From 7e852c1e4f9d4ac20c2b5d6d01878ce94273d30d Mon Sep 17 00:00:00 2001
From: Aleksandr Proklov <a.proklov@rosalinux.ru>
Date: Fri, 15 Mar 2024 14:37:21 +0900
Subject: [PATCH] Update version to 1.6.0

---
 .abf.yml                                      |  2 +-
 ...M-1.1.4-add-now-missing-nis-constant.patch | 11 ------
 ...M-1.6.0-add-now-missing-nis-constant.patch | 12 +++++++
 ...atch => Linux-PAM-1.6.0-xauth-groups.patch | 34 +++++++++----------
 pam-1.5.0-noflex.patch                        | 24 -------------
 pam-1.5.0-redhat-modules.patch                | 25 --------------
 pam-1.6.0-noflex.patch                        | 24 +++++++++++++
 pam-1.6.0-redhat-modules.patch                | 25 ++++++++++++++
 pam.spec                                      | 12 +++----
 9 files changed, 84 insertions(+), 85 deletions(-)
 delete mode 100644 Linux-PAM-1.1.4-add-now-missing-nis-constant.patch
 create mode 100644 Linux-PAM-1.6.0-add-now-missing-nis-constant.patch
 rename Linux-PAM-1.1.3-xauth-groups.patch => Linux-PAM-1.6.0-xauth-groups.patch (57%)
 delete mode 100644 pam-1.5.0-noflex.patch
 delete mode 100644 pam-1.5.0-redhat-modules.patch
 create mode 100644 pam-1.6.0-noflex.patch
 create mode 100644 pam-1.6.0-redhat-modules.patch

