam-solibs: -google-chrome-pam-solibs: This is a package that provides libpam.so.0 to satisfy the library -google-chrome-pam-solibs: requirement for Google Chrome when that is installed in the -google-chrome-pam-solibs: usual /opt/google/chrome directory. It does not provide any other -google-chrome-pam-solibs: PAM features, and cannot be used to compile against or by other -google-chrome-pam-solibs: programs. If you need real PAM for some reason (like to compile -google-chrome-pam-solibs: Chromium), please see the pam.SlackBuild in the source directory. -google-chrome-pam-solibs: -google-chrome-pam-solibs: -google-chrome-pam-solibs: -EOF - -cd $PKG -/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD$TAG.txz - diff --git a/extra/source/pam/pam.SlackBuild b/extra/source/pam/pam.SlackBuild deleted file mode 100755 index bbea0617..00000000 --- a/extra/source/pam/pam.SlackBuild +++ /dev/null @@ -1,173 +0,0 @@ -#!/bin/sh - -# Copyright 2010 Vincent Batts, vbatts@hashbangbash.com -# Copyright 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -# Call the church police! ;-) -SRCNAM=Linux-PAM -PKGNAM=pam -PAMRHVER=${PAMRHVER:-$(echo pam-redhat-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1,2 -d - | rev)} -VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} - -# Automatically determine the architecture we're building on: -if [ -z "$ARCH" ]; then - case "$( uname -m )" in - i?86) export ARCH=i486 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; - esac -fi - -NUMJOBS=${NUMJOBS:--j7} - -if [ "$ARCH" = "i386" ]; then - SLKCFLAGS="-O2 -march=i386 -mcpu=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "s390" ]; then - SLKCFLAGS="-O2" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "x86_64" ]; then - SLKCFLAGS="-O2 -fPIC" - LIBDIRSUFFIX="64" -else - SLKCFLAGS="-O2" - LIBDIRSUFFIX="" -fi - -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-$PKGNAM - -rm -rf $PKG -mkdir -p $TMP $PKG - -cd $TMP -rm -rf $SRCNAM-$VERSION -tar xvf $CWD/$SRCNAM-$VERSION.tar.?z* || exit 1 -cd $SRCNAM-$VERSION || exit 1 - -# Better take the Red Hat added modules and patches, because that's very -# likely to be the most standard as far as PAM goes: -tar xvf $CWD/pam-redhat-$PAMRHVER.tar.?z* || exit 1 -mv pam-redhat-$PAMRHVER/{CHANGELOG*,COPYING*,README*} . -mv pam-redhat-$PAMRHVER/* modules -zcat $CWD/patches/pam-1.0.90-redhat-modules.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.0.91-std-noclose.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.0-notally.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.1-faillock.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.2-noflex.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.3-faillock-screensaver.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.3-limits-nosetreuid.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.3-limits-range.patch.gz | patch -p0 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.3-nouserenv.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.3-pwhistory-incomplete.patch.gz | patch -p1 --verbose || exit 1 -zcat $CWD/patches/pam-1.1.3-securetty-console.patch.gz | patch -p0 --verbose || exit 1 - -# Churn some patches from .am -> .in: -autoreconf -f - -# Make these 2 man pages or the build falls over later on: -( cd modules/pam_faillock - xmlto man faillock.8.xml - xmlto man pam_faillock.8.xml -) - -chown -R root:root . -find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; - -CFLAGS="$SLKCFLAGS" \ -CXXFLAGS="$SLKCFLAGS" \ -./configure \ - --prefix=/ \ - --libdir=/lib${LIBDIRSUFFIX} \ - --sysconfdir=/etc \ - --includedir=/usr/include/security \ - --datarootdir=/usr/share \ - --localstatedir=/var \ - --mandir=/usr/man \ - --docdir=/usr/doc/$PKGNAM-$VERSION \ - --enable-read-both-confs \ - --disable-prelude \ - --disable-selinux \ - --build=$ARCH-slackware-linux || exit 1 - -make $NUMJOBS || make || exit 1 -make install DESTDIR=$PKG || exit 1 - -# this is a pam helper, that can only be called from pam -chown root:shadow $PKG/sbin/unix_chkpwd -chmod g+s $PKG/sbin/unix_chkpwd - -# Strip binaries: -( cd $PKG - find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null -) - -# Compress and if needed symlink the man pages: -if [ -d $PKG/usr/man ]; then - ( cd $PKG/usr/man - for manpagedir in $(find . -type d -name "man*") ; do - ( cd $manpagedir - for eachpage in $( find . -type l -maxdepth 1) ; do - ln -s $( readlink $eachpage ).gz $eachpage.gz - rm $eachpage - done - gzip -9 *.? - ) - done - ) -fi - -mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION -cp -a \ - AUTHORS COPYING* Copyright NEWS README* \ - $PKG/usr/doc/$PKGNAM-$VERSION - -# If there's a ChangeLog, installing at least part of the recent history -# is useful, but don't let it get totally out of control: -if [ -r ChangeLog ]; then - DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) - cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog - touch -r ChangeLog $DOCSDIR/ChangeLog -fi -if [ -r CHANGELOG ]; then - DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) - cat CHANGELOG | head -n 1000 > $DOCSDIR/CHANGELOG - touch -r CHANGELOG $DOCSDIR/CHANGELOG -fi -rm -f $PKG/usr/doc/$PKGNAM-$VERSION/index.html - -mkdir -p $PKG/install -cat $CWD/slack-desc > $PKG/install/slack-desc - -cd $PKG -/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD$TAG.txz - diff --git a/extra/source/pam/patches/pam-1.0.90-redhat-modules.patch b/extra/source/pam/patches/pam-1.0.90-redhat-modules.patch deleted file mode 100644 index 3ad41ccc..00000000 --- a/extra/source/pam/patches/pam-1.0.90-redhat-modules.patch +++ /dev/null @@ -1,23 +0,0 @@ -diff -up Linux-PAM-1.0.90/modules/Makefile.am.redhat-modules Linux-PAM-1.0.90/modules/Makefile.am ---- Linux-PAM-1.0.90/modules/Makefile.am.redhat-modules 2008-11-29 08:27:35.000000000 +0100 -+++ Linux-PAM-1.0.90/modules/Makefile.am 2008-12-16 13:40:16.000000000 +0100 -@@ -3,6 +3,7 @@ - # - - SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \ -+ pam_chroot pam_console pam_postgresok \ - pam_env pam_exec pam_faildelay pam_filter pam_ftp \ - pam_group pam_issue pam_keyinit pam_lastlog pam_limits \ - pam_listfile pam_localuser pam_loginuid pam_mail \ -diff -up Linux-PAM-1.0.90/configure.in.redhat-modules Linux-PAM-1.0.90/configure.in ---- Linux-PAM-1.0.90/configure.in.redhat-modules 2008-12-02 16:25:01.000000000 +0100 -+++ Linux-PAM-1.0.90/configure.in 2008-12-16 13:39:11.000000000 +0100 -@@ -531,6 +531,8 @@ AC_CONFIG_FILES([Makefile libpam/Makefil - libpam_misc/Makefile conf/Makefile conf/pam_conv1/Makefile \ - po/Makefile.in \ - modules/Makefile \ -+ modules/pam_chroot/Makefile modules/pam_console/Makefile \ -+ modules/pam_postgresok/Makefile \ - modules/pam_access/Makefile modules/pam_cracklib/Makefile \ - modules/pam_debug/Makefile modules/pam_deny/Makefile \ - modules/pam_echo/Makefile modules/pam_env/Makefile \ diff --git a/extra/source/pam/patches/pam-1.0.91-std-noclose.patch b/extra/source/pam/patches/pam-1.0.91-std-noclose.patch deleted file mode 100644 index 73594849..00000000 --- a/extra/source/pam/patches/pam-1.0.91-std-noclose.patch +++ /dev/null @@ -1,98 +0,0 @@ -diff -up Linux-PAM-1.0.91/modules/pam_mkhomedir/pam_mkhomedir.c.std-noclose Linux-PAM-1.0.91/modules/pam_mkhomedir/pam_mkhomedir.c ---- Linux-PAM-1.0.91/modules/pam_mkhomedir/pam_mkhomedir.c.std-noclose 2009-03-03 14:56:01.000000000 +0100 -+++ Linux-PAM-1.0.91/modules/pam_mkhomedir/pam_mkhomedir.c 2009-03-26 10:02:15.000000000 +0100 -@@ -131,13 +131,21 @@ create_homedir (pam_handle_t *pamh, int - if (child == 0) { - int i; - struct rlimit rlim; -+ int dummyfds[2]; - static char *envp[] = { NULL }; - char *args[] = { NULL, NULL, NULL, NULL, NULL }; - -+ /* replace std file descriptors with a dummy pipe */ -+ if (pipe(dummyfds) == 0) { -+ dup2(dummyfds[0], STDIN_FILENO); -+ dup2(dummyfds[1], STDOUT_FILENO); -+ dup2(dummyfds[1], STDERR_FILENO); -+ } -+ - if (getrlimit(RLIMIT_NOFILE, &rlim)==0) { - if (rlim.rlim_max >= MAX_FD_NO) - rlim.rlim_max = MAX_FD_NO; -- for (i=0; i < (int)rlim.rlim_max; i++) { -+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) { - close(i); - } - } -diff -up Linux-PAM-1.0.91/modules/pam_unix/support.c.std-noclose Linux-PAM-1.0.91/modules/pam_unix/support.c ---- Linux-PAM-1.0.91/modules/pam_unix/support.c.std-noclose 2009-03-03 14:56:01.000000000 +0100 -+++ Linux-PAM-1.0.91/modules/pam_unix/support.c 2009-03-26 10:08:59.000000000 +0100 -@@ -443,13 +443,16 @@ static int _unix_run_helper_binary(pam_h - - /* reopen stdin as pipe */ - dup2(fds[0], STDIN_FILENO); -+ /* and replace also the stdout/err as the helper will -+ not write anything there */ -+ dup2(fds[1], STDOUT_FILENO); -+ dup2(fds[1], STDERR_FILENO); - - if (getrlimit(RLIMIT_NOFILE,&rlim)==0) { - if (rlim.rlim_max >= MAX_FD_NO) - rlim.rlim_max = MAX_FD_NO; -- for (i=0; i < (int)rlim.rlim_max; i++) { -- if (i != STDIN_FILENO) -- close(i); -+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) { -+ close(i); - } - } - -diff -up Linux-PAM-1.0.91/modules/pam_unix/pam_unix_passwd.c.std-noclose Linux-PAM-1.0.91/modules/pam_unix/pam_unix_passwd.c ---- Linux-PAM-1.0.91/modules/pam_unix/pam_unix_passwd.c.std-noclose 2009-03-03 14:56:01.000000000 +0100 -+++ Linux-PAM-1.0.91/modules/pam_unix/pam_unix_passwd.c 2009-03-26 10:07:06.000000000 +0100 -@@ -175,13 +175,16 @@ static int _unix_run_update_binary(pam_h - - /* reopen stdin as pipe */ - dup2(fds[0], STDIN_FILENO); -+ /* and replace also the stdout/err as the helper will -+ not write anything there */ -+ dup2(fds[1], STDOUT_FILENO); -+ dup2(fds[1], STDERR_FILENO); - - if (getrlimit(RLIMIT_NOFILE,&rlim)==0) { - if (rlim.rlim_max >= MAX_FD_NO) - rlim.rlim_max = MAX_FD_NO; -- for (i=0; i < (int)rlim.rlim_max; i++) { -- if (i != STDIN_FILENO) -- close(i); -+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) { -+ close(i); - } - } - -diff -up Linux-PAM-1.0.91/modules/pam_unix/pam_unix_acct.c.std-noclose Linux-PAM-1.0.91/modules/pam_unix/pam_unix_acct.c ---- Linux-PAM-1.0.91/modules/pam_unix/pam_unix_acct.c.std-noclose 2009-03-03 14:56:01.000000000 +0100 -+++ Linux-PAM-1.0.91/modules/pam_unix/pam_unix_acct.c 2009-03-26 10:05:41.000000000 +0100 -@@ -100,16 +100,18 @@ int _unix_run_verify_binary(pam_handle_t - - /* reopen stdout as pipe */ - dup2(fds[1], STDOUT_FILENO); -+ /* and replace also the stdin, stderr so we do not exec the helper with -+ tty as stdin, it will not read anything from there anyway */ -+ dup2(fds[0], STDIN_FILENO); -+ dup2(fds[1], STDERR_FILENO); - - /* XXX - should really tidy up PAM here too */ - - if (getrlimit(RLIMIT_NOFILE,&rlim)==0) { - if (rlim.rlim_max >= MAX_FD_NO) - rlim.rlim_max = MAX_FD_NO; -- for (i=0; i < (int)rlim.rlim_max; i++) { -- if (i != STDOUT_FILENO) { -- close(i); -- } -+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) { -+ close(i); - } - } - diff --git a/extra/source/pam/patches/pam-1.1.0-notally.patch b/extra/source/pam/patches/pam-1.1.0-notally.patch deleted file mode 100644 index 9327eecb..00000000 --- a/extra/source/pam/patches/pam-1.1.0-notally.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up Linux-PAM-1.1.0/modules/Makefile.am.notally Linux-PAM-1.1.0/modules/Makefile.am ---- Linux-PAM-1.1.0/modules/Makefile.am.notally 2009-07-27 17:39:25.000000000 +0200 -+++ Linux-PAM-1.1.0/modules/Makefile.am 2009-09-01 17:40:16.000000000 +0200 -@@ -10,7 +10,7 @@ SUBDIRS = pam_access pam_cracklib pam_de - pam_mkhomedir pam_motd pam_namespace pam_nologin \ - pam_permit pam_pwhistory pam_rhosts pam_rootok pam_securetty \ - pam_selinux pam_sepermit pam_shells pam_stress \ -- pam_succeed_if pam_tally pam_tally2 pam_time pam_timestamp \ -+ pam_succeed_if pam_tally2 pam_time pam_timestamp \ - pam_tty_audit pam_umask \ - pam_unix pam_userdb pam_warn pam_wheel pam_xauth - diff --git a/extra/source/pam/patches/pam-1.1.1-faillock.patch b/extra/source/pam/patches/pam-1.1.1-faillock.patch deleted file mode 100644 index 46f30374..00000000 --- a/extra/source/pam/patches/pam-1.1.1-faillock.patch +++ /dev/null @@ -1,1712 +0,0 @@ -diff -up Linux-PAM-1.1.1/configure.in.faillock Linux-PAM-1.1.1/configure.in ---- Linux-PAM-1.1.1/configure.in.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/configure.in 2010-09-17 15:58:41.000000000 +0200 -@@ -539,7 +539,7 @@ AC_CONFIG_FILES([Makefile libpam/Makefil - modules/pam_access/Makefile modules/pam_cracklib/Makefile \ - modules/pam_debug/Makefile modules/pam_deny/Makefile \ - modules/pam_echo/Makefile modules/pam_env/Makefile \ -- modules/pam_faildelay/Makefile \ -+ modules/pam_faildelay/Makefile modules/pam_faillock/Makefile \ - modules/pam_filter/Makefile modules/pam_filter/upperLOWER/Makefile \ - modules/pam_ftp/Makefile modules/pam_group/Makefile \ - modules/pam_issue/Makefile modules/pam_keyinit/Makefile \ -diff -up Linux-PAM-1.1.1/doc/sag/pam_faillock.xml.faillock Linux-PAM-1.1.1/doc/sag/pam_faillock.xml ---- Linux-PAM-1.1.1/doc/sag/pam_faillock.xml.faillock 2010-09-17 16:05:56.000000000 +0200 -+++ Linux-PAM-1.1.1/doc/sag/pam_faillock.xml 2010-09-17 16:08:26.000000000 +0200 -@@ -0,0 +1,38 @@ -+<?xml version='1.0' encoding='UTF-8'?> -+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" -+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd"> -+<section id='sag-pam_faillock'> -+ <title>pam_faillock - temporarily locking access based on failed authentication attempts during an interval</title> -+ <cmdsynopsis> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_faillock-cmdsynopsisauth"]/*)'/> -+ </cmdsynopsis> -+ <cmdsynopsis> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_faillock-cmdsynopsisacct"]/*)'/> -+ </cmdsynopsis> -+ <section id='sag-pam_faillock-description'> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-description"]/*)'/> -+ </section> -+ <section id='sag-pam_faillock-options'> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-options"]/*)'/> -+ </section> -+ <section id='sag-pam_faillock-types'> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-types"]/*)'/> -+ </section> -+ <section id='sag-pam_faillock-return_values'> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-return_values"]/*)'/> -+ </section> -+ <section id='sag-pam_faillock-examples'> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-examples"]/*)'/> -+ </section> -+ <section id='sag-pam_faillock-author'> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-author"]/*)'/> -+ </section> -+</section> -diff -up Linux-PAM-1.1.1/modules/Makefile.am.faillock Linux-PAM-1.1.1/modules/Makefile.am ---- Linux-PAM-1.1.1/modules/Makefile.am.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/Makefile.am 2010-09-17 15:58:41.000000000 +0200 -@@ -3,7 +3,7 @@ - # - - SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \ -- pam_chroot pam_console pam_postgresok \ -+ pam_chroot pam_console pam_postgresok pam_faillock \ - pam_env pam_exec pam_faildelay pam_filter pam_ftp \ - pam_group pam_issue pam_keyinit pam_lastlog pam_limits \ - pam_listfile pam_localuser pam_loginuid pam_mail \ -diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.c.faillock Linux-PAM-1.1.1/modules/pam_faillock/faillock.c ---- Linux-PAM-1.1.1/modules/pam_faillock/faillock.c.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/faillock.c 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,147 @@ -+/* -+ * Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com> -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, and the entire permission notice in its entirety, -+ * including the disclaimer of warranties. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote -+ * products derived from this software without specific prior -+ * written permission. -+ * -+ * ALTERNATIVELY, this product may be distributed under the terms of -+ * the GNU Public License, in which case the provisions of the GPL are -+ * required INSTEAD OF the above restrictions. (This clause is -+ * necessary due to a potential bad interaction between the GPL and -+ * the restrictions contained in a BSD-style copyright.) -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+#include "config.h" -+#include <string.h> -+#include <stdlib.h> -+#include <unistd.h> -+#include <errno.h> -+#include <sys/types.h> -+#include <sys/stat.h> -+#include <sys/file.h> -+#include <fcntl.h> -+#include <security/pam_modutil.h> -+ -+#include "faillock.h" -+ -+int -+open_tally (const char *dir, const char *user, int create) -+{ -+ char *path; -+ int flags = O_RDWR; -+ int fd; -+ -+ if (strstr(user, "../") != NULL) -+ /* just a defensive programming as the user must be a -+ * valid user on the system anyway -+ */ -+ return -1; -+ path = malloc(strlen(dir) + strlen(user) + 2); -+ if (path == NULL) -+ return -1; -+ -+ strcpy(path, dir); -+ if (*dir && dir[strlen(dir) - 1] != '/') { -+ strcat(path, "/"); -+ } -+ strcat(path, user); -+ -+ if (create) { -+ flags |= O_CREAT; -+ } -+ -+ fd = open(path, flags, 0600); -+ -+ if (fd != -1) -+ while (flock(fd, LOCK_EX) == -1 && errno == EINTR); -+ -+ return fd; -+} -+ -+#define CHUNK_SIZE (64 * sizeof(struct tally)) -+#define MAX_RECORDS 1024 -+ -+int -+read_tally(int fd, struct tally_data *tallies) -+{ -+ void *data = NULL, *newdata; -+ unsigned int count = 0; -+ ssize_t chunk = 0; -+ -+ do { -+ newdata = realloc(data, count * sizeof(struct tally) + CHUNK_SIZE); -+ if (newdata == NULL) { -+ free(data); -+ return -1; -+ } -+ -+ data = newdata; -+ -+ chunk = pam_modutil_read(fd, (char *)data + count * sizeof(struct tally), CHUNK_SIZE); -+ if (chunk < 0) { -+ free(data); -+ return -1; -+ } -+ -+ count += chunk/sizeof(struct tally); -+ -+ if (count >= MAX_RECORDS) -+ break; -+ } -+ while (chunk == CHUNK_SIZE); -+ -+ tallies->records = data; -+ tallies->count = count; -+ -+ return 0; -+} -+ -+int -+update_tally(int fd, struct tally_data *tallies) -+{ -+ void *data = tallies->records; -+ unsigned int count = tallies->count; -+ ssize_t chunk; -+ -+ if (tallies->count > MAX_RECORDS) { -+ data = tallies->records + (count - MAX_RECORDS); -+ count = MAX_RECORDS; -+ } -+ -+ if (lseek(fd, 0, SEEK_SET) == (off_t)-1) { -+ return -1; -+ } -+ -+ chunk = pam_modutil_write(fd, data, count * sizeof(struct tally)); -+ -+ if (chunk != (ssize_t)(count * sizeof(struct tally))) { -+ return -1; -+ } -+ -+ if (ftruncate(fd, count * sizeof(struct tally)) == -1) -+ return -1; -+ -+ return 0; -+} -diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.h.faillock Linux-PAM-1.1.1/modules/pam_faillock/faillock.h ---- Linux-PAM-1.1.1/modules/pam_faillock/faillock.h.