From owner-freebsd-ports Mon Aug 28 18:50:17 2000 Delivered-To: freebsd-ports@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 9886E37B440 for ; Mon, 28 Aug 2000 18:50:01 -0700 (PDT) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id SAA58475; Mon, 28 Aug 2000 18:50:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from totem.fix.no (totem.fix.no [213.142.66.130]) by hub.freebsd.org (Postfix) with ESMTP id 7F87837B42C for ; Mon, 28 Aug 2000 18:45:00 -0700 (PDT) Received: by totem.fix.no (Postfix, from userid 1000) id 14512572D; Tue, 29 Aug 2000 03:48:17 +0200 (CEST) Message-Id: <20000829014817.14512572D@totem.fix.no> Date: Tue, 29 Aug 2000 03:48:17 +0200 (CEST) From: Anders Nordby Reply-To: Anders Nordby To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: ports/20915: New port: security/pam-mysql Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 20915 >Category: ports >Synopsis: New port: security/pam-mysql >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Aug 28 18:50:01 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Anders Nordby >Release: FreeBSD 4.1-STABLE i386 >Organization: Fluxpod Information eXchange >Environment: FreeBSD eggsilo.localnet 4.1-STABLE FreeBSD 4.1-STABLE #0: Mon Aug 28 10:23:12 CEST 2000 root@:/usr/src/sys/compile/EGGSILO i386 >Description: This is a port of the Linux MySQL PAM module. You can authenticate any PAMified service with MySQL using this module. This is un-audited from as of now, use with caution. >How-To-Repeat: >Fix: This shar also downloadable from: ftp://totem.fix.no/pub/mirrors/misc/pam-mysql.sh # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # pam-mysql # pam-mysql/pkg # pam-mysql/pkg/COMMENT # pam-mysql/pkg/DESCR # pam-mysql/pkg/PLIST # pam-mysql/files # pam-mysql/files/md5 # pam-mysql/Makefile # pam-mysql/patches # pam-mysql/patches/patch-aa # echo c - pam-mysql mkdir -p pam-mysql > /dev/null 2>&1 echo c - pam-mysql/pkg mkdir -p pam-mysql/pkg > /dev/null 2>&1 echo x - pam-mysql/pkg/COMMENT sed 's/^X//' >pam-mysql/pkg/COMMENT << 'END-of-pam-mysql/pkg/COMMENT' XA pam module for authenticating with MySQL END-of-pam-mysql/pkg/COMMENT echo x - pam-mysql/pkg/DESCR sed 's/^X//' >pam-mysql/pkg/DESCR << 'END-of-pam-mysql/pkg/DESCR' XThis is a PAM module for authenticating with MySQL. X XWWW: http://sourceforge.net/projects/pam-mysql/ END-of-pam-mysql/pkg/DESCR echo x - pam-mysql/pkg/PLIST sed 's/^X//' >pam-mysql/pkg/PLIST << 'END-of-pam-mysql/pkg/PLIST' Xlib/pam_mysql.so Xshare/doc/pam_mysql/Changelog Xshare/doc/pam_mysql/CREDITS Xshare/doc/pam_mysql/Readme X@dirrm share/doc/pam_mysql END-of-pam-mysql/pkg/PLIST echo c - pam-mysql/files mkdir -p pam-mysql/files > /dev/null 2>&1 echo x - pam-mysql/files/md5 sed 's/^X//' >pam-mysql/files/md5 << 'END-of-pam-mysql/files/md5' XMD5 (pam_mysql-0.4.tar.gz) = ae30788ac9c5d02fa1045d3403d48f2f END-of-pam-mysql/files/md5 echo x - pam-mysql/Makefile sed 's/^X//' >pam-mysql/Makefile << 'END-of-pam-mysql/Makefile' X# New ports collection makefile for: pam_mysql X# Date created: 29 August 2000 X# Whom: Anders Nordby X# X# $FreeBSD$ X# X XPORTNAME= pam_mysql XPORTVERSION= 0.4 XCATEGORIES= security databases XMASTER_SITES= http://download.sourceforge.net/pam-mysql/ \ X http://www.freenix.no/~anders/ X XMAINTAINER= anders@fix.no X XLIB_DEPENDS= mysqlclient.6:${PORTSDIR}/databases/mysql322-client X XUSE_GMAKE= yes X XWRKSRC= ${WRKDIR}/${PORTNAME} X Xpost-patch: X @cd ${WRKSRC} && ${GMAKE} clean X Xdo-build: X ${CC} -O -pipe -fpic -DPIC -Wall -I${PREFIX}/include -c ${WRKSRC}/pam_mysql.c -o ${WRKSRC}/pam_mysql.o X ${LD} -x --shared -o ${WRKSRC}/pam_mysql.so ${WRKSRC}/pam_mysql.o -lpam -lcrypt -L${PREFIX}/lib/mysql -lmysqlclient X Xdo-install: X @${INSTALL_DATA} ${WRKSRC}/pam_mysql.so ${PREFIX}/lib X @${INSTALL} -d -o root -g wheel -m 0755 ${PREFIX}/share/doc/pam_mysql