diff --git a/.abf.yml b/.abf.yml
index 127c23a..de502b8 100644
--- a/.abf.yml
+++ b/.abf.yml
@@ -1,3 +1,3 @@
 sources:
-  Linux-PAM-1.5.1.tar.xz: ad43b7fbdfdd38886fdf27e098b49f2db1c2a13d
+  Linux-PAM-1.6.0.tar.xz: af5c627ac12cd1984644640a004cbc633bf99630
   pam-redhat-1.1.4.tar.bz2: bf661c44f34c2d4d34eaee695b36e638f4d44ba8
diff --git a/Linux-PAM-1.1.4-add-now-missing-nis-constant.patch b/Linux-PAM-1.1.4-add-now-missing-nis-constant.patch
deleted file mode 100644
index 977a0b2..0000000
--- a/Linux-PAM-1.1.4-add-now-missing-nis-constant.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- Linux-PAM-1.1.4/modules/pam_unix/support.c.yp_const~	2011-07-19 14:31:36.081046306 +0200
-+++ Linux-PAM-1.1.4/modules/pam_unix/support.c	2011-07-19 14:31:38.058067705 +0200
-@@ -21,6 +21,8 @@
- #include <sys/resource.h>
- #ifdef HAVE_RPCSVC_YPCLNT_H
- #include <rpcsvc/ypclnt.h>
-+#else
-+#define YPERR_SUCCESS 0
- #endif
- 
- #include <security/_pam_macros.h>
diff --git a/Linux-PAM-1.6.0-add-now-missing-nis-constant.patch b/Linux-PAM-1.6.0-add-now-missing-nis-constant.patch
new file mode 100644
index 0000000..1aa4a4b
--- /dev/null
+++ b/Linux-PAM-1.6.0-add-now-missing-nis-constant.patch
@@ -0,0 +1,12 @@
+diff -ruN a/modules/pam_unix/support.c b/modules/pam_unix/support.c
+--- a/modules/pam_unix/support.c	2024-01-17 19:29:36.000000000 +0900
++++ b/modules/pam_unix/support.c	2024-03-15 14:30:11.487011492 +0900
+@@ -21,6 +21,8 @@
+ #include <sys/resource.h>
+ #ifdef HAVE_NIS
+ #include <rpcsvc/ypclnt.h>
++#else
++#define YPERR_SUCCESS 0
+ #endif
+ 
+ #include <security/_pam_macros.h>
diff --git a/Linux-PAM-1.1.3-xauth-groups.patch b/Linux-PAM-1.6.0-xauth-groups.patch
similarity index 57%
rename from Linux-PAM-1.1.3-xauth-groups.patch
rename to Linux-PAM-1.6.0-xauth-groups.patch
index 2763b19..2663a57 100644
--- a/Linux-PAM-1.1.3-xauth-groups.patch
+++ b/Linux-PAM-1.6.0-xauth-groups.patch
@@ -1,17 +1,15 @@
-diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c
-index ae73121..f4f3df4 100644
---- a/modules/pam_xauth/pam_xauth.c
-+++ b/modules/pam_xauth/pam_xauth.c
-@@ -91,7 +91,7 @@ static const char * const xauthpaths[] = {
-  * given input on stdin, and storing any output it generates. */
+diff -ruN a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c
+--- a/modules/pam_xauth/pam_xauth.c	2024-01-17 19:29:36.000000000 +0900
++++ b/modules/pam_xauth/pam_xauth.c	2024-03-15 14:28:23.259247235 +0900
+@@ -88,6 +88,7 @@
  static int
  run_coprocess(pam_handle_t *pamh, const char *input, char **output,
--	      uid_t uid, gid_t gid, const char *command, ...)
-+	      uid_t uid, gid_t gid, const char *name, const char *command, ...)
+ 	      uid_t uid, gid_t gid, const char *command, const char *argv[])
++	      uid_t uid, gid_t gid, const char *name, const char *command, const char *argv[])
  {
  	int ipipe[2], opipe[2], i;
  	char buf[LINE_MAX];
-@@ -143,6 +143,12 @@ run_coprocess(pam_handle_t *pamh, const char *input, char **output,
+@@ -147,6 +148,12 @@
  		    pam_syslog (pamh, LOG_ERR, "setgroups() failed: %m");
  		    _exit (err);
  		  }
@@ -24,30 +22,30 @@ index ae73121..f4f3df4 100644
  		if (setuid(uid) == -1)
  		  {
  		    int err = errno;
-@@ -528,7 +534,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
+@@ -527,7 +534,7 @@
  			   (unsigned long) getuid(), (unsigned long) getgid());
  	}
  	if (run_coprocess(pamh, NULL, &cookie,
 -			  getuid(), getgid(),
 +			  getuid(), getgid(), rpwd->pw_name,
+ 			  xauth, (const char *[]) {
  			  xauth, "-f", cookiefile, "nlist", display,
- 			  NULL) == 0) {
- #ifdef WITH_SELINUX
-@@ -587,7 +593,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
+ 			  NULL}) == 0) {
+@@ -573,7 +580,7 @@
  						       (unsigned long) getgid());
  					}
  					run_coprocess(pamh, NULL, &cookie,
 -						      getuid(), getgid(),
 +						      getuid(), getgid(), rpwd->pw_name,
+ 						      xauth, (const char *[]) {
  						      xauth, "-f", cookiefile,
- 						      "nlist", t, NULL);
- 				}
-@@ -729,7 +735,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
+ 						      "nlist", t, NULL});
+@@ -715,7 +722,7 @@
  				  (unsigned long) tpwd->pw_gid);
  		}
  		run_coprocess(pamh, cookie, &tmp,
 -			      tpwd->pw_uid, tpwd->pw_gid,
 +			      tpwd->pw_uid, tpwd->pw_gid, tpwd->pw_name,
- 			      xauth, "-f", cookiefile, "nmerge", "-", NULL);
+ 			      xauth, (const char *[]) {
+ 			      xauth, "-f", cookiefile, "nmerge", "-", NULL});
  
