pam rebootstrap fix for hurd-any

To: Helmut Grohne <helmut@subdivi.de>, debian-cross@lists.debian.org
Subject: pam rebootstrap fix for hurd-any
From: Samuel Thibault <sthibault@debian.org>
Date: Wed, 9 Jul 2025 16:52:55 +0200
Message-id: <[🔎] aG6CRz_FnAAj1C8w@begin>
Mail-followup-to: Samuel Thibault <sthibault@debian.org>, Helmut Grohne <helmut@subdivi.de>, debian-cross@lists.debian.org

Hello,

pam currently FTBFS in the hurd-any rebootstraps.
Here is a fix, also available in my tree

git@salsa.debian.org:sthibault/rebootstrap.git

as 7e18ea638d355e9598e9946f51364a7f14fdcb95

Samuel

commit 7e18ea638d355e9598e9946f51364a7f14fdcb95
Author: Samuel Thibault <samuel.thibault@ens-lyon.org>
Date:   Wed Jul 9 16:52:02 2025 +0200

    hurd: fix pam build

diff --git a/bootstrap.sh b/bootstrap.sh
index 37a625b..f824fc3 100755
--- a/bootstrap.sh
+++ b/bootstrap.sh
@@ -4080,6 +4080,155 @@ mark_built build-essential
 
