This includes autoconf checks so we only build auth-pam on systems that have
security/pam_appl.h
---
Makefile.am | 17 +++++++++++++++++
configure.ac | 10 ++++++++++
m4/README | 3 +++
plugin/README | 13 +++++++------
4 files changed, 37 insertions(+), 6 deletions(-)
create mode 100644 m4/README
diff --git a/Makefile.am b/Makefile.am
index 41f2008..0047900 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -30,6 +30,8 @@ LDADD = @LIBOBJS@
# INSTALL targets:
AUTOMAKE_OPTIONS = foreign
+ACLOCAL_AMFLAGS = -I m4
+
MAINTAINERCLEANFILES = \
config.log config.status \
$(srcdir)/Makefile.in \
@@ -149,6 +151,21 @@ configure.h: Makefile
awk -f $(srcdir)/configure_h.awk config.h > $@
awk -f $(srcdir)/configure_log.awk config.log >> $@
+# building default plugins
+pkglib_LTLIBRARIES = down-root.la
+if HAVE_PAM
+pkglib_LTLIBRARIES += auth-pam.la
+endif
+libtoolmoduleflags = -module -avoid-version
+down_root_la_SOURCES = plugin/down-root/down-root.c
+down_root_la_LDFLAGS = $(libtoolmoduleflags)
+
+auth_pam_la_SOURCES = plugin/auth-pam/auth-pam.c \
+ plugin/auth-pam/pamdl.h \
+ plugin/auth-pam/pamdl.c
+auth_pam_la_LIBADD = -lpam
+auth_pam_la_LDFLAGS = $(libtoolmoduleflags)
+
dist-hook:
cd $(distdir) && for i in $(EXTRA_DIST) $(SUBDIRS) ; do find $$i -name
.svn -type d -prune -exec rm -rf '{}' ';' ; rm -f `find $$i -type f | grep -E
'(^|\/)\.?\#|\~$$|\.s?o$$'` ; done
diff --git a/configure.ac b/configure.ac
index e1ca65e..6401095 100644
--- a/configure.ac
+++ b/configure.ac
@@ -29,6 +29,7 @@ m4_include(version.m4)
AC_INIT([OpenVPN], [PRODUCT_VERSION], [[email protected]],
[openvpn])
AM_CONFIG_HEADER(config.h)
AC_CONFIG_SRCDIR(syshead.h)
+AC_CONFIG_MACRO_DIR([m4])
dnl Guess host type.
AC_CANONICAL_HOST
@@ -338,6 +339,11 @@ dnl Checks for programs.
AC_PROG_CC
AC_PROG_INSTALL
AC_PROG_GCC_TRADITIONAL
+LT_INIT([disable-static])
+dnl we need to dlopen() things, later, we might
+dnl look into libltdl stuff that can possibly link the plugin
+dnl statically, but I suppose that takes changes to plugin.? code,
+dnl too. -- Matthias Andree, 2011-01-06
if test "${WIN32}" = "yes"; then
AC_ARG_VAR([MAN2HTML], [man2html utility])
@@ -379,7 +385,9 @@ if test "${WIN32}" != "yes"; then
netinet/tcp.h arpa/inet.h dnl
netdb.h sys/uio.h linux/if_tun.h linux/sockios.h dnl
linux/types.h sys/poll.h sys/epoll.h err.h dnl
+ security/pam_appl.h dnl
)
+
AC_CHECK_HEADERS(net/if.h,,,
[#ifdef HAVE_SYS_TYPES_H
# include <sys/types.h>
@@ -422,6 +430,8 @@ if test "${WIN32}" != "yes"; then
])
fi
+AM_CONDITIONAL(HAVE_PAM, test "$ac_cv_header_security_pam_appl_h" = yes)
+
AC_CACHE_SAVE
dnl check that in_addr_t is defined
diff --git a/m4/README b/m4/README
new file mode 100644
index 0000000..8f83679
--- /dev/null
+++ b/m4/README
@@ -0,0 +1,3 @@
+This directory is empty in the Git repository and gets
+populated by libtoolize (which is usually run automatically from
+autoreconf).
diff --git a/plugin/README b/plugin/README
index 6e490c5..7f8d805 100644
--- a/plugin/README
+++ b/plugin/README
@@ -2,8 +2,8 @@ OpenVPN Plugins
---------------
Starting with OpenVPN 2.0-beta17, compiled plugin modules are
-supported on any *nix OS which includes libdl or on Windows.
-One or more modules may be loaded into OpenVPN using
+supported on any *nix OS which includes libdl, or on Windows.
+ One or more modules may be loaded into OpenVPN using
the --plugin directive, and each plugin module is capable of
intercepting any of the script callbacks which OpenVPN supports:
@@ -28,7 +28,7 @@ auth-pam -- Authenticate using PAM and a split privilege
execution model which functions even if
root privileges or the execution environment
have been altered with --user/--group/--chroot.
- Tested on Linux only.
+ Tested on Linux only.
down-root -- Enable the running of down scripts with root privileges
even if --user/--group/--chroot have been used
@@ -42,6 +42,7 @@ examples -- A simple example that demonstrates a portable
Building Plugins
----------------
-cd to the top-level directory of a plugin, and use the
-"make" command to build it. The examples plugin is
-built using a build script, not a makefile.
+The auth-pam and down-root modules are built as part of the regular
+OpenVPN build. Other than that, cd to the top-level directory of a
+plugin, and use the "make" command to build it. The examples plugin is
+built using a build script, not a Makefile.
--
1.7.1
