diff options
Diffstat (limited to 'pkgs/os-specific/linux/pam/default.nix')
-rw-r--r-- | pkgs/os-specific/linux/pam/default.nix | 39 |
1 files changed, 17 insertions, 22 deletions
diff --git a/pkgs/os-specific/linux/pam/default.nix b/pkgs/os-specific/linux/pam/default.nix index fb969d7574a..fb993699494 100644 --- a/pkgs/os-specific/linux/pam/default.nix +++ b/pkgs/os-specific/linux/pam/default.nix @@ -1,34 +1,25 @@ -{ stdenv, buildPackages, fetchurl, fetchpatch, flex, cracklib, db4 }: +{ lib, stdenv, buildPackages, fetchurl, flex, cracklib, db4, gettext +, nixosTests +, withLibxcrypt ? false, libxcrypt +}: stdenv.mkDerivation rec { pname = "linux-pam"; - version = "1.3.1"; + version = "1.5.1"; src = fetchurl { - url = "https://github.com/linux-pam/linux-pam/releases/download/v1.3.1/Linux-PAM-${version}.tar.xz"; - sha256 = "1nyh9kdi3knhxcbv5v4snya0g3gff0m671lnvqcbygw3rm77mx7g"; + url = "https://github.com/linux-pam/linux-pam/releases/download/v${version}/Linux-PAM-${version}.tar.xz"; + sha256 = "sha256-IB1AcwsRNbGzzeoJ8sKKxjTXMYHM0Bcs7d7jZJxXkvw="; }; - patches = stdenv.lib.optionals (stdenv.hostPlatform.libc == "musl") [ - (fetchpatch { - url = "https://git.alpinelinux.org/aports/plain/main/linux-pam/fix-compat.patch?id=05a62bda8ec255d7049a2bd4cf0fdc4b32bdb2cc"; - sha256 = "1h5yp5h2mqp1fcwiwwklyfpa69a3i03ya32pivs60fd7g5bqa7sf"; - }) - (fetchpatch { - url = "https://git.alpinelinux.org/aports/plain/main/linux-pam/libpam-fix-build-with-eglibc-2.16.patch?id=05a62bda8ec255d7049a2bd4cf0fdc4b32bdb2cc"; - sha256 = "1ib6shhvgzinjsc603k2x1lxh9dic6qq449fnk110gc359m23j81"; - }) - # From adelie's package repo, using local copy since it seems to be currently offline. - # (we previously used similar patch from void, but stopped working with update to 1.3.1) - ./musl-fix-pam_exec.patch - ]; - outputs = [ "out" "doc" "man" /* "modules" */ ]; depsBuildBuild = [ buildPackages.stdenv.cc ]; - nativeBuildInputs = [ flex ]; + nativeBuildInputs = [ flex ] + ++ lib.optional stdenv.buildPlatform.isDarwin gettext; - buildInputs = [ cracklib db4 ]; + buildInputs = [ cracklib db4 ] + ++ lib.optional withLibxcrypt libxcrypt; enableParallelBuilding = true; @@ -44,7 +35,7 @@ stdenv.mkDerivation rec { # which is done by dlopening $out/lib/security/pam_foo.so # $out/etc was also missed: pam_env(login:session): Unable to open config file - preConfigure = stdenv.lib.optionalString (stdenv.hostPlatform.libc == "musl") '' + preConfigure = lib.optionalString (stdenv.hostPlatform.libc == "musl") '' # export ac_cv_search_crypt=no # (taken from Alpine linux, apparently insecure but also doesn't build O:)) # disable insecure modules @@ -63,7 +54,11 @@ stdenv.mkDerivation rec { doCheck = false; # fails - meta = with stdenv.lib; { + passthru.tests = { + inherit (nixosTests) pam-oath-login pam-u2f shadow; + }; + + meta = with lib; { homepage = "http://www.linux-pam.org/"; description = "Pluggable Authentication Modules, a flexible mechanism for authenticating user"; platforms = platforms.linux; |