Date: Thu, 30 Dec 2021 20:02:51 -0800 From: Cy Schubert <Cy.Schubert@cschubert.com> To: Cy Schubert <Cy.Schubert@cschubert.com> Cc: Eric Turgeon <ericturgeon.bsd@gmail.com>, Tomoaki AOKI <junchoon@dec.sakura.ne.jp>, dev-commits-ports-main@freebsd.org, Cy Schubert <cy@freebsd.org> Subject: Re: git: f3caf742108b - main - x11/mate-screensaver: Fix PAM build Message-ID: <202112310402.1BV42p3C036429@slippy.cwsent.com> In-Reply-To: <202112301701.1BUH1dji009235@slippy.cwsent.com> References: <20211230110857.1c0ac0e19e8206cb64a040d7@dec.sakura.ne.jp> <202112300342.1BU3gPt9003879@slippy.cwsent.com> <CADRZFmrE8avprf7NZPcU%2BtbsgVBzk9=qp4zHKgxLXSOK60QQQw@mail.gmail.com> <202112301701.1BUH1dji009235@slippy.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I can confirm PAM authentication is broken by this new release. Like layers of an onion, this problem will need to be investigated further. I doubt simply adding additional macros would resolve the problem. The reason I believe this is that the macros are likely a small part of something larger. Having said that, ports/security/pecl-pam includes a copy of the file with a reference to the URL from whence it came (suggesting a GPL violation in the ports tree). I think the path forward is to engage our upstream. Then look at a number of short-term or longer-term options to get us over this hump. If upstream is open to fixing the problem temporarily marking the PAM option broken or temporarily rolling back the upgrade may suffice. Alternatively, if upstream isn't open to remediation we may want to consider importing Linux-pam on github as a port. Be aware that multiple PAM stacks can coexist however similar problems we have with three KRB5s will require getting linking just right. This option does have the advantage of supporting other software written for Linux-PAM (instead of OpenPAM or Solaris PAM -- FreeBSD PAM is based on OpenPAM). Another alternative is dump mate-screensaver for xscreensaver. IIRC xscreensaver was the original screen saver for Gnome back in the day. (IMO xscreensaver is superior to the Gnome and mate screensavers, though this is just a personal preference. I've also used it to replace the CDE screensaver on a per-user basis.) Anyhow, just a thought for anyone. Until we look at the code we won't have a good idea of what kind of work is involved. Strategically a Linux-PAM port might be something we might want to think about long term. Tactically, any of the other options could work. -- Cheers, Cy Schubert <Cy.Schubert@cschubert.com> FreeBSD UNIX: <cy@FreeBSD.org> Web: https://FreeBSD.org NTP: <cy@nwtime.org> Web: https://nwtime.org The need of the many outweighs the greed of the few. In message <202112301701.1BUH1dji009235@slippy.cwsent.com>, Cy Schubert writes: > No. It's a bunch of inline macros that perform memory and other functions. > All could have been made to be actual functions. On my Fedora VM at $JOB > they're part of the pam-devel.rpm. > > > -- > Cheers, > Cy Schubert <Cy.Schubert@cschubert.com> > FreeBSD UNIX: <cy@FreeBSD.org> Web: https://FreeBSD.org > NTP: <cy@nwtime.org> Web: https://nwtime.org > > The need of the many outweighs the greed of the few. > > > In message <CADRZFmrE8avprf7NZPcU+tbsgVBzk9=qp4zHKgxLXSOK60QQQw@mail.gmail.c > om> > , Eric Turgeon writes: > > --00000000000063b43405d45dfc6d > > Content-Type: text/plain; charset="UTF-8" > > > > Do we have an equivalent of security/_pam_macros.h? > > > > *Eric Turgeon* > > > > > > On Wed, Dec 29, 2021 at 11:42 PM Cy Schubert <Cy.Schubert@cschubert.com> > > wrote: > > > > > This commit only fixed a compile time error, include file > > > security/_pam_macros.h not found (discovered by my poudriere build). > > > security/_pam_macros is an include file found only on some distros of > > > Linux, a Linuxism. Try