mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-11-15 07:31:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

build_library: Add a check for PAM configs

Browse Source 
This is to make sure that all the packages installing pam configs
actually have them in the vendor directory.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
This commit is contained in:
Krzesimir Nowak 2025-08-27 16:10:08 +02:00
parent 8ed59960ee
commit 8718063db2
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
build_library/prod_image_util.sh
View File

@ -158,10 +158,14 @@ create_prod_image() {
L+ /etc/ld.so.conf - - - - ../usr/lib/ld.so.conf
EOF
# Move the PAM configuration into /usr
sudo mkdir -p ${root_fs_dir}/usr/lib/pam.d
sudo mv -n ${root_fs_dir}/etc/pam.d/* ${root_fs_dir}/usr/lib/pam.d/
sudo rmdir ${root_fs_dir}/etc/pam.d
local -a bad_pam_files
mapfile -t -d '' bad_pam_files < <(find "${root_fs_dir}"/etc/security "${root_fs_dir}"/etc/pam.d ! -type d ! -name '.keep*' -print0)
if [[ ${#bad_pam_files[@]} -gt 0 ]]; then
error "Found following PAM config files: ${bad_pam_files[@]#"${root_fs_dir}"}"
error "Expected them to be either removed or, better, vendored (/etc/pam.d files should be in /usr/lib/pam, /etc/security files should be in /usr/lib/pam/security)."
error "Vendoring can be done with vendorize_pam_files inside a post_src_install hook for the package that installed the config file."
die "PAM config errors spotted"
fi
# Remove source locale data, only need to ship the compiled archive.
sudo rm -rf ${root_fs_dir}/usr/share/i18n/