-
Notifications
You must be signed in to change notification settings - Fork 51
/
pam_pkcs11.spec
184 lines (152 loc) · 6.45 KB
/
pam_pkcs11.spec
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
Name: pam_pkcs11
Version: 0.6.12
Release: 1%{?dist}
Summary: PKCS #11 PAM module
Group: System Environment/Base
License: LGPL
URL: https://github.com/OpenSC/pam_pkcs11
Source0: https://github.com/OpenSC/pam_pkcs11/archive/refs/tags/%{name}-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: pam-devel, openssl-devel
%{?_with_ldap:BuildRequires: openldap-devel}
%{?_with_curl:BuildRequires: curl-devel}
BuildRequires: libxslt libtool gettext docbook-style-xsl
BuildRequires: automake >= 1.7.8
Provides: pam_pkcs11 = %{version}-%{release}
%description
This Linux-PAM module allows a X.509 certificate based user
authentication. The certificate and its dedicated private key are thereby
accessed by means of an appropriate PKCS #11 module. For the
verification of the users' certificates, locally stored CA
certificates as well as either online or locally accessible CRLs are
used.
Adittional included pam_pkcs11 related tools
- pkcs11_eventmgr: Generate actions on card insert/removal/timeout events
- pklogin_finder: Get the loginname that maps to a certificate
- pkcs11_inspect: Inspect the contents of a certificate
- make_hash_links: create hash link directories for storing CA's and CRL's
%package pcsc
Group: System Environment/Utilities
Summary: PCSC-Lite extra tools for pam_pkcs11
BuildRequires: pcsc-lite-devel
Requires: pcsc-lite
Requires: pam_pkcs11
Provides: pam_pkcs11-pcsc = %{version}-%{release}
%description pcsc
This package contains pam_pkcs11 tools that relies on PCSC-Lite library
- card_eventmgr: Generate card insert/removal events
%package ldap
Group: System Environment/Utilities
Summary: LDAP Cert-to-Login mapper for pam_pkcs11
BuildRequires: openldap-devel
Requires: openldap
Requires: pam_pkcs11
Provides: pam_pkcs11-ldap = %{version}-%{release}
%description ldap
This package contains a Certificate-To-Login mapper based on queries
to a LDAP server. As it depends on extra libraries, is distributed
as a separate package
- ldap_mapper.so: ldap based mapper library
%prep
%setup -q -n %{name}-%{name}-%{version}
./bootstrap
%build
%configure --disable-dependency-tracking %{?_with_curl} %{?_with_ldap}
make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT
rm -f $RPM_BUILD_ROOT/%{_libdir}/security/*.*a
rm -f $RPM_BUILD_ROOT/%{_libdir}/%{name}/*.*a
# Hardcoded defaults... no sysconfdir
install -dm 755 $RPM_BUILD_ROOT/etc/%{name}/cacerts
install -dm 755 $RPM_BUILD_ROOT/etc/%{name}/crls
install -m 644 etc/%{name}.conf.example $RPM_BUILD_ROOT/etc/%{name}/%{name}.conf
install -m 644 etc/card_eventmgr.conf.example $RPM_BUILD_ROOT/etc/%{name}/card_eventmgr.conf
install -m 644 etc/pkcs11_eventmgr.conf.example $RPM_BUILD_ROOT/etc/%{name}/pkcs11_eventmgr.conf
%files
%defattr(-,root,root,-)
%doc AUTHORS COPYING README TODO ChangeLog NEWS
%doc doc/pam_pkcs11.html
%doc doc/mappers_api.html
%doc doc/README.autologin
%doc doc/README.mappers
%config(noreplace) %{_sysconfdir}/%{name}/cacerts
%config(noreplace) %{_sysconfdir}/%{name}/crls
%config(noreplace) %{_sysconfdir}/%{name}/pam_pkcs11.conf
%config(noreplace) %{_sysconfdir}/%{name}/pkcs11_eventmgr.conf
