Add xkb and legacy keymaps subdirs to loadkyes search path, remove symlinks, Don't convert layouts that can't input ASCII, Fix vlock doesn't perform PAM account management or credential reinitialization

2013-11-26 15:57:54 +01:00 · 2013-11-26 15:57:54 +01:00 · 0ca79db4ab
commit 0ca79db4ab
parent f5e5612b4f
2 changed files with 76 additions and 65 deletions
--- a/kbd-1.15.5-vlock-more-pam.patch
+++ b/kbd-1.15.5-vlock-more-pam.patch
@ -0,0 +1,61 @@
+--- a/src/vlock/auth.c
+++ b/src/vlock/auth.c
+@@ -4,7 +4,7 @@
+   PAM authentication routine for vlock, the VT locking program for linux.
+ 
+   Copyright (C) 1994-1998 Michael K. Johnson <johnsonm@redhat.com>
+-  Copyright (C) 2002, 2005 Dmitry V. Levin <ldv@altlinux.org>
+  Copyright (C) 2002, 2005, 2013 Dmitry V. Levin <ldv@altlinux.org>
+ 
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+@@ -36,6 +36,25 @@
+ /* Unrecognized PAM error timeout. */
+ #define	ERROR_TIMEOUT	10
+ 
+static int
+do_account_password_management (pam_handle_t *pamh)
+{
+	int rc;
+
+	/* Whether the authenticated user is allowed to log in? */
+	rc = pam_acct_mgmt (pamh, 0);
+
+	/* Do we need to prompt the user for a new password? */
+	if (rc == PAM_NEW_AUTHTOK_REQD)
+		rc = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
+
+	/* Extend the lifetime of the existing credentials. */
+	if (rc == PAM_SUCCESS)
+		rc = pam_setcred (pamh, PAM_REFRESH_CRED);
+
+	return rc;
+}
+
+ int
+ get_password (pam_handle_t * pamh, const char *username, const char *tty)
+ {
+@@ -84,6 +103,23 @@ get_password (pam_handle_t * pamh, const char *username, const char *tty)
+ 		switch (rc)
+ 		{
+ 			case PAM_SUCCESS:
+				rc = do_account_password_management (pamh);
+
+				if (rc != PAM_SUCCESS)
+				{
+					/*
+					 * The user was authenticated but
+					 * either account or password management
+					 * returned an error.
+					 */
+					printf ("%s.\n\n\n",
+						pam_strerror (pamh, rc));
+					fflush (stdout);
+					pam_end (pamh, rc);
+					pamh = 0;
+					break;
+				}
+
+ 				pam_end (pamh, rc);
+ 				/* Log the fact of console unlocking. */
+ 				syslog (LOG_NOTICE,
--- a/kbd.spec
+++ b/kbd.spec
@ -1,6 +1,6 @@
 Name:           kbd
 Version:        2.0.1
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        Tools for configuring the console (keyboard, virtual terminals, etc.)

 Group:          System Environment/Base
@ -21,6 +21,8 @@ Patch2:         kbd-1.15-unicode_start.patch
 Patch3:         kbd-1.15.3-dumpkeys-man.patch
 # Patch4: fixes decimal separator in Swiss German keyboard layout, bz 882529
 Patch4:         kbd-1.15.5-sg-decimal-separator.patch
+# Patch5: implement PAM account and password management, backported from upstream
+Patch5:         kbd-1.15.5-vlock-more-pam.patch

 BuildRequires:  bison, flex, gettext, pam-devel, check-devel
 BuildRequires:  console-setup, xkeyboard-config
@ -61,6 +63,7 @@ cp -fp %{SOURCE3} .
 %patch2 -p1 -b .unicode_start
 %patch3 -p1 -b .dumpkeys-man
 %patch4 -p1 -b .sg-decimal-separator
+%patch5 -p1 -b .vlock-more-pam

 # 7-bit maps are obsolete; so are non-euro maps
 pushd data/keymaps/i386
@ -149,70 +152,8 @@ while read line; do
  ckbcomp "$line" | gzip > $RPM_BUILD_ROOT/lib/kbd/keymaps/xkb/"$line".map.gz
 done < layouts-list-uniq.lst

