commit: 8f1314da7cea8fd1cbf21c274579f8e326464a41
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Mon Oct 13 11:37:05 2025 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Mon Oct 13 11:37:05 2025 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8f1314da
sys-auth/pambase: add 20251013
Sam James (3):
gnome-keyring: only set use_authtok for 'password'
system-session: fix whitespace
system-local-login: move pam_gnome_keyring before system-login
Closes: https://bugs.gentoo.org/964268
Signed-off-by: Sam James <sam <AT> gentoo.org>
sys-auth/pambase/Manifest | 1 +
sys-auth/pambase/pambase-20251013.ebuild | 129 +++++++++++++++++++++++++++++++
2 files changed, 130 insertions(+)
diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest
index a4a3c71e4315..99f4c9474d2c 100644
--- a/sys-auth/pambase/Manifest
+++ b/sys-auth/pambase/Manifest
@@ -4,3 +4,4 @@ DIST pambase-20250223.tar.bz2 5124 BLAKE2B
ea89d43c93d85baafa1a6951ae80c6306c762
DIST pambase-20250228.tar.bz2 5144 BLAKE2B
ab4c8e84cc21e25ac12b66a3d9943becb62d4f53c2f9c201c79f2a1f1f1320f4bad2b56a2a76924386d7dbe9656abf5a0bd92bbbedda23088a26128aa743e79f
SHA512
e2ccbcd0c3e6f9fb035a2489a79bdfff5f12fe9393517d3b7ddb3bbd7a6a6e5b358663b1423166b0250931d50f608bb81a9f486fc53dbc7126b3980617387c94
DIST pambase-20250826.tar.bz2 4925 BLAKE2B
c6929aa506b94b9215bd2c686fd9965d6c3a77f36c7a2d114ca5b2c39a30e2209a84408ee855559837d54161e359723889b89bb9c048bb36b00c7156495968fc
SHA512
c9bc07ac617891ddab6f2a8358b10899462d9b54fcc3642d222dd2402914f24225854103b6c581aa2041fb0feb0f94688e07aad10ab94c3a629b4cd2937bd785
DIST pambase-20250906.tar.bz2 4972 BLAKE2B
b65da13a265d5a3df1e84546a8f6e1447d7ea5a40fe4a44488691c4a182cf4b3d13d20ce85778f549d217ebf4b4511e71f5f285b34edf9e9e18bab50b0d22c82
SHA512
639d87169fafb0e44401104ade7dfaa7a5d6bd473d9e4e3c35a0fb87aaf73a383d406ee05944a3190750e55e59decd867ab3f773664f9fb787f40acc05826d1c
+DIST pambase-20251013.tar.bz2 4963 BLAKE2B
c2eb355819c28a6b41e8aea843c176769fa53519cb357239712165f0bf507bc21132d732fd2600d9354e2031e55da30beb676f1da854ce4bda687b8de006641a
SHA512
968d82e817b209d66ea1719493539ff363a844795efd8584690a4ca9b5f932f5f5a9e8352747b590ae6ffba332a9a7d8e2a224af26bc3a6bdf012736daca9e6c
diff --git a/sys-auth/pambase/pambase-20251013.ebuild
b/sys-auth/pambase/pambase-20251013.ebuild
new file mode 100644
index 000000000000..8b358020cac0
--- /dev/null
+++ b/sys-auth/pambase/pambase-20251013.ebuild
@@ -0,0 +1,129 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{11..14} )
+
+inherit edo pam python-any-r1 readme.gentoo-r1
+
+DESCRIPTION="PAM base configuration files"
+HOMEPAGE="https://github.com/gentoo/pambase";
+
+if [[ ${PV} == *9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="
+ https://anongit.gentoo.org/git/proj/pambase.git
+ https://github.com/gentoo/pambase.git
+ "
+else
+
