commit: e7e2a601e277bbede4f3f4aaf05cc1e49392458c Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Thu Mar 28 06:00:05 2019 +0000 Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> CommitDate: Thu Mar 28 06:00:05 2019 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e7e2a601
sys-auth/pambase: Add zlogene as primary maint Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> sys-auth/pambase/metadata.xml | 186 +++++++++++++++++++++--------------------- 1 file changed, 95 insertions(+), 91 deletions(-) diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml index 7cd2dea5abe..ac1a717271f 100644 --- a/sys-auth/pambase/metadata.xml +++ b/sys-auth/pambase/metadata.xml @@ -1,95 +1,99 @@ <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd";> <pkgmetadata> - <maintainer type="project"> - <email>pam-b...@gentoo.org</email> - </maintainer> - <use> - <flag name="cracklib"> - Enable pam_cracklib module on system authentication stack. This - produces warnings when changing password to something easily - crackable. It requires the same USE flag to be enabled on - <pkg>sys-libs/pam</pkg> or system login might be impossible. - </flag> - <flag name="consolekit"> - Enable pam_ck_connector module on local system logins. This - allows for console logins to make use of ConsoleKit - authorization. - </flag> - <flag name="elogind"> - Use pam_elogind module to register user sessions with elogind. - </flag> - <flag name="systemd"> - Use pam_systemd module to register user sessions in the systemd - control group hierarchy. - </flag> - <flag name="gnome-keyring"> - Enable pam_gnome_keyring module on system login stack. This - enables proper Gnome Keyring access to logins, whether they are - done with the login shell, a Desktop Manager or a remote login - systems such as SSH. - </flag> - <flag name="debug"> - Enable debug information logging on syslog(3) for all the - modules supporting this in the system authentication and system - login stacks. - </flag> - <flag name="passwdqc"> - Enable pam_passwdqc module on system auth stack for password - quality validation. This is an alternative to pam_cracklib - producing warnings, rejecting or providing example passwords - when changing your system password. It is used by default by - OpenWall GNU/*/Linux and by FreeBSD. - </flag> - <flag name="mktemp"> - Enable pam_mktemp module on system auth stack for session - handling. This module creates a private temporary directory for - the user, and sets TMP and TMPDIR accordingly. - </flag> - <flag name="pam_ssh"> - Enable pam_ssh module on system auth stack for authentication - and session handling. This module will accept as password the - passphrase of a private SSH key (one of ~/.ssh/id_rsa, - ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent - instance to cache the open key. - </flag> - <flag name="sha512"> - Switch Linux-PAM's pam_unix module to use sha512 for passwords - hashes rather than MD5. This option requires - <pkg>sys-libs/pam</pkg> version 1.0.1 built against - <pkg>sys-libs/glibc</pkg> version 2.7, if it's built against an - earlier version, it will silently be ignored, and MD5 hashes - will be used. All the passwords changed after this USE flag is - enabled will be saved to the shadow file hashed using SHA512 - function. The password previously saved will be left - untouched. Please note that while SHA512-hashed passwords will - still be recognised if the USE flag is removed, the shadow file - will not be compatible with systems using an earlier glibc - version. - </flag> - <flag name="pam_krb5"> - Enable pam_krb5 module on system auth stack, as an alternative - to pam_unix. If Kerberos authentication succeed, only pam_unix - will be ignore, and all the other modules will proceed as usual, - including Gnome Keyring and other session modules. It requires - <pkg>sys-libs/pam</pkg> as PAM implementation. - </flag> - <flag name="minimal"> - Disables the standard PAM modules that provide extra information - to users on login; this includes pam_tally (and pam_tally2 for - Linux PAM 1.1 and later), pam_lastlog, pam_motd and other - similar modules. This might not be a good idea on a multi-user - system but could reduce slightly the overhead on single-user - non-networked systems. - </flag> - <flag name="nullok"> - Enable the nullok option with the pam_unix module. This allows - people to login with blank passwords. - </flag> - <flag name="securetty"> - Enable pam_securetty module in the login stack. Not generally - relevant anymore as the login stack only refers to local logins - and local terminals imply secure access in the first place. - </flag> - </use> + <maintainer type="person"> + <email>zlog...