Index: head/sysutils/google-compute-engine-oslogin/Makefile =================================================================== --- head/sysutils/google-compute-engine-oslogin/Makefile (revision 466685) +++ head/sysutils/google-compute-engine-oslogin/Makefile (revision 466686) @@ -1,47 +1,46 @@ # $FreeBSD$ PORTNAME= google-compute-engine-oslogin -DISTVERSION= 1.1.2 -PORTREVISION= 1 +DISTVERSION= 1.1.5 CATEGORIES= sysutils MAINTAINER= helen.koike@collabora.com COMMENT= OS Login Guest Environment for Google Compute Engine LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/../LICENSE LIB_DEPENDS= libcurl.so:ftp/curl \ libjson-c.so:devel/json-c RUN_DEPENDS= gsed:textproc/gsed \ ${LOCALBASE}/lib/pam_mkhomedir.so:security/pam_mkhomedir USES= gmake USE_LDCONFIG= yes USE_GCC= any USE_GITHUB= yes GH_ACCOUNT= GoogleCloudPlatform GH_PROJECT= compute-image-packages -GH_TAGNAME= 20171213 +GH_TAGNAME= 20180227 MAKE_ARGS= JSON_INCLUDE_PATH=${LOCALBASE}/include/json-c \ BIN_INSTALL_PATH=/bin \ PAM_INSTALL_PATH=/lib \ AUTHKEYS_INSTALL_PATH=/bin \ NSS_LIBRARY_SONAME=nss_oslogin.so.1 WRKSRC_SUBDIR= google_compute_engine_oslogin PLIST_SUB= DISTVERSION=${DISTVERSION} post-patch: @${REINPLACE_CMD} -e 's|/etc/sudoers.d|${PREFIX}/etc/sudoers.d|g ; \ s|/usr/bin|${PREFIX}/bin|g' ${WRKSRC}/bin/google_oslogin_control post-install: ${LN} -sf libnss_${PORTNAME}-${DISTVERSION}.so ${STAGEDIR}${PREFIX}/lib/nss_oslogin.so.1 ${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/google_authorized_keys \ ${STAGEDIR}${PREFIX}/lib/libnss_google-compute-engine-oslogin-${DISTVERSION}.so \ ${STAGEDIR}${PREFIX}/lib/pam_oslogin_admin.so \ ${STAGEDIR}${PREFIX}/lib/pam_oslogin_login.so .include Index: head/sysutils/google-compute-engine-oslogin/distinfo =================================================================== --- head/sysutils/google-compute-engine-oslogin/distinfo (revision 466685) +++ head/sysutils/google-compute-engine-oslogin/distinfo (revision 466686) @@ -1,3 +1,3 @@ -TIMESTAMP = 1514471176 -SHA256 (GoogleCloudPlatform-compute-image-packages-1.1.2-20171213_GH0.tar.gz) = 483d97c6d64cd7d9002247db63af8cb591e526a09ce52fd8d545c66da3ebb181 -SIZE (GoogleCloudPlatform-compute-image-packages-1.1.2-20171213_GH0.tar.gz) = 131055 +TIMESTAMP = 1522046585 +SHA256 (GoogleCloudPlatform-compute-image-packages-1.1.5-20180227_GH0.tar.gz) = 80e8c8059273f76e82343993a0282c51b633ba8c8dc5a14664919ee1b9e0fbaf +SIZE (GoogleCloudPlatform-compute-image-packages-1.1.5-20180227_GH0.tar.gz) = 135485 Property changes on: head/sysutils/google-compute-engine-oslogin/distinfo ___________________________________________________________________ Modified: fbsd:nokeywords ## -1 +1 ## -on \ No newline at end of property +yes \ No newline at end of property Index: head/sysutils/google-compute-engine-oslogin/files/patch-Makefile =================================================================== --- head/sysutils/google-compute-engine-oslogin/files/patch-Makefile (revision 466685) +++ head/sysutils/google-compute-engine-oslogin/files/patch-Makefile (nonexistent) @@ -1,11 +0,0 @@ ---- Makefile.orig 2017-12-13 23:47:59 UTC -+++ Makefile -@@ -15,7 +15,7 @@ AUTHKEYS_INSTALL_PATH = /usr/bin - JSON_INCLUDE_PATH = /usr/include/json-c - INCLUDE_FLAGS = -I$(JSON_INCLUDE_PATH) - --CXX = g++ -+CXX ?