 automatically_cross_build_packages
 
+patch_pam() {
+	dpkg-architecture "-a$HOST_ARCH" -ihurd-any || return 0
+	echo "fixing hurd build #1109006"
+	drop_privs patch -p0 <<'EOF'
+--- debian/libpam-modules-bin.install.original	2023-05-06 09:56:45.000000000 +0000
++++ debian/libpam-modules-bin.install	2023-05-06 09:57:00.000000000 +0000
+@@ -1,8 +1,9 @@
++#!/usr/bin/dh-exec
+ usr/sbin/unix_chkpwd
+-usr/sbin/unix_update
++[linux-any] usr/sbin/unix_update
+ usr/sbin/mkhomedir_helper
+-usr/sbin/pam_namespace_helper
++[linux-any] usr/sbin/pam_namespace_helper
+ usr/sbin/pwhistory_helper
+ usr/sbin/pam_timestamp_check
+ usr/sbin/faillock
+-usr/lib/systemd/system/pam_namespace.service
++[linux-any] usr/lib/systemd/system/pam_namespace.service
+EOF
+	chmod +x debian/libpam-modules-bin.install
+	echo "fixing hurd build #1109006 https://github.com/linux-pam/linux-pam/pull/917";
+	drop_privs patch -p1 <<'EOF'
+diff --git a/libpam/pam_modutil_priv.c b/libpam/pam_modutil_priv.c
+index a463e06a..456987ae 100644
+--- a/libpam/pam_modutil_priv.c
++++ b/libpam/pam_modutil_priv.c
+@@ -14,7 +14,9 @@
+ #include <syslog.h>
+ #include <pwd.h>
+ #include <grp.h>
++#ifdef HAVE_SYS_FSUID_H
+ #include <sys/fsuid.h>
++#endif /* HAVE_SYS_FSUID_H */
+ 
+ /*
+  * Two setfsuid() calls in a row are necessary to check
+@@ -22,17 +24,35 @@
+  */
+ static int change_uid(uid_t uid, uid_t *save)
+ {
++#ifdef HAVE_SYS_FSUID_H
+ 	uid_t tmp = setfsuid(uid);
+ 	if (save)
+ 		*save = tmp;
+ 	return (uid_t) setfsuid(uid) == uid ? 0 : -1;
++#else
++	uid_t tmp = geteuid();
++	if (save)
++		*save = tmp;
++	if (setresuid(-1, uid, tmp) < 0)
++		return -1;
++	return 0;
++#endif
+ }
+ static int change_gid(gid_t gid, gid_t *save)
+ {
++#ifdef HAVE_SYS_FSUID_H
+ 	gid_t tmp = setfsgid(gid);
+ 	if (save)
+ 		*save = tmp;
+ 	return (gid_t) setfsgid(gid) == gid ? 0 : -1;
++#else
++	uid_t tmp = getegid();
++	if (save)
++		*save = tmp;
++	if (setresgid(-1, gid, tmp) < 0)
++		return -1;
++	return 0;
++#endif
+ }
+ 
+ static int cleanup(struct pam_modutil_privs *p)
+diff --git a/meson.build b/meson.build
+index 0827a53e..943bf8d5 100644
+--- a/meson.build
++++ b/meson.build
+@@ -164,6 +164,7 @@ check_headers = [
+   'crypt.h',
+   'paths.h',
+   'sys/random.h',
++  'sys/fsuid.h',
+ ]
+ foreach h: check_headers
+   if cc.has_header(h)
+EOF
+	echo "fixing hurd build #1109006 https://github.com/linux-pam/linux-pam/pull/909";
+	drop_privs patch -p1 <<'EOF'
+commit 2311b4801401e567dffa4f70b6a9973b1762d8cd
+Author: Pino Toscano <toscano.pino@tiscali.it>
+Date:   Sun Jun 15 10:58:33 2025 +0200
+
+    pam_xauth: provide fallback HOST_NAME_MAX
+    
+    Followup of commit 2e375aad04d047e12468f93300ad7e42a8a03ff3 for OSes
+    that do not provide the optional HOST_NAME_MAX, in the same way as
+    currently done in pam_echo.
+
+diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c
+index f6419ced..b3ba5c49 100644
+--- a/modules/pam_xauth/pam_xauth.c
++++ b/modules/pam_xauth/pam_xauth.c
+@@ -83,6 +83,10 @@ static const char * const xauthpaths[] = {
+ 	"/usr/bin/X11/xauth"
+ };
+ 
++#ifndef HOST_NAME_MAX
++# define HOST_NAME_MAX 255
++#endif
++
+ /* Run a given command (with a NULL-terminated argument list), feeding it the
+  * given input on stdin, and storing any output it generates. */
+ static int
+EOF
+	echo "fixing hurd build #1109006 https://github.com/linux-pam/linux-pam/pull/918";
+	drop_privs patch -p1 <<'EOF'
+diff --git a/examples/tty_conv.c b/examples/tty_conv.c
+index 59bbb3b3..e64e25f8 100644
+--- a/examples/tty_conv.c
++++ b/examples/tty_conv.c
+@@ -18,7 +18,7 @@
+ static void echoOff(int fd, int off)
+ {
+     struct termios tty;
+-    if (ioctl(fd, TCGETA, &tty) < 0)
++    if (tcgetattr(fd, &tty) < 0)
+     {
+         fprintf(stderr, "TCGETA failed: %s\n", strerror(errno));
+         return;
+@@ -27,7 +27,7 @@ static void echoOff(int fd, int off)
+     if (off)
+     {
+         tty.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL);
+-        if (ioctl(fd, TCSETAF, &tty) < 0)
++        if (tcsetattr(fd, 0, &tty) < 0)
+         {
+             fprintf(stderr, "TCSETAF failed: %s\n", strerror(errno));
+         }
+@@ -35,7 +35,7 @@ static void echoOff(int fd, int off)
+     else
+     {
+         tty.c_lflag |= (ECHO | ECHOE | ECHOK | ECHONL);
+-        if (ioctl(fd, TCSETAW, &tty) < 0)
++        if (tcsetattr(fd, TCSADRAIN, &tty) < 0)
+         {
+             fprintf(stderr, "TCSETAW failed: %s\n", strerror(errno));
+         }
+EOF
+}
 cross_build pam stage1 pam_1
 mark_built pam
 # needed by shadow

Reply to:

Prev by Date: Re: Why does dpkg-shlibdeps look at the target architecture?
Next by Date: Add m4 for debhelper
Previous by thread: lz4 rebootstrap fix for hurd-any
Next by thread: Add m4 for debhelper
Index(es):
- Date
- Thread