it without PAM enabled; the file not found error > > > may > > > just be the beginning of a multitude of PAM issues. > > > > > > I'll try to look at it over the next couple days. > > > > > > > > > -- > > > Cheers, > > > Cy Schubert <Cy.Schubert@cschubert.com> > > > FreeBSD UNIX: <cy@FreeBSD.org> Web: https://FreeBSD.org > > > NTP: <cy@nwtime.org> Web: https://nwtime.org > > > > > > The need of the many outweighs the greed of the few. > > > > > > > > > In message <20211230110857.1c0ac0e19e8206cb64a040d7@dec.sakura.ne.jp>, > > > Tomoaki > > > AOKI writes: > > > > Hi. > > > > Wondered whih commit to comment but decided to latest. > > > > mate-screensaver no longer opens login panel after upgrading from > > > > 1.26.0 to 1.26.1. > > > > > > > > Created Bug 260811 [1]. > > > > > > > > [1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260811 > > > > > > > > > > > > > The branch main has been updated by cy: > > > > > > > > > > URL: > > > > > > > https://cgit.FreeBSD.org/ports/commit/?id=f3caf742108bb552724d4c4dae74b28 > ea > > 26 > > > > 6a6a3 > > > > > > > > > > commit f3caf742108bb552724d4c4dae74b28ea266a6a3 > > > > > Author: Cy Schubert <cy_at_FreeBSD.org> > > > > > AuthorDate: 2021-12-29 03:12:39 +0000 > > > > > Commit: Cy Schubert <cy_at_FreeBSD.org> > > > > > CommitDate: 2021-12-29 03:12:39 +0000 > > > > > > > > > > x11/mate-screensaver: Fix PAM build > > > > > > > > > > Fix build when PAM enabled; <security/_pam_macros.h> is a Linuxis > m. > > > > > --- > > > > > x11/mate-screensaver/files/patch-helper_pam-helper.c | 10 ++++++++++ > > > > > 1 file changed, 10 insertions(+) > > > > > > > > > > diff --git a/x11/mate-screensaver/files/patch-helper_pam-helper.c > > > > b/x11/mate-screensaver/files/patch-helper_pam-helper.c > > > > > new file mode 100644 > > > > > index 000000000000..605141fb0e54 > > > > > --- /dev/null > > > > > +++ b/x11/mate-screensaver/files/patch-helper_pam-helper.c > > > > > _at__at_ -0,0 +1,10 _at__at_ > > > > > +--- helper/pam-helper.c.orig 2021-11-15 14:28:47.000000000 -08 > 00 > > > > > ++++ helper/pam-helper.c 2021-12-28 19:09:39.501645000 -0800 > > > > > +_at__at_ -33,7 +33,6 _at__at_ > > > > > + */ > > > > > + > > > > > + #include <security/pam_appl.h> > > > > > +-#include <security/_pam_macros.h> > > > > > + > > > > > + #include <sys/types.h> > > > > > + #include <stdarg.h> > > > > > > > > -- > > > > Tomoaki AOKI <junchoon@dec.sakura.ne.jp> > > > > > > > > > > > > > --00000000000063b43405d45dfc6d > > Content-Type: text/html; charset="UTF-8" > > Content-Transfer-Encoding: quoted-printable > > > > <div dir=3D"ltr"><div>Do we have an equivalent of security/_pam_macros.h?</ > = > > div><div><br></div><div><div><div dir=3D"ltr" class=3D"gmail_signature" dat > = > > a-smartmail=3D"gmail_signature"><div dir=3D"ltr"><div><div dir=3D"ltr"><div > = > > ><div dir=3D"ltr"><div><div dir=3D"ltr"><div dir=3D"ltr"><span><font color= > > =3D"#888888"><font><font color=3D"#000000"><b>Eric Turgeon</b></font></font > = > > ></font></span><span></span><cite></cite><br></div><span></span></div></div > = > > ></div></div></div></div></div></div></div><br></div></div><br><div class= > > =3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Wed, Dec 29, 2021 > = > > at 11:42 PM Cy Schubert <<a href=3D"mailto:Cy.Schubert@cschubert.com">C > = > > y.Schubert@cschubert.com</a>> wrote:<br></div><blockquote class=3D"gmail > = > > _quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204 > = > > ,204);padding-left:1ex">This commit only fixed a compile time error, includ > = > > e file <br> > > security/_pam_macros.h not found (discovered by my poudriere build). <br> > > security/_pam_macros is an include file found only on some distros of <br> > > Linux, a Linuxism. Try it without PAM enabled; the file not found error may > = > > <br> > > just be the beginning of a multitude of PAM issues.