More fixes/improvements and make distcheck fixed #24

Closed
wants to merge 8 commits into
from

Conversation

Projects
None yet
2 participants
Contributor

Flameeyes commented Jun 21, 2012

I cherry-picked again the patches you skipped over for pam_duo (which is honestly what I care most about, without those for me is totally useless — portability in that regard doesn't seem to be an issue to me at all).

You also did pick the patch that caused make distcheck to fail so I've reverted that one and implemented the same idea differently (I'll submit a bug/fix to automake about that later today).

I also made sure that parallel install works, as it was unsafe before when using DESTDIR.

Flameeyes added some commits Jun 21, 2012

Revert "from flameeyes: build: replace libcompat with libcommon and m…
…ove common functions there."

Seems like there is a bug with using `SUBDIRS = . lib`, sources in lib/ and `subdir-objects`.

This reverts commit d1caf3f.
build: do not add -lpam to LIBS when building with PAM.
This was introduced by the use of AC_SEARCH_LIBS to identify the presence
of pam_vprompt, as it changes the value of LIBS. With the new code,
AC_SEARCH_LIBS can also be replaced with the simpler AC_CHECK_FUNCS macro.
pam_duo: allow using try_first_pass/use_first_pass options.
These options are commonly used with pam_unix and pam_pgsql and allow
to re-use a previously presented password; at the same time, this
allows for the password to be read from binary prompts such as when
used with ftpd servers.

The pam_get_pass function is derived out of pam_pgsql which in turn
derives it from FreeBSD and is licensed by Juniper Networks under
2-clause BSD license (ISC-like).
pam_duo: replace match on 'su' service with a use_uid parameter.
This make it behave a lot like Linux-PAM's pam_wheel, and allows using
the same behaviour with any other similar service, rather than just
with su.
pam_duo: add a push option to force using push as factor.
This only changes the prompt to force the use of a given factor for
pam_duo, allowing to use this in conjunction with pam_unix for actual
dual-factor authentication of users on services such as ftpd.
build: use the proper targets for install hooks
Also always create directories before using them (for parallel install
compatibility), and fix one bad name.
Contributor

jonoberheide commented Jun 22, 2012

Thanks for the build fixes, Diego! It's unlikely we'll merge the feature enhancements for this release though.

Contributor

Flameeyes commented Jun 22, 2012

Il 22/06/2012 19:43, Jon Oberheide ha scritto:

Thanks for the build fixes, Diego! It's unlikely we'll merge the feature enhancements for this release though.

What about the next? I'm really waiting for them, as it makes Duo much
more useful.

My use case is having standard public key to SSH, and a Duo login for sudo.

Diego Elio Pettenò — Flameeyes
flameeyes@flameeyes.euhttp://blog.flameeyes.eu/

Contributor

Flameeyes commented Jun 22, 2012

Il 22/06/2012 19:43, Jon Oberheide ha scritto:

Thanks for the build fixes, Diego! It's unlikely we'll merge the feature enhancements for this release though.

BTW if you want to just pick the build fixes, please use

git cherry-pick $sha-of-the-commit

this way I can compare what was merged and what wasn't with git cherry :)

Diego Elio Pettenò — Flameeyes
flameeyes@flameeyes.euhttp://blog.flameeyes.eu/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment