From 2bd19e3f8fcbcad9262be6222ad097ebbea44ebc Mon Sep 17 00:00:00 2001 From: zhipengl Date: Tue, 13 Nov 2018 23:33:10 +0800 Subject: [PATCH] Refactor patches for pam package Use pam-config package to package config files for pam package. We can remove related patch of pam and use RPM instead of SRPM for pam. Deployment test and ping test between VMs pass Config files check pass. Story: 2003768 Task: 27589 Depends-on: https://review.openstack.org/#/c/617454/ Change-Id: Ib19aa8ef023c184c7dcf0e4086adb516be0d947d Signed-off-by: zhipengl --- base/pam/centos/build_srpm.data | 3 -- ...te-package-versioning-for-TIS-format.patch | 25 ------------ base/pam/centos/meta_patches/PATCH_ORDER | 2 - .../pam-spec-add-custome-config-files.patch | 40 ------------------- base/pam/centos/srpm_path | 1 - centos_iso_image.inc | 4 +- centos_pkg_dirs | 2 +- .../pam-config/centos/build_srpm.data | 2 + .../pam-config/centos/pam-config.spec | 39 ++++++++++++++++++ .../pam-config/files}/common-account | 0 .../pam-config/files}/common-auth | 0 .../pam-config/files}/common-password | 0 .../pam-config/files}/common-session | 0 .../files}/common-session-noninteractive | 0 .../pam-config/files}/system-auth.pamd | 2 +- 15 files changed, 44 insertions(+), 76 deletions(-) delete mode 100644 base/pam/centos/build_srpm.data delete mode 100644 base/pam/centos/meta_patches/0001-Update-package-versioning-for-TIS-format.patch delete mode 100644 base/pam/centos/meta_patches/PATCH_ORDER delete mode 100644 base/pam/centos/meta_patches/pam-spec-add-custome-config-files.patch delete mode 100644 base/pam/centos/srpm_path create mode 100644 config-files/pam-config/centos/build_srpm.data create mode 100644 config-files/pam-config/centos/pam-config.spec rename {base/pam/files/pam.d => config-files/pam-config/files}/common-account (100%) rename {base/pam/files/pam.d => config-files/pam-config/files}/common-auth (100%) rename {base/pam/files/pam.d => config-files/pam-config/files}/common-password (100%) rename {base/pam/files/pam.d => config-files/pam-config/files}/common-session (100%) rename {base/pam/files/pam.d => config-files/pam-config/files}/common-session-noninteractive (100%) rename {base/pam/files/pam.d => config-files/pam-config/files}/system-auth.pamd (95%) diff --git a/base/pam/centos/build_srpm.data b/base/pam/centos/build_srpm.data deleted file mode 100644 index 292b4a13f..000000000 --- a/base/pam/centos/build_srpm.data +++ /dev/null @@ -1,3 +0,0 @@ -COPY_LIST="files/pam.d/*" -TIS_PATCH_VER=4 -BUILD_IS_SLOW=8 diff --git a/base/pam/centos/meta_patches/0001-Update-package-versioning-for-TIS-format.patch b/base/pam/centos/meta_patches/0001-Update-package-versioning-for-TIS-format.patch deleted file mode 100644 index 3b738a965..000000000 --- a/base/pam/centos/meta_patches/0001-Update-package-versioning-for-TIS-format.patch +++ /dev/null @@ -1,25 +0,0 @@ -From ebeb61340d3bc91c2489846a00878c557310634d Mon Sep 17 00:00:00 2001 -From: Don Penney -Date: Tue, 27 Sep 2016 10:49:05 -0400 -Subject: [PATCH] Update package versioning for TIS format - ---- - SPECS/pam.spec | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/SPECS/pam.spec b/SPECS/pam.spec -index 0ee1747..e397385 100644 ---- a/SPECS/pam.spec -+++ b/SPECS/pam.spec -@@ -3,7 +3,7 @@ - Summary: An extensible library which provides authentication for applications - Name: pam - Version: 1.1.8 --Release: 22%{?dist} -+Release: 22.el7%{?_tis_dist}.