-# Create symbolic links from the old keymap names to the matching(?) entries of the X11 keymaps
-mkdir -p $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwertz
-mkdir -p $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty
-mkdir -p $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/azerty
-mkdir -p $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/dvorak
-ln -s /lib/kbd/keymaps/xkb/ch-de_nodeadkeys.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwertz/sg.map.gz 
-ln -s /lib/kbd/keymaps/xkb/nl.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/nl.map.gz
-ln -s /lib/kbd/keymaps/xkb/mk.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/mk-utf.map.gz
-ln -s /lib/kbd/keymaps/xkb/tr.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/trq.map.gz
-ln -s /lib/kbd/keymaps/xkb/gb.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/uk.map.gz
-ln -s /lib/kbd/keymaps/xkb/is.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/is-latin1.map.gz
-ln -s /lib/kbd/keymaps/xkb/de.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwertz/de.map.gz
-ln -s /lib/kbd/keymaps/xkb/latam.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/la-latin1.map.gz
-ln -s /lib/kbd/keymaps/xkb/us.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/us.map.gz
-ln -s /lib/kbd/keymaps/xkb/kr.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/ko.map.gz
-ln -s /lib/kbd/keymaps/xkb/de.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwertz/de-latin1.map.gz
-ln -s /lib/kbd/keymaps/xkb/si.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwertz/slovene.map.gz
-ln -s /lib/kbd/keymaps/xkb/hu-qwerty.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/hu101.map.gz
-ln -s /lib/kbd/keymaps/xkb/jp.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/jp106.map.gz
-ln -s /lib/kbd/keymaps/xkb/hr.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwertz/croat.map.gz
-ln -s /lib/kbd/keymaps/xkb/fi.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/fi-latin1.map.gz
-ln -s /lib/kbd/keymaps/xkb/it.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/it2.map.gz
-ln -s /lib/kbd/keymaps/xkb/hu.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwertz/hu.map.gz
-ln -s /lib/kbd/keymaps/xkb/rs-latin.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/sr-latin.map.gz
-ln -s /lib/kbd/keymaps/xkb/fi.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/fi.map.gz
-ln -s /lib/kbd/keymaps/xkb/ch-fr.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwertz/fr_CH.map.gz
-ln -s /lib/kbd/keymaps/xkb/dk.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/dk-latin1.map.gz
-ln -s /lib/kbd/keymaps/xkb/fr.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/azerty/fr.map.gz
-ln -s /lib/kbd/keymaps/xkb/it.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/it.map.gz
-ln -s /lib/kbd/keymaps/xkb/ua.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/ua-utf.map.gz
-ln -s /lib/kbd/keymaps/xkb/fr.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/azerty/fr-latin1.map.gz
-ln -s /lib/kbd/keymaps/xkb/ch-de_nodeadkeys.map.gz  $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwertz/sg-latin1.map.gz
-ln -s /lib/kbd/keymaps/xkb/be.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/azerty/be-latin1.map.gz
-ln -s /lib/kbd/keymaps/xkb/dk.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/dk.map.gz
-ln -s /lib/kbd/keymaps/xkb/fr.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/azerty/fr-pc.map.gz
-ln -s /lib/kbd/keymaps/xkb/bg-phonetic.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/bg_pho-utf8.map.gz
-ln -s /lib/kbd/keymaps/xkb/it.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/it-ibm.map.gz
-ln -s /lib/kbd/keymaps/xkb/cz.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwertz/cz-us-qwertz.map.gz
-ln -s /lib/kbd/keymaps/xkb/br.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/br-abnt2.map.gz
-ln -s /lib/kbd/keymaps/xkb/ro.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/ro.map.gz
-ln -s /lib/kbd/keymaps/xkb/us-intl.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/us-acentos.map.gz
-ln -s /lib/kbd/keymaps/xkb/pt.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/pt-latin1.map.gz
-ln -s /lib/kbd/keymaps/xkb/de-nodeadkeys.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwertz/de-latin1-nodeadkeys.map.gz
-ln -s /lib/kbd/keymaps/xkb/no.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/no.map.gz
-ln -s /lib/kbd/keymaps/xkb/bg.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/bg_bds-utf8.map.gz
-ln -s /lib/kbd/keymaps/xkb/us-dvorak.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/dvorak/dvorak.map.gz
-ln -s /lib/kbd/keymaps/xkb/ru.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/ru.map.gz
-ln -s /lib/kbd/keymaps/xkb/cz-qwerty.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/cz-lat2.map.gz
-ln -s /lib/kbd/keymaps/xkb/pl.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/pl2.map.gz
-ln -s /lib/kbd/keymaps/xkb/es.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/es.map.gz
-ln -s /lib/kbd/keymaps/xkb/ee.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/et.map.gz
-ln -s /lib/kbd/keymaps/xkb/sk.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/sk-qwerty.map.gz
-ln -s /lib/kbd/keymaps/xkb/fr-latin9.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/azerty/fr-latin9.map.gz
-ln -s /lib/kbd/keymaps/xkb/ch-fr.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwertz/fr_CH-latin1.map.gz
-ln -s /lib/kbd/keymaps/xkb/ca.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/cf.map.gz
-ln -s /lib/kbd/keymaps/xkb/se.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/sv-latin1.map.gz
-ln -s /lib/kbd/keymaps/xkb/rs.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/sr-cy.map.gz
-ln -s /lib/kbd/keymaps/xkb/gr.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/gr.map.gz
-ln -s /lib/kbd/keymaps/xkb/by.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/by.map.gz
-ln -s /lib/kbd/keymaps/xkb/il.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/il.map.gz
-ln -s /lib/kbd/keymaps/xkb/kz.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/kazakh.map.gz
-ln -s /lib/kbd/keymaps/xkb/lt.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/lt.map.gz
-# defkeymap
-ln -s /lib/kbd/keymaps/xkb/us.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty/defkeymap.map.gz
+# wipe converted layouts which cannot input ASCII (#1031848)
+zgrep -L "U+0041" $RPM_BUILD_ROOT/lib/kbd/keymaps/xkb/* | xargs rm -f

 %find_lang %{name}

@ -231,6 +172,15 @@ ln -s /lib/kbd/keymaps/xkb/us.map.gz $RPM_BUILD_ROOT/lib/kbd/keymaps/i386/qwerty
 /lib/kbd/keymaps/legacy

 %changelog
+* Tue Nov 26 2013 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.1-4
+- Add xkb and legacy keymaps subdirs to loadkyes search path, remove symlinks
+  Related: #1028207
+- Don't convert layouts that can't input ASCII (patch by Adam Williamson)
+  Resolves: #1031848
+- Fix vlock doesn't perform PAM account management or credential reinitialization
+  (patch by  Dmitry V. Levin)
+  Resolves: #913311
+
 * Wed Nov 06 2013 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.0.1-3
 - Add PAM config for vlock
  Resolves: #913309