mirror of
https://github.com/linux-pam/linux-pam.git
synced 2024-11-24 10:22:47 +08:00
d9b712775c
Purpose of commit: new feature
Commit summary:
---------------
2005-10-20 Tomas Mraz <t8m@centrum.cz>
* configure.in: Added check for xauth binary and --with-xauth option.
* config.h.in: Added configurable PAM_PATH_XAUTH.
* modules/pam_xauth/README,
modules/pam_xauth/pam_xauth.8: Document where xauth is looked for.
* modules/pam_xauth/pam_xauth.c (pam_sm_open_session): Implement
searching xauth binary on multiple places.
(run_coprocess): Don't use execvp as it can be a security risk.
418 lines
12 KiB
Plaintext
418 lines
12 KiB
Plaintext
dnl Process this file with autoconf to produce a configure script.
|
|
AC_INIT(conf/pam_conv1/pam_conv.y)
|
|
AM_INIT_AUTOMAKE("Linux-PAM", 0.99.1.0)
|
|
AM_CONFIG_HEADER(config.h)
|
|
AC_CANONICAL_HOST
|
|
|
|
AC_SUBST(PACKAGE)
|
|
AC_SUBST(VERSION)
|
|
|
|
ALL_LINGUAS="cs de es fi fr hu it ja nb pa pl pt_BR pt zh_CN zh_TW"
|
|
|
|
dnl
|
|
dnl By default, everything under PAM is installed below /usr.
|
|
dnl
|
|
AC_PREFIX_DEFAULT(/usr)
|
|
|
|
dnl and some hacks to use /etc and /lib
|
|
test "${prefix}" = "NONE" && prefix="/usr"
|
|
if test ${prefix} = '/usr'
|
|
then
|
|
dnl If we use /usr as prefix, use /etc for config files
|
|
if test ${sysconfdir} = '${prefix}/etc'
|
|
then
|
|
sysconfdir="/etc"
|
|
fi
|
|
if test ${libdir} = '${exec_prefix}/lib'
|
|
then
|
|
libdir="/lib"
|
|
fi
|
|
if test ${sbindir} = '${exec_prefix}/sbin'
|
|
then
|
|
sbindir="/sbin"
|
|
fi
|
|
dnl If we use /usr as prefix, use /usr/share/man for manual pages
|
|
if test ${mandir} = '${prefix}/man'
|
|
then
|
|
mandir='${prefix}/share/man'
|
|
fi
|
|
dnl Add security to include directory
|
|
if test ${includedir} = '${prefix}/include'
|
|
then
|
|
includedir="${prefix}/include/security"
|
|
fi
|
|
fi
|
|
|
|
|
|
dnl Checks for programs.
|
|
AC_GNU_SOURCE
|
|
AC_PROG_CC
|
|
AC_PROG_YACC
|
|
AM_PROG_LEX
|
|
AC_PROG_INSTALL
|
|
AC_PROG_LN_S
|
|
AC_PROG_MAKE_SET
|
|
# per default don't build static libraries
|
|
AC_DISABLE_STATIC
|
|
AC_PROG_LIBTOOL
|
|
|
|
if test "$enable_static" = yes; then
|
|
CFLAGS="$CFLAGS -DPAM_STATIC"
|
|
fi
|
|
if test "$enable_shared" = yes; then
|
|
CFLAGS="$CFLAGS -DPAM_DYNAMIC"
|
|
fi
|
|
|
|
# Largefile support
|
|
AC_SYS_LARGEFILE
|
|
|
|
if eval "test x$GCC = xyes"; then
|
|
for flag in \
|
|
-W \
|
|
-Wall \
|
|
-Wbad-function-cast \
|
|
-Wcast-align \
|
|
-Wcast-qual \
|
|
-Wmissing-declarations \
|
|
-Wmissing-prototypes \
|
|
-Wpointer-arith \
|
|
-Wreturn-type \
|
|
-Wstrict-prototypes \
|
|
-Wwrite-strings \
|
|
-Winline \
|
|
-Wshadow
|
|
do
|
|
JAPHAR_GREP_CFLAGS($flag, [ CFLAGS="$CFLAGS $flag" ])
|
|
done
|
|
fi
|
|
|
|
AC_C___ATTRIBUTE__
|
|
|
|
dnl
|
|
dnl Check if --version-script is supported by ld
|
|
dnl
|
|
AC_CACHE_CHECK(for .symver assembler directive, libc_cv_asm_symver_directive,
|
|
[cat > conftest.s <<EOF
|
|
${libc_cv_dot_text}
|
|
_sym:
|
|