%{tis_patch_ver} - # The library is BSD licensed with option to relicense as GPLv2+ - # - this option is redundant as the BSD license allows that anyway. - # pam_timestamp, pam_loginuid, and pam_console modules are GPLv2+. --- -2.7.4 - diff --git a/base/pam/centos/meta_patches/PATCH_ORDER b/base/pam/centos/meta_patches/PATCH_ORDER deleted file mode 100644 index 8150a5543..000000000 --- a/base/pam/centos/meta_patches/PATCH_ORDER +++ /dev/null @@ -1,2 +0,0 @@ -pam-spec-add-custome-config-files.patch -0001-Update-package-versioning-for-TIS-format.patch diff --git a/base/pam/centos/meta_patches/pam-spec-add-custome-config-files.patch b/base/pam/centos/meta_patches/pam-spec-add-custome-config-files.patch deleted file mode 100644 index e6a66a450..000000000 --- a/base/pam/centos/meta_patches/pam-spec-add-custome-config-files.patch +++ /dev/null @@ -1,40 +0,0 @@ -diff --git a/SPECS/pam.spec b/SPECS/pam.spec -index 0faa1d3..0ee1747 100644 ---- a/SPECS/pam.spec -+++ b/SPECS/pam.spec -@@ -27,6 +27,11 @@ Source14: 20-nproc.conf - Source15: pamtmp.conf - Source16: postlogin.pamd - Source17: postlogin.5 -+Source18: common-account -+Source19: common-auth -+Source20: common-password -+Source21: common-session -+Source22: common-session-noninteractive - Patch1: pam-1.0.90-redhat-modules.patch - Patch2: pam-1.1.6-std-noclose.patch - Patch4: pam-1.1.0-console-nochmod.patch -@@ -217,6 +222,11 @@ install -m 644 %{SOURCE8} $RPM_BUILD_ROOT%{_pamconfdir}/fingerprint-auth - install -m 644 %{SOURCE9} $RPM_BUILD_ROOT%{_pamconfdir}/smartcard-auth - install -m 644 %{SOURCE10} $RPM_BUILD_ROOT%{_pamconfdir}/config-util - install -m 644 %{SOURCE16} $RPM_BUILD_ROOT%{_pamconfdir}/postlogin -+install -m 644 %{SOURCE18} $RPM_BUILD_ROOT%{_pamconfdir}/common-account -+install -m 644 %{SOURCE19} $RPM_BUILD_ROOT%{_pamconfdir}/common-auth -+install -m 644 %{SOURCE20} $RPM_BUILD_ROOT%{_pamconfdir}/common-password -+install -m 644 %{SOURCE21} $RPM_BUILD_ROOT%{_pamconfdir}/common-session -+install -m 644 %{SOURCE22} $RPM_BUILD_ROOT%{_pamconfdir}/common-session-noninteractive - install -m 644 %{SOURCE14} $RPM_BUILD_ROOT%{_secconfdir}/limits.d/20-nproc.conf - install -m 600 /dev/null $RPM_BUILD_ROOT%{_secconfdir}/opasswd - install -d -m 755 $RPM_BUILD_ROOT/var/log -@@ -307,6 +317,11 @@ fi - %config(noreplace) %{_pamconfdir}/smartcard-auth - %config(noreplace) %{_pamconfdir}/config-util - %config(noreplace) %{_pamconfdir}/postlogin -+%config(noreplace) %{_pamconfdir}/common-account -+%config(noreplace) %{_pamconfdir}/common-auth -+%config(noreplace) %{_pamconfdir}/common-password -+%config(noreplace) %{_pamconfdir}/common-session -+%config(noreplace) %{_pamconfdir}/common-session-noninteractive - %doc Copyright - %doc doc/txts - %doc doc/sag/*.txt doc/sag/html diff --git a/base/pam/centos/srpm_path b/base/pam/centos/srpm_path deleted file mode 100644 index 2d9af7454..000000000 --- a/base/pam/centos/srpm_path +++ /dev/null @@ -1 +0,0 @@ -mirror:Source/pam-1.1.8-22.el7.src.rpm diff --git a/centos_iso_image.inc b/centos_iso_image.inc index be3433a3e..086e527c0 100644 --- a/centos_iso_image.inc +++ b/centos_iso_image.inc @@ -211,9 +211,6 @@ lighttpd-mod_mysql_vhost logrotate logrotate-config -# pam -pam - # novnc novnc @@ -226,6 +223,7 @@ shadow-utils-config ntp-config syslog-ng-config rsync-config +pam-config # net-snmp net-snmp-utils diff --git a/centos_pkg_dirs b/centos_pkg_dirs index 684578e29..f1b80a530 100644 --- a/centos_pkg_dirs +++ b/centos_pkg_dirs @@ -29,7 +29,6 @@ networking/lldpd logging/logrotate logging/logrotate-config utilities/nova-utils -base/pam security/shim-unsigned security/shim-signed base/sudo @@ -112,6 +111,7 @@ config-files/shadow-utils-config config-files/ntp-config config-files/syslog-ng-config config-files/rsync-config +config-files/pam-config tools/collector grub/grubby utilities/platform-util diff --git a/config-files/pam-config/centos/build_srpm.data b/config-files/pam-config/centos/build_srpm.data new file mode 100644 index 000000000..da1e20bd8 --- /dev/null +++ b/config-files/pam-config/centos/build_srpm.data @@ -0,0 +1,2 @@ +SRC_DIR="files" +TIS_PATCH_VER=0 diff --git a/config-files/pam-config/centos/pam-config.spec b/config-files/pam-config/centos/pam-config.spec new file mode 100644 index 000000000..369afd50b --- /dev/null +++ b/config-files/pam-config/centos/pam-config.spec @@ -0,0 +1,39 @@ +Summary: pam-config +Name: pam-config +Version: 1.0 +Release: %{tis_patch_ver}%{?