fix build error due to missed file

Below patch removed file pam.d/su accidently, which is needed by util-linux. Put it back to util-linux folder, since only util-linux need it. https://review.openstack.org/612897 Closes-Bug: 1802434 Change-Id: I4c3683d1a3ef95eea8cd5fae77086cea9e5e811d Signed-off-by: slin14 <shuicheng.lin@intel.com>
2018-11-09 23:16:07 +08:00 · 2018-11-09 23:16:07 +08:00 · b2902e980f
commit b2902e980f
parent 15c9ab7548
2 changed files with 71 additions and 2 deletions
--- a/base/util-linux/centos/build_srpm.data
+++ b/base/util-linux/centos/build_srpm.data
@ -1,2 +1,2 @@
-COPY_LIST="$GIT_BASE/base/shadow-utils/files/pam.d/su"
-TIS_PATCH_VER=3
+COPY_LIST="files/pam.d/su"
+TIS_PATCH_VER=4
--- a/base/util-linux/files/pam.d/su
+++ b/base/util-linux/files/pam.d/su
@ -0,0 +1,69 @@
+#
+# The PAM configuration file for the Shadow `su' service
+#
+
+# This allows root to su without passwords (normal operation)
+auth       sufficient pam_rootok.so
+
+# Uncomment this to force users to be a member of group root
+# before they can use `su'. You can also add "group=foo"
+# to the end of this line if you want to use a group other
+# than the default "root" (but this may have side effect of
+# denying "root" user, unless she's a member of "foo" or explicitly
+# permitted earlier by e.g. "sufficient pam_rootok.so").
+# (Replaces the `SU_WHEEL_ONLY' option from login.defs)
+# auth       required   pam_wheel.so
+
+# Uncomment this if you want wheel members to be able to
+# su without a password.
+# auth       sufficient pam_wheel.so trust
+
+# Uncomment this if you want members of a specific group to not
+# be allowed to use su at all.
+# auth       required   pam_wheel.so deny group=nosu
+
+# Uncomment and edit /etc/security/time.conf if you need to set
+# time restrainst on su usage.
+# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
+# as well as /etc/porttime)
+# account    requisite  pam_time.so
+
+# This module parses environment configuration file(s)
+# and also allows you to use an extended config
+# file /etc/security/pam_env.conf.
+# 
+# parsing /etc/environment needs "readenv=1"
+session       required   pam_env.so readenv=1
+
+# Defines the MAIL environment variable
+# However, userdel also needs MAIL_DIR and MAIL_FILE variables
+# in /etc/login.defs to make sure that removing a user 
+# also removes the user's mail spool file.
+# See comments in /etc/login.defs
+#
+# "nopen" stands to avoid reporting new mail when su'ing to another user
+session    optional   pam_mail.so nopen
+
+# Sets up user limits, please uncomment and read /etc/security/limits.conf
+# to enable this functionality.
+# (Replaces the use of /etc/limits in old login)
+# session    required   pam_limits.so
+
+# For first time login or when the user authentication
+# token stack has been flushed, su will call passwd
+# which will fails with "Authentication Token Error"
+# since the previous token on the stack is NULL
+#
+# Tickle the password service to push a previous
+# authentication token on the PAM stack
+password   optional     pam_ldap.so
+password   optional     pam_unix.so
+
+# The standard Unix authentication modules, used with
+# NIS (man nsswitch) as well as normal /etc/passwd and
+# /etc/shadow entries.
+auth       include      common-auth
+account    include      common-account
+session    include      common-session
+
+