@gentoo.org</email> + <name>Mikle Kolyada</name> + </maintainer> + <maintainer type="project"> + <email>pam-b...@gentoo.org</email> + </maintainer> + <use> + <flag name="cracklib"> + Enable pam_cracklib module on system authentication stack. This + produces warnings when changing password to something easily + crackable. It requires the same USE flag to be enabled on + <pkg>sys-libs/pam</pkg> or system login might be impossible. + </flag> + <flag name="consolekit"> + Enable pam_ck_connector module on local system logins. This + allows for console logins to make use of ConsoleKit + authorization. + </flag> + <flag name="elogind"> + Use pam_elogind module to register user sessions with elogind. + </flag> + <flag name="systemd"> + Use pam_systemd module to register user sessions in the systemd + control group hierarchy. + </flag> + <flag name="gnome-keyring"> + Enable pam_gnome_keyring module on system login stack. This + enables proper Gnome Keyring access to logins, whether they are + done with the login shell, a Desktop Manager or a remote login + systems such as SSH. + </flag> + <flag name="debug"> + Enable debug information logging on syslog(3) for all the + modules supporting this in the system authentication and system + login stacks. + </flag> + <flag name="passwdqc"> + Enable pam_passwdqc module on system auth stack for password + quality validation. This is an alternative to pam_cracklib + producing warnings, rejecting or providing example passwords + when changing your system password. It is used by default by + OpenWall GNU/*/Linux and by FreeBSD. + </flag> + <flag name="mktemp"> + Enable pam_mktemp module on system auth stack for session + handling. This module creates a private temporary directory for + the user, and sets TMP and TMPDIR accordingly. + </flag> + <flag name="pam_ssh"> + Enable pam_ssh module on system auth stack for authentication + and session handling. This module will accept as password the + passphrase of a private SSH key (one of ~/.ssh/id_rsa, + ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent + instance to cache the open key. + </flag> + <flag name="sha512"> + Switch Linux-PAM's pam_unix module to use sha512 for passwords + hashes rather than MD5. This option requires + <pkg>sys-libs/pam</pkg> version 1.0.1 built against + <pkg>sys-libs/glibc</pkg> version 2.7, if it's built against an + earlier version, it will silently be ignored, and MD5 hashes + will be used. All the passwords changed after this USE flag is + enabled will be saved to the shadow file hashed using SHA512 + function. The password previously saved will be left + untouched. Please note that while SHA512-hashed passwords will + still be recognised if the USE flag is removed, the shadow file + will not be compatible with systems using an earlier glibc + version. + </flag> + <flag name="pam_krb5"> + Enable pam_krb5 module on system auth stack, as an alternative + to pam_unix. If Kerberos authentication succeed, only pam_unix + will be ignore, and all the other modules will proceed as usual, + including Gnome Keyring and other session modules. It requires + <pkg>sys-libs/pam</pkg> as PAM implementation. + </flag> + <flag name="minimal"> + Disables the standard PAM modules that provide extra information + to users on login; this includes pam_tally (and pam_tally2 for + Linux PAM 1.1 and later), pam_lastlog, pam_motd and other + similar modules. This might not be a good idea on a multi-user + system but could reduce slightly the overhead on single-user + non-networked systems. + </flag> + <flag name="nullok"> + Enable the nullok option with the pam_unix module. This allows + people to login with blank passwords. + </flag> + <flag name="securetty"> + Enable pam_securetty module in the login stack. Not generally + relevant anymore as the login stack only refers to local logins + and local terminals imply secure access in the first place. + </flag> + </use> </pkgmetadata>
