diff options
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/README.source | 10 | ||||
| -rw-r--r-- | debian/changelog | 8 | ||||
| -rw-r--r-- | debian/compat | 1 | ||||
| -rw-r--r-- | debian/control | 16 | ||||
| -rw-r--r-- | debian/copyright | 24 | ||||
| -rw-r--r-- | debian/libnss-mapuser.lintian-overrides | 10 | ||||
| -rw-r--r-- | debian/libnss-mapuser.postinst | 45 | ||||
| -rw-r--r-- | debian/libnss-mapuser.prerm | 9 | ||||
| -rw-r--r-- | debian/libnss-mapuser.symbols | 5 | ||||
| -rw-r--r-- | debian/mapuser | 6 | ||||
| -rwxr-xr-x | debian/rules | 24 | ||||
| -rw-r--r-- | debian/source/format | 1 |
12 files changed, 159 insertions, 0 deletions
diff --git a/debian/README.source b/debian/README.source new file mode 100644 index 0000000..d19f825 --- /dev/null +++ b/debian/README.source @@ -0,0 +1,10 @@ +libnss-mapuser for Debian +------------------------- +Build this package with: +$ debian/rules binary +or +$ DEB_BUILD_PROG_OPTS="-S" debian/rules arch-build + + + -- Dave Olson <olson@cumulusnetworks.com> Tue, 3 Nov 2015 15:58:30 -0700 + diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..93d0996 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,8 @@ +libnss-mapuser (1.0.0) unstable; urgency=low + + * Initial version to do successful NSS lookups on any username, + and matching uid lookups back to the original name. + Used for RADIUS users, so they do not need to be in local files + (or LDAP, etc.) + + -- dev-support <dev-support@cumulusnetworks.com> Thu, 25 May 2017 20:59:49 -0700 diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..ec63514 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +9 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..b727069 --- /dev/null +++ b/debian/control @@ -0,0 +1,16 @@ +Source: libnss-mapuser +Priority: optional +Maintainer: dev-support <dev-support@cumulusnetworks.com> +Build-Depends: debhelper (>= 9), dpkg-dev (>= 1.16.1), git +Section: libs +Standards-Version: 3.9.6 +Homepage: http://www.cumulusnetworks.com + +Package: libnss-mapuser +Architecture: any +Depends: ${shlibs:Depends}, adduser +Description: NSS modules to map any requested username to a local account + Performs getpwname and getpwuid lookups via NSS for systems like RADIUS + where it is not possible to do a username lookup without authentication + (with a password or similar). Used to allow ssh and other login + mechanisms via RADIUS without having a local account. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..cc8f9f1 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,24 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: libnss-mapuser +Source: http://www.cumulusnetworks.com + +License: GPL-2+ + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/> + . + On Debian systems, the complete text of the GNU General + Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". + +Files: * +License: GPL-2+ +Copyright: 2017 Cumulus Networks, Inc. All rights reserved., diff --git a/debian/libnss-mapuser.lintian-overrides b/debian/libnss-mapuser.lintian-overrides new file mode 100644 index 0000000..5217b23 --- /dev/null +++ b/debian/libnss-mapuser.lintian-overrides @@ -0,0 +1,10 @@ +libnss-mapuser: native-package-with-dash-version +libnss-mapuser: package-name-doesnt-match-sonames libnss-mapname2 libnss-mapuid2 +libnss-mapuser: new-package-should-close-itp-bug +# messages say "source", but using "source" causes "malformed" warning. +# So these don't actually work, but leaving them here to document the intent +libnss-mapuser binary: diff-contains-git-control-dir .git +libnss-mapuser binary: unsupported-source-format 3.0 (git) +# we don't use misc-depends, and adding it produces a build warning +# about it not being needed +libnss-mapuser binary: debhelper-but-no-misc-depends libnss-mapuser diff --git a/debian/libnss-mapuser.postinst b/debian/libnss-mapuser.postinst new file mode 100644 index 0000000..b46e66d --- /dev/null +++ b/debian/libnss-mapuser.postinst @@ -0,0 +1,45 @@ +#!/bin/sh +# postinst script for libnss-mapuser +# +# see: dh_installdeb(1) + +set -e + +case "$1" in + configure) + # Add mapname and user to /etc/nsswitch.conf, since it's necessary + # for this package. uid must be first, and mapname must be last + # so uids for mapped users return the mapped name, and on the name, + # we only want to map if no other matches were found + ( set +e; + rgroup=radius_users + if [ -e "/etc/nsswitch.conf" ]; then + sed -i -e '/ mapname/b' \ + -e '/^passwd/s/[ \t][ \t]*/&mapuid /' \ + -e '/^passwd.*#/s/#.*/ mapname &/' \ + -e '/^passwd[^#]*$/s/$/ mapname &/' \ + /etc/nsswitch.conf + fi + addgroup --quiet $rgroup 2>&1 | grep -v 'already exists' + adduser --quiet --firstuid 1000 --disabled-login --ingroup $rgroup \ + --gecos "radius user" radius_user 2>&1 | grep -v 'already exists' + exit 0 + ) + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# needed for install, upgrade, remove, and purge, including aborts +pam-auth-update --package + + +#DEBHELPER# + +exit 0 diff --git a/debian/libnss-mapuser.prerm b/debian/libnss-mapuser.prerm new file mode 100644 index 0000000..c9bb6b1 --- /dev/null +++ b/debian/libnss-mapuser.prerm @@ -0,0 +1,9 @@ +#!/bin/sh + +set -e + +if [ "$1" = remove ]; then + pam-auth-update --package --remove mapuser +fi + +#DEBHELPER# diff --git a/debian/libnss-mapuser.symbols b/debian/libnss-mapuser.symbols new file mode 100644 index 0000000..2254c2e --- /dev/null +++ b/debian/libnss-mapuser.symbols @@ -0,0 +1,5 @@ +libnss_mapname.so.2 libnss-mapuser #MINVER# + _nss_mapname_getpwnam_r@Base 1.0.0 + +libnss_mapuid.so.2 libnss-mapuser #MINVER# + _nss_mapuid_getpwuid_r@Base 1.0.0 diff --git a/debian/mapuser b/debian/mapuser new file mode 100644 index 0000000..69d2137 --- /dev/null +++ b/debian/mapuser @@ -0,0 +1,6 @@ +Name: libnss-mapuser uses this to maintain the session uid => user mapping +Default: yes +Priority: 257 +Session-Type: Additional +Session: + optional pam_script.so dir=/usr/share/mapuser diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..ed7dbc0 --- /dev/null +++ b/debian/rules @@ -0,0 +1,24 @@ +#!/usr/bin/make -f +# See debhelper(7) (uncomment to enable) +# output every command that modifies files on the build system. +DH_VERBOSE = 1 + +# see EXAMPLES in dpkg-buildflags(1) and read /usr/share/dpkg/* +DPKG_EXPORT_BUILDFLAGS = 1 +include /usr/share/dpkg/default.mk + +# see FEATURE AREAS in dpkg-buildflags(1) +export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +%: + dh $@ + +# No configuration needed +override_dh_auto_configure: + +override_dh_install: + dh_installdirs /usr/share/pam-configs /usr/share/mapuser + install -p -m 755 pam_script_ses* debian/libnss-mapuser/usr/share/mapuser + install -p -m 444 debian/mapuser \ + debian/libnss-mapuser/usr/share/pam-configs/ + dh_install diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..af745b3 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (git) |