= g++ - CXXFLAGS += -fPIC# -Wall - PAMFLAGS = $(LDFLAGS) $(INCLUDE_FLAGS) -shared - NSSFLAGS = $(LDFLAGS) $(INCLUDE_FLAGS) -shared -Wl,-soname,$(NSS_LIBRARY_SONAME) Property changes on: head/sysutils/google-compute-engine-oslogin/files/patch-Makefile ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -on \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sysutils/google-compute-engine-oslogin/files/patch-bin_google__oslogin__control =================================================================== --- head/sysutils/google-compute-engine-oslogin/files/patch-bin_google__oslogin__control (revision 466685) +++ head/sysutils/google-compute-engine-oslogin/files/patch-bin_google__oslogin__control (revision 466686) @@ -1,51 +1,54 @@ ---- bin/google_oslogin_control.orig 2017-12-13 23:47:59 UTC +--- bin/google_oslogin_control.orig 2018-02-27 22:53:04 UTC +++ bin/google_oslogin_control -@@ -65,29 +65,31 @@ overwrite_file() { +@@ -65,22 +65,24 @@ overwrite_file() { remove_from_config() { config=$1 - sed -i "/${added_comment}/,+1d" ${config}.new + gsed -i "/${added_comment}/,+1d" ${config}.new } remove_from_nss_config() { - sed -i '/^passwd:/ s/ oslogin//' ${nss_config}.new + gsed -i '/^passwd:/ s/ oslogin//' ${nss_config}.new } add_to_sshd_config() { remove_from_config ${sshd_config} - sed -i "\$a${added_comment}\n${sshd_command}" ${sshd_config}.new - sed -i "\$a${added_comment}\n${sshd_user}" ${sshd_config}.new + gsed -i "\$a${added_comment}\n${sshd_command}" ${sshd_config}.new + gsed -i "\$a${added_comment}\n${sshd_user}" ${sshd_config}.new } add_to_nss_config() { remove_from_nss_config - sed -i '/^passwd:/ s/$/ oslogin/' ${nss_config}.new + gsed -i '/^passwd:/ s/$/ oslogin/' ${nss_config}.new + # Replace compat by files (as compat cannot be used with other sources) + gsed -i '/^passwd:/ s/compat/files/' ${nss_config}.new } add_to_pam_config() { - remove_from_config ${pam_config} -- sed -i "/account.*pam_nologin.so/ a${added_comment}\n${pam_admin}" ${pam_config}.new -- sed -i "/account.*pam_nologin.so/ a${added_comment}\n${pam_login}" ${pam_config}.new -- sed -i "/pam_loginuid.so/ a${added_comment}\n${pam_homedir}" ${pam_config}.new -+ gsed -i "/account.*pam_nologin.so/ a${added_comment}\n${pam_admin}" ${pam_config}.new -+ gsed -i "/account.*pam_nologin.so/ a${added_comment}\n${pam_login}" ${pam_config}.new -+ gsed -i "/session.*pam_permit.so/ a${added_comment}\n${pam_homedir}" ${pam_config}.new +@@ -97,9 +99,9 @@ ${pam_homedir} + " + echo "${added_config}$(cat ${pam_config}.new)" > ${pam_config}.new + else +- sed -i "/account.*pam_nologin.so/ a${added_comment}\n${pam_admin}" ${pam_config}.new +- sed -i "/account.*pam_nologin.so/ a${added_comment}\n${pam_login}" ${pam_config}.new +- sed -i "/pam_loginuid.so/ a${added_comment}\n${pam_homedir}" ${pam_config}.new ++ gsed -i "/account.*pam_nologin.so/ a${added_comment}\n${pam_admin}" ${pam_config}.new ++ gsed -i "/account.*pam_nologin.so/ a${added_comment}\n${pam_login}" ${pam_config}.new ++ gsed -i "/session.*pam_permit.so/ a${added_comment}\n${pam_homedir}" ${pam_config}.new + fi } - restart_service() { -@@ -100,7 +102,7 @@ restart_service() { +@@ -113,7 +115,7 @@ restart_service() { fi fi if which service > /dev/null 2>&1; then - if service --status-all | grep -Fq ${service}; then + if service -e | grep -Fq ${service}; then echo "Restarting ${service}." service ${service} restart return $? Property changes on: head/sysutils/google-compute-engine-oslogin/files/patch-bin_google__oslogin__control ___________________________________________________________________ Modified: fbsd:nokeywords ## -1 +1 ## -on \ No newline at end of property +yes \ No newline at end of property Index: head/sysutils/google-compute-engine-oslogin/files/patch-nss__module_nss__oslogin.cc =================================================================== --- head/sysutils/google-compute-engine-oslogin/files/patch-nss__module_nss__oslogin.cc (revision 466685) +++ head/sysutils/google-compute-engine-oslogin/files/patch-nss__module_nss__oslogin.cc (revision 466686) @@ -1,38 +1,38 @@ ---- nss_module/nss_oslogin.cc.orig 2017-12-13 23:47:59 UTC +--- nss_module/nss_oslogin.cc.orig 2018-02-27 22:53:04 UTC +++ nss_module/nss_oslogin.cc @@ -16,6 +16,7 @@ #include #include #include +#include #include #include #include @@ -150,4 +151,27 @@ int _nss_oslogin_getpwent_r(struct passw } return NSS_STATUS_SUCCESS; } + +NSS_METHOD_PROTOTYPE(__nss_compat_getpwnam_r); +NSS_METHOD_PROTOTYPE(__nss_compat_getpwuid_r); +NSS_METHOD_PROTOTYPE(__nss_compat_getpwent_r); +NSS_METHOD_PROTOTYPE(__nss_compat_setpwent); +NSS_METHOD_PROTOTYPE(__nss_compat_endpwent); + +static ns_mtab methods[] = { + { NSDB_PASSWD, "getpwnam_r", __nss_compat_getpwnam_r, (void*)_nss_oslogin_getpwnam_r }, + { NSDB_PASSWD, "getpwuid_r", __nss_compat_getpwuid_r, (void*)_nss_oslogin_getpwuid_r }, + { NSDB_PASSWD, "getpwent_r", __nss_compat_getpwent_r, (void*)_nss_oslogin_getpwent_r }, + { NSDB_PASSWD, "endpwent", __nss_compat_endpwent, (void*)_nss_oslogin_endpwent }, + { NSDB_PASSWD, "setpwent", __nss_compat_setpwent, (void*)_nss_oslogin_setpwent }, +}; + +ns_mtab * +nss_module_register (const char *name, unsigned int *size, + nss_module_unregister_fn *unregister) +{ + *size = sizeof (methods) / sizeof (methods[0]); + *unregister = NULL; + return (methods); +} } // extern "C" Property changes on: head/sysutils/google-compute-engine-oslogin/files/patch-nss__module_nss__oslogin.cc ___________________________________________________________________ Modified: fbsd:nokeywords ## -1 +1 ## -on \ No newline at end of property +yes \ No newline at end of property Index: head/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__admin.cc =================================================================== --- head/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__admin.cc (revision 466685) +++ head/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__admin.cc (revision 466686) @@ -1,28 +1,28 @@ ---- pam_module/pam_oslogin_admin.cc.orig 2017-12-13 23:47:59 UTC +--- pam_module/pam_oslogin_admin.cc.orig 2018-02-27 22:53:04 UTC +++ pam_module/pam_oslogin_admin.cc @@ -14,7 +14,6 @@ #define PAM_SM_ACCOUNT #include -#include #include #include #include @@ -47,7 +46,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_hand int pam_result = PAM_SUCCESS; const char *user_name; if ((pam_result = pam_get_user(pamh, &user_name, NULL)) != PAM_SUCCESS) { - pam_syslog(pamh, LOG_INFO, "Could not get pam user."); + syslog(LOG_INFO, "Could not get pam user."); return pam_result; } string str_user_name(user_name); @@ -77,7 +76,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_hand if (HttpGet(url.str(), &response, &http_code) && http_code == 200 && ParseJsonToAuthorizeResponse(response)) { if (!file_exists) { - pam_syslog(pamh, LOG_INFO, + syslog(LOG_INFO, "Granting sudo permissions to organization user %s.", user_name); std::ofstream sudoers_file; Property