- 		/* We don't need to keep a copy of these around any more. */
diff --git a/pam-1.5.0-noflex.patch b/pam-1.5.0-noflex.patch
deleted file mode 100644
index 282b482..0000000
--- a/pam-1.5.0-noflex.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-diff -up Linux-PAM-1.5.0/doc/Makefile.am.noflex Linux-PAM-1.5.0/doc/Makefile.am
---- Linux-PAM-1.5.0/doc/Makefile.am.noflex	2020-11-10 16:46:13.000000000 +0100
-+++ Linux-PAM-1.5.0/doc/Makefile.am	2020-11-11 11:39:00.980421433 +0100
-@@ -2,7 +2,7 @@
- # Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
- #
- 
--SUBDIRS = man specs sag adg mwg
-+SUBDIRS = man sag adg mwg
- 
- CLEANFILES = *~
- 
-diff -up Linux-PAM-1.5.0/Makefile.am.noflex Linux-PAM-1.5.0/Makefile.am
---- Linux-PAM-1.5.0/Makefile.am.noflex	2020-11-11 11:39:00.980421433 +0100
-+++ Linux-PAM-1.5.0/Makefile.am	2020-11-11 11:39:15.887625418 +0100
-@@ -4,7 +4,7 @@
- 
- AUTOMAKE_OPTIONS = 1.9 gnu dist-xz no-dist-gzip check-news
- 
--SUBDIRS = libpam tests libpamc libpam_misc modules po conf examples xtests
-+SUBDIRS = libpam tests libpamc libpam_misc modules po doc examples xtests
- 
- if HAVE_DOC
- SUBDIRS += doc
diff --git a/pam-1.5.0-redhat-modules.patch b/pam-1.5.0-redhat-modules.patch
deleted file mode 100644
index 92d04da..0000000
--- a/pam-1.5.0-redhat-modules.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-diff -up Linux-PAM-1.5.0/configure.ac.redhat-modules Linux-PAM-1.5.0/configure.ac
---- Linux-PAM-1.5.0/configure.ac.redhat-modules	2020-11-11 11:21:21.947857371 +0100
-+++ Linux-PAM-1.5.0/configure.ac	2020-11-11 11:22:58.638193747 +0100
-@@ -639,6 +639,8 @@ AC_CONFIG_FILES([Makefile libpam/Makefil
- 	po/Makefile.in \
- 	Make.xml.rules \
- 	modules/Makefile \
-+	modules/pam_chroot/Makefile modules/pam_console/Makefile \
-+	modules/pam_postgresok/Makefile \
- 	modules/pam_access/Makefile \
-         modules/pam_debug/Makefile modules/pam_deny/Makefile \
- 	modules/pam_echo/Makefile modules/pam_env/Makefile \
-diff -up Linux-PAM-1.5.0/modules/Makefile.am.redhat-modules Linux-PAM-1.5.0/modules/Makefile.am
---- Linux-PAM-1.5.0/modules/Makefile.am.redhat-modules	2020-11-10 16:46:13.000000000 +0100
-+++ Linux-PAM-1.5.0/modules/Makefile.am	2020-11-11 11:21:21.947857371 +0100
-@@ -47,6 +47,9 @@ SUBDIRS := \
- 	pam_debug \
- 	pam_deny \
- 	pam_echo \
-+	pam_chroot \
-+	pam_console \
-+	pam_postgresok \
- 	pam_env \
- 	pam_exec \
- 	pam_faildelay \
diff --git a/pam-1.6.0-noflex.patch b/pam-1.6.0-noflex.patch
new file mode 100644
index 0000000..2af1463
--- /dev/null
+++ b/pam-1.6.0-noflex.patch
@@ -0,0 +1,24 @@
+diff -ruN a/doc/Makefile.am b/doc/Makefile.am
+--- a/doc/Makefile.am	2024-01-17 19:29:36.000000000 +0900
++++ b/doc/Makefile.am	2024-03-15 14:07:00.797329756 +0900
+@@ -2,7 +2,7 @@
+ # Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
+ #
+ 
+-SUBDIRS = man specs sag adg mwg
++SUBDIRS = man sag adg mwg
+ 
+ CLEANFILES = *~
+ DISTCLEANFILES = custom-html.xsl custom-man.xsl
+diff -ruN a/Makefile.am b/Makefile.am
+--- a/Makefile.am	2024-01-17 19:29:36.000000000 +0900
++++ b/Makefile.am	2024-03-15 14:08:14.914704213 +0900
+@@ -4,7 +4,7 @@
+ 
+ AUTOMAKE_OPTIONS = 1.9 gnu dist-xz no-dist-gzip check-news
+ 
+-SUBDIRS = libpam tests libpamc libpam_misc modules po conf xtests
++SUBDIRS = libpam tests libpamc libpam_misc modules po doc xtests
+ 
+ if HAVE_DOC
+ SUBDIRS += doc
diff --git a/pam-1.6.0-redhat-modules.patch b/pam-1.6.0-redhat-modules.patch
new file mode 100644
index 0000000..6c11338
--- /dev/null
+++ b/pam-1.6.0-redhat-modules.patch
@@ -0,0 +1,25 @@
+diff -ruN a/configure.ac b/configure.ac
+--- a/configure.ac	2024-01-17 19:29:36.000000000 +0900
++++ b/configure.ac	2024-03-15 14:05:18.762704512 +0900
+@@ -774,6 +774,8 @@
+ 	po/Makefile.in \
+ 	Make.xml.rules \
+ 	modules/Makefile \
++	modules/pam_chroot/Makefile modules/pam_console/Makefile \
++	modules/pam_postgresok/Makefile \
+ 	modules/pam_access/Makefile \
+ 	modules/pam_canonicalize_user/Makefile \
+ 	modules/pam_debug/Makefile modules/pam_deny/Makefile \
+diff -ruN a/modules/Makefile.am b/modules/Makefile.am
+--- a/modules/Makefile.am	2024-01-17 19:29:36.000000000 +0900
++++ b/modules/Makefile.am	2024-03-15 14:05:18.762704512 +0900
+@@ -48,6 +48,9 @@
+ 	pam_debug \
+ 	pam_deny \
+ 	pam_echo \
++	pam_chroot \
++	pam_console \
++	pam_postgresok \
+ 	pam_env \
+ 	pam_exec \
+ 	pam_faildelay \
diff --git a/pam.spec b/pam.spec
index 2fc34fe..4ea6258 100644
--- a/pam.spec
+++ b/pam.spec
@@ -14,8 +14,8 @@
 