<br> > > <br> > > I'll try to look at it over the next couple days.<br> > > <br> > > <br> > > -- <br> > > Cheers,<br> > > Cy Schubert <<a href=3D"mailto:Cy.Schubert@cschubert.com" target=3D"_bla > = > > nk">Cy.Schubert@cschubert.com</a>><br> > > FreeBSD UNIX:=C2=A0 <cy@FreeBSD.org>=C2=A0 =C2=A0Web:=C2=A0 <a href= > > =3D"https://FreeBSD.org" rel=3D"noreferrer" target=3D"_blank">https://FreeB > = > > SD.org</a><br> > > NTP:=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0<<a href=3D"mailto:cy@nwtim > = > > e.org" target=3D"_blank">cy@nwtime.org</a>>=C2=A0 =C2=A0 Web:=C2=A0 <a h > = > > ref=3D"https://nwtime.org" rel=3D"noreferrer" target=3D"_blank">https://nwt > = > > ime.org</a><br> > > <br> > > =C2=A0 =C2=A0 =C2=A0 =C2=A0 The need of the many outweighs the greed of the > = > > few.<br> > > <br> > > <br> > > In message <<a href=3D"mailto:20211230110857.1c0ac0e19e8206cb64a040d7@de > = > > c.sakura.ne.jp" target=3D"_blank">20211230110857.1c0ac0e19e8206cb64a040d7@d > = > > ec.sakura.ne.jp</a>>, <br> > > Tomoaki<br> > > AOKI writes:<br> > > > Hi.<br> > > > Wondered whih commit to comment but decided to latest.<br> > > > mate-screensaver no longer opens login panel after upgrading from<br> > > > 1.26.0 to 1.26.1.<br> > > ><br> > > > Created Bug 260811 [1].<br> > > ><br> > > > [1] <a href=3D"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260 > = > > 811" rel=3D"noreferrer" target=3D"_blank">https://bugs.freebsd.org/bugzilla > = > > /show_bug.cgi?id=3D260811</a><br> > > ><br> > > ><br> > > > > The branch main has been updated by cy:<br> > > > > <br> > > > > URL:<br> > > > <a href=3D"https://cgit.FreeBSD.org/ports/commit/?id=3Df3caf742108bb55 > = > > 2724d4c4dae74b28ea26" rel=3D"noreferrer" target=3D"_blank">https://cgit.Fre > = > > eBSD.org/ports/commit/?id=3Df3caf742108bb552724d4c4dae74b28ea26</a><br> > > > 6a6a3<br> > > > > <br> > > > > commit f3caf742108bb552724d4c4dae74b28ea266a6a3<br> > > > > Author:=C2=A0 =C2=A0 =C2=A0Cy Schubert <cy_at_FreeBSD.org>< > = > > br> > > > > AuthorDate: 2021-12-29 03:12:39 +0000<br> > > > > Commit:=C2=A0 =C2=A0 =C2=A0Cy Schubert <cy_at_FreeBSD.org>< > = > > br> > > > > CommitDate: 2021-12-29 03:12:39 +0000<br> > > > > <br> > > > >=C2=A0 =C2=A0 =C2=A0x11/mate-screensaver: Fix PAM build<br> > > > >=C2=A0 =C2=A0 =C2=A0<br> > > > >=C2=A0 =C2=A0 =C2=A0Fix build when PAM enabled; <security/_pam_ > = > > macros.h> is a Linuxism.<br> > > > > ---<br> > > > >=C2=A0 x11/mate-screensaver/files/patch-helper_pam-helper.c | 10 + > = > > +++++++++<br> > > > >=C2=A0 1 file changed, 10 insertions(+)<br> > > > > <br> > > > > diff --git a/x11/mate-screensaver/files/patch-helper_pam-helper.c > = > > <br> > > > b/x11/mate-screensaver/files/patch-helper_pam-helper.c<br> > > > > new file mode 100644<br> > > > > index 000000000000..605141fb0e54<br> > > > > --- /dev/null<br> > > > > +++ b/x11/mate-screensaver/files/patch-helper_pam-helper.c<br> > > > > _at__at_ -0,0 +1,10 _at__at_<br> > > > > +--- helper/pam-helper.c.orig=C2=A0 =C2=A0 =C2=A0 =C2=A02021-11-1 > = > > 5 14:28:47.000000000 -0800<br> > > > > ++++ helper/pam-helper.c=C2=A0 =C2=A0 2021-12-28 19:09:39.5016450 > = > > 00 -0800<br> > > > > +_at__at_ -33,7 +33,6 _at__at_<br> > > > > +=C2=A0 */<br> > > > > + <br> > > > > + #include <security/pam_appl.h><br> > > > > +-#include <security/_pam_macros.h><br> > > > > + <br> > > > > + #include <sys/types.h><br> > > > > + #include <stdarg.h><br> > > ><br> > > > -- <br> > > > Tomoaki AOKI=C2=A0 =C2=A0 <<a href=3D"mailto:junchoon@dec.sakura.ne > = > > .jp" target=3D"_blank">junchoon@dec.sakura.ne.jp</a>><br> > > <br> > > <br> > > </blockquote></div> > > > > --00000000000063b43405d45dfc6d-- >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202112310402.1BV42p3C036429>