changes on: head/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__admin.cc ___________________________________________________________________ Modified: fbsd:nokeywords ## -1 +1 ## -on \ No newline at end of property +yes \ No newline at end of property Index: head/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__login.cc =================================================================== --- head/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__login.cc (revision 466685) +++ head/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__login.cc (revision 466686) @@ -1,37 +1,37 @@ ---- pam_module/pam_oslogin_login.cc.orig 2017-12-13 23:47:59 UTC +--- pam_module/pam_oslogin_login.cc.orig 2018-02-27 22:53:04 UTC +++ pam_module/pam_oslogin_login.cc @@ -14,7 +14,6 @@ #define PAM_SM_ACCOUNT #include -#include #include #include #include @@ -45,7 +44,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_hand int pam_result = PAM_PERM_DENIED; const char *user_name; if ((pam_result = pam_get_user(pamh, &user_name, NULL)) != PAM_SUCCESS) { - pam_syslog(pamh, LOG_INFO, "Could not get pam user."); + syslog(LOG_INFO, "Could not get pam user."); return pam_result; } string str_user_name(user_name); @@ -88,7 +87,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_hand chown(users_filename.c_str(), 0, 0); chmod(users_filename.c_str(), S_IRUSR | S_IWUSR | S_IRGRP); } - pam_syslog(pamh, LOG_INFO, + syslog(LOG_INFO, "Granting login permission for organization user %s.", user_name); pam_result = PAM_SUCCESS; @@ -96,7 +95,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_hand if (file_exists) { remove(users_filename.c_str()); } - pam_syslog(pamh, LOG_INFO, + syslog(LOG_INFO, "Denying login permission for organization user %s.", user_name); pam_result = PAM_PERM_DENIED; Property changes on: head/sysutils/google-compute-engine-oslogin/files/patch-pam__module_pam__oslogin__login.cc ___________________________________________________________________ Modified: fbsd:nokeywords ## -1 +1 ## -on \ No newline at end of property +yes \ No newline at end of property Index: head/sysutils/google-compute-engine-oslogin/files/patch-utils_oslogin__utils.cc =================================================================== --- head/sysutils/google-compute-engine-oslogin/files/patch-utils_oslogin__utils.cc (revision 466685) +++ head/sysutils/google-compute-engine-oslogin/files/patch-utils_oslogin__utils.cc (revision 466686) @@ -1,18 +1,18 @@ ---- utils/oslogin_utils.cc.orig 2017-12-13 23:47:59 UTC +--- utils/oslogin_utils.cc.orig 2018-02-27 22:53:04 UTC +++ utils/oslogin_utils.cc -@@ -218,7 +218,14 @@ bool ValidatePasswd(struct passwd* resul +@@ -222,7 +222,14 @@ bool ValidatePasswd(struct passwd* resul } } if (strlen(result->pw_shell) == 0) { - if (!buf->AppendString("/bin/bash", &result->pw_shell, errnop)) { + if (!buf->AppendString("/bin/sh", &result->pw_shell, errnop)) { + return false; + } + } + + // If shell is set to /bin/bash, fallback to /bin/sh + if (strcmp(result->pw_shell, "/bin/bash") == 0 ) { + if (!buf->AppendString("/bin/sh", &result->pw_shell, errnop)) { return false; } } Property changes on: head/sysutils/google-compute-engine-oslogin/files/patch-utils_oslogin__utils.cc ___________________________________________________________________ Modified: fbsd:nokeywords ## -1 +1 ## -on \ No newline at end of property +yes \ No newline at end of property