.symver _sym,sym@VERS
|
|
EOF
|
|
if ${CC-cc} -c $ASFLAGS conftest.s 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD; then
|
|
libc_cv_asm_symver_directive=yes
|
|
else
|
|
libc_cv_asm_symver_directive=no
|
|
fi
|
|
rm -f conftest*])
|
|
AC_CACHE_CHECK(for ld --version-script, libc_cv_ld_version_script_option, [dnl
|
|
if test $libc_cv_asm_symver_directive = yes; then
|
|
cat > conftest.s <<EOF
|
|
${libc_cv_dot_text}
|
|
_sym:
|
|
.symver _sym,sym@VERS
|
|
EOF
|
|
cat > conftest.map <<EOF
|
|
VERS_1 {
|
|
global: sym;
|
|
};
|
|
|
|
VERS_2 {
|
|
global: sym;
|
|
} VERS_1;
|
|
EOF
|
|
if ${CC-cc} -c $ASFLAGS conftest.s 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD;
|
|
then
|
|
if AC_TRY_COMMAND([${CC-cc} $CFLAGS $LDFLAGS -shared
|
|
-o conftest.so conftest.o
|
|
-nostartfiles -nostdlib
|
|
-Wl,--version-script,conftest.map
|
|
1>&AS_MESSAGE_LOG_FD]);
|
|
then
|
|
libc_cv_ld_version_script_option=yes
|
|
else
|
|
libc_cv_ld_version_script_option=no
|
|
fi
|
|
else
|
|
libc_cv_ld_version_script_option=no
|
|
fi
|
|
else
|
|
libc_cv_ld_version_script_option=no
|
|
fi
|
|
rm -f conftest*])
|
|
AM_CONDITIONAL([HAVE_VERSIONING],
|
|
[test "$libc_cv_ld_version_script_option" = "yes"])
|
|
|
|
dnl
|
|
dnl options and defaults
|
|
dnl
|
|
|
|
AM_PATH_LIBPRELUDE([0.9.0])
|
|
if test "$LIBPRELUDE_CONFIG" != "no" ; then
|
|
LIBPRELUDE_CFLAGS="$LIBPRELUDE_CFLAGS -DPRELUDE=1"
|
|
fi
|
|
|
|
dnl lots of debugging information goes to /var/run/pam-debug.log
|
|
AC_ARG_ENABLE([debug],
|
|
AC_HELP_STRING([--enable-debug],
|
|
[specify you are building with debugging on]),
|
|
WITH_DEBUG=yes ; AC_DEFINE([DEBUG],,
|
|
[lots of stuff gets written to /var/run/pam-debug.log]),
|
|
WITH_DEBUG=no)
|
|
AC_SUBST(WITH_DEBUG)
|
|
|
|
AC_ARG_ENABLE([memory-debug],
|
|
AC_HELP_STRING([--enable-memory-debug],[specify you want every malloc etc. call tracked]),
|
|
WITH_MEMORY_DEBUG=$enableval, WITH_MEMORY_DEBUG=no)
|
|
if test "$WITH_MEMORY_DEBUG" != "no" ; then
|
|
AC_DEFINE([MEMORY_DEBUG], 1, [Every malloc etc. call will be tracked])
|
|
fi
|
|
AH_VERBATIM([_MEMORY_DEBUG],
|
|
[#ifdef MEMORY_DEBUG
|
|
/*
|
|
* this is basically a hack - we need to include a semiarbitrary
|
|
* number of headers to ensure that we don't get silly prototype/macro
|
|
*/
|
|
# include <string.h>
|
|
# include <stdlib.h>
|
|
# include <security/pam_malloc.h>
|
|
#endif /* MEMORY_DEBUG */])
|
|
|
|
AC_ARG_ENABLE(securedir,
|
|
[ --enable-securedir=<path to location of PAMs> [default \$libdir/security]],
|
|
SECUREDIR=$enableval, SECUREDIR=$libdir/security)
|
|
AC_SUBST(SECUREDIR)
|
|
|
|
AC_ARG_ENABLE([isadir],
|
|
AC_HELP_STRING([--enable-isadir=DIR],[path to arch-specific module files [default ../../`basename $libdir`/security]]),
|
|
ISA=$enableval,
|
|
ISA=../../`basename $libdir`/security)
|
|
unset mylibdirbase
|
|
AC_DEFINE_UNQUOTED(_PAM_ISA,"$ISA",[Define to the path, relative to SECUREDIR, where PAMs specific to this architecture can be found.])