_tis_dist} +License: Apache-2.0 +Group: base +Packager: StarlingX +URL: unknown +BuildArch: noarch +Source: %name-%version.tar.gz + +Requires: pam +Summary: package StarlingX configuration files of pam to system folder. + +%description +package StarlingX configuration files of pam to system folder. + +%prep +%setup + +%build + +%install +%define _pamconfdir %{_sysconfdir}/pam.d +%{__install} -d %{buildroot}%{_pamconfdir} +%{__install} -m 644 common-account %{buildroot}%{_pamconfdir}/common-account +%{__install} -m 644 common-auth %{buildroot}%{_pamconfdir}/common-auth +%{__install} -m 644 common-password %{buildroot}%{_pamconfdir}/common-password +%{__install} -m 644 common-session %{buildroot}%{_pamconfdir}/common-session +%{__install} -m 644 common-session-noninteractive %{buildroot}%{_pamconfdir}/common-session-noninteractive + +%post + +%files +%config(noreplace) %{_pamconfdir}/common-account +%config(noreplace) %{_pamconfdir}/common-auth +%config(noreplace) %{_pamconfdir}/common-password +%config(noreplace) %{_pamconfdir}/common-session +%config(noreplace) %{_pamconfdir}/common-session-noninteractive diff --git a/base/pam/files/pam.d/common-account b/config-files/pam-config/files/common-account similarity index 100% rename from base/pam/files/pam.d/common-account rename to config-files/pam-config/files/common-account diff --git a/base/pam/files/pam.d/common-auth b/config-files/pam-config/files/common-auth similarity index 100% rename from base/pam/files/pam.d/common-auth rename to config-files/pam-config/files/common-auth diff --git a/base/pam/files/pam.d/common-password b/config-files/pam-config/files/common-password similarity index 100% rename from base/pam/files/pam.d/common-password rename to config-files/pam-config/files/common-password diff --git a/base/pam/files/pam.d/common-session b/config-files/pam-config/files/common-session similarity index 100% rename from base/pam/files/pam.d/common-session rename to config-files/pam-config/files/common-session diff --git a/base/pam/files/pam.d/common-session-noninteractive b/config-files/pam-config/files/common-session-noninteractive similarity index 100% rename from base/pam/files/pam.d/common-session-noninteractive rename to config-files/pam-config/files/common-session-noninteractive diff --git a/base/pam/files/pam.d/system-auth.pamd b/config-files/pam-config/files/system-auth.pamd similarity index 95% rename from base/pam/files/pam.d/system-auth.pamd rename to config-files/pam-config/files/system-auth.pamd index 25f609ec8..431142689 100755 --- a/base/pam/files/pam.d/system-auth.pamd +++ b/config-files/pam-config/files/system-auth.pamd @@ -9,7 +9,7 @@ account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 1000 quiet account required pam_permit.so -################# Titanium Cloud Password Rules ####################### +################# StarlingX Cloud Password Rules ####################### # Enforce a password containing atleast 1 lower case, 1 upper case, # # 1 digit and 1 special character. Such a password will have a # # minimum length of 7 characters. A user may not re-use the last most #