SRC_URI="https://gitweb.gentoo.org/proj/pambase.git/snapshot/${P}.tar.bz2";
+
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc
~ppc64 ~riscv ~s390 ~sparc ~x86"
+fi
+
+LICENSE="MIT"
+SLOT="0"
+IUSE="caps debug elogind gnome-keyring homed minimal mktemp +nullok pam_krb5
pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 sssd systemd
yescrypt"
+
+RESTRICT="binchecks"
+
+REQUIRED_USE="
+ ?? ( elogind systemd )
+ ?? ( passwdqc pwquality )
+ ?? ( sha512 yescrypt )
+ pwhistory? ( || ( passwdqc pwquality ) )
+ homed? ( !pam_krb5 )
+ pam_krb5? ( !homed )
+"
+
+MIN_PAM_REQ=1.4.0
+
+RDEPEND="
+ >=sys-libs/pam-${MIN_PAM_REQ}
+ elogind? ( sys-auth/elogind[pam] )
+ gnome-keyring? ( gnome-base/gnome-keyring[pam] )
+ mktemp? ( sys-auth/pam_mktemp )
+ pam_krb5? (
+ >=sys-libs/pam-${MIN_PAM_REQ}
+ sys-auth/pam_krb5
+ )
+ caps? ( sys-libs/libcap[pam] )
+ pam_ssh? ( sys-auth/pam_ssh )
+ passwdqc? ( >=sys-auth/passwdqc-1.4.0-r1 )
+ pwquality? ( dev-libs/libpwquality[pam] )
+ selinux? ( sys-libs/pam[selinux] )
+ sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )
+ homed? ( sys-apps/systemd[homed] )
+ systemd? ( sys-apps/systemd[pam] )
+ yescrypt? ( sys-libs/libxcrypt[system] )
+ sssd? ( sys-auth/sssd )
+"
+BDEPEND="
+ $(python_gen_any_dep '
+ dev-python/jinja2[${PYTHON_USEDEP}]
+ ')
+"
+
+python_check_deps() {
+ python_has_version "dev-python/jinja2[${PYTHON_USEDEP}]"
+}
+
+src_configure() {
+ local crypt=md5
+ # TODO: sha256, blowfish, gost_yescrypt
+ use sha512 && crypt=sha512
+ use yescrypt && crypt=yescrypt
+
+ local pamargs=(
+ # Not all 'upstream' options are (currently) wired up
+ # in the ebuild.
+ #
+ # TODO: pam_shells
+ $(usev caps '--caps')
+ $(usev debug '--debug')
+ $(usev elogind '--elogind')
+ $(usev gnome-keyring '--gnome-keyring')
+ $(usev homed '--homed')
+ $(usev minimal '--minimal')
+ $(usev mktemp '--mktemp')
+ $(usev nullok '--nullok')
+ $(usev pam_krb5 '--krb5')
+ $(usev pam_ssh '--pam-ssh')
+ $(usev passwdqc '--passwdqc')
+ $(usev pwhistory '--pwhistory')
+ $(usev pwquality '--pwquality')
+ $(usev securetty '--securetty')
+ $(usev selinux '--selinux')
+ $(usex systemd '--systemd' '--openrc')
+ $(usev sssd '--sssd')
+
+ --encrypt=${crypt}
+ )
+
+ edo ${EPYTHON} ./${PN}.py "${pamargs[@]}"
+}
+
+src_test() { :; }
+
+src_install() {
+ local DOC_CONTENTS
+
+ if use passwdqc; then
+ DOC_CONTENTS="To amend the existing password policy please see
the man 5 passwdqc.conf
+ page and then edit the
/etc/security/passwdqc.conf file"
+ fi
+
+ if use pwquality; then
+ DOC_CONTENTS="To amend the existing password policy please see
the man 5 pwquality.conf
+ page and then edit the
/etc/security/pwquality.conf file"
+ fi
+
+ { use passwdqc || use pwquality; } && readme.gentoo_create_doc
+
+ dopamd -r stack/.
+}
+
+pkg_postinst() {
+ { use passwdqc || use pwquality; } && readme.gentoo_print_elog
+}
