Index: security/Makefile =================================================================== --- security/Makefile +++ security/Makefile @@ -1252,6 +1252,7 @@ SUBDIR += uacme SUBDIR += ubuntu-keyring SUBDIR += unhide + SUBDIR += unix-selfauth-helper SUBDIR += vanguards-tor SUBDIR += vault SUBDIR += vaultwarden Index: security/unix-selfauth-helper/Makefile =================================================================== --- /dev/null +++ security/unix-selfauth-helper/Makefile @@ -0,0 +1,34 @@ +# Created by: Felix Palmen + +PORTNAME= unix-selfauth-helper +PORTVERSION= 1.0 +DISTVERSIONPREFIX= v +CATEGORIES= security + +MAINTAINER= felix@palmen-it.de +COMMENT= Local self-authentication for pam_exec + +LICENSE= BSD2CLAUSE + +USE_GITHUB= yes +GH_ACCOUNT= Zirias + +OPTIONS_DEFINE= EXAMPLES + +SUB_FILES= pamservice.sample + +PLIST_FILES= libexec/unix-selfauth-helper \ + man/man8/unix-selfauth-helper.8.gz \ + ${"${PORT_OPTIONS:MEXAMPLES}" != ""\ + :?${EXAMPLESDIR}/pamservice.sample:} + +post-patch: + ${REINPLACE_CMD} -e 's|/usr/local|${LOCALBASE}|' \ + ${WRKSRC}/${PORTNAME}.8 + +post-install-EXAMPLES-on: + ${MKDIR} ${STAGEDIR}${EXAMPLESDIR} + ${REINPLACE_CMD} -e 's|&&|%%|g' ${WRKDIR}/pamservice.sample + ${INSTALL_DATA} ${WRKDIR}/pamservice.sample ${STAGEDIR}${EXAMPLESDIR} + +.include Index: security/unix-selfauth-helper/distinfo =================================================================== --- /dev/null +++ security/unix-selfauth-helper/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1653485823 +SHA256 (Zirias-unix-selfauth-helper-v1.0_GH0.tar.gz) = bfba5ca818c835fa9b7f72225165c7419328d1880d30a96eda0e9698a0506a0e +SIZE (Zirias-unix-selfauth-helper-v1.0_GH0.tar.gz) = 3702 Index: security/unix-selfauth-helper/files/pamservice.sample.in =================================================================== --- /dev/null +++ security/unix-selfauth-helper/files/pamservice.sample.in @@ -0,0 +1,19 @@ +# Example file for a PAM service using self-authentication against the local +# passwd database, to be placed in %%LOCALBASE%%/etc/pam.d. +# +# Only add the facilities really needed by the service. In this example, only +# the 'auth' facility is active, the others are commented. All facilities +# just include the generic 'system' service policy to use whatever is +# configured system-wide in addition to the self-authentication. +# +# Hint for port maintainers: If you want to include a service policy in your +# port, replace %%LOCALBASE%% with &&LOCALBASE&& and include the file in +# SUB_FILES. + +auth sufficient pam_exec.so return_prog_exit_status \ + expose_authtok %%LOCALBASE%%/libexec/unix-selfauth-helper +auth include system +# account include system +# session include system +# password include system + Index: security/unix-selfauth-helper/pkg-descr =================================================================== --- /dev/null +++ security/unix-selfauth-helper/pkg-descr @@ -0,0 +1,5 @@ +This is a little suid-root helper allowing self-authentication against the +local unix passwd database using pam_exec on a FreeBSD system. As a result, +the behavior of LinuxPAM is mimicked without changes to the pam_unix module. + +WWW: https://github.com/Zirias/unix-selfauth-helper