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/faillock.h 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,72 @@ -+/* -+ * Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com> -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, and the entire permission notice in its entirety, -+ * including the disclaimer of warranties. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote -+ * products derived from this software without specific prior -+ * written permission. -+ * -+ * ALTERNATIVELY, this product may be distributed under the terms of -+ * the GNU Public License, in which case the provisions of the GPL are -+ * required INSTEAD OF the above restrictions. (This clause is -+ * necessary due to a potential bad interaction between the GPL and -+ * the restrictions contained in a BSD-style copyright.) -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+/* -+ * faillock.h - authentication failure data file record structure -+ * -+ * Each record in the file represents an instance of login failure of -+ * the user at the recorded time -+ */ -+ -+ -+#ifndef _FAILLOCK_H -+#define _FAILLOCK_H -+ -+#include <stdint.h> -+ -+#define TALLY_STATUS_VALID 0x1 /* the tally file entry is valid */ -+#define TALLY_STATUS_RHOST 0x2 /* the source is rhost */ -+#define TALLY_STATUS_TTY 0x4 /* the source is tty - if both TALLY_FLAG_RHOST and TALLY_FLAG_TTY are not set the source is service */ -+ -+struct tally { -+ char source[52]; /* rhost or tty of the login failure (not necessarily NULL terminated) */ -+ uint16_t reserved; /* reserved for future use */ -+ uint16_t status; /* record status */ -+ uint64_t time; /* time of the login failure */ -+}; -+/* 64 bytes per entry */ -+ -+struct tally_data { -+ struct tally *records; /* array of tallies */ -+ unsigned int count; /* number of records */ -+}; -+ -+#define FAILLOCK_DEFAULT_TALLYDIR "/var/run/faillock" -+ -+int open_tally(const char *dir, const char *user, int create); -+int read_tally(int fd, struct tally_data *tallies); -+int update_tally(int fd, struct tally_data *tallies); -+#endif -+ -diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml.faillock Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml ---- Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,123 @@ -+<?xml version="1.0" encoding='UTF-8'?> -+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" -+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> -+ -+<refentry id="faillock"> -+ -+ <refmeta> -+ <refentrytitle>faillock</refentrytitle> -+ <manvolnum>8</manvolnum> -+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo> -+ </refmeta> -+ -+ <refnamediv id="pam_faillock-name"> -+ <refname>faillock</refname> -+ <refpurpose>Tool for displaying and modifying the authentication failure record files</refpurpose> -+ </refnamediv> -+ -+ <refsynopsisdiv> -+ <cmdsynopsis id="faillock-cmdsynopsis"> -+ <command>faillock</command> -+ <arg choice="opt"> -+ --dir <replaceable>/path/to/tally-directory</replaceable> -+ </arg> -+ <arg choice="opt"> -+ --user <replaceable>username</replaceable> -+ </arg> -+ <arg choice="opt"> -+ --reset -+ </arg> -+ </cmdsynopsis> -+ </refsynopsisdiv> -+ -+ <refsect1 id="faillock-description"> -+ -+ <title>DESCRIPTION</title> -+ -+ <para> -+ The <emphasis>pam_faillock.so</emphasis> module maintains a list of -+ failed authentication attempts per user during a specified interval -+ and locks the account in case there were more than -+ <replaceable>deny</replaceable> consecutive failed authentications. -+ It stores the failure records into per-user files in the tally -+ directory. -+ </para> -+ <para> -+ The <command>faillock</command> command is an application which -+ can be used to examine and modify the contents of the -+ the tally files. It can display the recent failed authentication -+ attempts of the <replaceable>username</replaceable> or clear the tally -+ files of all or individual <replaceable>usernames</replaceable>. -+ </para> -+ </refsect1> -+ -+ <refsect1 id="faillock-options"> -+ -+ <title>OPTIONS</title> -+ <variablelist> -+ <varlistentry> -+ <term> -+ <option>--dir <replaceable>/path/to/tally-directory</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ The directory where the user files with the failure records are kept. The -+ default is <filename>/var/run/faillock</filename>. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>--user <replaceable>username</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ The user whose failure records should be displayed or cleared. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>--reset</option> -+ </term> -+ <listitem> -+ <para> -+ Instead of displaying the user's failure records, clear them. -+ </para> -+ </listitem> -+ </varlistentry> -+ </variablelist> -+ </refsect1> -+ -+ <refsect1 id="faillock-files"> -+ <title>FILES</title> -+ <variablelist> -+ <varlistentry> -+ <term><filename>/var/run/faillock/*</filename></term> -+ <listitem> -+ <para>the files logging the authentication failures for users</para> -+ </listitem> -+ </varlistentry> -+ </variablelist> -+ </refsect1> -+ -+ <refsect1 id='faillock-see_also'> -+ <title>SEE ALSO</title> -+ <para> -+ <citerefentry> -+ <refentrytitle>pam_faillock</refentrytitle><manvolnum>8</manvolnum> -+ </citerefentry>, -+ <citerefentry> -+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum> -+ </citerefentry> -+ </para> -+ </refsect1> -+ -+ <refsect1 id='faillock-author'> -+ <title>AUTHOR</title> -+ <para> -+ faillock was written by Tomas Mraz. -+ </para> -+ </refsect1> -+ -+</refentry> -diff -up Linux-PAM-1.1.1/modules/pam_faillock/main.c.faillock Linux-PAM-1.1.1/modules/pam_faillock/main.c ---- Linux-PAM-1.1.1/modules/pam_faillock/main.c.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/main.c 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,231 @@ -+/* -+ * Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com> -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, and the entire permission notice in its entirety, -+ * including the disclaimer of warranties. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote -+ * products derived from this software without specific prior -+ * written permission. -+ * -+ * ALTERNATIVELY, this product may be distributed under the terms of -+ * the GNU Public License, in which case the provisions of the GPL are -+ * required INSTEAD OF the above restrictions. (This clause is -+ * necessary due to a potential bad interaction between the GPL and -+ * the restrictions contained in a BSD-style copyright.) -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+#include "config.h" -+ -+#include <stdio.h> -+#include <stdlib.h> -+#include <string.h> -+#include <dirent.h> -+#include <errno.h> -+#include <pwd.h> -+#include <time.h> -+#ifdef HAVE_LIBAUDIT -+#include <libaudit.h> -+#endif -+ -+#include "faillock.h" -+ -+struct options { -+ unsigned int reset; -+ const char *dir; -+ const char *user; -+ const char *progname; -+}; -+ -+static int -+args_parse(int argc, char **argv, struct options *opts) -+{ -+ int i; -+ memset(opts, 0, sizeof(*opts)); -+ -+ opts->dir = FAILLOCK_DEFAULT_TALLYDIR; -+ opts->progname = argv[0]; -+ -+ for (i = 1; i < argc; ++i) { -+ -+ if (strcmp(argv[i], "--dir") == 0) { -+ ++i; -+ if (i >= argc || strlen(argv[i]) == 0) { -+ fprintf(stderr, "%s: No directory supplied.\n", argv[0]); -+ return -1; -+ } -+ opts->dir = argv[i]; -+ } -+ else if (strcmp(argv[i], "--user") == 0) { -+ ++i; -+ if (i >= argc || strlen(argv[i]) == 0) { -+ fprintf(stderr, "%s: No user name supplied.\n", argv[0]); -+ return -1; -+ } -+ opts->user = argv[i]; -+ } -+ else if (strcmp(argv[i], "--reset") == 0) { -+ opts->reset = 1; -+ } -+ else { -+ fprintf(stderr, "%s: Unknown option: %s\n", argv[0], argv[i]); -+ return -1; -+ } -+ } -+ return 0; -+} -+ -+static void -+usage(const char *progname) -+{ -+ fprintf(stderr, _("Usage: %s [--dir /path/to/tally-directory] [--user username] [--reset]\n"), -+ progname); -+} -+ -+static int -+do_user(struct options *opts, const char *user) -+{ -+ int fd; -+ int rv; -+ struct tally_data tallies; -+ -+ fd = open_tally(opts->dir, user, 0); -+ -+ if (fd == -1) { -+ if (errno == ENOENT) { -+ return 0; -+ } -+ else { -+ fprintf(stderr, "%s: Error opening the tally file for %s:", -+ opts->progname, user); -+ perror(NULL); -+ return 3; -+ } -+ } -+ if (opts->reset) { -+#ifdef HAVE_LIBAUDIT -+ char buf[64]; -+ int audit_fd; -+#endif -+ -+ while ((rv=ftruncate(fd, 0)) == -1 && errno == EINTR); -+ if (rv == -1) { -+ fprintf(stderr, "%s: Error clearing the tally file for %s:", -+ opts->progname, user); -+ perror(NULL); -+#ifdef HAVE_LIBAUDIT -+ } -+ if ((audit_fd=audit_open()) >= 0) { -+ struct passwd *pwd; -+ -+ if ((pwd=getpwnam(user)) != NULL) { -+ snprintf(buf, sizeof(buf), "faillock reset uid=%u", -+ pwd->pw_uid); -+ audit_log_user_message(audit_fd, AUDIT_USER_ACCT, -+ buf, NULL, NULL, NULL, rv == 0); -+ } -+ close(audit_fd); -+ } -+ if (rv == -1) { -+#endif -+ close(fd); -+ return 4; -+ } -+ } -+ else { -+ unsigned int i; -+ -+ memset(&tallies, 0, sizeof(tallies)); -+ if ((rv=read_tally(fd, &tallies)) == -1) { -+ fprintf(stderr, "%s: Error reading the tally file for %s:", -+ opts->progname, user); -+ perror(NULL); -+ close(fd); -+ return 5; -+ } -+ -+ printf("%s:\n", user); -+ printf("%-19s %-5s %-48s %-5s\n", "When", "Type", "Source", "Valid"); -+ -+ for (i = 0; i < tallies.count; i++) { -+ struct tm *tm; -+ char timebuf[80]; -+ uint16_t status = tallies.records[i].status; -+ time_t when = tallies.records[i].time; -+ -+ tm = localtime(&when); -+ strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S", tm); -+ printf("%-19s %-5s %-52.52s %s\n", timebuf, -+ status & TALLY_STATUS_RHOST ? "RHOST" : (status & TALLY_STATUS_TTY ? "TTY" : "SVC"), -+ tallies.records[i].source, status & TALLY_STATUS_VALID ? "V":"I"); -+ } -+ free(tallies.records); -+ } -+ close(fd); -+ return 0; -+} -+ -+static int -+do_allusers(struct options *opts) -+{ -+ struct dirent **userlist; -+ int rv, i; -+ -+ rv = scandir(opts->dir, &userlist, NULL, alphasort); -+ if (rv < 0) { -+ fprintf(stderr, "%s: Error reading tally directory: ", opts->progname); -+ perror(NULL); -+ return 2; -+ } -+ -+ for (i = 0; i < rv; i++) { -+ if (userlist[i]->d_name[0] == '.') { -+ if ((userlist[i]->d_name[1] == '.' && userlist[i]->d_name[2] == '\0') || -+ userlist[i]->d_name[1] == '\0') -+ continue; -+ } -+ do_user(opts, userlist[i]->d_name); -+ free(userlist[i]); -+ } -+ free(userlist); -+ -+ return 0; -+} -+ -+ -+/*-----------------------------------------------------------------------*/ -+int -+main (int argc, char *argv[]) -+{ -+ struct options opts; -+ -+ if (args_parse(argc, argv, &opts)) { -+ usage(argv[0]); -+ return 1; -+ } -+ -+ if (opts.user == NULL) { -+ return do_allusers(&opts); -+ } -+ -+ return do_user(&opts, opts.user); -+} -+ -diff -up Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am.faillock Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am ---- Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,43 @@ -+# -+# Copyright (c) 2005, 2006, 2007, 2009 Thorsten Kukuk <kukuk@thkukuk.de> -+# Copyright (c) 2008 Red Hat, Inc. -+# Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com> -+# -+ -+CLEANFILES = *~ -+MAINTAINERCLEANFILES = $(MANS) README -+ -+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_faillock -+ -+man_MANS = pam_faillock.8 faillock.8 -+XMLS = README.xml pam_faillock.8.xml faillock.8.xml -+ -+TESTS = tst-pam_faillock -+ -+securelibdir = $(SECUREDIR) -+secureconfdir = $(SCONFIGDIR) -+ -+noinst_HEADERS = faillock.h -+ -+faillock_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include -+pam_faillock_la_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include -+ -+pam_faillock_la_LDFLAGS = -no-undefined -avoid-version -module -+pam_faillock_la_LIBADD = -L$(top_builddir)/libpam -lpam $(LIBAUDIT) -+if HAVE_VERSIONING -+ pam_faillock_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map -+endif -+ -+faillock_LDADD = -L$(top_builddir)/libpam -lpam $(LIBAUDIT) -+ -+securelib_LTLIBRARIES = pam_faillock.la -+sbin_PROGRAMS = faillock -+ -+pam_faillock_la_SOURCES = pam_faillock.c faillock.c -+faillock_SOURCES = main.c faillock.c -+ -+if ENABLE_REGENERATE_MAN -+noinst_DATA = README -+README: pam_faillock.8.xml -+-include $(top_srcdir)/Make.xml.rules -+endif -diff -up Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c.faillock Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c ---- Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,550 @@ -+/* -+ * Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com> -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, and the entire permission notice in its entirety, -+ * including the disclaimer of warranties. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote -+ * products derived from this software without specific prior -+ * written permission. -+ * -+ * ALTERNATIVELY, this product may be distributed under the terms of -+ * the GNU Public License, in which case the provisions of the GPL are -+ * required INSTEAD OF the above restrictions. (This clause is -+ * necessary due to a potential bad interaction between the GPL and -+ * the restrictions contained in a BSD-style copyright.) -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED -+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, -+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -+ * OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+ -+#include "config.h" -+#include <stdio.h> -+#include <string.h> -+#include <unistd.h> -+#include <stdint.h> -+#include <stdlib.h> -+#include <errno.h> -+#include <time.h> -+#include <pwd.h> -+#include <syslog.h> -+ -+#ifdef HAVE_LIBAUDIT -+#include <libaudit.h> -+#endif -+ -+#include <security/pam_modules.h> -+#include <security/pam_modutil.h> -+#include <security/pam_ext.h> -+ -+#include "faillock.h" -+ -+#define PAM_SM_AUTH -+#define PAM_SM_ACCOUNT -+ -+#define FAILLOCK_ACTION_PREAUTH 0 -+#define FAILLOCK_ACTION_AUTHSUCC 1 -+#define FAILLOCK_ACTION_AUTHFAIL 2 -+ -+#define FAILLOCK_FLAG_DENY_ROOT 0x1 -+#define FAILLOCK_FLAG_AUDIT 0x2 -+#define FAILLOCK_FLAG_SILENT 0x4 -+#define FAILLOCK_FLAG_NO_LOG_INFO 0x8 -+#define FAILLOCK_FLAG_UNLOCKED 0x10 -+ -+#define MAX_TIME_INTERVAL 604800 /* 7 days */ -+ -+struct options { -+ unsigned int action; -+ unsigned int flags; -+ unsigned short deny; -+ unsigned int fail_interval; -+ unsigned int unlock_time; -+ unsigned int root_unlock_time; -+ const char *dir; -+ const char *user; -+ int failures; -+ uint64_t latest_time; -+ uid_t uid; -+ uint64_t now; -+}; -+ -+static void -+args_parse(pam_handle_t *pamh, int argc, const char **argv, -+ int flags, struct options *opts) -+{ -+ int i; -+ memset(opts, 0, sizeof(*opts)); -+ -+ opts->dir = FAILLOCK_DEFAULT_TALLYDIR; -+ opts->deny = 3; -+ opts->fail_interval = 900; -+ opts->unlock_time = 600; -+ opts->root_unlock_time = MAX_TIME_INTERVAL+1; -+ -+ for (i = 0; i < argc; ++i) { -+ -+ if (strncmp(argv[i], "dir=", 4) == 0) { -+ if (argv[i][4] != '/') { -+ pam_syslog(pamh, LOG_ERR, -+ "Tally directory is not absolute path (%s); keeping default", argv[i]); -+ } else { -+ opts->dir = argv[i]+4; -+ } -+ } -+ else if (strncmp(argv[i], "deny=", 5) == 0) { -+ if (sscanf(argv[i]+5, "%hu", &opts->deny) != 1) { -+ pam_syslog(pamh, LOG_ERR, -+ "Bad number supplied for deny argument"); -+ } -+ } -+ else if (strncmp(argv[i], "fail_interval=", 14) == 0) { -+ unsigned int temp; -+ if (sscanf(argv[i]+14, "%u", &temp) != 1 || -+ temp > MAX_TIME_INTERVAL) { -+ pam_syslog(pamh, LOG_ERR, -+ "Bad number supplied for fail_interval argument"); -+ } else { -+ opts->fail_interval = temp; -+ } -+ } -+ else if (strncmp(argv[i], "unlock_time=", 12) == 0) { -+ unsigned int temp; -+ if (sscanf(argv[i]+12, "%u", &temp) != 1 || -+ temp > MAX_TIME_INTERVAL) { -+ pam_syslog(pamh, LOG_ERR, -+ "Bad number supplied for unlock_time argument"); -+ } else { -+ opts->unlock_time = temp; -+ } -+ } -+ else if (strncmp(argv[i], "root_unlock_time=", 17) == 0) { -+ unsigned int temp; -+ if (sscanf(argv[i]+17, "%u", &temp) != 1 || -+ temp > MAX_TIME_INTERVAL) { -+ pam_syslog(pamh, LOG_ERR, -+ "Bad number supplied for root_unlock_time argument"); -+ } else { -+ opts->root_unlock_time = temp; -+ } -+ } -+ else if (strcmp(argv[i], "preauth") == 0) { -+ opts->action = FAILLOCK_ACTION_PREAUTH; -+ } -+ else if (strcmp(argv[i], "authfail") == 0) { -+ opts->action = FAILLOCK_ACTION_AUTHFAIL; -+ } -+ else if (strcmp(argv[i], "authsucc") == 0) { -+ opts->action = FAILLOCK_ACTION_AUTHSUCC; -+ } -+ else if (strcmp(argv[i], "even_deny_root") == 0) { -+ opts->flags |= FAILLOCK_FLAG_DENY_ROOT; -+ } -+ else if (strcmp(argv[i], "audit") == 0) { -+ opts->flags |= FAILLOCK_FLAG_AUDIT; -+ } -+ else if (strcmp(argv[i], "silent") == 0) { -+ opts->flags |= FAILLOCK_FLAG_SILENT; -+ } -+ else if (strcmp(argv[i], "no_log_info") == 0) { -+ opts->flags |= FAILLOCK_FLAG_NO_LOG_INFO; -+ } -+ else { -+ pam_syslog(pamh, LOG_ERR, "Unknown option: %s", argv[i]); -+ } -+ } -+ -+ if (opts->root_unlock_time == MAX_TIME_INTERVAL+1) -+ opts->root_unlock_time = opts->unlock_time; -+ if (flags & PAM_SILENT) -+ opts->flags |= FAILLOCK_FLAG_SILENT; -+} -+ -+static int get_pam_user(pam_handle_t *pamh, struct options *opts) -+{ -+ const char *user; -+ int rv; -+ struct passwd *pwd; -+ -+ if ((rv=pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS) { -+ return rv; -+ } -+ -+ if (*user == '\0') { -+ return PAM_IGNORE; -+ } -+ -+ if ((pwd=pam_modutil_getpwnam(pamh, user)) == NULL) { -+ if (opts->flags & FAILLOCK_FLAG_AUDIT) { -+ pam_syslog(pamh, LOG_ERR, "User unknown: %s", user); -+ } -+ else { -+ pam_syslog(pamh, LOG_ERR, "User unknown"); -+ } -+ return PAM_IGNORE; -+ } -+ opts->user = user; -+ opts->uid = pwd->pw_uid; -+ return PAM_SUCCESS; -+} -+ -+static int -+check_tally(pam_handle_t *pamh, struct options *opts, struct tally_data *tallies, int *fd) -+{ -+ int tfd; -+ unsigned int i; -+ uint64_t latest_time; -+ int failures; -+ -+ opts->now = time(NULL); -+ -+ tfd = open_tally(opts->dir, opts->user, 0); -+ -+ *fd = tfd; -+ -+ if (tfd == -1) { -+ if (errno == EACCES || errno == ENOENT) { -+ return PAM_SUCCESS; -+ } -+ pam_syslog(pamh, LOG_ERR, "Error opening the tally file for %s: %m", opts->user); -+ return PAM_SYSTEM_ERR; -+ } -+ -+ if (read_tally(tfd, tallies) != 0) { -+ pam_syslog(pamh, LOG_ERR, "Error reading the tally file for %s: %m", opts->user); -+ return PAM_SYSTEM_ERR; -+ } -+ -+ if (opts->uid == 0 && !(opts->flags & FAILLOCK_FLAG_DENY_ROOT)) { -+ return PAM_SUCCESS; -+ } -+ -+ latest_time = 0; -+ for(i = 0; i < tallies->count; i++) { -+ if ((tallies->records[i].status & TALLY_STATUS_VALID) && -+ tallies->records[i].time > latest_time) -+ latest_time = tallies->records[i].time; -+ } -+ -+ opts->latest_time = latest_time; -+ -+ failures = 0; -+ for(i = 0; i < tallies->count; i++) { -+ if ((tallies->records[i].status & TALLY_STATUS_VALID) && -+ latest_time - tallies->records[i].time < opts->fail_interval) { -+ ++failures; -+ } -+ } -+ -+ opts->failures = failures; -+ -+ if (opts->uid == 0 && !(opts->flags & FAILLOCK_FLAG_DENY_ROOT)) { -+ return PAM_SUCCESS; -+ } -+ -+ if (opts->deny && failures >= opts->deny) { -+ if ((opts->uid && latest_time + opts->unlock_time < opts->now) || -+ (!opts->uid && latest_time + opts->root_unlock_time < opts->now)) { -+#ifdef HAVE_LIBAUDIT -+ if (opts->action != FAILLOCK_ACTION_PREAUTH) { /* do not audit in preauth */ -+ char buf[64]; -+ int audit_fd; -+ -+ audit_fd = audit_open(); -+ /* If there is an error & audit support is in the kernel report error */ -+ if ((audit_fd < 0) && !(errno == EINVAL || errno == EPROTONOSUPPORT || -+ errno == EAFNOSUPPORT)) -+ return PAM_SYSTEM_ERR; -+ -+ snprintf(buf, sizeof(buf), "pam_faillock uid=%u ", opts->uid); -+ audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_UNLOCK_TIMED, buf, -+ NULL, NULL, NULL, 1); -+ } -+#endif -+ opts->flags |= FAILLOCK_FLAG_UNLOCKED; -+ return PAM_SUCCESS; -+ } -+ return PAM_AUTH_ERR; -+ } -+ return PAM_SUCCESS; -+} -+ -+static void -+reset_tally(pam_handle_t *pamh, struct options *opts, int *fd) -+{ -+ int rv; -+ -+ while ((rv=ftruncate(*fd, 0)) == -1 && errno == EINTR); -+ if (rv == -1) { -+ pam_syslog(pamh, LOG_ERR, "Error clearing the tally file for %s: %m", opts->user); -+ } -+} -+ -+static int -+write_tally(pam_handle_t *pamh, struct options *opts, struct tally_data *tallies, int *fd) -+{ -+ struct tally *records; -+ unsigned int i; -+ int failures; -+ unsigned int oldest; -+ uint64_t oldtime; -+ const void *source = NULL; -+ -+ if (*fd == -1) { -+ *fd = open_tally(opts->dir, opts->user, 1); -+ } -+ if (*fd == -1) { -+ if (errno == EACCES) { -+ return PAM_SUCCESS; -+ } -+ pam_syslog(pamh, LOG_ERR, "Error opening the tally file for %s: %m", opts->user); -+ return PAM_SYSTEM_ERR; -+ } -+ -+ oldtime = 0; -+ oldest = 0; -+ failures = 0; -+ -+ for (i = 0; i < tallies->count; ++i) { -+ if (tallies->records[i].time < oldtime) { -+ oldtime = tallies->records[i].time; -+ oldest = i; -+ } -+ if (opts->flags & FAILLOCK_FLAG_UNLOCKED || -+ opts->now - tallies->records[i].time >= opts->fail_interval ) { -+ tallies->records[i].status &= ~TALLY_STATUS_VALID; -+ } else { -+ ++failures; -+ } -+ } -+ -+ if (oldest >= tallies->count || (tallies->records[oldest].status & TALLY_STATUS_VALID)) { -+ oldest = tallies->count; -+ -+ if ((records=realloc(tallies->records, (oldest+1) * sizeof (*tallies->records))) == NULL) { -+ pam_syslog(pamh, LOG_CRIT, "Error allocating memory for tally records: %m"); -+ return PAM_BUF_ERR; -+ } -+ -+ ++tallies->count; -+ tallies->records = records; -+ } -+ -+ memset(&tallies->records[oldest], 0, sizeof (*tallies->records)); -+ -+ tallies->records[oldest].status = TALLY_STATUS_VALID; -+ if (pam_get_item(pamh, PAM_RHOST, &source) != PAM_SUCCESS || source == NULL) { -+ if (pam_get_item(pamh, PAM_TTY, &source) != PAM_SUCCESS || source == NULL) { -+ if (pam_get_item(pamh, PAM_SERVICE, &source) != PAM_SUCCESS || source == NULL) { -+ source = ""; -+ } -+ } -+ else { -+ tallies->records[oldest].status |= TALLY_STATUS_TTY; -+ } -+ } -+ else { -+ tallies->records[oldest].status |= TALLY_STATUS_RHOST; -+ } -+ -+ strncpy(tallies->records[oldest].source, source, sizeof(tallies->records[oldest].source)); -+ /* source does not have to be null terminated */ -+ -+ tallies->records[oldest].time = opts->now; -+ -+ ++failures; -+ -+ if (opts->deny && failures == opts->deny) { -+#ifdef HAVE_LIBAUDIT -+ char buf[64]; -+ int audit_fd; -+ -+ audit_fd = audit_open(); -+ /* If there is an error & audit support is in the kernel report error */ -+ if ((audit_fd < 0) && !(errno == EINVAL || errno == EPROTONOSUPPORT || -+ errno == EAFNOSUPPORT)) -+ return PAM_SYSTEM_ERR; -+ -+ snprintf(buf, sizeof(buf), "pam_faillock uid=%u ", opts->uid); -+ audit_log_user_message(audit_fd, AUDIT_ANOM_LOGIN_FAILURES, buf, -+ NULL, NULL, NULL, 1); -+ -+ if (opts->uid != 0 || (opts->flags & FAILLOCK_FLAG_DENY_ROOT)) { -+ audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_LOCK, buf, -+ NULL, NULL, NULL, 1); -+ } -+ close(audit_fd); -+#endif -+ if (!(opts->flags & FAILLOCK_FLAG_NO_LOG_INFO)) { -+ pam_syslog(pamh, LOG_INFO, "Consecutive login failures for user %s account temporarily locked", -+ opts->user); -+ } -+ } -+ -+ if (update_tally(*fd, tallies) == 0) -+ return PAM_SUCCESS; -+ -+ return PAM_SYSTEM_ERR; -+} -+ -+static void -+faillock_message(pam_handle_t *pamh, struct options *opts) -+{ -+ int64_t left; -+ -+ if (!(opts->flags & FAILLOCK_FLAG_SILENT)) { -+ if (opts->uid) { -+ left = opts->latest_time + opts->unlock_time - opts->now; -+ } -+ else { -+ left = opts->latest_time + opts->root_unlock_time - opts->now; -+ } -+ -+ left /= 60; /* minutes */ -+ -+ pam_info(pamh, _("Account temporarily locked due to %d failed logins"), -+ opts->failures); -+ pam_info(pamh, _("(%d minutes left to unlock)"), (int)left); -+ } -+} -+ -+static void -+tally_cleanup(struct tally_data *tallies, int fd) -+{ -+ if (fd != -1) { -+ close(fd); -+ } -+ -+ free(tallies->records); -+} -+ -+/*---------------------------------------------------------------------*/ -+ -+PAM_EXTERN int -+pam_sm_authenticate(pam_handle_t *pamh, int flags, -+ int argc, const char **argv) -+{ -+ struct options opts; -+ int rv, fd = -1; -+ struct tally_data tallies; -+ -+ memset(&tallies, 0, sizeof(tallies)); -+ -+ args_parse(pamh, argc, argv, flags, &opts); -+ -+ pam_fail_delay(pamh, 2000000); /* 2 sec delay for on failure */ -+ -+ if ((rv=get_pam_user(pamh, &opts)) != PAM_SUCCESS) { -+ return rv; -+ } -+ -+ switch (opts.action) { -+ case FAILLOCK_ACTION_PREAUTH: -+ rv = check_tally(pamh, &opts, &tallies, &fd); -+ if (rv == PAM_AUTH_ERR && !(opts.flags & FAILLOCK_FLAG_SILENT)) { -+ faillock_message(pamh, &opts); -+ } -+ break; -+ -+ case FAILLOCK_ACTION_AUTHSUCC: -+ rv = check_tally(pamh, &opts, &tallies, &fd); -+ if (rv == PAM_SUCCESS && fd != -1) { -+ reset_tally(pamh, &opts, &fd); -+ } -+ break; -+ -+ case FAILLOCK_ACTION_AUTHFAIL: -+ rv = check_tally(pamh, &opts, &tallies, &fd); -+ if (rv == PAM_SUCCESS) { -+ rv = PAM_IGNORE; /* this return value should be ignored */ -+ write_tally(pamh, &opts, &tallies, &fd); -+ } -+ break; -+ } -+ -+ tally_cleanup(&tallies, fd); -+ -+ return rv; -+} -+ -+/*---------------------------------------------------------------------*/ -+ -+PAM_EXTERN int -+pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED, -+ int argc UNUSED, const char **argv UNUSED) -+{ -+ return PAM_SUCCESS; -+} -+ -+/*---------------------------------------------------------------------*/ -+ -+PAM_EXTERN int -+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, -+ int argc, const char **argv) -+{ -+ struct options opts; -+ int rv, fd = -1; -+ struct tally_data tallies; -+ -+ memset(&tallies, 0, sizeof(tallies)); -+ -+ args_parse(pamh, argc, argv, flags, &opts); -+ -+ opts.action = FAILLOCK_ACTION_AUTHSUCC; -+ -+ if ((rv=get_pam_user(pamh, &opts)) != PAM_SUCCESS) { -+ return rv; -+ } -+ -+ check_tally(pamh, &opts, &tallies, &fd); -+ if (fd != -1) { -+ reset_tally(pamh, &opts, &fd); -+ } -+ -+ tally_cleanup(&tallies, fd); -+ -+ return PAM_SUCCESS; -+} -+ -+/*-----------------------------------------------------------------------*/ -+ -+#ifdef PAM_STATIC -+ -+/* static module data */ -+ -+struct pam_module _pam_faillock_modstruct = { -+ MODULE_NAME, -+#ifdef PAM_SM_AUTH -+ pam_sm_authenticate, -+ pam_sm_setcred, -+#else -+ NULL, -+ NULL, -+#endif -+#ifdef PAM_SM_ACCOUNT -+ pam_sm_acct_mgmt, -+#else -+ NULL, -+#endif -+ NULL, -+ NULL, -+ NULL, -+}; -+ -+#endif /* #ifdef PAM_STATIC */ -+ -diff -up Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml.faillock Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml ---- Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,396 @@ -+<?xml version="1.0" encoding='UTF-8'?> -+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" -+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> -+ -+<refentry id="pam_faillock"> -+ -+ <refmeta> -+ <refentrytitle>pam_faillock</refentrytitle> -+ <manvolnum>8</manvolnum> -+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo> -+ </refmeta> -+ -+ <refnamediv id="pam_faillock-name"> -+ <refname>pam_faillock</refname> -+ <refpurpose>Module counting authentication failures during a specified interval</refpurpose> -+ </refnamediv> -+ -+ <refsynopsisdiv> -+ <cmdsynopsis id="pam_faillock-cmdsynopsisauth"> -+ <command>auth ... pam_faillock.so</command> -+ <arg choice="req"> -+ preauth|authfail|authsucc -+ </arg> -+ <arg choice="opt"> -+ dir=<replaceable>/path/to/tally-directory</replaceable> -+ </arg> -+ <arg choice="opt"> -+ even_deny_root -+ </arg> -+ <arg choice="opt"> -+ deny=<replaceable>n</replaceable> -+ </arg> -+ <arg choice="opt"> -+ fail_interval=<replaceable>n</replaceable> -+ </arg> -+ <arg choice="opt"> -+ unlock_time=<replaceable>n</replaceable> -+ </arg> -+ <arg choice="opt"> -+ root_unlock_time=<replaceable>n</replaceable> -+ </arg> -+ <arg choice="opt"> -+ audit -+ </arg> -+ <arg choice="opt"> -+ silent -+ </arg> -+ <arg choice="opt"> -+ no_log_info -+ </arg> -+ </cmdsynopsis> -+ <cmdsynopsis id="pam_faillock-cmdsynopsisacct"> -+ <command>account ... pam_faillock.so</command> -+ <arg choice="opt"> -+ dir=<replaceable>/path/to/tally-directory</replaceable> -+ </arg> -+ <arg choice="opt"> -+ no_log_info -+ </arg> -+ </cmdsynopsis> -+ </refsynopsisdiv> -+ -+ <refsect1 id="pam_faillock-description"> -+ -+ <title>DESCRIPTION</title> -+ -+ <para> -+ This module maintains a list of failed authentication attempts per -+ user during a specified interval and locks the account in case -+ there were more than <replaceable>deny</replaceable> consecutive -+ failed authentications. -+ </para> -+ <para> -+ Normally, failed attempts to authenticate <emphasis>root</emphasis> will -+ <emphasis remap='B'>not</emphasis> cause the root account to become -+ blocked, to prevent denial-of-service: if your users aren't given -+ shell accounts and root may only login via <command>su</command> or -+ at the machine console (not telnet/rsh, etc), this is safe. -+ </para> -+ </refsect1> -+ -+ <refsect1 id="pam_faillock-options"> -+ -+ <title>OPTIONS</title> -+ <variablelist> -+ <varlistentry> -+ <term> -+ <option>{preauth|authfail|authsucc}</option> -+ </term> -+ <listitem> -+ <para> -+ This argument must be set accordingly to the position of this module -+ instance in the PAM stack. -+ </para> -+ <para> -+ The <emphasis>preauth</emphasis> argument must be used when the module -+ is called before the modules which ask for the user credentials such -+ as the password. The module just examines whether the user should -+ be blocked from accessing the service in case there were anomalous -+ number of failed consecutive authentication attempts recently. This -+ call is optional if <emphasis>authsucc</emphasis> is used. -+ </para> -+ <para> -+ The <emphasis>authfail</emphasis> argument must be used when the module -+ is called after the modules which determine the authentication outcome, -+ failed. Unless the user is already blocked due to previous authentication -+ failures, the module will record the failure into the appropriate user -+ tally file. -+ </para> -+ <para> -+ The <emphasis>authsucc</emphasis> argument must be used when the module -+ is called after the modules which determine the authentication outcome, -+ succeded. Unless the user is already blocked due to previous authentication -+ failures, the module will then clear the record of the failures in the -+ respective user tally file. Otherwise it will return authentication error. -+ If this call is not done, the pam_faillock will not distinguish between -+ consecutive and non-consecutive failed authentication attempts. The -+ <emphasis>preauth</emphasis> call must be used in such case. Due to -+ complications in the way the PAM stack can be configured it is also -+ possible to call <emphasis>pam_faillock</emphasis> as an account module. -+ In such configuration the module must be also called in the -+ <emphasis>preauth</emphasis> stage. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>dir=<replaceable>/path/to/tally-directory</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ The directory where the user files with the failure records are kept. The -+ default is <filename>/var/run/faillock</filename>. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>audit</option> -+ </term> -+ <listitem> -+ <para> -+ Will log the user name into the system log if the user is not found. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>silent</option> -+ </term> -+ <listitem> -+ <para> -+ Don't print informative messages. This option is implicite -+ in the <emphasis>authfail</emphasis> and <emphasis>authsucc</emphasis> -+ functions. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>no_log_info</option> -+ </term> -+ <listitem> -+ <para> -+ Don't log informative messages via <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>deny=<replaceable>n</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ Deny access if the number of consecutive authentication failures -+ for this user during the recent interval exceeds -+ <replaceable>n</replaceable>. The default is 3. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>fail_interval=<replaceable>n</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ The length of the interval during which the consecutive -+ authentication failures must happen for the user account -+ lock out is <replaceable>n</replaceable> seconds. -+ The default is 900 (15 minutes). -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>unlock_time=<replaceable>n</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ The access will be reenabled after -+ <replaceable>n</replaceable> seconds after the lock out. -+ The default is 600 (10 minutes). -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>even_deny_root</option> -+ </term> -+ <listitem> -+ <para> -+ Root account can become locked as well as regular accounts. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term> -+ <option>root_unlock_time=<replaceable>n</replaceable></option> -+ </term> -+ <listitem> -+ <para> -+ This option implies <option>even_deny_root</option> option. -+ Allow access after <replaceable>n</replaceable> seconds -+ to root account after the account is locked. In case the -+ option is not specified the value is the same as of the -+ <option>unlock_time</option> option. -+ </para> -+ </listitem> -+ </varlistentry> -+ </variablelist> -+ </refsect1> -+ -+ <refsect1 id="pam_faillock-types"> -+ <title>MODULE TYPES PROVIDED</title> -+ <para> -+ The <option>auth</option> and <option>account</option> module types are -+ provided. -+ </para> -+ </refsect1> -+ -+ <refsect1 id='pam_faillock-return_values'> -+ <title>RETURN VALUES</title> -+ <variablelist> -+ <varlistentry> -+ <term>PAM_AUTH_ERR</term> -+ <listitem> -+ <para> -+ A invalid option was given, the module was not able -+ to retrieve the user name, no valid counter file -+ was found, or too many failed logins. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term>PAM_SUCCESS</term> -+ <listitem> -+ <para> -+ Everything was successful. -+ </para> -+ </listitem> -+ </varlistentry> -+ <varlistentry> -+ <term>PAM_IGNORE</term> -+ <listitem> -+ <para> -+ User not present in passwd database. -+ </para> -+ </listitem> -+ </varlistentry> -+ </variablelist> -+ </refsect1> -+ -+ <refsect1 id='pam_faillock-notes'> -+ <title>NOTES</title> -+ <para> -+ <emphasis>pam_faillock</emphasis> setup in the PAM stack is different -+ from the <emphasis>pam_tally2</emphasis> module setup. -+ </para> -+ <para> -+ There is no setuid wrapper for access to the data file such as when the -+ <emphasis remap='B'>pam_faillock.so</emphasis> module is called from -+ a screensaver. As this would make it impossible to share PAM configuration -+ with such services the following workaround is used: If the data file -+ cannot be opened because of insufficient permissions -+ (<errorcode>EACCES</errorcode>) the module returns -+ <errorcode>PAM_SUCCESS</errorcode>. -+ </para> -+ <para> -+ Note that using the module in <option>preauth</option> without the -+ <option>silent</option> option or with <emphasis>requisite</emphasis> -+ control field leaks an information about existence or -+ non-existence of an user account in the system because -+ the failures are not recorded for the unknown users. The message -+ about the user account being locked is never displayed for nonexisting -+ user accounts allowing the adversary to infer that a particular account -+ is not existing on a system. -+ </para> -+ </refsect1> -+ -+ <refsect1 id='pam_faillock-examples'> -+ <title>EXAMPLES</title> -+ <para> -+ Here are two possible configuration examples for <filename>/etc/pam.d/login</filename>. -+ They make <emphasis>pam_faillock</emphasis> to lock the account after 4 consecutive -+ failed logins during the default interval of 15 minutes. Root account will be locked -+ as well. The accounts will be automatically unlocked after 20 minutes. -+ </para> -+ <para> -+ In the first example the module is called only in the <emphasis>auth</emphasis> -+ phase and the module does not print any information about the account blocking -+ by <emphasis>pam_faillock</emphasis>. The <emphasis>preauth</emphasis> call can -+ be added to tell the user that his login is blocked by the module and also to abort -+ the authentication without even asking for password in such case. -+ </para> -+ <programlisting> -+auth required pam_securetty.so -+auth required pam_env.so -+auth required pam_nologin.so -+# optionally call: auth requisite pam_faillock.so preauth deny=4 even_deny_root unlock_time=1200 -+# to display the message about account being locked -+auth [success=1 default=bad] pam_unix.so -+auth [default=die] pam_faillock.so authfail deny=4 even_deny_root unlock_time=1200 -+auth sufficient pam_faillock.so authsucc deny=4 even_deny_root unlock_time=1200 -+auth required pam_deny.so -+account required pam_unix.so -+password required pam_unix.so shadow -+session required pam_selinux.so close -+session required pam_loginuid.so -+session required pam_unix.so -+session required pam_selinux.so open -+ </programlisting> -+ <para> -+ In the second example the module is called both in the <emphasis>auth</emphasis> -+ and <emphasis>account</emphasis> phases and the module gives the authenticating -+ user message when the account is locked -+ </para> -+ <programlisting> -+auth required pam_securetty.so -+auth required pam_env.so -+auth required pam_nologin.so -+auth required pam_faillock.so preauth silent deny=4 even_deny_root unlock_time=1200 -+# optionally use requisite above if you do not want to prompt for the password -+# on locked accounts, possibly with removing the silent option as well -+auth sufficient pam_unix.so -+auth [default=die] pam_faillock.so authfail deny=4 even_deny_root unlock_time=1200 -+auth required pam_deny.so -+account required pam_faillock.so -+# if you drop the above call to pam_faillock.so the lock will be done also -+# on non-consecutive authentication failures -+account required pam_unix.so -+password required pam_unix.so shadow -+session required pam_selinux.so close -+session required pam_loginuid.so -+session required pam_unix.so -+session required pam_selinux.so open -+ </programlisting> -+ </refsect1> -+ -+ <refsect1 id="pam_faillock-files"> -+ <title>FILES</title> -+ <variablelist> -+ <varlistentry> -+ <term><filename>/var/run/faillock/*</filename></term> -+ <listitem> -+ <para>the files logging the authentication failures for users</para> -+ </listitem> -+ </varlistentry> -+ </variablelist> -+ </refsect1> -+ -+ <refsect1 id='pam_faillock-see_also'> -+ <title>SEE ALSO</title> -+ <para> -+ <citerefentry> -+ <refentrytitle>faillock</refentrytitle><manvolnum>8</manvolnum> -+ </citerefentry>, -+ <citerefentry> -+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum> -+ </citerefentry>, -+ <citerefentry> -+ <refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum> -+ </citerefentry>, -+ <citerefentry> -+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum> -+ </citerefentry> -+ </para> -+ </refsect1> -+ -+ <refsect1 id='pam_faillock-author'> -+ <title>AUTHOR</title> -+ <para> -+ pam_faillock was written by Tomas Mraz. -+ </para> -+ </refsect1> -+ -+</refentry> -diff -up Linux-PAM-1.1.1/modules/pam_faillock/README.xml.faillock Linux-PAM-1.1.1/modules/pam_faillock/README.xml ---- Linux-PAM-1.1.1/modules/pam_faillock/README.xml.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/README.xml 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,46 @@ -+<?xml version="1.0" encoding='UTF-8'?> -+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" -+"http://www.docbook.org/xml/4.3/docbookx.dtd" -+[ -+<!-- -+<!ENTITY pamaccess SYSTEM "pam_faillock.8.xml"> -+--> -+]> -+ -+<article> -+ -+ <articleinfo> -+ -+ <title> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="pam_faillock.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_faillock-name"]/*)'/> -+ </title> -+ -+ </articleinfo> -+ -+ <section> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-description"]/*)'/> -+ </section> -+ -+ <section> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-options"]/*)'/> -+ </section> -+ -+ <section> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-notes"]/*)'/> -+ </section> -+ -+ <section> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-examples"]/*)'/> -+ </section> -+ -+ <section> -+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" -+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-author"]/*)'/> -+ </section> -+ -+</article> -diff -up Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock.faillock Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock ---- Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock.faillock 2010-09-17 15:58:41.000000000 +0200 -+++ Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock 2010-09-17 15:58:41.000000000 +0200 -@@ -0,0 +1,2 @@ -+#!/bin/sh -+../../tests/tst-dlopen .libs/pam_faillock.so diff --git a/extra/source/pam/patches/pam-1.1.2-noflex.patch b/extra/source/pam/patches/pam-1.1.2-noflex.patch deleted file mode 100644 index fc965559..00000000 --- a/extra/source/pam/patches/pam-1.1.2-noflex.patch +++ /dev/null @@ -1,27 +0,0 @@ -diff -up Linux-PAM-1.1.2/doc/Makefile.am.noflex Linux-PAM-1.1.2/doc/Makefile.am ---- Linux-PAM-1.1.2/doc/Makefile.am.noflex 2008-02-04 16:05:51.000000000 +0100 -+++ Linux-PAM-1.1.2/doc/Makefile.am 2010-09-20 10:40:59.000000000 +0200 -@@ -2,7 +2,7 @@ - # Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de> - # - --SUBDIRS = man specs sag adg mwg -+SUBDIRS = man sag adg mwg - - CLEANFILES = *~ - -diff -up Linux-PAM-1.1.2/Makefile.am.noflex Linux-PAM-1.1.2/Makefile.am ---- Linux-PAM-1.1.2/Makefile.am.noflex 2010-07-08 14:04:19.000000000 +0200 -+++ Linux-PAM-1.1.2/Makefile.am 2010-09-20 10:04:56.000000000 +0200 -@@ -5,9 +5,9 @@ - AUTOMAKE_OPTIONS = 1.9 gnu dist-bzip2 check-news - - if STATIC_MODULES --SUBDIRS = modules libpam libpamc libpam_misc tests po conf doc examples xtests -+SUBDIRS = modules libpam libpamc libpam_misc tests po doc examples xtests - else --SUBDIRS = libpam tests libpamc libpam_misc modules po conf doc examples xtests -+SUBDIRS = libpam tests libpamc libpam_misc modules po doc examples xtests - endif - - CLEANFILES = *~ diff --git a/extra/source/pam/patches/pam-1.1.3-faillock-screensaver.patch b/extra/source/pam/patches/pam-1.1.3-faillock-screensaver.patch deleted file mode 100644 index 249d2850..00000000 --- a/extra/source/pam/patches/pam-1.1.3-faillock-screensaver.patch +++ /dev/null @@ -1,167 +0,0 @@ -diff -up Linux-PAM-1.1.3/modules/pam_faillock/faillock.c.screensaver Linux-PAM-1.1.3/modules/pam_faillock/faillock.c ---- Linux-PAM-1.1.3/modules/pam_faillock/faillock.c.screensaver 2010-11-10 11:46:07.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_faillock/faillock.c 2010-11-10 11:46:07.000000000 +0100 -@@ -41,13 +41,14 @@ - #include <sys/types.h> - #include <sys/stat.h> - #include <sys/file.h> -+#include <sys/stat.h> - #include <fcntl.h> - #include <security/pam_modutil.h> - - #include "faillock.h" - - int --open_tally (const char *dir, const char *user, int create) -+open_tally (const char *dir, const char *user, uid_t uid, int create) - { - char *path; - int flags = O_RDWR; -@@ -69,8 +70,18 @@ open_tally (const char *dir, const char - - fd = open(path, flags, 0600); - -- if (fd != -1) -+ free(path); -+ -+ if (fd != -1) { -+ struct stat st; -+ - while (flock(fd, LOCK_EX) == -1 && errno == EINTR); -+ if (fstat(fd, &st) == 0) { -+ if (st.st_uid != uid) { -+ fchown(fd, uid, -1); -+ } -+ } -+ } - - return fd; - } -diff -up Linux-PAM-1.1.3/modules/pam_faillock/faillock.h.screensaver Linux-PAM-1.1.3/modules/pam_faillock/faillock.h ---- Linux-PAM-1.1.3/modules/pam_faillock/faillock.h.screensaver 2010-11-10 11:46:07.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_faillock/faillock.h 2010-11-10 11:46:07.000000000 +0100 -@@ -45,6 +45,7 @@ - #define _FAILLOCK_H - - #include <stdint.h> -+#include <sys/types.h> - - #define TALLY_STATUS_VALID 0x1 /* the tally file entry is valid */ - #define TALLY_STATUS_RHOST 0x2 /* the source is rhost */ -@@ -65,7 +66,7 @@ struct tally_data { - - #define FAILLOCK_DEFAULT_TALLYDIR "/var/run/faillock" - --int open_tally(const char *dir, const char *user, int create); -+int open_tally(const char *dir, const char *user, uid_t uid, int create); - int read_tally(int fd, struct tally_data *tallies); - int update_tally(int fd, struct tally_data *tallies); - #endif -diff -up Linux-PAM-1.1.3/modules/pam_faillock/main.c.screensaver Linux-PAM-1.1.3/modules/pam_faillock/main.c ---- Linux-PAM-1.1.3/modules/pam_faillock/main.c.screensaver 2010-11-10 11:46:07.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_faillock/main.c 2010-11-10 11:46:07.000000000 +0100 -@@ -106,8 +106,11 @@ do_user(struct options *opts, const char - int fd; - int rv; - struct tally_data tallies; -+ struct passwd *pwd; - -- fd = open_tally(opts->dir, user, 0); -+ pwd = getpwnam(user); -+ -+ fd = open_tally(opts->dir, user, pwd != NULL ? pwd->pw_uid : 0, 0); - - if (fd == -1) { - if (errno == ENOENT) { -@@ -134,9 +137,8 @@ do_user(struct options *opts, const char - #ifdef HAVE_LIBAUDIT - } - if ((audit_fd=audit_open()) >= 0) { -- struct passwd *pwd; - -- if ((pwd=getpwnam(user)) != NULL) { -+ if (pwd != NULL) { - snprintf(buf, sizeof(buf), "faillock reset uid=%u", - pwd->pw_uid); - audit_log_user_message(audit_fd, AUDIT_USER_ACCT, -diff -up Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.c.screensaver Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.c ---- Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.c.screensaver 2010-11-10 11:46:07.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.c 2010-11-10 11:46:07.000000000 +0100 -@@ -213,7 +213,7 @@ check_tally(pam_handle_t *pamh, struct o - - opts->now = time(NULL); - -- tfd = open_tally(opts->dir, opts->user, 0); -+ tfd = open_tally(opts->dir, opts->user, opts->uid, 0); - - *fd = tfd; - -@@ -289,9 +289,14 @@ reset_tally(pam_handle_t *pamh, struct o - { - int rv; - -- while ((rv=ftruncate(*fd, 0)) == -1 && errno == EINTR); -- if (rv == -1) { -- pam_syslog(pamh, LOG_ERR, "Error clearing the tally file for %s: %m", opts->user); -+ if (*fd == -1) { -+ *fd = open_tally(opts->dir, opts->user, opts->uid, 1); -+ } -+ else { -+ while ((rv=ftruncate(*fd, 0)) == -1 && errno == EINTR); -+ if (rv == -1) { -+ pam_syslog(pamh, LOG_ERR, "Error clearing the tally file for %s: %m", opts->user); -+ } - } - } - -@@ -306,7 +311,7 @@ write_tally(pam_handle_t *pamh, struct o - const void *source = NULL; - - if (*fd == -1) { -- *fd = open_tally(opts->dir, opts->user, 1); -+ *fd = open_tally(opts->dir, opts->user, opts->uid, 1); - } - if (*fd == -1) { - if (errno == EACCES) { -@@ -463,7 +468,7 @@ pam_sm_authenticate(pam_handle_t *pamh, - - case FAILLOCK_ACTION_AUTHSUCC: - rv = check_tally(pamh, &opts, &tallies, &fd); -- if (rv == PAM_SUCCESS && fd != -1) { -+ if (rv == PAM_SUCCESS) { - reset_tally(pamh, &opts, &fd); - } - break; -@@ -511,10 +516,8 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int - return rv; - } - -- check_tally(pamh, &opts, &tallies, &fd); -- if (fd != -1) { -- reset_tally(pamh, &opts, &fd); -- } -+ check_tally(pamh, &opts, &tallies, &fd); /* for auditing */ -+ reset_tally(pamh, &opts, &fd); - - tally_cleanup(&tallies, fd); - -diff -up Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.8.xml.screensaver Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.8.xml ---- Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.8.xml.screensaver 2010-11-10 11:46:07.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.8.xml 2010-11-10 11:47:14.000000000 +0100 -@@ -277,13 +277,9 @@ - from the <emphasis>pam_tally2</emphasis> module setup. - </para> - <para> -- There is no setuid wrapper for access to the data file such as when the -- <emphasis remap='B'>pam_faillock.so</emphasis> module is called from -- a screensaver. As this would make it impossible to share PAM configuration -- with such services the following workaround is used: If the data file -- cannot be opened because of insufficient permissions -- (<errorcode>EACCES</errorcode>) the module returns -- <errorcode>PAM_SUCCESS</errorcode>. -+ The individual files with the failure records are created as owned by -+ the user. This allows <emphasis remap='B'>pam_faillock.so</emphasis> module -+ to work correctly when it is called from a screensaver. - </para> - <para> - Note that using the module in <option>preauth</option> without the diff --git a/extra/source/pam/patches/pam-1.1.3-limits-nosetreuid.patch b/extra/source/pam/patches/pam-1.1.3-limits-nosetreuid.patch deleted file mode 100644 index 885690d0..00000000 --- a/extra/source/pam/patches/pam-1.1.3-limits-nosetreuid.patch +++ /dev/null @@ -1,64 +0,0 @@ -diff -up Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c.nosetreuid Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c ---- Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c.nosetreuid 2009-02-20 14:27:14.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c 2010-11-11 12:31:04.000000000 +0100 -@@ -103,7 +103,6 @@ struct pam_limit_s { - /* argument parsing */ - - #define PAM_DEBUG_ARG 0x0001 --#define PAM_DO_SETREUID 0x0002 - #define PAM_UTMP_EARLY 0x0004 - #define PAM_NO_AUDIT 0x0008 - -@@ -127,8 +126,6 @@ _pam_parse (const pam_handle_t *pamh, in - ctrl |= PAM_DEBUG_ARG; - } else if (!strncmp(*argv,"conf=",5)) { - pl->conf_file = *argv+5; -- } else if (!strncmp(*argv,"change_uid",10)) { -- ctrl |= PAM_DO_SETREUID; - } else if (!strcmp(*argv,"utmp_early")) { - ctrl |= PAM_UTMP_EARLY; - } else if (!strcmp(*argv,"noaudit")) { -@@ -777,10 +774,6 @@ out: - return retval; - } - -- if (ctrl & PAM_DO_SETREUID) { -- setreuid(pwd->pw_uid, -1); -- } -- - retval = setup_limits(pamh, pwd->pw_name, pwd->pw_uid, ctrl, pl); - if (retval & LOGIN_ERR) - pam_error(pamh, _("Too many logins for '%s'."), pwd->pw_name); -diff -up Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml.nosetreuid Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml ---- Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml.nosetreuid 2009-06-01 09:03:20.000000000 +0200 -+++ Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml 2010-11-11 12:32:35.000000000 +0100 -@@ -23,9 +23,6 @@ - <cmdsynopsis id="pam_limits-cmdsynopsis"> - <command>pam_limits.so</command> - <arg choice="opt"> -- change_uid -- </arg> -- <arg choice="opt"> - conf=<replaceable>/path/to/limits.conf</replaceable> - </arg> - <arg choice="opt"> -@@ -72,19 +69,6 @@ - <variablelist> - <varlistentry> - <term> -- <option>change_uid</option> -- </term> -- <listitem> -- <para> -- Change real uid to the user for who the limits are set up. Use this -- option if you have problems like login not forking a shell for user -- who has no processes. Be warned that something else may break when -- you do this. -- </para> -- </listitem> -- </varlistentry> -- <varlistentry> -- <term> - <option>conf=<replaceable>/path/to/limits.conf</replaceable></option> - </term> - <listitem> diff --git a/extra/source/pam/patches/pam-1.1.3-limits-range.patch b/extra/source/pam/patches/pam-1.1.3-limits-range.patch deleted file mode 100644 index c357eb28..00000000 --- a/extra/source/pam/patches/pam-1.1.3-limits-range.patch +++ /dev/null @@ -1,351 +0,0 @@ -Index: modules/pam_limits/limits.conf.5.xml -=================================================================== -RCS file: /cvsroot/pam/Linux-PAM/modules/pam_limits/limits.conf.5.xml,v -retrieving revision 1.9 -retrieving revision 1.11 -diff -u -p -r1.9 -r1.11 ---- modules/pam_limits/limits.conf.5.xml 20 Feb 2009 13:27:14 -0000 1.9 -+++ modules/pam_limits/limits.conf.5.xml 14 Dec 2010 08:40:40 -0000 1.11 -@@ -53,7 +53,38 @@ - <listitem> - <para> - the wildcard <emphasis remap='B'>%</emphasis>, for maxlogins limit only, -- can also be used with <emphasis remap='b'>%group</emphasis> syntax. -+ can also be used with <emphasis remap='B'>%group</emphasis> syntax. If the -+ <emphasis remap='B'>%</emphasis> wildcard is used alone it is identical -+ to using <emphasis remap='B'>*</emphasis> with maxsyslogins limit. With -+ a group specified after <emphasis remap='B'>%</emphasis> it limits the total -+ number of logins of all users that are member of the group. -+ </para> -+ </listitem> -+ <listitem> -+ <para> -+ an uid range specified as <replaceable><min_uid></replaceable><emphasis -+ remap='B'>:</emphasis><replaceable><max_uid></replaceable>. If min_uid -+ is omitted, the match is exact for the max_uid. If max_uid is omitted, all -+ uids greater than or equal min_uid match. -+ </para> -+ </listitem> -+ <listitem> -+ <para> -+ a gid range specified as <emphasis -+ remap='B'>@</emphasis><replaceable><min_gid></replaceable><emphasis -+ remap='B'>:</emphasis><replaceable><max_gid></replaceable>. If min_gid -+ is omitted, the match is exact for the max_gid. If max_gid is omitted, all -+ gids greater than or equal min_gid match. For the exact match all groups including -+ the user's supplementary groups are examined. For the range matches only -+ the user's primary group is examined. -+ </para> -+ </listitem> -+ <listitem> -+ <para> -+ a gid specified as <emphasis -+ remap='B'>%:</emphasis><replaceable><gid></replaceable> applicable -+ to maxlogins limit only. It limits the total number of logins of all users -+ that are member of the group with the specified gid. - </para> - </listitem> - </itemizedlist> -@@ -182,7 +213,7 @@ - <varlistentry> - <term><option>maxsyslogins</option></term> - <listitem> -- <para>maximum number of logins on system</para> -+ <para>maximum number of all logins on system</para> - </listitem> - </varlistentry> - <varlistentry> -@@ -272,12 +303,15 @@ - </para> - <programlisting> - * soft core 0 --* hard rss 10000 -+* hard nofile 512 - @student hard nproc 20 - @faculty soft nproc 20 - @faculty hard nproc 50 - ftp hard nproc 0 - @student - maxlogins 4 -+:123 hard cpu 5000 -+@500: soft cpu 10000 -+600:700 hard locks 10 - </programlisting> - </refsect1> - -Index: modules/pam_limits/pam_limits.c -=================================================================== -RCS file: /cvsroot/pam/Linux-PAM/modules/pam_limits/pam_limits.c,v -retrieving revision 1.48 -retrieving revision 1.49 -diff -u -p -r1.48 -r1.49 ---- modules/pam_limits/pam_limits.c 18 Nov 2010 09:37:32 -0000 1.48 -+++ modules/pam_limits/pam_limits.c 14 Dec 2010 08:40:40 -0000 1.49 -@@ -55,6 +55,12 @@ - #define LIMITS_DEF_DEFAULT 4 /* limit was set by an default entry */ - #define LIMITS_DEF_NONE 5 /* this limit was not set yet */ - -+#define LIMIT_RANGE_ERR -1 /* error in specified uid/gid range */ -+#define LIMIT_RANGE_NONE 0 /* no range specified */ -+#define LIMIT_RANGE_ONE 1 /* exact uid/gid specified (:max_uid)*/ -+#define LIMIT_RANGE_MIN 2 /* only minimum uid/gid specified (min_uid:) */ -+#define LIMIT_RANGE_MM 3 /* both min and max uid/gid specified (min_uid:max_uid) */ -+ - static const char *limits_def_names[] = { - "USER", - "GROUP", -@@ -520,8 +526,57 @@ process_limit (const pam_handle_t *pamh, - return; - } - --static int parse_config_file(pam_handle_t *pamh, const char *uname, int ctrl, -- struct pam_limit_s *pl) -+static int -+parse_uid_range(pam_handle_t *pamh, const char *domain, -+ uid_t *min_uid, uid_t *max_uid) -+{ -+ const char *range = domain; -+ char *pmax; -+ char *endptr; -+ int rv = LIMIT_RANGE_MM; -+ -+ if ((pmax=strchr(range, ':')) == NULL) -+ return LIMIT_RANGE_NONE; -+ ++pmax; -+ -+ if (range[0] == '@' || range[0] == '%') -+ ++range; -+ -+ if (range[0] == ':') -+ rv = LIMIT_RANGE_ONE; -+ else { -+ errno = 0; -+ *min_uid = strtoul (range, &endptr, 10); -+ if (errno != 0 || (range == endptr) || *endptr != ':') { -+ pam_syslog(pamh, LOG_DEBUG, -+ "wrong min_uid/gid value in '%s'", domain); -+ return LIMIT_RANGE_ERR; -+ } -+ } -+ -+ if (*pmax == '\0') { -+ if (rv == LIMIT_RANGE_ONE) -+ return LIMIT_RANGE_ERR; -+ else -+ return LIMIT_RANGE_MIN; -+ } -+ -+ errno = 0; -+ *max_uid = strtoul (pmax, &endptr, 10); -+ if (errno != 0 || (pmax == endptr) || *endptr != '\0') { -+ pam_syslog(pamh, LOG_DEBUG, -+ "wrong max_uid/gid value in '%s'", domain); -+ return LIMIT_RANGE_ERR; -+ } -+ -+ if (rv == LIMIT_RANGE_ONE) -+ *min_uid = *max_uid; -+ return rv; -+} -+ -+static int -+parse_config_file(pam_handle_t *pamh, const char *uname, uid_t uid, gid_t gid, -+ int ctrl, struct pam_limit_s *pl) - { - FILE *fil; - char buf[LINE_LENGTH]; -@@ -543,8 +598,10 @@ static int parse_config_file(pam_handle_ - char item[LINE_LENGTH]; - char value[LINE_LENGTH]; - int i; -+ int rngtype; - size_t j; - char *tptr,*line; -+ uid_t min_uid = (uid_t)-1, max_uid = (uid_t)-1; - - line = buf; - /* skip the leading white space */ -@@ -572,6 +629,11 @@ static int parse_config_file(pam_handle_ - for(j=0; j < strlen(ltype); j++) - ltype[j]=tolower(ltype[j]); - -+ if ((rngtype=parse_uid_range(pamh, domain, &min_uid, &max_uid)) < 0) { -+ pam_syslog(pamh, LOG_WARNING, "invalid uid range '%s' - skipped", domain); -+ continue; -+ } -+ - if (i == 4) { /* a complete line */ - for(j=0; j < strlen(item); j++) - item[j]=tolower(item[j]); -@@ -581,47 +643,133 @@ static int parse_config_file(pam_handle_ - if (strcmp(uname, domain) == 0) /* this user have a limit */ - process_limit(pamh, LIMITS_DEF_USER, ltype, item, value, ctrl, pl); - else if (domain[0]=='@') { -- if (ctrl & PAM_DEBUG_ARG) { -+ if (ctrl & PAM_DEBUG_ARG) { - pam_syslog(pamh, LOG_DEBUG, - "checking if %s is in group %s", - uname, domain + 1); -- } -- if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) -- process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl, -+ } -+ switch(rngtype) { -+ case LIMIT_RANGE_NONE: -+ if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) -+ process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl, -+ pl); -+ break; -+ case LIMIT_RANGE_ONE: -+ if (pam_modutil_user_in_group_nam_gid(pamh, uname, (gid_t)max_uid)) -+ process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl, - pl); -+ break; -+ case LIMIT_RANGE_MM: -+ if (gid > (gid_t)max_uid) -+ break; -+ /* fallthrough */ -+ case LIMIT_RANGE_MIN: -+ if (gid >= (gid_t)min_uid) -+ process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl, -+ pl); -+ } - } else if (domain[0]=='%') { -- if (ctrl & PAM_DEBUG_ARG) { -+ if (ctrl & PAM_DEBUG_ARG) { - pam_syslog(pamh, LOG_DEBUG, - "checking if %s is in group %s", - uname, domain + 1); -- } -- if (strcmp(domain,"%") == 0) -- process_limit(pamh, LIMITS_DEF_ALL, ltype, item, value, ctrl, -- pl); -- else if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) { -- strcpy(pl->login_group, domain+1); -- process_limit(pamh, LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl, -- pl); - } -- } else if (strcmp(domain, "*") == 0) -- process_limit(pamh, LIMITS_DEF_DEFAULT, ltype, item, value, ctrl, -- pl); -+ switch(rngtype) { -+ case LIMIT_RANGE_NONE: -+ if (strcmp(domain,"%") == 0) -+ process_limit(pamh, LIMITS_DEF_ALL, ltype, item, value, ctrl, -+ pl); -+ else if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) { -+ strcpy(pl->login_group, domain+1); -+ process_limit(pamh, LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl, -+ pl); -+ } -+ break; -+ case LIMIT_RANGE_ONE: -+ if (pam_modutil_user_in_group_nam_gid(pamh, uname, (gid_t)max_uid)) { -+ struct group *grp; -+ grp = pam_modutil_getgrgid(pamh, (gid_t)max_uid); -+ strncpy(pl->login_group, grp->gr_name, sizeof(pl->login_group)); -+ pl->login_group[sizeof(pl->login_group)-1] = '\0'; -+ process_limit(pamh, LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl, -+ pl); -+ } -+ break; -+ case LIMIT_RANGE_MIN: -+ case LIMIT_RANGE_MM: -+ pam_syslog(pamh, LOG_WARNING, "range unsupported for %%group matching - ignored"); -+ } -+ } else { -+ switch(rngtype) { -+ case LIMIT_RANGE_NONE: -+ if (strcmp(domain, "*") == 0) -+ process_limit(pamh, LIMITS_DEF_DEFAULT, ltype, item, value, ctrl, -+ pl); -+ break; -+ case LIMIT_RANGE_ONE: -+ if (uid != max_uid) -+ break; -+ /* fallthrough */ -+ case LIMIT_RANGE_MM: -+ if (uid > max_uid) -+ break; -+ /* fallthrough */ -+ case LIMIT_RANGE_MIN: -+ if (uid >= min_uid) -+ process_limit(pamh, LIMITS_DEF_USER, ltype, item, value, ctrl, pl); -+ } -+ } - } else if (i == 2 && ltype[0] == '-') { /* Probably a no-limit line */ - if (strcmp(uname, domain) == 0) { - if (ctrl & PAM_DEBUG_ARG) { - pam_syslog(pamh, LOG_DEBUG, "no limits for '%s'", uname); - } -- fclose(fil); -- return PAM_IGNORE; -- } else if (domain[0] == '@' && pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) { -+ } else if (domain[0] == '@') { -+ switch(rngtype) { -+ case LIMIT_RANGE_NONE: -+ if (!pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) -+ continue; /* next line */ -+ break; -+ case LIMIT_RANGE_ONE: -+ if (!pam_modutil_user_in_group_nam_gid(pamh, uname, (gid_t)max_uid)) -+ continue; /* next line */ -+ break; -+ case LIMIT_RANGE_MM: -+ if (gid > (gid_t)max_uid) -+ continue; /* next line */ -+ /* fallthrough */ -+ case LIMIT_RANGE_MIN: -+ if (gid < (gid_t)min_uid) -+ continue; /* next line */ -+ } - if (ctrl & PAM_DEBUG_ARG) { - pam_syslog(pamh, LOG_DEBUG, - "no limits for '%s' in group '%s'", - uname, domain+1); - } -- fclose(fil); -- return PAM_IGNORE; -+ } else { -+ switch(rngtype) { -+ case LIMIT_RANGE_NONE: -+ continue; /* next line */ -+ case LIMIT_RANGE_ONE: -+ if (uid != max_uid) -+ continue; /* next line */ -+ break; -+ case LIMIT_RANGE_MM: -+ if (uid > max_uid) -+ continue; /* next line */ -+ /* fallthrough */ -+ case LIMIT_RANGE_MIN: -+ if (uid >= min_uid) -+ break; -+ continue; /* next line */ -+ } -+ if (ctrl & PAM_DEBUG_ARG) { -+ pam_syslog(pamh, LOG_DEBUG, "no limits for '%s'", uname); -+ } - } -+ fclose(fil); -+ return PAM_IGNORE; - } else { - pam_syslog(pamh, LOG_WARNING, "invalid line '%s' - skipped", line); - } -@@ -731,7 +879,7 @@ pam_sm_open_session (pam_handle_t *pamh, - return PAM_ABORT; - } - -- retval = parse_config_file(pamh, pwd->pw_name, ctrl, pl); -+ retval = parse_config_file(pamh, pwd->pw_name, pwd->pw_uid, pwd->pw_gid, ctrl, pl); - if (retval == PAM_IGNORE) { - D(("the configuration file ('%s') has an applicable '<domain> -' entry", CONF_FILE)); - return PAM_SUCCESS; -@@ -755,7 +903,7 @@ pam_sm_open_session (pam_handle_t *pamh, - /* Parse the *.conf files. */ - for (i = 0; globbuf.gl_pathv[i] != NULL; i++) { - pl->conf_file = globbuf.gl_pathv[i]; -- retval = parse_config_file(pamh, pwd->pw_name, ctrl, pl); -+ retval = parse_config_file(pamh, pwd->pw_name, pwd->pw_uid, pwd->pw_gid, ctrl, pl); - if (retval == PAM_IGNORE) { - D(("the configuration file ('%s') has an applicable '<domain> -' entry", pl->conf_file)); - globfree(&globbuf); diff --git a/extra/source/pam/patches/pam-1.1.3-nouserenv.patch b/extra/source/pam/patches/pam-1.1.3-nouserenv.patch deleted file mode 100644 index f3a742c8..00000000 --- a/extra/source/pam/patches/pam-1.1.3-nouserenv.patch +++ /dev/null @@ -1,27 +0,0 @@ -diff -up pam/modules/pam_env/pam_env.c.nouserenv pam/modules/pam_env/pam_env.c ---- pam/modules/pam_env/pam_env.c.nouserenv 2010-10-20 09:59:30.000000000 +0200 -+++ pam/modules/pam_env/pam_env.c 2010-11-01 14:42:01.000000000 +0100 -@@ -10,7 +10,7 @@ - #define DEFAULT_READ_ENVFILE 1 - - #define DEFAULT_USER_ENVFILE ".pam_environment" --#define DEFAULT_USER_READ_ENVFILE 1 -+#define DEFAULT_USER_READ_ENVFILE 0 - - #include "config.h" - -diff -up pam/modules/pam_env/pam_env.8.xml.nouserenv pam/modules/pam_env/pam_env.8.xml ---- pam/modules/pam_env/pam_env.8.xml.nouserenv 2010-10-20 09:59:30.000000000 +0200 -+++ pam/modules/pam_env/pam_env.8.xml 2010-11-01 14:42:01.000000000 +0100 -@@ -147,7 +147,10 @@ - <listitem> - <para> - Turns on or off the reading of the user specific environment -- file. 0 is off, 1 is on. By default this option is on. -+ file. 0 is off, 1 is on. By default this option is off as user -+ supplied environment variables in the PAM environment could affect -+ behavior of subsequent modules in the stack without the consent -+ of the system administrator. - </para> - </listitem> - </varlistentry> diff --git a/extra/source/pam/patches/pam-1.1.3-pwhistory-incomplete.patch b/extra/source/pam/patches/pam-1.1.3-pwhistory-incomplete.patch deleted file mode 100644 index 6117b26e..00000000 --- a/extra/source/pam/patches/pam-1.1.3-pwhistory-incomplete.patch +++ /dev/null @@ -1,54 +0,0 @@ -diff -up Linux-PAM-1.1.3/modules/pam_pwhistory/pam_pwhistory.c.incomplete Linux-PAM-1.1.3/modules/pam_pwhistory/pam_pwhistory.c ---- Linux-PAM-1.1.3/modules/pam_pwhistory/pam_pwhistory.c.incomplete 2008-12-18 14:09:36.000000000 +0100 -+++ Linux-PAM-1.1.3/modules/pam_pwhistory/pam_pwhistory.c 2010-11-11 14:45:02.000000000 +0100 -@@ -187,12 +187,13 @@ pam_sm_chauthtok (pam_handle_t *pamh, in - { - retval = pam_get_authtok (pamh, PAM_AUTHTOK, &newpass, NULL); - if (retval != PAM_SUCCESS && retval != PAM_TRY_AGAIN) -- return retval; -+ { -+ if (retval == PAM_CONV_AGAIN) -+ retval = PAM_INCOMPLETE; -+ return retval; -+ } - tries++; - -- if (newpass == NULL || retval == PAM_TRY_AGAIN) -- continue; -- - if (options.debug) - { - if (newpass) -@@ -201,12 +202,8 @@ pam_sm_chauthtok (pam_handle_t *pamh, in - pam_syslog (pamh, LOG_DEBUG, "got no auth token"); - } - -- if (retval != PAM_SUCCESS || newpass == NULL) -- { -- if (retval == PAM_CONV_AGAIN) -- retval = PAM_INCOMPLETE; -- return retval; -- } -+ if (newpass == NULL || retval == PAM_TRY_AGAIN) -+ continue; - - if (options.debug) - pam_syslog (pamh, LOG_DEBUG, "check against old password file"); -@@ -219,7 +216,6 @@ pam_sm_chauthtok (pam_handle_t *pamh, in - newpass = NULL; - /* Remove password item, else following module will use it */ - pam_set_item (pamh, PAM_AUTHTOK, (void *) NULL); -- continue; - } - } - -@@ -230,8 +226,7 @@ pam_sm_chauthtok (pam_handle_t *pamh, in - return PAM_MAXTRIES; - } - -- /* Remember new password */ -- return pam_set_item (pamh, PAM_AUTHTOK, newpass); -+ return PAM_SUCCESS; - } - - diff --git a/extra/source/pam/patches/pam-1.1.3-securetty-console.patch b/extra/source/pam/patches/pam-1.1.3-securetty-console.patch deleted file mode 100644 index 94fa6ecf..00000000 --- a/extra/source/pam/patches/pam-1.1.3-securetty-console.patch +++ /dev/null @@ -1,120 +0,0 @@ -Index: modules/pam_securetty/pam_securetty.8.xml -=================================================================== -RCS file: /cvsroot/pam/Linux-PAM/modules/pam_securetty/pam_securetty.8.xml,v -retrieving revision 1.4 -retrieving revision 1.6 -diff -u -p -r1.4 -r1.6 ---- modules/pam_securetty/pam_securetty.8.xml 18 Aug 2008 13:29:25 -0000 1.4 -+++ modules/pam_securetty/pam_securetty.8.xml 25 Nov 2010 16:58:59 -0000 1.6 -@@ -33,7 +33,9 @@ - user is logging in on a "secure" tty, as defined by the listing - in <filename>/etc/securetty</filename>. pam_securetty also checks - to make sure that <filename>/etc/securetty</filename> is a plain -- file and not world writable. -+ file and not world writable. It will also allow root logins on -+ the tty specified with <option>console=</option> switch on the -+ kernel command line. - </para> - <para> - This module has no effect on non-root users and requires that the -@@ -61,6 +63,18 @@ - </para> - </listitem> - </varlistentry> -+ <varlistentry> -+ <term> -+ <option>noconsole</option> -+ </term> -+ <listitem> -+ <para> -+ Do not automatically allow root logins on the kernel console -+ device, as specified on the kernel command line, if it is -+ not also specified in the <filename>/etc/securetty</filename> file. -+ </para> -+ </listitem> -+ </varlistentry> - </variablelist> - </refsect1> - -Index: modules/pam_securetty/pam_securetty.c -=================================================================== -RCS file: /cvsroot/pam/Linux-PAM/modules/pam_securetty/pam_securetty.c,v -retrieving revision 1.14 -retrieving revision 1.15 -diff -u -p -r1.14 -r1.15 ---- modules/pam_securetty/pam_securetty.c 10 Sep 2009 10:19:58 -0000 1.14 -+++ modules/pam_securetty/pam_securetty.c 24 Nov 2010 12:28:01 -0000 1.15 -@@ -2,6 +2,7 @@ - - #define SECURETTY_FILE "/etc/securetty" - #define TTY_PREFIX "/dev/" -+#define CMDLINE_FILE "/proc/cmdline" - - /* - * by Elliot Lee <sopwith@redhat.com>, Red Hat Software. -@@ -22,6 +23,7 @@ - #include <pwd.h> - #include <string.h> - #include <ctype.h> -+#include <limits.h> - - /* - * here, we make a definition for the externally accessible function -@@ -38,6 +40,7 @@ - #include <security/pam_ext.h> - - #define PAM_DEBUG_ARG 0x0001 -+#define PAM_NOCONSOLE_ARG 0x0002 - - static int - _pam_parse (const pam_handle_t *pamh, int argc, const char **argv) -@@ -51,6 +54,8 @@ _pam_parse (const pam_handle_t *pamh, in - - if (!strcmp(*argv,"debug")) - ctrl |= PAM_DEBUG_ARG; -+ else if (!strcmp(*argv, "noconsole")) -+ ctrl |= PAM_NOCONSOLE_ARG; - else { - pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv); - } -@@ -144,6 +149,40 @@ securetty_perform_check (pam_handle_t *p - } - fclose(ttyfile); - -+ if (retval && !