From 670b40d79ec8cfa0662eff5e9df438e618971515 Mon Sep 17 00:00:00 2001 From: Eric Hameleers Date: Thu, 13 Feb 2020 22:31:04 +0100 Subject: Add support for building Plasma5 on a PAM-ified Slackware The variable SLACKPAM is set to "yes" in kde/kde.options if PAM is found installed on the system. Otherwise it is set to "no" and this is meant to add support for PAM. These packages will be supplied by a pam-ified Slackware, so they should not be installed from 'ktown': deps:ConsoleKit2,cracklib,libpwquality These packages will react to SLACKPAM variable setting: plasma:kscreenlocker,plasma-workspace plasma-extra:sddm-qt5 Uncomment in kde/modules/plasma and compile: plasma:kwallet-pam --- kde/cmake/kscreenlocker | 10 +++++++--- kde/cmake/sddm-qt5 | 8 ++++++-- kde/doinst.sh/sddm-qt5 | 7 +++++++ kde/kde.options | 7 +++++++ kde/modules/plasma | 2 +- kde/post-install/plasma-workspace.post-install | 20 ++++++++++++-------- kde/post-install/plasma-workspace/pam.d/kde | 9 +++++++++ kde/post-install/sddm-qt5.post-install | 18 ++++++++++++++++-- kde/post-install/sddm-qt5/pam.d/sddm | 15 +++++++++++++++ kde/post-install/sddm-qt5/pam.d/sddm-autologin | 14 ++++++++++++++ kde/post-install/sddm-qt5/pam.d/sddm-greeter | 18 ++++++++++++++++++ kde/slack-desc/kwallet-pam | 19 +++++++++++++++++++ 12 files changed, 131 insertions(+), 16 deletions(-) create mode 100644 kde/post-install/plasma-workspace/pam.d/kde create mode 100644 kde/post-install/sddm-qt5/pam.d/sddm create mode 100644 kde/post-install/sddm-qt5/pam.d/sddm-autologin create mode 100644 kde/post-install/sddm-qt5/pam.d/sddm-greeter create mode 100644 kde/slack-desc/kwallet-pam (limited to 'kde') diff --git a/kde/cmake/kscreenlocker b/kde/cmake/kscreenlocker index 943d246..7141030 100644 --- a/kde/cmake/kscreenlocker +++ b/kde/cmake/kscreenlocker @@ -1,6 +1,13 @@ +if [ "$SLACKPAM" == "no" ]; then + DO_SLACKPAM="-DHAVE_SHADOW=TRUE -DPAM_REQUIRED=OFF" +else + DO_SLACKPAM="" +fi + mkdir build cd build cmake \ + $DO_SLACKPAM \ $KDE_OPT_ARGS \ -DKDE_PLATFORM_FEATURE_DISABLE_DEPRECATED=TRUE \ -DCMAKE_C_FLAGS:STRING="$SLKCFLAGS" \ @@ -17,9 +24,6 @@ cd build -DQT_PLUGIN_INSTALL_DIR=lib$LIBDIRSUFFIX/qt5/plugins \ -DQML_INSTALL_DIR=lib$LIBDIRSUFFIX/qt5/qml \ -DKDE_INSTALL_USE_QT_SYS_PATHS=ON \ - -DBUILD_TESTING=OFF \ - -DHAVE_SHADOW=TRUE \ - -DPAM_REQUIRED=OFF \ -DQca-qt5_DIR=/usr/lib${LIBDIRSUFFIX}/cmake/Qca \ .. diff --git a/kde/cmake/sddm-qt5 b/kde/cmake/sddm-qt5 index fe0b89d..1265dc5 100644 --- a/kde/cmake/sddm-qt5 +++ b/kde/cmake/sddm-qt5 @@ -1,8 +1,13 @@ -# Switch the two booleans USE_QT4 and USE_QT5 to build a Qt4 version instead. +if [ "$SLACKPAM" == "no" ]; then + DO_SLACKPAM="-DENABLE_PAM:BOOL=OFF" +else + DO_SLACKPAM="" +fi mkdir -p build cd build cmake \ + $DO_SLACKPAM \ -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_C_FLAGS:STRING="$SLKCFLAGS" \ -DCMAKE_C_FLAGS_RELEASE:STRING="$SLKCFLAGS" \ @@ -13,6 +18,5 @@ cd build -DUSE_QT4:BOOL=FALSE \ -DUSE_QT5:BOOL=TRUE \ -DENABLE_JOURNALD:BOOL=OFF \ - -DENABLE_PAM:BOOL=OFF \ .. diff --git a/kde/doinst.sh/sddm-qt5 b/kde/doinst.sh/sddm-qt5 index d747215..09a1ccf 100644 --- a/kde/doinst.sh/sddm-qt5 +++ b/kde/doinst.sh/sddm-qt5 @@ -80,3 +80,10 @@ if [ -f etc/sddm.conf.new ]; then fi # And our defaults file: config etc/default/sddm.new + +# Also the session scripts: +config