|
|
AC_MSG_RESULT([Defining \$ISA to "$ISA"])
|
|
|
|
AC_ARG_ENABLE(sconfigdir,
|
|
[ --enable-sconfigdir=<path to module conf files> [default \$sysconfdir/security]],
|
|
SCONFIGDIR=$enableval, SCONFIGDIR=$sysconfdir/security)
|
|
AC_SUBST(SCONFIGDIR)
|
|
|
|
AC_ARG_ENABLE(docdir,
|
|
[ --enable-docdir=<path to store documentation in - /usr/share/doc/pam>],
|
|
DOCDIR=$enableval, DOCDIR=/usr/share/doc/pam)
|
|
AC_SUBST(DOCDIR)
|
|
|
|
|
|
AC_ARG_ENABLE(pamlocking,
|
|
[ --enable-pamlocking configure libpam to observe a global authentication lock],
|
|
WITH_PAMLOCKING=yes ; AC_DEFINE([PAM_LOCKING],,
|
|
[libpam should observe a global authentication lock]),
|
|
WITH_PAMLOCKING=no)
|
|
AC_SUBST(WITH_PAMLOCKING)
|
|
|
|
AC_ARG_ENABLE(read-both-confs,
|
|
[ --enable-read-both-confs read both /etc/pam.d and /etc/pam.conf files],
|
|
AC_DEFINE([PAM_READ_BOTH_CONFS],,
|
|
[read both /etc/pam.d and /etc/pam.conf files]))
|
|
AC_SUBST(PAM_READ_BOTH_CONFS)
|
|
|
|
AC_ARG_ENABLE([lckpwdf],
|
|
AC_HELP_STRING([--disable-lckpwdf],[do not use the lckpwdf function]),
|
|
WITH_LCKPWDF=$enableval, WITH_LCKPWDF=yes)
|
|
if test "$WITH_LCKPWDF" == "yes" ; then
|
|
AC_DEFINE([USE_LCKPWDF], 1,
|
|
[Define to 1 if the lckpwdf function should be used])
|
|
fi
|
|
|
|
AC_CHECK_HEADERS(paths.h)
|
|
AC_ARG_WITH(mailspool,
|
|
[ --with-mailspool path to mail spool directory
|
|
[default _PATH_MAILDIR if defined in paths.h, otherwise /var/spool/mail]],
|
|
with_mailspool=${withval})
|
|
if test x$with_mailspool != x ; then
|
|
pam_mail_spool="\"$with_mailspool\""
|
|
else
|
|
AC_TRY_RUN([
|
|
#include <paths.h>
|
|
int main() {
|
|
#ifdef _PATH_MAILDIR
|
|
exit(0);
|
|
#else
|
|
exit(1);
|
|
#endif
|
|
}], pam_mail_spool="_PATH_MAILDIR",
|
|
pam_mail_spool="\"/var/spool/mail\"",
|
|
pam_mail_spool="\"/var/spool/mail\"")
|
|
fi
|
|
AC_DEFINE_UNQUOTED(PAM_PATH_MAILDIR, $pam_mail_spool,
|
|
[Path where mails are stored])
|
|
|
|
AC_ARG_WITH(xauth,
|
|
[ --with-xauth additional path to check for xauth when it is called from pam_xauth
|
|
[added to the default of /usr/X11R6/bin/xauth, /usr/bin/xauth, /usr/bin/X11/xauth]],
|
|
pam_xauth_path=${withval})
|
|
if test x$with_xauth == x ; then
|
|
AC_PATH_PROG(pam_xauth_path, xauth)
|
|
dnl There is no sense in adding the first default path
|
|
if test x$pam_xauth_path == x/usr/X11R6/bin/xauth ; then
|
|
unset pam_xauth_path
|
|
fi
|
|
fi
|
|
|
|
if test x$pam_xauth_path != x ; then
|
|
AC_DEFINE_UNQUOTED(PAM_PATH_XAUTH, "$pam_xauth_path",
|
|
[Additional path of xauth executable])
|
|
fi
|
|
|
|
dnl Checks for the existence of libdl - on BSD and Tru64 its part of libc