%{_bindir}/pkcs11_make_hash_link
%{_bindir}/pkcs11_eventmgr
%{_bindir}/pklogin_finder
%{_bindir}/pkcs11_inspect
%{_bindir}/pkcs11_listcerts
%{_bindir}/pkcs11_setup
%{_libdir}/%{name}/openssh_mapper.so
%{_libdir}/%{name}/opensc_mapper.so
%{_libdir}/security/pam_pkcs11.so
%{_mandir}/man8/%{name}.8.gz
%{_mandir}/man1/pkcs11_eventmgr.1.gz
%{_mandir}/man1/pkcs11_inspect.1.gz
%{_mandir}/man1/pklogin_finder.1.gz
%{_mandir}/man1/pkcs11_listcerts.1.gz
%{_mandir}/man1/pkcs11_make_hash_link.1.gz
%{_mandir}/man1/pkcs11_setup.1.gz
%{_docdir}/%{name}/%{name}.conf.example
%{_docdir}/%{name}/pam.d_login.example
%{_docdir}/%{name}/subject_mapping.example
%{_docdir}/%{name}/mail_mapping.example
%{_docdir}/%{name}/digest_mapping.example
%{_docdir}/%{name}/pkcs11_eventmgr.conf.example
%{_docdir}/%{name}/pam.d_ignore_no_card.example
%{_datadir}/locale/*/LC_MESSAGES/*
%files pcsc
%config(noreplace) %{_sysconfdir}/%{name}/card_eventmgr.conf
%{_bindir}/card_eventmgr
%{_mandir}/man1/card_eventmgr.1.gz
%{_docdir}/%{name}/card_eventmgr.conf.example
%doc doc/README.eventmgr
%files ldap
%{_libdir}/%{name}/ldap_mapper.so
%doc doc/README.ldap_mapper
%changelog
* Wed Dec 28 2022 Etienne Barbier <[email protected]> 0.6.12-1
- Update to 0.6.12
* Wed Jun 6 2007 Ludovic Rousseau <[email protected]> 0:0.6.0-1
- Update to 0.6.0
* Wed Sep 7 2005 Juan Antonio Martinez <[email protected]> 0:0.5.3-2
- Add ldap_mapper.so as separate package, as it depends on external library
- Changes from FC4 team
* Thu Sep 1 2005 Juan Antonio Martinez <[email protected]> 0:0.5.3-0
- Update to 0.5.3
- Remove tools package, and create pcsc one with pcsc-lite dependent files
* Mon Apr 11 2005 Juan Antonio Martinez <[email protected]> 0:0.5.2-1
- Changed package name to pam_pkcs11
* Fri Apr 8 2005 Juan Antonio Martinez <[email protected]> 0:0.5.2-0
- Updated to 0.5.2 release
- Changed /etc/pkcs11 for /etc/pam_pkcs11
- Changed /usr/share/pkcs11_login for /usr/share/pam_pkcs11
- Next item is change package name to pam_pkcs11
* Thu Apr 7 2005 Juan Antonio Martinez <[email protected]> 0:0.5.1-0
- patches to avoid autotools in compile from tgz
* Tue Mar 29 2005 Juan Antonio Martinez <[email protected]> 0:0.5-1
- upgrade to 0.5beta1 version
- BuildRequires now complains compilation of html manual from xml file
* Mon Feb 28 2005 Juan Antonio Martinez <[email protected]> 0:0.4.4-2
- New pkcs11_eventmgr app in "tools" package
* Thu Feb 24 2005 Juan Antonio Martinez <[email protected]> 0:0.4.4-1
- Fix pcsc-lite dependencies
* Tue Feb 15 2005 Juan Antonio Martinez <[email protected]> 0:0.4.4-0
- Update to 0.4.4b2
* Sun Sep 12 2004 Ville Skyttä <[email protected]> - 0:0.3b-0.fdr.1
- Update to 0.3b.
- Disable dependency tracking to speed up the build.
* Tue May 4 2004 Ville Skyttä <[email protected]> - 0:0.3-0.fdr.1
- Update to 0.3.
- Do not use libcurl by default; rebuild using "--with curl" to use it.
* Mon Mar 29 2004 Ville Skyttä <[email protected]> - 0:0.2-0.fdr.1
- Update to 0.2.
- Use libcurl by default; rebuild using "--without curl" to disable.
* Wed Jan 21 2004 Ville Skyttä <[email protected]> - 0:0.1-0.fdr.0.2.beta5
- Add the user_mapping config file.
* Mon Jan 19 2004 Ville Skyttä <[email protected]> - 0:0.1-0.fdr.0.1.beta5
- First build.