usr/share/sddm/scripts/Xsession.new +config usr/share/sddm/scripts/Xsetup.new +config usr/share/sddm/scripts/Xstop.new +config usr/share/sddm/scripts/wayland-session.new + diff --git a/kde/kde.options b/kde/kde.options index ac89033..147cac7 100644 --- a/kde/kde.options +++ b/kde/kde.options @@ -54,3 +54,10 @@ fi # Do not use "final build" unless we build an actual release. export KDE_OPT_ARGS=" -Wno-dev -DBUILD_TESTING=OFF -DKDE4_BUILD_TESTS=OFF -DSITE=\"slackware.com\" -DKDE_DISTRIBUTION_TEXT=\"volkerdi@slackware.com\" " +# Choose correct options depending on whether PAM is installed: +if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then + SLACKPAM=${SLACKPAM:-"yes"} +else + SLACKPAM=${SLACKPAM:-"no"} +fi + diff --git a/kde/modules/plasma b/kde/modules/plasma index 3c8db9d..6880383 100644 --- a/kde/modules/plasma +++ b/kde/modules/plasma @@ -43,8 +43,8 @@ xdg-desktop-portal-kde drkonqi plasma-vault plasma-browser-integration +kwallet-pam #plymouth-kcm -#kwallet-pam #discover #plasma-thunderbolt diff --git a/kde/post-install/plasma-workspace.post-install b/kde/post-install/plasma-workspace.post-install index 19e5c71..e0dbe78 100644 --- a/kde/post-install/plasma-workspace.post-install +++ b/kde/post-install/plasma-workspace.post-install @@ -12,10 +12,6 @@ cat $CWD/post-install/plasma-workspace/scripts/startkwayland \ > $PKG/usr/bin/startkwayland chmod 0755 $PKG/usr/bin/startkwayland -# ck-launch-session is needed for a Wayland session, since we do not have PAM: -sed -e 's/^Exec=dbus-launch/Exec=ck-launch-session dbus-launch --sh-syntax/' \ - -i $PKG/usr/share/wayland-sessions/plasmawayland.desktop - # Add a "fail-safe" version of KDE Plasma desktop session. # Prefix the name with "z_" because SDDM is braindead: mkdir -p $PKG/usr/share/xsessions @@ -31,8 +27,16 @@ rmdir $PKG/usr/lib$LIBDIRSUFFIX/qt5/plugins/plugins mkdir -p $PKG/etc mv $PKG//etc/kde/dbus-1 $PKG/etc/ -# For shadow, this file needs to be setuid root just like the KDE4 version: -if [ -f $PKG/usr/lib$LIBDIRSUFFIX/kcheckpass ]; then - chmod +s $PKG/usr/lib$LIBDIRSUFFIX/kcheckpass -fi +if [ "$SLACKPAM" == "no" ]; then + # For shadow, this file needs to be setuid root just like the KDE4 version: + if [ -f $PKG/usr/lib$LIBDIRSUFFIX/kcheckpass ]; then + chmod +s $PKG/usr/lib$LIBDIRSUFFIX/kcheckpass + fi + # ck-launch-session is needed for a Wayland session, since we do not have PAM: + sed -e 's/^Exec=dbus-launch/Exec=ck-launch-session dbus-launch --sh-syntax/' \ + -i $PKG/usr/share/wayland-sessions/plasmawayland.desktop +else + # Install a PAM file for Plasma5 workspace: + install -Dm644 $CWD/post-install/plasma-workspace/pam.d/kde $PKG/etc/pam.d/kde +fi diff --git a/kde/post-install/plasma-workspace/pam.d/kde b/kde/post-install/plasma-workspace/pam.d/kde new file mode 100644 index 0000000..7acfd90 --- /dev/null +++ b/kde/post-install/plasma-workspace/pam.d/kde @@ -0,0 +1,9 @@ +#%PAM-1.0 +auth include system-auth +auth include postlogin +account include system-auth +password include system-auth +session include system-auth +session required pam_loginuid.so +session optional pam_ck_connector.so nox11 +session include postlogin diff --git a/kde/post-install/sddm-qt5.post-install b/kde/post-install/sddm-qt5.post-install index 1a39fd0..006e234 100644 --- a/kde/post-install/sddm-qt5.post-install +++ b/kde/post-install/sddm-qt5.post-install @@ -1,9 +1,23 @@ -# Remove PAM related stuff: -rm -rf $PKG/etc/pam.d +if [ "$SLACKPAM" == "no" ]; then + # Remove PAM related stuff: + rm -rf $PKG/etc/pam.d +else + # Replace systemd-centric files with ours: + rm -f $PKG/etc/pam.d/sddm* + for FILE in sddm sddm-autologin sddm-greeter ; do + install -Dm644 $CWD/post-install/sddm-qt5/pam.d/$FILE $PKG/etc/pam.d/$FILE + done +fi # Remove the sddm.conf file because we will generate our own in doinst.sh: rm -f $PKG/etc/sddm.conf +# Ensure that user customizations to the session files are not lost: +mv $PKG/usr/share/sddm/scripts/Xsession{,.new} +mv $PKG/usr/share/sddm/scripts/Xsetup{,.new} +mv $PKG/usr/share/sddm/scripts/Xstop{,.new} +mv $PKG/usr/share/sddm/scripts/wayland-session{,.new} + # Add a wrapper for the sddm binary, to enable a custom environment: mv $PKG/usr/bin/sddm $PKG/usr/bin/sddm.bin cat <<"EOT" > $PKG/usr/bin/sddm diff --git a/kde/post-install/sddm-qt5/pam.d/sddm b/kde/post-install/sddm-qt5/pam.d/sddm new file mode 100644 index 0000000..9dcda93 --- /dev/null +++ b/kde/post-install/sddm-qt5/pam.d/sddm @@ -0,0 +1,15 @@ +#%PAM-1.0 + +auth include login +-auth optional pam_gnome_keyring.so +-auth optional pam_kwallet5.so + +account include login + +password include login +-password optional pam_gnome_keyring.so use_authtok + +session optional pam_keyinit.so force revoke +session include login +-session optional pam_gnome_keyring.so auto_start +-session optional pam_kwallet5.so auto_start diff --git a/kde/post-install/sddm-qt5/pam.d/sddm-autologin b/kde/post-install/sddm-qt5/pam.d/sddm-autologin new file mode 100644 index 0000000..fe410bb --- /dev/null +++ b/kde/post-install/sddm-qt5/pam.d/sddm-autologin @@ -0,0 +1,14 @@ +#%PAM-1.0 +auth required pam_env.so +auth include system-auth +auth include postlogin +-auth optional pam_gnome_keyring.so +-auth optional pam_kwallet5.so +account include system-auth +password include system-auth +session include system-auth +session required pam_loginuid.so +session optional pam_ck_connector.so nox11 +session include postlogin +-session optional pam_gnome_keyring.so auto_start +-session optional pam_kwallet5.so auto_start diff --git a/kde/post-install/sddm-qt5/pam.d/sddm-greeter b/kde/post-install/sddm-qt5/pam.d/sddm-greeter new file mode 100644 index 0000000..7c77b68 --- /dev/null +++ b/kde/post-install/sddm-qt5/pam.d/sddm-greeter @@ -0,0 +1,18 @@ +#%PAM-1.0 + +# Load environment from /etc/environment and ~/.pam_environment +auth required pam_env.so + +# Always let the greeter start without authentication +auth required pam_permit.so + +# No action required for account management +account required pam_permit.so + +# Can't change password +password required pam_deny.so + +# Setup session +session required pam_unix.so +session optional pam_systemd.so +session optional pam_elogind.so diff --git a/kde/slack-desc/kwallet-pam b/kde/slack-desc/kwallet-pam new file mode 100644 index 0000000..dce404f --- /dev/null +++ b/kde/slack-desc/kwallet-pam @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +kwallet-pam: kwallet-pam (KWallet PAM integration) +kwallet-pam: +kwallet-pam: KWallet PAM integration. +kwallet-pam: +kwallet-pam: +kwallet-pam: +kwallet-pam: +kwallet-pam: +kwallet-pam: +kwallet-pam: See https://www.kde.org/workspaces/plasmadesktop/ +kwallet-pam: -- cgit v1.2.3