|
|
AC_CHECK_LIB([dl], [dlopen], LIBDL="-ldl", LIBDL="")
|
|
AC_SUBST(LIBDL)
|
|
|
|
BACKUP_LIBS=$LIBS
|
|
AC_SEARCH_LIBS([FascistCheck],[crack], LIBCRACK="-l$ac_lib", LIBCRACK="")
|
|
LIBS=$BACKUP_LIBS
|
|
AC_SUBST(LIBCRACK)
|
|
AM_CONDITIONAL([HAVE_LIBCRACK], [test ! -z "$LIBCRACK"])
|
|
|
|
BACKUP_LIBS=$LIBS
|
|
AC_SEARCH_LIBS([crypt],[xcrypt crypt], LIBCRYPT="-l$ac_lib", LIBCRYPT="")
|
|
LIBS=$BACKUP_LIBS
|
|
AC_SUBST(LIBCRYPT)
|
|
|
|
dnl check for libndbm or libdb as fallback
|
|
BACKUP_LIBS=$LIBS
|
|
AC_CHECK_LIB([ndbm],[dbm_store], LIBDB="-lndbm", LIBDB="")
|
|
LIBS=$BACKUP_LIBS
|
|
if test -z "$LIBDB" ; then
|
|
BACKUP_LIBS=$LIBS
|
|
AC_CHECK_LIB([db], [dbm_store], LIBDB="-ldb", LIBDB="")
|
|
LIBS=$BACKUP_LIBS
|
|
fi
|
|
if test -z "$LIBDB" ; then
|
|
BACKUP_LIBS=$LIBS
|
|
AC_CHECK_LIB([db], [db_create], LIBDB="-ldb", LIBDB="")
|
|
LIBS=$BACKUP_LIBS
|
|
fi
|
|
AC_SUBST(LIBDB)
|
|
AM_CONDITIONAL([HAVE_LIBDB], [test ! -z "$LIBDB"])
|
|
|
|
BACKUP_LIBS=$LIBS
|
|
AC_CHECK_LIB([nsl],[yp_get_default_domain], LIBNSL="-lnsl", LIBNSL="")
|
|
LIBS=$BACKUP_LIBS
|
|
AC_SUBST(LIBNSL)
|
|
|
|
BACKUP_LIBS=$LIBS
|
|
AC_CHECK_LIB([selinux],[getfilecon], LIBSELINUX="-lselinux", LIBSELINUX="")
|
|
LIBS=$BACKUP_LIBS
|
|
AC_SUBST(LIBSELINUX)
|
|
AM_CONDITIONAL([HAVE_LIBSELINUX], [test ! -z "$LIBSELINUX"])
|
|
|
|
dnl Checks for Libcap
|
|
BACKUP_LIBS=$LIBS
|
|
AC_CHECK_LIB([cap], [cap_get_proc], LIBCAP="-lcap", LIBCAP="" )
|
|
LIBS=$BACKUP_LIBS
|
|
AC_SUBST(LIBCAP)
|
|
AM_CONDITIONAL([HAVE_LIBCAP], [test ! -z "$LIBCAP"])
|
|
|
|
BACKUP_LIBS=$LIBS
|
|
AC_CHECK_LIB([pwdb],[pwdb_db_name], LIBPWDB="-lpwdb", LIBPWDB="")
|
|
LIBS=$BACKUP_LIBS
|
|
AC_SUBST(LIBPWDB)
|
|
AM_CONDITIONAL([HAVE_LIBPWDB], [test ! -z "$LIBPWDB"])
|
|
|
|
dnl Checks for header files.
|
|
AC_HEADER_DIRENT
|
|
AC_HEADER_STDC
|
|
AC_HEADER_SYS_WAIT
|
|
AC_CHECK_HEADERS(fcntl.h limits.h malloc.h sys/file.h sys/ioctl.h sys/time.h syslog.h termio.h unistd.h sys/fsuid.h inittypes.h)
|
|
|
|
AC_CHECK_HEADERS(crypt.h)
|
|
AC_CHECK_HEADERS(crack.h)
|
|
|
|
dnl For module/pam_userdb
|
|
AC_CHECK_HEADERS(ndbm.h db.h)
|
|
dnl I suspect the following two lines are a hack.
|
|
HAVE_NDBM_H=$ac_cv_header_ndbm_h
|
|
AC_SUBST(HAVE_NDBM_H)
|
|
|
|
dnl For module/pam_lastlog
|
|
AC_CHECK_HEADERS(lastlog.h utmp.h utmpx.h)
|
|
|
|
dnl Checks for typedefs, structures, and compiler characteristics.
|
|
AC_C_BIGENDIAN
|
|
AC_C_CONST
|
|
AC_TYPE_UID_T
|
|
AC_TYPE_OFF_T
|
|
AC_TYPE_PID_T
|
|
AC_TYPE_SIZE_T
|
|
AC_HEADER_TIME
|
|
AC_STRUCT_TM
|
|
|
|
dnl Checks for library functions.
|
|
AC_TYPE_GETGROUPS
|
|
AC_PROG_GCC_TRADITIONAL
|
|
AC_FUNC_MEMCMP
|
|
AC_FUNC_VPRINTF
|
|
AC_CHECK_FUNCS(gethostname gettimeofday lckpwdf mkdir select strcspn strdup strerror strspn strstr strtol uname)
|
|
|
|
AC_CHECK_FUNCS(getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getgrouplist)
|
|
|
|
dnl Checks for programs/utilities
|
|
AC_CHECK_PROG(SGML2PS, sgml2ps, yes, no)
|
|
AC_CHECK_PROG(SGML2TXT, sgml2txt, yes, no)
|
|
AC_CHECK_PROG(SGML2HTML, sgml2html, yes, no)
|
|
AC_CHECK_PROG(SGML2LATEX, sgml2latex, yes, no)
|
|
AC_CHECK_PROG(PS2PDF, ps2pdf, yes, no)
|
|
AM_CONDITIONAL([HAVE_SGML2PS], [test "$SGML2PS" = yes || test "$SGML2LATEX" = yes])
|
|
AM_CONDITIONAL([HAVE_SGML2TXT], [test "$SGML2TXT" = yes])
|
|
AM_CONDITIONAL([HAVE_SGML2HTML], [test "$SGML2HTML" = yes])
|
|
AM_CONDITIONAL([HAVE_PS2PDF], [test "$PS2PDF" = yes])
|
|
if test $SGML2LATEX = "yes" ; then
|
|
if sgml2latex -h | grep -e --paper | grep ' -p ' > /dev/null ; then
|
|
PSER="sgml2latex -o ps"
|
|
else
|
|
PSER="sgml2latex -p"
|
|
fi
|
|
else
|
|
if test $SGML2PS = yes ; then
|
|
PSER="sgml2ps"
|
|
fi
|
|
fi
|
|
AC_SUBST(PSER)
|
|
|
|
AM_GNU_GETTEXT_VERSION
|
|
AM_GNU_GETTEXT([external])
|
|
|
|
AH_VERBATIM([_ZZENABLE_NLS],
|
|
[#ifdef ENABLE_NLS
|
|
#include <libintl.h>
|
|
#define _(msgid) dgettext("Linux-PAM", msgid)
|
|
#define N_(msgid) msgid
|
|
#else
|
|
#define _(msgid) (msgid)
|
|
#define N_(msgid) msgid
|
|
#endif /* ENABLE_NLS */])
|
|
|
|
dnl Files to be created from when we run configure
|
|
AC_OUTPUT(Makefile libpam/Makefile libpamc/Makefile libpamc/test/Makefile \
|
|
libpam_misc/Makefile conf/Makefile conf/pam_conv1/Makefile \
|
|
po/Makefile.in \
|
|
modules/Makefile \
|
|
modules/pam_access/Makefile modules/pam_cracklib/Makefile \
|
|
modules/pam_debug/Makefile modules/pam_deny/Makefile \
|
|
modules/pam_echo/Makefile modules/pam_env/Makefile \
|
|
modules/pam_filter/Makefile modules/pam_filter/upperLOWER/Makefile \
|
|
modules/pam_ftp/Makefile modules/pam_group/Makefile \
|
|
modules/pam_issue/Makefile modules/pam_lastlog/Makefile \
|
|
modules/pam_limits/Makefile modules/pam_listfile/Makefile \
|
|
modules/pam_localuser/Makefile modules/pam_mail/Makefile \
|
|
modules/pam_mkhomedir/Makefile modules/pam_motd/Makefile \
|
|
modules/pam_nologin/Makefile modules/pam_permit/Makefile \
|
|
modules/pam_pwdb/Makefile modules/pam_rhosts/Makefile \
|
|
modules/pam_rootok/Makefile \
|
|
modules/pam_securetty/Makefile modules/pam_selinux/Makefile \
|
|
modules/pam_shells/Makefile modules/pam_stress/Makefile \
|
|
modules/pam_succeed_if/Makefile modules/pam_tally/Makefile \
|
|
modules/pam_time/Makefile modules/pam_umask/Makefile \
|
|
modules/pam_unix/Makefile modules/pam_userdb/Makefile \
|
|
modules/pam_warn/Makefile modules/pam_wheel/Makefile \
|
|
modules/pam_xauth/Makefile doc/Makefile doc/specs/Makefile \
|
|
examples/Makefile)
|