Add support for a vendor directory and libeconf (#136)

With this, it is possible for Linux distributors to store their supplied default configuration files somewhere below /usr, while /etc only contains the changes made by the user. The new option --enable-vendordir defines where Linux-PAM should additional look for pam.d/*, login.defs and securetty if this files are not in /etc. libeconf is a key/value configuration file reading library, which handles the split of configuration files in different locations and merges them transparently for the application.
author: Thorsten Kukuk <5908016+thkukuk@users.noreply.github.com> 2019-09-16 17:17:49 +0200
committer: GitHub <noreply@github.com> 2019-09-16 17:17:49 +0200
commit: 65d6735c5949ec233df9813f734e918a93fa36cf (patch)
tree: c147e1f9ab27479abb3e2be94a2969aad6d87b68 /doc
parent: 3a3e70739834cd5cbd17469907ef718c81ae40c0 (diff)
download: pam-65d6735c5949ec233df9813f734e918a93fa36cf.tar.gz
pam-65d6735c5949ec233df9813f734e918a93fa36cf.tar.bz2
pam-65d6735c5949ec233df9813f734e918a93fa36cf.zip
5 files changed, 51 insertions, 2 deletions
diff --git a/doc/Makefile.am b/doc/Makefile.am
index f4762f2d..38319f5b 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -8,6 +8,8 @@ CLEANFILES = *~
 
 dist_html_DATA = index.html
 
+EXTRA_DIST = custom-html.xsl custom-man.xsl
+
 #######################################################
 
 releasedocs: all
diff --git a/doc/custom-html.xsl b/doc/custom-html.xsl
new file mode 100644
index 00000000..081beaf6
--- /dev/null
+++ b/doc/custom-html.xsl
@@ -0,0 +1,19 @@
+<?xml version='1.0'?> <!--*-nxml-*-->
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+  xmlns:ss="http://docbook.sf.net/xmlns/string.subst/1.0"
+  xmlns:exsl="http://exslt.org/common" version="1.0">
+
+  <xsl:import href="http://docbook.sourceforge.net/release/xsl/current/html/docbook.xsl"/>
+  <xsl:param name="vendordir"/>
+
+  <xsl:template match="filename">
+    <xsl:variable name="replacements">
+      <ss:substitution oldstring="%vendordir%" newstring="{$vendordir}" />
+    </xsl:variable>
+    <xsl:call-template name="apply-string-subst-map">
+      <xsl:with-param name="content" select="."/>
+      <xsl:with-param name="map.contents" select="exsl:node-set($replacements)/*" />
+    </xsl:call-template>
+  </xsl:template>
+</xsl:stylesheet>
+
diff --git a/doc/custom-man.xsl b/doc/custom-man.xsl
new file mode 100644
index 00000000..bf01d583
--- /dev/null
+++ b/doc/custom-man.xsl
@@ -0,0 +1,10 @@
+<?xml version='1.0'?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:ss="http://docbook.sf.net/xmlns/string.subst/1.0" version="1.0">
+  <xsl:import href="http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl"/>
+  <xsl:param name="vendordir"/>
+
+  <xsl:param name="man.string.subst.map.local.pre">
+    <ss:substitution oldstring="%vendordir%" newstring="{$vendordir}" />
+  </xsl:param>
+</xsl:stylesheet>
+
diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am
index 78c891df..8e76897e 100644
--- a/doc/man/Makefile.am
+++ b/doc/man/Makefile.am
@@ -59,5 +59,10 @@ pam.d.5: pam.conf.5
 pam_get_item.3: pam_item_types_std.inc.xml pam_item_types_ext.inc.xml
 pam_set_data.3: pam_item_types_std.inc.xml pam_item_types_ext.inc.xml
 pam.conf.5: pam.conf-desc.xml pam.conf-dir.xml pam.conf-syntax.xml
+if HAVE_VENDORDIR
+XSLTPROC_CUSTOM = --stringparam vendordir $(VENDORDIR)
+else
+XSLTPROC_CUSTOM = --stringparam vendordir "<vendordir>"
+endif
 -include $(top_srcdir)/Make.xml.rules
 endif
diff --git a/doc/man/pam.8.xml b/doc/man/pam.8.xml
index 9839defb..464af0e5 100644
--- a/doc/man/pam.8.xml
+++ b/doc/man/pam.8.xml
@@ -53,11 +53,12 @@
 
     <para>
       Vendor-supplied PAM configuration files might be installed in
-      the system directory <filename>/usr/lib/pam.d/</filename> instead
+      the system directory <filename>/usr/lib/pam.d/</filename> or
+      a configurable vendor specific directory instead
       of the machine configuration directory <filename>/etc/pam.d/</filename>.
       If no machine configuration file is found, the vendor-supplied file
       is used. All files in <filename>/etc/pam.d/</filename> override
-      files with the same name in <filename>/usr/lib/pam.d/</filename>.
+      files with the same name in other directories.
     </para>
 
 <para>From the point of view of the system administrator, for whom this
@@ -157,6 +158,18 @@ closing hook for modules to affect the services available to a user.</para>
           </para>
         </listitem>
       </varlistentry>
+      <varlistentry>
+        <term><filename>%vendordir%/pam.d</filename></term>
+        <listitem>
+          <para>
+            the <emphasis remap='B'>Linux-PAM</emphasis> vendor configuration
+	    directory. Files in <filename>/etc/pam.d</filename> and
+	    <filename>/usr/lib/pam.d</filename> override files with the same
+	    name in this directory. Only available if Linux-PAM was compiled
+	    with vendordir enabled.
+          </para>
+        </listitem>
+      </varlistentry>
     </variablelist>
   </refsect1>
author	Thorsten Kukuk <5908016+thkukuk@users.noreply.github.com>	2019-09-16 17:17:49 +0200
committer	GitHub <noreply@github.com>	2019-09-16 17:17:49 +0200
commit	65d6735c5949ec233df9813f734e918a93fa36cf (patch)
tree	c147e1f9ab27479abb3e2be94a2969aad6d87b68 /doc
parent	3a3e70739834cd5cbd17469907ef718c81ae40c0 (diff)
download	pam-65d6735c5949ec233df9813f734e918a93fa36cf.tar.gz pam-65d6735c5949ec233df9813f734e918a93fa36cf.tar.bz2 pam-65d6735c5949ec233df9813f734e918a93fa36cf.zip