 Summary:	A security tool which provides authentication for applications
 Name:		pam
-Version:	1.5.1
-Release:	11
+Version:	1.6.0
+Release:	1
 Epoch:		1
 # The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant
 # as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+,
@@ -41,8 +41,8 @@ Source501:	pam_tty_audit.8
 Source502:	README
 
 # RedHat patches
-Patch1:		https://src.fedoraproject.org/rpms/pam/raw/master/f/pam-1.5.0-redhat-modules.patch
-Patch9:		https://src.fedoraproject.org/rpms/pam/raw/master/f/pam-1.5.0-noflex.patch
+Patch1:		pam-1.6.0-redhat-modules.patch
+Patch9:		pam-1.6.0-noflex.patch
 
 # Upstreamed partially
 Patch33:	https://src.fedoraproject.org/rpms/pam/raw/master/f/pam-1.3.0-unix-nomsg.patch
@@ -55,11 +55,11 @@ Patch508:	Linux-PAM-0.99.3.0-pamtimestampadm.patch
 Patch509:	Linux-PAM-0.99.3.0-pbuild-rh.patch
 # (fl) pam_xauth: set extra groups because in high security levels
 #	access to /usr/X11R6/bin dir is controlled by a group
-Patch512:	Linux-PAM-1.1.3-xauth-groups.patch
+Patch512:	Linux-PAM-1.6.0-xauth-groups.patch
 
 Patch700:	pam_fix_static_pam_console.patch
 # (proyvind): add missing constant that went with rpc removal from glibc 2.14
-Patch702:	Linux-PAM-1.1.4-add-now-missing-nis-constant.patch
+Patch702:	Linux-PAM-1.6.0-add-now-missing-nis-constant.patch
 # (akdengi> add user to default group users which need for Samba
 Patch801:	Linux-PAM-1.1.4-group_add_users.patch