(ctrl & PAM_NOCONSOLE_ARG)) { -+ FILE *cmdlinefile; -+ -+ /* Allow access from the kernel console, if enabled */ -+ cmdlinefile = fopen(CMDLINE_FILE, "r"); -+ -+ if (cmdlinefile != NULL) { -+ char line[LINE_MAX], *p; -+ -+ line[0] = 0; -+ fgets(line, sizeof(line), cmdlinefile); -+ fclose(cmdlinefile); -+ -+ for (p = line; p; p = strstr(p+1, "console=")) { -+ char *e; -+ -+ /* Test whether this is a beginning of a word? */ -+ if (p > line && p[-1] != ' ') -+ continue; -+ -+ /* Ist this our console? */ -+ if (strncmp(p + 8, uttyname, strlen(uttyname))) -+ continue; -+ -+ /* Is there any garbage after the TTY name? */ -+ e = p + 8 + strlen(uttyname); -+ if (*e == ',' || *e == ' ' || *e == '\n' || *e == 0) { -+ retval = 0; -+ break; -+ } -+ } -+ } -+ } -+ - if (retval) { - pam_syslog(pamh, LOG_WARNING, "access denied: tty '%s' is not secure !", - uttyname); diff --git a/extra/source/pam/slack-desc b/extra/source/pam/slack-desc deleted file mode 100644 index 8b57bc0d..00000000 --- a/extra/source/pam/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -pam: pam (Pluggable Authentication Modules) -pam: -pam: PAM = Pluggable Authentication Modules. Basically, it is a flexible -pam: mechanism for authenticating users. PAM provides a way to develop -pam: programs that are independent of authentication scheme. However, -pam: these programs will need "authentication modules" (and libpam) at -pam: run-time in order to work. -pam: -pam: -pam: Homepage: http://www.kernel.org/pub/linux/libs/pam/ -pam: diff --git a/extra/source/partitionmanager/fetch-source.sh b/extra/source/partitionmanager/fetch-source.sh new file mode 100755 index 00000000..b7bb6566 --- /dev/null +++ b/extra/source/partitionmanager/fetch-source.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +NAME_VERSION=partitionmanager-1.0.3 +SVN_DATE=$(date +%Y%m%d) + +# Remove old sources if exist +rm -R --force ${NAME_VERSION} + +# Checkout svn trunk +svn -r {${SVN_DATE}} export svn://anonsvn.kde.org/home/kde/trunk/extragear/sysadmin/partitionmanager/ ${NAME_VERSION} + +# Move downloaded directory to match output tarball name: +mv ${NAME_VERSION} ${NAME_VERSION}_${SVN_DATE}svn + +# Create source tarball +tar cvf ${NAME_VERSION}_${SVN_DATE}svn.tar ${NAME_VERSION}_${SVN_DATE}svn + +# Compress source tarball +xz -9 -v ${NAME_VERSION}_${SVN_DATE}svn.tar + +# Delete temporary directories +rm -R --force ${NAME_VERSION}_${SVN_DATE}svn diff --git a/extra/source/partitionmanager/partitionmanager.SlackBuild b/extra/source/partitionmanager/partitionmanager.SlackBuild index 371ef22f..8035f522 100755 --- a/extra/source/partitionmanager/partitionmanager.SlackBuild +++ b/extra/source/partitionmanager/partitionmanager.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # Redistribution and use of this script, with or without modification, is @@ -20,7 +20,7 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=1.0.2 +VERSION=1.0.3_20130328svn BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: diff --git a/extra/source/tigervnc/patches/tigervnc11-java7.patch b/extra/source/tigervnc/patches/tigervnc11-java7.patch new file mode 100644 index 00000000..6f30060d --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-java7.patch @@ -0,0 +1,12 @@ +diff -up tigervnc-1.1.0/java/src/com/tigervnc/vncviewer/Makefile.java7 tigervnc-1.1.0/java/src/com/tigervnc/vncviewer/Makefile +--- tigervnc-1.1.0/java/src/com/tigervnc/vncviewer/Makefile.java7 2012-03-27 14:20:20.107009796 +0200 ++++ tigervnc-1.1.0/java/src/com/tigervnc/vncviewer/Makefile 2012-03-27 14:20:25.959966078 +0200 +@@ -4,7 +4,7 @@ + + CP = cp + JC = javac +-JCFLAGS = -target 1.5 -classpath ../../../ ++JCFLAGS = -target 1.7 -classpath ../../../ + JAR = jar + ARCHIVE = VncViewer.jar + MANIFEST = MANIFEST.MF diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg110.patch b/extra/source/tigervnc/patches/tigervnc11-xorg110.patch new file mode 100644 index 00000000..d70d6f91 --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-xorg110.patch @@ -0,0 +1,88 @@ +diff -up xserver/configure.ac.vnc xserver/configure.ac +--- xserver/configure.ac.vnc 2012-07-19 20:22:21.774770804 -0400 ++++ xserver/configure.ac 2012-07-19 20:24:42.293014083 -0400 +@@ -72,6 +71,7 @@ dnl forcing an entire recompile.x + AC_CONFIG_HEADERS(include/version-config.h) + + AM_PROG_AS ++AC_PROG_CXX + AC_PROG_LN_S + AC_LIBTOOL_WIN32_DLL + AC_DISABLE_STATIC +@@ -1560,6 +1560,14 @@ if test "x$XVFB" = xyes; then + AC_SUBST([XVFB_SYS_LIBS]) + fi + ++dnl Xvnc DDX ++AC_SUBST([XVNC_CPPFLAGS], ["-DHAVE_DIX_CONFIG_H $XEXT_INC $FB_INC $MI_INC $RENDER_INC $RANDR_INC $MIEXT_DAMAGE_INC"]) ++AC_SUBST([XVNC_LIBS], ["$FB_LIB $FIXES_LIB $XEXT_LIB $CONFIG_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $MAIN_LIB"]) ++AC_SUBST([XVNC_SYS_LIBS], ["$GLX_SYS_LIBS"]) ++ ++dnl This is necessary to allow Xvnc to statically link with GnuTLS ++AC_ARG_VAR(GNUTLS_LDFLAGS, [Custom linker flags for using GnuTLS, e.g. -L{GnuTLS directory}/lib -lgnutls]) ++AC_SUBST(GNUTLS_LDFLAGS) + + dnl Xnest DDX + +@@ -1595,6 +1603,8 @@ if test "x$XORG" = xauto; then + fi + AC_MSG_RESULT([$XORG]) + ++AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version]) ++ + if test "x$XORG" = xyes; then + XORG_DDXINCS='-I$(top_srcdir)/hw/xfree86 -I$(top_srcdir)/hw/xfree86/include -I$(top_srcdir)/hw/xfree86/common' + XORG_OSINCS='-I$(top_srcdir)/hw/xfree86/os-support -I$(top_srcdir)/hw/xfree86/os-support/bus -I$(top_srcdir)/os' +@@ -1813,7 +1823,6 @@ if test "x$XORG" = xyes; then + AC_DEFINE(XORG_SERVER, 1, [Building Xorg server]) + AC_DEFINE(XORGSERVER, 1, [Building Xorg server]) + AC_DEFINE(XFree86Server, 1, [Building XFree86 server]) +- AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version]) + AC_DEFINE(NEED_XF86_TYPES, 1, [Need XFree86 typedefs]) + AC_DEFINE(NEED_XF86_PROTOTYPES, 1, [Need XFree86 helper functions]) + AC_DEFINE(__XSERVERNAME__, "Xorg", [Name of X server]) +@@ -2279,6 +2288,7 @@ hw/dmx/Makefile + hw/dmx/man/Makefile + hw/vfb/Makefile + hw/vfb/man/Makefile ++hw/vnc/Makefile + hw/xnest/Makefile + hw/xnest/man/Makefile + hw/xwin/Makefile +diff -up xserver/hw/Makefile.am.vnc xserver/hw/Makefile.am +--- xserver/hw/Makefile.am.vnc 2012-07-19 20:22:28.575685781 -0400 ++++ xserver/hw/Makefile.am 2012-07-19 20:22:31.483649426 -0400 +@@ -33,7 +33,8 @@ SUBDIRS = \ + $(XNEST_SUBDIRS) \ + $(DMX_SUBDIRS) \ + $(KDRIVE_SUBDIRS) \ +- $(XQUARTZ_SUBDIRS) ++ $(XQUARTZ_SUBDIRS) \ ++ vnc + + DIST_SUBDIRS = dmx xfree86 vfb xnest xwin xquartz kdrive + +diff -up xserver/include/extinit.h.vnc xserver/include/extinit.h +--- xserver/include/extinit.h.vnc 2012-07-19 20:25:50.465161815 -0400 ++++ xserver/include/extinit.h 2012-07-19 20:25:52.490136499 -0400 +@@ -81,6 +81,8 @@ extern void DPMSExtensionInit(void); + extern Bool noGEExtension; + extern void GEExtensionInit(void); + ++extern void vncExtensionInit(void); ++ + #ifdef GLXEXT + extern _X_EXPORT Bool noGlxExtension; + extern void GlxExtensionInit(void); +diff -up xserver/mi/miinitext.c.vnc xserver/mi/miinitext.c +--- xserver/mi/miinitext.c.vnc 2012-07-19 20:22:30.000000000 -0400 ++++ xserver/mi/miinitext.c 2012-07-19 20:26:48.560435524 -0400 +@@ -293,6 +293,7 @@ static ExtensionModule staticExtensions[ + #ifdef XSELINUX + {SELinuxExtensionInit, SELINUX_EXTENSION_NAME, &noSELinuxExtension}, + #endif ++ {vncExtensionInit, "VNC", NULL}, + }; + + static ExtensionModule *ExtensionModuleList = NULL; + diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg111.patch b/extra/source/tigervnc/patches/tigervnc11-xorg111.patch new file mode 100644 index 00000000..690ca6be --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-xorg111.patch @@ -0,0 +1,236 @@ +diff -up xserver/hw/vnc/Input.cc.xorg111 xserver/hw/vnc/Input.cc +--- xserver/hw/vnc/Input.cc.xorg111 2011-08-09 23:16:36.000000000 +0200 ++++ xserver/hw/vnc/Input.cc 2011-11-11 11:59:14.226819903 +0100 +@@ -82,10 +82,11 @@ static KeyCode KeysymToKeycode(KeySymsPt + /* Event queue is shared between all devices. */ + #if XORG == 15 + static xEvent *eventq = NULL; +-#else ++#elif XORG < 111 + static EventList *eventq = NULL; + #endif + ++#if XORG < 111 + static void initEventq(void) + { + /* eventq is never free()-ed because it exists during server life. */ +@@ -100,7 +101,9 @@ static void initEventq(void) + #endif + } + } ++#endif /* XORG < 111 */ + ++#if XORG < 111 + static void enqueueEvents(DeviceIntPtr dev, int n) + { + int i; +@@ -122,6 +125,7 @@ static void enqueueEvents(DeviceIntPtr d + ); + } + } ++#endif /* XORG < 111 */ + + InputDevice::InputDevice(rfb::VNCServerST *_server) + : server(_server), oldButtonMask(0) +@@ -141,12 +145,17 @@ InputDevice::InputDevice(rfb::VNCServerS + keyboardProc, TRUE); + RegisterKeyboardDevice(keyboardDev); + #endif ++#if XORG < 111 + initEventq(); ++#endif + } + + void InputDevice::PointerButtonAction(int buttonMask) + { +- int i, n; ++ int i; ++#if XORG < 111 ++ int n; ++#endif + #if XORG >= 110 + ValuatorMask mask; + #endif +@@ -160,13 +169,17 @@ void InputDevice::PointerButtonAction(in + #if XORG < 110 + n = GetPointerEvents(eventq, pointerDev, action, i + 1, + POINTER_RELATIVE, 0, 0, NULL); +-#else ++ enqueueEvents(pointerDev, n); ++#elif XORG < 111 + valuator_mask_set_range(&mask, 0, 0, NULL); + n = GetPointerEvents(eventq, pointerDev, action, i + 1, + POINTER_RELATIVE, &mask); +-#endif + enqueueEvents(pointerDev, n); +- ++#else ++ valuator_mask_set_range(&mask, 0, 0, NULL); ++ QueuePointerEvents(pointerDev, action, i + 1, ++ POINTER_RELATIVE, &mask); ++#endif + } + } + +@@ -175,7 +188,10 @@ void InputDevice::PointerButtonAction(in + + void InputDevice::PointerMove(const rfb::Point &pos) + { +- int n, valuators[2]; ++ int valuators[2]; ++#if XORG < 111 ++ int n; ++#endif + #if XORG >= 110 + ValuatorMask mask; + #endif +@@ -190,12 +206,16 @@ void InputDevice::PointerMove(const rfb: + #if XORG < 110 + n = GetPointerEvents(eventq, pointerDev, MotionNotify, 0, POINTER_ABSOLUTE, 0, + 2, valuators); +-#else ++ enqueueEvents(pointerDev, n); ++#elif XORG < 111 + valuator_mask_set_range(&mask, 0, 2, valuators); + n = GetPointerEvents(eventq, pointerDev, MotionNotify, 0, POINTER_ABSOLUTE, + &mask); +-#endif + enqueueEvents(pointerDev, n); ++#else ++ valuator_mask_set_range(&mask, 0, 2, valuators); ++ QueuePointerEvents(pointerDev, MotionNotify, 0, POINTER_ABSOLUTE, &mask); ++#endif + + cursorPos = pos; + } +@@ -299,14 +319,20 @@ void InputDevice::initInputDevice(void) + static inline void pressKey(DeviceIntPtr dev, int kc, bool down, const char *msg) + { + int action; ++#if XORG < 111 + unsigned int n; ++#endif + + if (msg != NULL) + vlog.debug("%s %d %s", msg, kc, down ? "down" : "up"); + + action = down ? KeyPress : KeyRelease; +- n = GetKeyboardEvents(eventq, dev, action, kc); ++#if XORG < 111 ++ n = GetKeyboardEvents(eventq, dev, action, kc, NULL); + enqueueEvents(dev, n); ++#else ++ QueueKeyboardEvents(dev, action, kc, NULL); ++#endif + } + + #define IS_PRESSED(keyc, keycode) \ +@@ -341,8 +367,11 @@ public: + int state, maxKeysPerMod, keycode; + #if XORG >= 17 + KeyCode *modmap = NULL; +- ++#if XORG >= 111 ++ state = XkbStateFieldFromRec(&dev->master->key->xkbInfo->state); ++#else /* XORG >= 111 */ + state = XkbStateFieldFromRec(&dev->u.master->key->xkbInfo->state); ++#endif /* XORG >= 111 */ + #else + KeyClassPtr keyc = dev->key; + state = keyc->state; +@@ -380,7 +409,11 @@ public: + #if XORG >= 17 + KeyCode *modmap = NULL; + ++#if XORG >= 111 ++ keyc = dev->master->key; ++#else /* XORG >= 111 */ + keyc = dev->u.master->key; ++#endif /* XORG >= 111 */ + state = XkbStateFieldFromRec(&keyc->xkbInfo->state); + #else + keyc = dev->key; +@@ -596,7 +629,11 @@ void InputDevice::keyEvent(rdr::U32 keys + } + + #if XORG >= 17 ++#if XORG >= 111 ++ keyc = keyboardDev->master->key; ++#else /* XORG >= 111 */ + keyc = keyboardDev->u.master->key; ++#endif /* XORG >= 111 */ + + keymap = XkbGetCoreMap(keyboardDev); + if (!keymap) { +@@ -753,7 +790,11 @@ ModeSwitchFound: + XkbApplyMappingChange(keyboardDev, keymap, minKeyCode, + maxKeyCode - minKeyCode + 1, + NULL, serverClient); ++#if XORG >= 111 ++ XkbCopyDeviceKeymap(keyboardDev->master, keyboardDev); ++#else + XkbCopyDeviceKeymap(keyboardDev->u.master, keyboardDev); ++#endif + #endif /* XORG < 17 */ + break; + } +diff -up xserver/hw/vnc/xorg-version.h.xorg111 xserver/hw/vnc/xorg-version.h +--- xserver/hw/vnc/xorg-version.h.xorg111 2011-08-09 23:16:36.000000000 +0200 ++++ xserver/hw/vnc/xorg-version.h 2011-11-11 11:55:32.255835319 +0100 +@@ -36,6 +36,8 @@ + #define XORG 19 + #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (10 * 100000) + (99 * 1000)) + #define XORG 110 ++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (11 * 100000) + (99 * 1000)) ++#define XORG 111 + #else + #error "X.Org newer than 1.10 is not supported" + #endif +diff -up xserver/hw/vnc/xvnc.cc.xorg111 xserver/hw/vnc/xvnc.cc +--- xserver/hw/vnc/xvnc.cc.xorg111 2011-08-09 23:16:36.000000000 +0200 ++++ xserver/hw/vnc/xvnc.cc 2011-11-11 11:55:32.256835319 +0100 +@@ -211,7 +211,11 @@ static void vfbFreeFramebufferMemory(vfb + + extern "C" { + ++#if XORG < 111 + void ddxGiveUp() ++#else ++void ddxGiveUp(enum ExitCode error) ++#endif + { + int i; + +@@ -221,9 +225,17 @@ void ddxGiveUp() + } + + void ++#if XORG < 111 + AbortDDX() ++#else ++AbortDDX(enum ExitCode error) ++#endif + { ++#if XORG < 111 + ddxGiveUp(); ++#else ++ ddxGiveUp(error); ++#endif + } + + #ifdef __DARWIN__ +@@ -668,8 +680,13 @@ vfbUninstallColormap(ColormapPtr pmap) + { + if (pmap->mid != pmap->pScreen->defColormap) + { ++#if XORG < 111 + curpmap = (ColormapPtr) LookupIDByType(pmap->pScreen->defColormap, + RT_COLORMAP); ++#else ++ dixLookupResourceByType((pointer *) &curpmap, pmap->pScreen->defColormap, ++ RT_COLORMAP, serverClient, DixUnknownAccess); ++#endif + (*pmap->pScreen->InstallColormap)(curpmap); + } + } + diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg112.patch b/extra/source/tigervnc/patches/tigervnc11-xorg112.patch new file mode 100644 index 00000000..2931cd7e --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-xorg112.patch @@ -0,0 +1,429 @@ +diff -up xserver/hw/vnc/vncExtInit.cc.xorg112 xserver/hw/vnc/vncExtInit.cc +--- xserver/hw/vnc/vncExtInit.cc.xorg112 2011-08-09 23:16:36.000000000 +0200 ++++ xserver/hw/vnc/vncExtInit.cc 2012-03-27 12:54:56.937271323 +0200 +@@ -56,6 +56,7 @@ extern "C" { + #include "XserverDesktop.h" + #include "vncHooks.h" + #include "vncExtInit.h" ++#include "xorg-version.h" + + extern "C" { + +@@ -360,10 +361,16 @@ void vncClientCutText(const char* str, i + ev.window = cur->window; + ev.time = GetTimeInMillis(); + if (cur->client->swapped) { ++#if XORG < 112 + int n; + swaps(&ev.sequenceNumber, n); + swapl(&ev.window, n); + swapl(&ev.time, n); ++#else ++ swaps(&ev.sequenceNumber); ++ swapl(&ev.window); ++ swapl(&ev.time); ++#endif + } + WriteToClient(cur->client, sizeof(xVncExtClientCutTextNotifyEvent), + (char *)&ev); +@@ -406,9 +413,14 @@ void vncQueryConnect(XserverDesktop* des + ev.sequenceNumber = cur->client->sequence; + ev.window = cur->window; + if (cur->client->swapped) { ++#if XORG < 112 + int n; + swaps(&ev.sequenceNumber, n); + swapl(&ev.window, n); ++#else ++ swaps(&ev.sequenceNumber); ++ swapl(&ev.window); ++#endif + } + WriteToClient(cur->client, sizeof(xVncExtQueryConnectNotifyEvent), + (char *)&ev); +@@ -449,10 +461,16 @@ static void SendSelectionChangeEvent(Ato + ev.window = cur->window; + ev.selection = selection; + if (cur->client->swapped) { ++#if XORG < 112 + int n; + swaps(&ev.sequenceNumber, n); + swapl(&ev.window, n); + swapl(&ev.selection, n); ++#else ++ swaps(&ev.sequenceNumber); ++ swapl(&ev.window); ++ swapl(&ev.selection); ++#endif + } + WriteToClient(cur->client, sizeof(xVncExtSelectionChangeNotifyEvent), + (char *)&ev); +@@ -473,7 +491,6 @@ static int ProcVncExtSetParam(ClientPtr + param.buf[stuff->paramLen] = 0; + + xVncExtSetParamReply rep; +- int n; + rep.type = X_Reply; + rep.length = 0; + rep.success = 0; +@@ -514,8 +531,14 @@ static int ProcVncExtSetParam(ClientPtr + + deny: + if (client->swapped) { ++#if XORG < 112 ++ int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.length); ++#endif + } + WriteToClient(client, sizeof(xVncExtSetParamReply), (char *)&rep); + return (client->noClientException); +@@ -523,9 +546,13 @@ deny: + + static int SProcVncExtSetParam(ClientPtr client) + { +- register char n; + REQUEST(xVncExtSetParamReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_AT_LEAST_SIZE(xVncExtSetParamReq); + return ProcVncExtSetParam(client); + } +@@ -539,7 +566,6 @@ static int ProcVncExtGetParam(ClientPtr + param.buf[stuff->paramLen] = 0; + + xVncExtGetParamReply rep; +- int n; + rep.type = X_Reply; + rep.sequenceNumber = client->sequence; + rep.success = 0; +@@ -557,9 +583,16 @@ static int ProcVncExtGetParam(ClientPtr + rep.length = (len + 3) >> 2; + rep.valueLen = len; + if (client->swapped) { ++#if XORG < 112 ++ int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); + swaps(&rep.valueLen, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.length); ++ swaps(&rep.valueLen); ++#endif + } + WriteToClient(client, sizeof(xVncExtGetParamReply), (char *)&rep); + if (value) +@@ -570,9 +603,13 @@ static int ProcVncExtGetParam(ClientPtr + + static int SProcVncExtGetParam(ClientPtr client) + { +- register char n; + REQUEST(xVncExtGetParamReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_AT_LEAST_SIZE(xVncExtGetParamReq); + return ProcVncExtGetParam(client); + } +@@ -586,7 +623,6 @@ static int ProcVncExtGetParamDesc(Client + param.buf[stuff->paramLen] = 0; + + xVncExtGetParamDescReply rep; +- int n; + rep.type = X_Reply; + rep.sequenceNumber = client->sequence; + rep.success = 0; +@@ -601,9 +637,16 @@ static int ProcVncExtGetParamDesc(Client + rep.length = (len + 3) >> 2; + rep.descLen = len; + if (client->swapped) { ++#if XORG < 112 ++ int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); + swaps(&rep.descLen, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.length); ++ swaps(&rep.descLen); ++#endif + } + WriteToClient(client, sizeof(xVncExtGetParamDescReply), (char *)&rep); + if (desc) +@@ -613,9 +656,13 @@ static int ProcVncExtGetParamDesc(Client + + static int SProcVncExtGetParamDesc(ClientPtr client) + { +- register char n; + REQUEST(xVncExtGetParamDescReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_AT_LEAST_SIZE(xVncExtGetParamDescReq); + return ProcVncExtGetParamDesc(client); + } +@@ -626,7 +673,6 @@ static int ProcVncExtListParams(ClientPt + REQUEST_SIZE_MATCH(xVncExtListParamsReq); + + xVncExtListParamsReply rep; +- int n; + rep.type = X_Reply; + rep.sequenceNumber = client->sequence; + +@@ -642,9 +688,16 @@ static int ProcVncExtListParams(ClientPt + rep.length = (len + 3) >> 2; + rep.nParams = nParams; + if (client->swapped) { ++#if XORG < 112 ++ int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); + swaps(&rep.nParams, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.length); ++ swaps(&rep.nParams); ++#endif + } + WriteToClient(client, sizeof(xVncExtListParamsReply), (char *)&rep); + rdr::U8* data = new rdr::U8[len]; +@@ -664,9 +717,13 @@ static int ProcVncExtListParams(ClientPt + + static int SProcVncExtListParams(ClientPtr client) + { +- register char n; + REQUEST(xVncExtListParamsReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_SIZE_MATCH(xVncExtListParamsReq); + return ProcVncExtListParams(client); + } +@@ -689,11 +746,19 @@ static int ProcVncExtSetServerCutText(Cl + + static int SProcVncExtSetServerCutText(ClientPtr client) + { +- register char n; + REQUEST(xVncExtSetServerCutTextReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_AT_LEAST_SIZE(xVncExtSetServerCutTextReq); ++#if XORG < 112 + swapl(&stuff->textLen, n); ++#else ++ swapl(&stuff->textLen); ++#endif + return ProcVncExtSetServerCutText(client); + } + +@@ -703,15 +768,21 @@ static int ProcVncExtGetClientCutText(Cl + REQUEST_SIZE_MATCH(xVncExtGetClientCutTextReq); + + xVncExtGetClientCutTextReply rep; +- int n; + rep.type = X_Reply; + rep.length = (clientCutTextLen + 3) >> 2; + rep.sequenceNumber = client->sequence; + rep.textLen = clientCutTextLen; + if (client->swapped) { ++#if XORG < 112 ++ int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); + swapl(&rep.textLen, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.length); ++ swapl(&rep.textLen); ++#endif + } + WriteToClient(client, sizeof(xVncExtGetClientCutTextReply), (char *)&rep); + if (clientCutText) +@@ -721,9 +792,13 @@ static int ProcVncExtGetClientCutText(Cl + + static int SProcVncExtGetClientCutText(ClientPtr client) + { +- register char n; + REQUEST(xVncExtGetClientCutTextReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_SIZE_MATCH(xVncExtGetClientCutTextReq); + return ProcVncExtGetClientCutText(client); + } +@@ -753,12 +828,21 @@ static int ProcVncExtSelectInput(ClientP + + static int SProcVncExtSelectInput(ClientPtr client) + { +- register char n; + REQUEST(xVncExtSelectInputReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_SIZE_MATCH(xVncExtSelectInputReq); ++#if XORG < 112 + swapl(&stuff->window, n); + swapl(&stuff->mask, n); ++#else ++ swapl(&stuff->window); ++ swapl(&stuff->mask); ++#endif + return ProcVncExtSelectInput(client); + } + +@@ -804,9 +888,14 @@ static int ProcVncExtConnect(ClientPtr c + rep.length = 0; + rep.sequenceNumber = client->sequence; + if (client->swapped) { ++#if XORG < 112 + int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.length, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.length); ++#endif + } + WriteToClient(client, sizeof(xVncExtConnectReply), (char *)&rep); + return (client->noClientException); +@@ -814,9 +903,13 @@ static int ProcVncExtConnect(ClientPtr c + + static int SProcVncExtConnect(ClientPtr client) + { +- register char n; + REQUEST(xVncExtConnectReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_AT_LEAST_SIZE(xVncExtConnectReq); + return ProcVncExtConnect(client); + } +@@ -836,7 +929,6 @@ static int ProcVncExtGetQueryConnect(Cli + qcTimeout = 0; + + xVncExtGetQueryConnectReply rep; +- int n; + rep.type = X_Reply; + rep.sequenceNumber = client->sequence; + rep.timeout = qcTimeout; +@@ -845,11 +937,20 @@ static int ProcVncExtGetQueryConnect(Cli + rep.opaqueId = (CARD32)(long)queryConnectId; + rep.length = (rep.userLen + rep.addrLen + 3) >> 2; + if (client->swapped) { ++#if XORG < 112 ++ int n; + swaps(&rep.sequenceNumber, n); + swapl(&rep.userLen, n); + swapl(&rep.addrLen, n); + swapl(&rep.timeout, n); + swapl(&rep.opaqueId, n); ++#else ++ swaps(&rep.sequenceNumber); ++ swapl(&rep.userLen); ++ swapl(&rep.addrLen); ++ swapl(&rep.timeout); ++ swapl(&rep.opaqueId); ++#endif + } + WriteToClient(client, sizeof(xVncExtGetQueryConnectReply), (char *)&rep); + if (qcTimeout) +@@ -861,9 +962,13 @@ static int ProcVncExtGetQueryConnect(Cli + + static int SProcVncExtGetQueryConnect(ClientPtr client) + { +- register char n; + REQUEST(xVncExtGetQueryConnectReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); ++#else ++ swaps(&stuff->length); ++#endif + REQUEST_SIZE_MATCH(xVncExtGetQueryConnectReq); + return ProcVncExtGetQueryConnect(client); + } +@@ -888,10 +993,15 @@ static int ProcVncExtApproveConnect(Clie + + static int SProcVncExtApproveConnect(ClientPtr client) + { +- register char n; + REQUEST(xVncExtApproveConnectReq); ++#if XORG < 112 ++ register char n; + swaps(&stuff->length, n); + swapl(&stuff->opaqueId, n); ++#else ++ swaps(&stuff->length); ++ swapl(&stuff->opaqueId); ++#endif + REQUEST_SIZE_MATCH(xVncExtApproveConnectReq); + return ProcVncExtApproveConnect(client); + } +diff -up xserver/hw/vnc/xf86vncModule.cc.xorg112 xserver/hw/vnc/xf86vncModule.cc +--- xserver/hw/vnc/xf86vncModule.cc.xorg112 2011-08-09 23:16:36.000000000 +0200 ++++ xserver/hw/vnc/xf86vncModule.cc 2012-03-27 12:54:56.938271322 +0200 +@@ -26,6 +26,8 @@ + #include <rfb/Logger_stdio.h> + #include <rfb/LogWriter.h> + ++#include "xorg-version.h" ++ + extern "C" { + #define class c_class + #define private c_private +@@ -89,7 +91,12 @@ static void vncExtensionInitWithParams(I + ScrnInfoPtr pScrn = xf86Screens[scr]; + + for (ParameterIterator i(Configuration::global()); i.param; i.next()) { +- char* val = xf86FindOptionValue(pScrn->options, i.param->getName()); ++ const char *val; ++#if XORG < 112 ++ val = xf86FindOptionValue(pScrn->options, i.param->getName()); ++#else ++ val = xf86FindOptionValue((XF86OptionPtr)pScrn->options, i.param->getName()); ++#endif + if (val) + i.param->setParam(val); + } +diff -up xserver/hw/vnc/xorg-version.h.xorg112 xserver/hw/vnc/xorg-version.h +--- xserver/hw/vnc/xorg-version.h.xorg112 2012-03-27 12:55:27.576240843 +0200 ++++ xserver/hw/vnc/xorg-version.h 2012-03-27 12:56:07.541204026 +0200 +@@ -38,6 +38,8 @@ + #define XORG 110 + #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (11 * 100000) + (99 * 1000)) + #define XORG 111 ++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (12 * 100000) + (99 * 1000)) ++#define XORG 112 + #else + #error "X.Org newer than 1.10 is not supported" + #endif diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg113.patch b/extra/source/tigervnc/patches/tigervnc11-xorg113.patch new file mode 100644 index 00000000..12ce549d --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-xorg113.patch @@ -0,0 +1,171 @@ +diff -up xserver/hw/vnc/Makefile.am.xorg113 xserver/hw/vnc/Makefile.am +--- xserver/hw/vnc/Makefile.am.xorg113 2012-07-19 21:42:46.297455970 -0400 ++++ xserver/hw/vnc/Makefile.am 2012-07-19 21:19:22.526005528 -0400 +@@ -62,7 +62,7 @@ EXTRA_DIST = Xvnc.man + BUILT_SOURCES = $(nodist_Xvnc_SOURCES) + + fb.h: $(top_srcdir)/fb/fb.h +- cat $(top_srcdir)/fb/fb.h | sed -e 's,and,c_and,' -e 's,xor,c_xor,' > $(srcdir)/fb.h ++ cat $(top_srcdir)/fb/fb.h | sed -e 's,and,c_and,g' -e 's,xor,c_xor,g' > $(srcdir)/fb.h + + pixman.h: $(includedir)/pixman-1/pixman.h + cat $(includedir)/pixman-1/pixman.h | sed 's/xor/c_xor/' > $(srcdir)/pixman.h +diff -up xserver/hw/vnc/vncHooks.cc.xorg113 xserver/hw/vnc/vncHooks.cc +--- xserver/hw/vnc/vncHooks.cc.xorg113 2012-07-19 21:31:37.191820942 -0400 ++++ xserver/hw/vnc/vncHooks.cc 2012-07-19 21:36:00.327531293 -0400 +@@ -116,7 +116,7 @@ static DevPrivateKeyRec vncHooksGCKeyRec + + // screen functions + +-static Bool vncHooksCloseScreen(int i, ScreenPtr pScreen); ++static Bool vncHooksCloseScreen(ScreenPtr pScreen); + static Bool vncHooksCreateGC(GCPtr pGC); + static void vncHooksCopyWindow(WindowPtr pWin, DDXPointRec ptOldOrg, + RegionPtr pOldRegion); +@@ -133,7 +133,7 @@ static Bool vncHooksDisplayCursor( + DeviceIntPtr pDev, + #endif + ScreenPtr pScreen, CursorPtr cursor); +-static void vncHooksBlockHandler(int i, pointer blockData, pointer pTimeout, ++static void vncHooksBlockHandler(ScreenPtr pScreen_, pointer pTimeout, + pointer pReadmask); + #ifdef RENDER + static void vncHooksComposite(CARD8 op, PicturePtr pSrc, PicturePtr pMask, +@@ -335,7 +335,7 @@ Bool vncHooksInit(ScreenPtr pScreen, Xse + // CloseScreen - unwrap the screen functions and call the original CloseScreen + // function + +-static Bool vncHooksCloseScreen(int i, ScreenPtr pScreen_) ++static Bool vncHooksCloseScreen(ScreenPtr pScreen_) + { + SCREEN_UNWRAP(pScreen_, CloseScreen); + +@@ -366,7 +366,7 @@ static Bool vncHooksCloseScreen(int i, S + + DBGPRINT((stderr,"vncHooksCloseScreen: unwrapped screen functions\n")); + +- return (*pScreen->CloseScreen)(i, pScreen); ++ return (*pScreen->CloseScreen)(pScreen); + } + + // CreateGC - wrap the "GC funcs" +@@ -531,14 +531,14 @@ static Bool vncHooksDisplayCursor( + // BlockHandler - ignore any changes during the block handler - it's likely + // these are just drawing the cursor. + +-static void vncHooksBlockHandler(int i, pointer blockData, pointer pTimeout, ++static void vncHooksBlockHandler(ScreenPtr pScreen_, pointer pTimeout, + pointer pReadmask) + { +- SCREEN_UNWRAP(screenInfo.screens[i], BlockHandler); ++ SCREEN_UNWRAP(pScreen_, BlockHandler); + + vncHooksScreen->desktop->ignoreHooks(true); + +- (*pScreen->BlockHandler) (i, blockData, pTimeout, pReadmask); ++ (*pScreen->BlockHandler) (pScreen, pTimeout, pReadmask); + + vncHooksScreen->desktop->ignoreHooks(false); + +diff -up xserver/hw/vnc/xf86vncModule.cc.xorg113 xserver/hw/vnc/xf86vncModule.cc +--- xserver/hw/vnc/xf86vncModule.cc.xorg113 2012-07-19 21:19:27.558942606 -0400 ++++ xserver/hw/vnc/xf86vncModule.cc 2012-07-19 21:19:27.574942408 -0400 +@@ -53,8 +53,6 @@ ExtensionModule vncExt = + { + vncExtensionInitWithParams, + "VNC", +- NULL, +- NULL, + NULL + }; + +diff -up xserver/hw/vnc/xorg-version.h.xorg113 xserver/hw/vnc/xorg-version.h +--- xserver/hw/vnc/xorg-version.h.xorg113 2012-07-19 21:19:27.560942582 -0400 ++++ xserver/hw/vnc/xorg-version.h 2012-07-19 21:19:27.576942382 -0400 +@@ -40,6 +40,8 @@ + #define XORG 111 + #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (12 * 100000) + (99 * 1000)) + #define XORG 112 ++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (13 * 100000) + (99 * 1000)) ++#define XORG 113 + #else + #error "X.Org newer than 1.10 is not supported" + #endif +diff -up xserver/hw/vnc/xvnc.cc.xorg113 xserver/hw/vnc/xvnc.cc +--- xserver/hw/vnc/xvnc.cc.xorg113 2012-07-19 21:36:33.078121854 -0400 ++++ xserver/hw/vnc/xvnc.cc 2012-07-19 21:39:49.685663920 -0400 +@@ -267,7 +267,7 @@ OsVendorInit() + } + + void +-OsVendorFatalError() ++OsVendorFatalError(const char *f, va_list args) + { + } + +@@ -1135,9 +1135,9 @@ static Bool vncRandRSetConfig (ScreenPtr + #endif + + static Bool +-vfbCloseScreen(int index, ScreenPtr pScreen) ++vfbCloseScreen(ScreenPtr pScreen) + { +- vfbScreenInfoPtr pvfb = &vfbScreens[index]; ++ vfbScreenInfoPtr pvfb = &vfbScreens[pScreen->myNum]; + int i; + + pScreen->CloseScreen = pvfb->closeScreen; +@@ -1149,13 +1149,13 @@ vfbCloseScreen(int index, ScreenPtr pScr + for (i = 0; i < MAXSCREENS; i++) + InstalledMaps[i] = NULL; + +- return pScreen->CloseScreen(index, pScreen); ++ return pScreen->CloseScreen(pScreen); + } + + static Bool +-vfbScreenInit(int index, ScreenPtr pScreen, int argc, char **argv) ++vfbScreenInit(ScreenPtr pScreen, int argc, char **argv) + { +- vfbScreenInfoPtr pvfb = &vfbScreens[index]; ++ vfbScreenInfoPtr pvfb = &vfbScreens[pScreen->myNum]; + int dpi; + int ret; + void *pbits; +@@ -1167,8 +1167,8 @@ vfbScreenInit(int index, ScreenPtr pScre + + pbits = vfbAllocateFramebufferMemory(&pvfb->fb); + if (!pbits) return FALSE; +- vncFbptr[index] = pbits; +- vncFbstride[index] = pvfb->fb.paddedWidth; ++ vncFbptr[pScreen->myNum] = pbits; ++ vncFbstride[pScreen->myNum] = pvfb->fb.paddedWidth; + + miSetPixmapDepths(); + +diff -up xserver/include/screenint.h.xorg113 xserver/include/screenint.h +--- xserver/include/screenint.h.xorg113 2012-07-19 21:30:38.258557709 -0400 ++++ xserver/include/screenint.h 2012-07-19 21:30:45.415468235 -0400 +@@ -72,18 +72,18 @@ extern _X_EXPORT int AddGPUScreen(Bool ( + extern _X_EXPORT void RemoveGPUScreen(ScreenPtr pScreen); + + extern _X_EXPORT void +-AttachUnboundGPU(ScreenPtr pScreen, ScreenPtr newScreen); ++AttachUnboundGPU(ScreenPtr pScreen, ScreenPtr); + extern _X_EXPORT void + DetachUnboundGPU(ScreenPtr unbound); + + extern _X_EXPORT void +-AttachOutputGPU(ScreenPtr pScreen, ScreenPtr newScreen); ++AttachOutputGPU(ScreenPtr pScreen, ScreenPtr); + + extern _X_EXPORT void + DetachOutputGPU(ScreenPtr output); + + extern _X_EXPORT void +-AttachOffloadGPU(ScreenPtr pScreen, ScreenPtr newScreen); ++AttachOffloadGPU(ScreenPtr pScreen, ScreenPtr); + + extern _X_EXPORT void + DetachOffloadGPU(ScreenPtr slave); + diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg114.patch b/extra/source/tigervnc/patches/tigervnc11-xorg114.patch new file mode 100644 index 00000000..23c71001 --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-xorg114.patch @@ -0,0 +1,24 @@ +--- xserver/hw/vnc/xorg-version.h Mon Feb 18 08:28:49 2013 ++++ xserver/hw/vnc/xorg-version.h Mon Feb 18 08:28:43 2013 +@@ -42,8 +42,10 @@ + #define XORG 112 + #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (13 * 100000) + (99 * 1000)) + #define XORG 113 ++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (14 * 100000) + (99 * 1000)) ++#define XORG 114 + #else +-#error "X.Org newer than 1.10 is not supported" ++#error "X.Org newer than 1.14 is not supported" + #endif + + #endif +--- xserver/hw/vnc/xvnc.cc Tue Feb 19 08:50:20 2013 ++++ xserver/hw/vnc/xvnc.cc Tue Feb 19 08:50:27 2013 +@@ -54,7 +54,6 @@ + #include "servermd.h" + #include "fb.h" + #include "mi.h" +-#include "mibstore.h" + #include "colormapst.h" + #include "gcstruct.h" + #include "input.h" diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg_headers.patch b/extra/source/tigervnc/patches/tigervnc11-xorg_headers.patch new file mode 100644 index 00000000..2ef5bece --- /dev/null +++ b/extra/source/tigervnc/patches/tigervnc11-xorg_headers.patch @@ -0,0 +1,16 @@ +--- tigervnc-1.1.0/unix/xserver/hw/vnc/Makefile.am.orig 2011-08-09 23:16:36.000000000 +0200 ++++ tigervnc-1.1.0/unix/xserver/hw/vnc/Makefile.am 2012-07-29 14:14:55.078998592 +0200 +@@ -61,10 +61,10 @@ + BUILT_SOURCES = $(nodist_Xvnc_SOURCES) + + fb.h: $(top_srcdir)/fb/fb.h +- cat $(top_srcdir)/fb/fb.h | sed -e 's,and,c_and,' -e 's,xor,c_xor,' > $(srcdir)/fb.h ++ cat $(top_srcdir)/fb/fb.h | sed -e 's,and,c_and,g' -e 's,xor,c_xor,g' > $(srcdir)/fb.h + + pixman.h: $(includedir)/pixman-1/pixman.h +- cat $(includedir)/pixman-1/pixman.h | sed 's/xor/c_xor/' > $(srcdir)/pixman.h ++ cat $(includedir)/pixman-1/pixman.h | sed 's/xor/c_xor/g' > $(srcdir)/pixman.h + + fbrop.h: $(top_srcdir)/fb/fbrop.h +- cat $(top_srcdir)/fb/fbrop.h | sed -e 's,and,c_and,' -e 's,xor,c_xor,' > $(srcdir)/fbrop.h ++ cat $(top_srcdir)/fb/fbrop.h | sed -e 's,and,c_and,' -e 's,xor,c_xor,g' > $(srcdir)/fbrop.h diff --git a/extra/source/tigervnc/slack-desc b/extra/source/tigervnc/slack-desc new file mode 100644 index 00000000..e433dd5f --- /dev/null +++ b/extra/source/tigervnc/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +tigervnc: tigervnc (VNC server and client) +tigervnc: +tigervnc: Virtual Network Computing (VNC) is a remote display system which +tigervnc: allows you to view a desktop environment from anywhere on the Internet +tigervnc: and from a wide variety of machine architectures. +tigervnc: TigerVNC is a suite of VNC servers and clients that have a focus on +tigervnc: performance and remote display functionality. +tigervnc: +tigervnc: +tigervnc: tigervnc home: http://tigervnc.org/ +tigervnc: diff --git a/extra/source/tigervnc/tigervnc.SlackBuild b/extra/source/tigervnc/tigervnc.SlackBuild new file mode 100755 index 00000000..a269bc7c --- /dev/null +++ b/extra/source/tigervnc/tigervnc.SlackBuild @@ -0,0 +1,311 @@ +#!