X @${INSTALL_DATA} ${WRKSRC}/Changelog ${PREFIX}/share/doc/pam_mysql/ X @${INSTALL_DATA} ${WRKSRC}/CREDITS ${PREFIX}/share/doc/pam_mysql/ X @${INSTALL_DATA} ${WRKSRC}/Readme ${PREFIX}/share/doc/pam_mysql/ X Xpost-install: X @${ECHO} "================================================================================" X @${ECHO} "Copy/move/symlink ${PREFIX}/lib/pam_mysql.so to /usr/lib/pam_mysql.so" X @${ECHO} "to be able to use it. Read files in ${PREFIX}/share/doc/pam_mysql" X @${ECHO} "for info on how to set up." X @${ECHO} "================================================================================" X X.include END-of-pam-mysql/Makefile echo c - pam-mysql/patches mkdir -p pam-mysql/patches > /dev/null 2>&1 echo x - pam-mysql/patches/patch-aa sed 's/^X//' >pam-mysql/patches/patch-aa << 'END-of-pam-mysql/patches/patch-aa' X--- pam_mysql.c.old Tue Aug 29 03:31:46 2000 X+++ pam_mysql.c Tue Aug 29 03:31:37 2000 X@@ -14,7 +14,6 @@ X #include X #include X #include X-#include X #include X X #include X@@ -79,7 +78,6 @@ X X int db_connect (MYSQL * auth_sql_server); X void db_close( void ); X-static void _pam_log (int err, const char *format,...); X int askForPassword(pam_handle_t *pamh); X X void db_close ( void ) X@@ -114,7 +112,7 @@ X } X if ( retvalue != PAM_SUCCESS ) X { X- _pam_log(LOG_INFO, "MySQL err %s\n", mysql_error(auth_sql_server)); X+ syslog(LOG_INFO, "MySQL err %s", mysql_error(auth_sql_server)); X } X X D (("returning.")); X@@ -149,13 +147,13 @@ X { X sprintf(sql, "%s and %s", sql, options.where); X } X- _pam_log(LOG_ERR,sql); X+ syslog(LOG_ERR,sql); X D ((sql)); X mysql_query (auth_sql_server, sql); X free (sql); X result = mysql_store_result (auth_sql_server); X if (!result) { X- _pam_log(LOG_ERR, mysql_error (auth_sql_server)); X+ syslog(LOG_ERR, mysql_error(auth_sql_server)); X D (("returning.")); X return PAM_AUTH_ERR; X } X@@ -191,17 +189,6 @@ X X /* Global PAM functions stolen from other modules */ X X-static void _pam_log (int err, const char *format,...) X-{ X- va_list args; X- X- va_start (args, format); X- openlog (PAM_MODULE_NAME, LOG_PID, LOG_AUTH); X- vsyslog (err, format, args); X- va_end (args); X- closelog (); X-} X- X int converse(pam_handle_t *pamh, int nargs X , struct pam_message **message X , struct pam_response **response) X@@ -216,14 +203,12 @@ X , response, conv->appdata_ptr); X if ((retval != PAM_SUCCESS) && (retval != PAM_CONV_AGAIN)) X { X- _pam_log(LOG_DEBUG, "conversation failure [%s]" X- , pam_strerror(pamh, retval)); X+ syslog(LOG_DEBUG, "conversation failure [%s]", pam_strerror(pamh, retval)); X } X } X else X { X- _pam_log(LOG_ERR, "couldn't obtain coversation function [%s]" X- , pam_strerror(pamh, retval)); X+ syslog(LOG_ERR, "couldn't obtain coversation function [%s]", pam_strerror(pamh, retval)); X } X return retval; /* propagate error status */ X } X@@ -239,7 +224,7 @@ X prompt = malloc(strlen(PLEASE_ENTER_PASSWORD)); X if (prompt == NULL) X { X- _pam_log(LOG_ERR,"pam_mysql: askForPassword(), out of memory!?"); X+ syslog(LOG_ERR,"pam_mysql: askForPassword(), out of memory!?"); X return PAM_BUF_ERR; X } X else X@@ -251,7 +236,6 @@ X mesg[i] = &msg[i]; X X retval = converse(pamh, ++i, mesg, &resp); X-/* _pam_log(LOG_ERR, "retval == %d\n", retval); */ X if (prompt) X { X _pam_overwrite(prompt); X@@ -361,7 +345,7 @@ X X retval = pam_get_user (pamh, &user, NULL); X if (retval != PAM_SUCCESS || user == NULL) { X- _pam_log (LOG_ERR, "no user specified"); X+ syslog(LOG_ERR, "no user specified"); X D (("returning.")); X return PAM_USER_UNKNOWN; X } X@@ -398,7 +382,7 @@ X ,const char **argv) X { X X- _pam_log (LOG_INFO, "acct_mgmt \n"); X+ syslog(LOG_INFO, "acct_mgmt \n"); X return PAM_SUCCESS; X } X END-of-pam-mysql/patches/patch-aa exit >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message