/bin/sh +# Copyright 2010, 2011, 2012, 2013 Eric Hameleers, Eindhoven. NL +# All rights reserved. +# +# Permission to use, copy, modify, and distribute this software for +# any purpose with or without fee is hereby granted, provided that +# the above copyright notice and this permission notice appear in all +# copies. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# ----------------------------------------------------------------------------- + + +PKGNAM=tigervnc +VERSION=${VERSION:-1.1.0} +BUILD=${BUILD:-1} +NUMJOBS=${NUMJOBS:" -j4 "} +TAG=${TAG:-} + +# Do we build the java applet (needs jdk)? +DO_APPLET=${DO_APPLET:-"NO"} + +# TigerVNC needs to use source of the X.Org server whose version matches +# that of your installed X.Org package: +XORG=${XORG:-$(X -version 2>&1 | grep "^X.Org X Server " | cut -f4 -d' ')} +MAXPATCHVER="$(echo $XORG | cut -f1,2 -d. | tr -d '.')" + +# OS Stamp into the binaries: +OSNAME="$(head -1 /etc/slackware-version)" +OSVENDOR="Slackware Linux Project" +BUILDER="Built by Alien BOB on $(date -u)" + +# This covers most filenames you'd want as documentation. Change if needed. +DOCS="LICENCE.TXT doc/TODO doc/*.txt doc/*.odt" +DOCS_XORG="COPYING ChangeLog" + +if [ -e $CWD/machine.conf ]; then + . $CWD/machine.conf ] +elif [ -e /etc/slackbuild/machine.conf ]; then + . /etc/slackbuild/machine.conf ] +else + # Automatically determine the architecture we're building on: + MARCH=$( uname -m ) + if [ -z "$ARCH" ]; then + case "$MARCH" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$MARCH ;; + esac + fi + # Set CFLAGS/CXXFLAGS and LIBDIRSUFFIX: + if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" + elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" + elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv5te" + LIBDIRSUFFIX="" + else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + fi +fi + +case "$ARCH" in + arm*) TARGET=$ARCH-slackware-linux-gnueabi ;; + *) TARGET=$ARCH-slackware-linux ;; +esac + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +rm -rf xorg-server-${XORG} +tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 +tar xvf $CWD/xorg-server-${XORG}.tar.?z* || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +# Move the xorg-server sources into the TigerVNC tree: +mv unix/xserver/hw/vnc ../xorg-server-${XORG}/hw/ +rm -rf unix/xserver/hw +mv ../xorg-server-${XORG}/* unix/xserver/ + +# We have patches for X.Org later than 1.10 which tigervnc does not have: +for PATCHVER in 111 112 113 114 ; do + if [ -e $CWD/patches/tigervnc$(echo $VERSION | cut -f1,2 -d. --output-delimiter=)-xorg${PATCHVER}.patch ]; then + cp $CWD/patches/tigervnc$(echo $VERSION | cut -f1,2 -d. --output-delimiter=)-xorg${PATCHVER}.patch unix/xserver${PATCHVER}.patch + fi +done + +if [ $MAXPATCHVER -gt 110 ]; then + if [ $MAXPATCHVER -lt 113 ]; then + # The sed magic in the hw/vnc Makefile needs some love: + # ... taken care of in the xserver113 patch if we ever move to X.Org 1.13. + cat $CWD/patches/tigervnc$(echo $VERSION | cut -f1,2 -d. --output-delimiter=)-xorg_headers.patch | patch -p1 --verbose || exit 1 + else + # We need to rewrite the xserver110.patch for X.Org 1.13 and newer: + cp $CWD/patches/tigervnc$(echo $VERSION | cut -f1,2 -d. --output-delimiter=)-xorg110.patch unix/xserver110.patch + fi +fi + +# Patch the xorg-server source to include building the vnc driver +cd unix/xserver + if [ $MAXPATCHVER -le 110 ]; then + # apply one of the tigervnc-provided patches: + cat ../xserver${MAXPATCHVER}.patch | patch -p1 --verbose || exit 1 + else + # these external patches are incremental and must be applied in order: + for PATCHVER in 110 111 112 113 114 ; do + if [ $PATCHVER -le $MAXPATCHVER -a -e ../xserver${PATCHVER}.patch ]; then + cat ../xserver${PATCHVER}.patch | patch -p1 --verbose || exit 1 + fi + done + fi +cd - + +# We use Java7: +cat $CWD/patches/tigervnc11-java7.patch | patch -p1 --verbose || exit 1 + +# Explicitly put the java applet into a directory named 'tigervnc': +sed -i -e 's#/vnc/class#/tigervnc/class#'g $(grep -rl vnc/class .) + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +export LDFLAGS="$SLKLDFLAGS -lpthread" +export CXXFLAGS="$SLKCFLAGS" +export CFLAGS="$SLKCFLAGS" + +echo -e "\n*** Building tigervnc ***\n" +autoreconf -vif +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --disable-static \ + --program-prefix= \ + --program-suffix= \ + --build=$TARGET + +make $NUMJOBS || make || exit 1 +make DESTDIR=$PKG install || exit 1 + +cd unix/xserver + echo -e "\n*** Building xserver ***\n" + export CXXFLAGS="$SLKCFLAGS -fpermissive" + autoreconf -vif + + # Default font paths to be used by the X server + DEF_FONTPATH="/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/misc,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic" + + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --mandir=/usr/man \ + --disable-dri \ + --disable-static \ + --disable-xorg --disable-xnest --disable-xvfb --disable-dmx \ + --disable-xwin --disable-xephyr --disable-kdrive \ + --disable-xinerama \ + --enable-composite \ + --enable-install-libxf86config \ + --enable-xcsecurity \ + --enable-glx-tls --enable-dri2 \ + --with-pic \ + --with-int10=x86emu \ + --with-default-font-path="${DEF_FONTPATH}" \ + --with-module-dir=/usr/lib${LIBDIRSUFFIX}/xorg/modules \ + --with-dri-driver-path=/usr/lib${LIBDIRSUFFIX}/xorg/modules/dri \ + --with-xkb-path=/etc/X11/xkb \ + --with-xkb-output=/var/lib/xkb \ + --disable-config-dbus \ + --disable-config-hal \ + --disable-config-udev \ + --disable-devel-docs \ + --disable-unit-tests \ + --without-dtrace \ + --with-os-name="$OSNAME" \ + --with-os-vendor="$OSVENDOR" \ + --with-builderstring="$BUILDER" \ + --build=$TARGET + + make $NUMJOBS || make || exit 1 + make -C hw/vnc DESTDIR=$PKG install +cd - + +if [ "$DO_APPLET" = "YES" ]; then + # Compile the java applet (needs the JDK... JRE is not enough): + cd java/src/com/tigervnc/vncviewer + make || exit 1 + cd - +fi + +# Create .png icons from the .svg file: +make -C media + +if [ "$DO_APPLET" = "YES" ]; then + # Install the java applet: + cd java/src/com/tigervnc/vncviewer + mkdir -p $PKG/usr/share/tigervnc/classes + install -m0755 VncViewer.jar $PKG/usr/share/tigervnc/classes/ + install -m0644 index.vnc $PKG/usr/share/tigervnc/classes/ + install -m0644 *.class $PKG/usr/share/tigervnc/classes/ + cd - +fi + +# Install menu entry: +mkdir -p $PKG/usr/share/{applications,icons/hicolor/{16x16,24x24,32x32,48x48}/apps} +for PSIZE in 16 24 32 48; do + install -m644 media/icons/tigervnc_${PSIZE}.png \ + $PKG/usr/share/icons/hicolor/${PSIZE}x${PSIZE}/apps/tigervnc.png +done +cat <<EOT > $PKG/usr/share/applications/tigervnc.desktop +[Desktop Entry] +Encoding=UTF-8 +Name=TigerVNC +GenericName=VNCViewer (RFB Client) +Comment=Connect to remote desktop +SwallowExec= +Exec=vncviewer +MimeType= +Icon=tigervnc +Path= +TerminalOptions= +Terminal=false +Type=Application +Categories=Network; +StartupWMClass=VNC Viewer: Connection Details +EOT + +# Add this to the doinst.sh: +! [ -d $PKG/install ] && mkdir -p $PKG/install +cat <<EOT >> $PKG/install/doinst.sh +# Update the desktop database: +if [ -x usr/bin/update-desktop-database ]; then + chroot . /usr/bin/update-desktop-database usr/share/applications 1>/dev/null 2>&1 +fi + +# Update the mime database: +if [ -x usr/bin/update-mime-database ]; then + chroot . /usr/bin/update-mime-database usr/share/mime 1>/dev/null 2>&1 +fi + +# Update hicolor theme cache: +if [ -d usr/share/icons/hicolor ]; then + if [ -x usr/bin/gtk-update-icon-cache ]; then + chroot . /usr/bin/gtk-update-icon-cache -f -t usr/share/icons/hicolor 1> /dev/null 2> /dev/null + fi +fi + +EOT + +# Add documentation: +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a $DOCS $PKG/usr/doc/$PKGNAM-$VERSION || true +for FIL in $(echo $DOCS_XORG); do cp -a unix/xserver/$FIL $PKG/usr/doc/$PKGNAM-$VERSION/${FIL}.xorg ; done +chown -R root:root $PKG/usr/doc/$PKGNAM-$VERSION +find $PKG/usr/doc -type f -exec chmod 644 {} \; + +# Compress the man page(s): +if [ -d $PKG/usr/man ]; then + find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; + for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +fi + +# Strip binaries (if any): +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Add a package description: +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +if [ -f $CWD/doinst.sh.gz ]; then + zcat $CWD/doinst.sh.gz >> $PKG/install/doinst.sh +fi + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txz + diff --git a/extra/source/tightvnc/doinst.sh b/extra/source/tightvnc/doinst.sh deleted file mode 100644 index 8ce980e5..00000000 --- a/extra/source/tightvnc/doinst.sh +++ /dev/null @@ -1,24 +0,0 @@ -# Handle the incoming configuration files: -config() { - NEW="$1" - OLD="$(dirname $NEW)/$(basename $NEW .new)" - # If there's no config file by that name, mv it over: - if [ ! -r $OLD ]; then - mv $NEW $OLD - elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then - # toss the redundant copy - rm $NEW - fi - # Otherwise, we leave the .new copy for the admin to consider... -} - -config etc/tightvncserver.conf.new -config etc/rc.d/rc.vncservers.new -config etc/rc.d/rc.vncservers.conf.new - -# Update the desktop database: -if [ -x usr/bin/update-desktop-database ]; then - chroot . /usr/bin/update-desktop-database usr/share/applications > /dev/null -2>&1 -fi - diff --git a/extra/source/tightvnc/slack-desc b/extra/source/tightvnc/slack-desc deleted file mode 100644 index 4003e63a..00000000 --- a/extra/source/tightvnc/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -tightvnc: tightvnc (remote control software) -tightvnc: -tightvnc: Virtual Network Computing (VNC) is a remote display system which -tightvnc: allows you to view a desktop environment from anywhere on the Internet -tightvnc: and from a wide variety of machine architectures. -tightvnc: TightVNC is an enhanced VNC distribution. This package contains a -tightvnc: client which will allow you to connect to other desktops running a -tightvnc: VNC or a TightVNC server. -tightvnc: -tightvnc: tightvnc home: http://www.tightvnc.com/ -tightvnc: diff --git a/extra/source/tightvnc/tightvnc.SlackBuild b/extra/source/tightvnc/tightvnc.SlackBuild deleted file mode 100755 index 526b8f3d..00000000 --- a/extra/source/tightvnc/tightvnc.SlackBuild +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/sh -# Copyright 2007-2009 Eric Hameleers, Eindhoven, NL -# All rights reserved. -# -# Permission to use, copy, modify, and distribute this software for -# any purpose with or without fee is hereby granted, provided that -# the above copyright notice and this permission notice appear in all -# copies. -# -# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR -# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF -# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT -# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# ----------------------------------------------------------------------------- -# -# Slackware SlackBuild script -# =========================== -# By: Eric Hameleers <alien@slackware.com> -# For: tightvnc -# Descr: remote control software -# URL: http://www.tightvnc.com/ -# ----------------------------------------------------------------------------- - -# Set initial variables: - -PRGNAM=tightvnc -VERSION=${VERSION:-1.3.10} -ARCH=${ARCH:-x86_64} -BUILD=${BUILD:-1} - -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-${PRGNAM} -rm -rf $PKG -mkdir -p $TMP $PKG - -case "$ARCH" in - i486) SLKCFLAGS="-O2 -march=i486 -mtune=i686" - SLKLDFLAGS=""; LIBDIRSUFFIX="" - ;; - s390) SLKCFLAGS="-O2" - SLKLDFLAGS=""; LIBDIRSUFFIX="" - ;; - x86_64) SLKCFLAGS="-O2 -fPIC" - SLKLDFLAGS="-L/usr/lib64"; LIBDIRSUFFIX="64" - ;; -esac - -# Explode the package framework: -cd $PKG - explodepkg $CWD/_$PRGNAM.tar.gz -cd - - -cd $TMP -rm -rf vnc_unixsrc -tar xvf $CWD/${PRGNAM}-${VERSION}_unixsrc.tar.?z* || exit 1 -cd vnc_unixsrc || exit 1 - -# Make sure ownerships and permissions are sane: -chown -R root:root . -find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; - -# Make vncserver use sane pathnames and executable permissions: -zcat $CWD/tightvnc.paths-and-perms.diff.gz | patch -p1 --verbose || exit 1 - -# Use xinit's Xclients script to start the session: -cat vnc-xclients.patch | sed -e 's/Red Hat /Slackware /' | patch || exit 1 - -xmkmf -a -make CDEBUGFLAGS="$SLKCFLAGS" World || exit 1 - -cd Xvnc - LDFLAGS="$SLKLDFLAGS" \ - CFLAGS="$SLKCFLAGS" \ - CXXFLAGS="$SLKCFLAGS" \ - ./configure - make EXTRA_LIBRARIES="-lwrap -lnss_nis" CDEBUGFLAGS="$SLKCFLAGS" \ - EXTRA_DEFINES="-DUSE_LIBWRAP=1" -cd - # end 'cd Xvnc' - -# Manually install files: -mkdir -p $PKG/usr/bin $PKG/usr/man/man1 -./vncinstall $PKG/usr/bin $PKG/usr/man - -mkdir -p $PKG/usr/share/tightvnc -cp -aR classes $PKG/usr/share/tightvnc/ - -mkdir $PKG/etc -cp -a tightvncserver.conf $PKG/etc/tightvncserver.conf.new - -# Add documentation: -mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION -cp -a \ - LICENCE.TXT README WhatsNew ChangeLog \ - $PKG/usr/doc/$PRGNAM-$VERSION -mv $PKG/install/README.1st $PKG/usr/doc/$PRGNAM-$VERSION - -# Compress the man page(s): -if [ -d $PKG/usr/man ]; then - find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; - for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done -fi - -# Strip binaries: -find $PKG | xargs file | grep -e "executable" -e "shared object" \ - | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - -# Add a package description: -mkdir -p $PKG/install -cat $CWD/slack-desc > $PKG/install/slack-desc -zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh - -# Build the package: -cd $PKG -/sbin/makepkg -l y -c n $TMP/${PRGNAM}-${VERSION}-${ARCH}-${BUILD}.txz - diff --git a/extra/source/tightvnc/tightvnc.paths-and-perms.diff b/extra/source/tightvnc/tightvnc.paths-and-perms.diff deleted file mode 100644 index b6eb14f1..00000000 --- a/extra/source/tightvnc/tightvnc.paths-and-perms.diff +++ /dev/null @@ -1,52 +0,0 @@ -diff -ur vnc_unixsrc.orig/tightvncserver.conf vnc_unixsrc/tightvncserver.conf ---- vnc_unixsrc.orig/tightvncserver.conf 2009-02-12 05:27:18.000000000 +0100 -+++ vnc_unixsrc/tightvncserver.conf 2009-06-02 23:55:22.000000000 +0200 -@@ -19,15 +19,15 @@ - # $geometry = "1024x768"; - # $depth = 24; - # $desktopName = "X"; --# $vncClasses = "/usr/local/vnc/classes"; -+# $vncClasses = "/usr/share/tightvnc/classes"; - # $vncUserDir = "$ENV{HOME}/.vnc"; --# $fontPath = "unix/:7100"; -+# $fontPath = "/usr/share/fonts/misc/,/usr/share/fonts/Type1/,/usr/share/fonts/75dpi/"; - # $authType = "-rfbauth $vncUserDir/passwd"; --# $colorPath = "/usr/lib/X11/rgb"; -+# $colorPath = "/usr/share/X11/rgb"; - - ## Here is another example of setting the font path: - # --# $fontPath = "/usr/lib/X11/fonts/misc/" -+# $fontPath = "unix/:7100"; - # $fontPath = "$fontPath,/usr/lib/X11/fonts/75dpi/"; - - ## You might wish to make your vnc directory under /tmp, to make sure -diff -ur vnc_unixsrc.orig/vncinstall vnc_unixsrc/vncinstall ---- vnc_unixsrc.orig/vncinstall 2002-03-19 12:44:02.000000000 +0100 -+++ vnc_unixsrc/vncinstall 2009-06-02 23:51:54.000000000 +0200 -@@ -47,7 +47,7 @@ - else - echo "Copying $f -> $bin_dst/`basename $f`" - cp -pf $f $bin_dst -- chmod 0555 $bin_dst/`basename $f` -+ chmod 0755 $bin_dst/`basename $f` - fi - - # Installing man pages -diff -ur vnc_unixsrc.orig/vncserver vnc_unixsrc/vncserver ---- vnc_unixsrc.orig/vncserver 2009-02-12 05:27:18.000000000 +0100 -+++ vnc_unixsrc/vncserver 2009-06-02 23:51:39.000000000 +0200 -@@ -32,10 +32,11 @@ - $geometry = "1024x768"; - $depth = 24; - $desktopName = "X"; --$vncClasses = "/usr/local/vnc/classes"; -+$vncClasses = "/usr/share/tightvnc/classes"; - $vncUserDir = "$ENV{HOME}/.vnc"; --$fontPath = "unix/:7100"; -+$fontPath = "/usr/share/fonts/misc/,/usr/share/fonts/Type1/,/usr/share/fonts/75dpi/"; - $authType = "-rfbauth $vncUserDir/passwd"; -+$colorPath = "/usr/share/X11/rgb"; - - # Read configuration from the system-wide and user files if present. - diff --git a/extra/source/wicd/slack-desc b/extra/source/wicd/slack-desc index 47cf875f..7a925975 100644 --- a/extra/source/wicd/slack-desc +++ b/extra/source/wicd/slack-desc @@ -15,5 +15,5 @@ wicd: - Profiles for each wireless network and wired network wicd: - Many encryption schemes, some of which include WEP/WPA/WPA2 wicd: - Compatible with wireless-tools wicd: -wicd: Homepage: http://wicd.net +wicd: Homepage: http://wicd.sourceforge.net wicd: diff --git a/extra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild b/extra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild index 8ea08738..b2dda17c 100755 --- a/extra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild +++ b/extra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -76,6 +76,14 @@ rm -rf $PKGNAM-$VERSION tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 cd $PKGNAM-$VERSION +# Remove obsolete references to mibstore.h and miInitializeBackingStore(): +grep -r -l '#include "mibstore.h"' * | while read file ; do + sed -i "s/#include \"mibstore.h\"//g" $file +done +grep -r -l 'miInitializeBackingStore(pScreen);' | while read file ; do + sed -i "s/miInitializeBackingStore(pScreen);//g" $file +done + chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ |