summaryrefslogtreecommitdiff
path: root/extra/source
diff options
context:
space:
mode:
Diffstat (limited to 'extra/source')
-rwxr-xr-xextra/source/bash-completion/bash-completion.SlackBuild7
-rw-r--r--extra/source/bash-completion/slackpkg-slapt-get-Update-the-list-of-package-sets.patch48
-rwxr-xr-xextra/source/brltty/brltty.SlackBuild8
-rw-r--r--extra/source/brltty/brltty.brlapi.pyx.diff11
-rwxr-xr-xextra/source/emacspeak/emacspeak.SlackBuild4
-rw-r--r--extra/source/emacspeak/emacspeak.tcl8.6.diff (renamed from extra/source/emacspeak/emacspeak.tcl8.5.diff)6
-rwxr-xr-xextra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild48
-rw-r--r--extra/source/grub/grub-0.97-x86_64.patch809
-rwxr-xr-xextra/source/grub/grub.SlackBuild121
-rw-r--r--extra/source/grub/grub_support_256byte_inode.patch94
-rw-r--r--extra/source/grub/grubconfig_localefix.patch32
-rw-r--r--extra/source/grub/slack-desc19
-rwxr-xr-xextra/source/pam/make-pam-solibs-for-chrome.sh84
-rwxr-xr-xextra/source/pam/pam.SlackBuild173
-rw-r--r--extra/source/pam/patches/pam-1.0.90-redhat-modules.patch23
-rw-r--r--extra/source/pam/patches/pam-1.0.91-std-noclose.patch98
-rw-r--r--extra/source/pam/patches/pam-1.1.0-notally.patch12
-rw-r--r--extra/source/pam/patches/pam-1.1.1-faillock.patch1712
-rw-r--r--extra/source/pam/patches/pam-1.1.2-noflex.patch27
-rw-r--r--extra/source/pam/patches/pam-1.1.3-faillock-screensaver.patch167
-rw-r--r--extra/source/pam/patches/pam-1.1.3-limits-nosetreuid.patch64
-rw-r--r--extra/source/pam/patches/pam-1.1.3-limits-range.patch351
-rw-r--r--extra/source/pam/patches/pam-1.1.3-nouserenv.patch27
-rw-r--r--extra/source/pam/patches/pam-1.1.3-pwhistory-incomplete.patch54
-rw-r--r--extra/source/pam/patches/pam-1.1.3-securetty-console.patch120
-rw-r--r--extra/source/pam/slack-desc19
-rwxr-xr-xextra/source/partitionmanager/fetch-source.sh22
-rwxr-xr-xextra/source/partitionmanager/partitionmanager.SlackBuild4
-rw-r--r--extra/source/tigervnc/patches/tigervnc11-java7.patch12
-rw-r--r--extra/source/tigervnc/patches/tigervnc11-xorg110.patch88
-rw-r--r--extra/source/tigervnc/patches/tigervnc11-xorg111.patch236
-rw-r--r--extra/source/tigervnc/patches/tigervnc11-xorg112.patch429
-rw-r--r--extra/source/tigervnc/patches/tigervnc11-xorg113.patch171
-rw-r--r--extra/source/tigervnc/patches/tigervnc11-xorg114.patch24
-rw-r--r--extra/source/tigervnc/patches/tigervnc11-xorg_headers.patch16
-rw-r--r--extra/source/tigervnc/slack-desc19
-rwxr-xr-xextra/source/tigervnc/tigervnc.SlackBuild311
-rw-r--r--extra/source/tightvnc/doinst.sh24
-rw-r--r--extra/source/tightvnc/slack-desc19
-rwxr-xr-xextra/source/tightvnc/tightvnc.SlackBuild128
-rw-r--r--extra/source/tightvnc/tightvnc.paths-and-perms.diff52
-rw-r--r--extra/source/wicd/slack-desc2
-rwxr-xr-xextra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild10
43 files changed, 1399 insertions, 4306 deletions
diff --git a/extra/source/bash-completion/bash-completion.SlackBuild b/extra/source/bash-completion/bash-completion.SlackBuild
index 5fa23f6c..7a4634f8 100755
--- a/extra/source/bash-completion/bash-completion.SlackBuild
+++ b/extra/source/bash-completion/bash-completion.SlackBuild
@@ -22,9 +22,9 @@
# Slackware build script for bash-completion
-VERSION=2.0
+VERSION=2.1
ARCH=noarch
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-1}
CWD=$(pwd)
TMP=${TMP:-/tmp}
@@ -46,9 +46,6 @@ find . \
# Fixup sh completion for us
zcat $CWD/fixup-sh-script-completions.diff.gz | patch -p1 --verbose || exit 1
-# Support the XFCE package set
-zcat $CWD/slackpkg-slapt-get-Update-the-list-of-package-sets.patch.gz | patch -p1 --verbose || exit 1
-
./configure \
--prefix=/usr \
--sysconfdir=/etc \
diff --git a/extra/source/bash-completion/slackpkg-slapt-get-Update-the-list-of-package-sets.patch b/extra/source/bash-completion/slackpkg-slapt-get-Update-the-list-of-package-sets.patch
deleted file mode 100644
index da7f08e6..00000000
--- a/extra/source/bash-completion/slackpkg-slapt-get-Update-the-list-of-package-sets.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From 371fb91b213c3bb4b86eb22e09701ec1be18b7dd Mon Sep 17 00:00:00 2001
-From: Igor Murzov <e-mail@date.by>
-Date: Wed, 25 Jul 2012 02:39:23 +0400
-Subject: [PATCH] slackpkg, slapt-get: Update the list of package sets.
-
-Xfce has its own package set in Slackware-14.0.
----
- completions/slackpkg | 4 ++--
- completions/slapt-get | 2 +-
- 2 files changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/completions/slackpkg b/completions/slackpkg
-index 1be2f95..dab9c6d 100644
---- a/completions/slackpkg
-+++ b/completions/slackpkg
-@@ -70,14 +70,14 @@ _slackpkg()
- remove)
- _filedir
- COMPREPLY+=( $( compgen -W 'a ap d e f k kde kdei l n t tcl x
-- xap y' -- "$cur" ) )
-+ xap xfce y' -- "$cur" ) )
- COMPREPLY+=( $( cd /var/log/packages; compgen -f -- "$cur" ) )
- return
- ;;
- install|reinstall|upgrade|blacklist|download)
- _filedir
- COMPREPLY+=( $( compgen -W 'a ap d e f k kde kdei l n t tcl x
-- xap y' -- "$cur" ) )
-+ xap xfce y' -- "$cur" ) )
- COMPREPLY+=( $( cut -f 6 -d\ "${WORKDIR}/pkglist" 2> /dev/null | \
- grep "^$cur" ) )
- return
-diff --git a/completions/slapt-get b/completions/slapt-get
-index ff42660..93d110b 100644
---- a/completions/slapt-get
-+++ b/completions/slapt-get
-@@ -70,7 +70,7 @@ _slapt_get()
- ;;
- set) # --install-set
- COMPREPLY=( $( compgen -W 'a ap d e f k kde kdei l n t tcl x
-- xap y' -- "$cur" ) )
-+ xap xfce y' -- "$cur" ) )
- return
- ;;
- esac
---
-1.7.11.1
-
diff --git a/extra/source/brltty/brltty.SlackBuild b/extra/source/brltty/brltty.SlackBuild
index 513c0989..4678d34a 100755
--- a/extra/source/brltty/brltty.SlackBuild
+++ b/extra/source/brltty/brltty.SlackBuild
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# Copyright 2010, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@@ -30,7 +30,7 @@ if [ ! -d $TMP ]; then
fi
PKG=/tmp/package-brltty
-VERSION=4.4
+VERSION=4.5
BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
@@ -56,6 +56,8 @@ rm -rf brltty-$VERSION
tar xvf $CWD/brltty-$VERSION.tar.?z* || exit 1
cd brltty-$VERSION
+zcat $CWD/brltty.brlapi.pyx.diff.gz | patch -p1 --verbose || exit 1
+
sh autogen
chown -R root:root .
@@ -72,6 +74,8 @@ find . -perm 600 -exec chmod 644 {} \;
--infodir=/usr/info \
--mandir=/usr/man \
--sysconfdir=/etc \
+ --localstatedir=/var \
+ --disable-java-bindings \
--build=$ARCH-slackware-linux
make -j2 || exit 1
make install INSTALL_ROOT=$PKG || exit 1
diff --git a/extra/source/brltty/brltty.brlapi.pyx.diff b/extra/source/brltty/brltty.brlapi.pyx.diff
new file mode 100644
index 00000000..be58ca6c
--- /dev/null
+++ b/extra/source/brltty/brltty.brlapi.pyx.diff
@@ -0,0 +1,11 @@
+--- ./Bindings/Python/brlapi.pyx.orig 2013-04-01 15:37:26.000000000 -0500
++++ ./Bindings/Python/brlapi.pyx 2013-09-09 18:01:39.196869555 -0500
+@@ -497,7 +497,7 @@
+ if (type(dots) == unicode):
+ dots = dots.encode('latin1')
+ if (len(dots) < dispSize):
+- dots = dots + b"".center(dispSize - len(dots), '\0')
++ dots = dots + "".center(dispSize - len(dots), '\0')
+ c_dots = dots
+ c_udots = <unsigned char *>c_dots
+ c_brlapi.Py_BEGIN_ALLOW_THREADS
diff --git a/extra/source/emacspeak/emacspeak.SlackBuild b/extra/source/emacspeak/emacspeak.SlackBuild
index f6d04773..151bbd99 100755
--- a/extra/source/emacspeak/emacspeak.SlackBuild
+++ b/extra/source/emacspeak/emacspeak.SlackBuild
@@ -74,8 +74,8 @@ find . -perm 511 -exec chmod 755 {} \;
find . -perm 711 -exec chmod 755 {} \;
find . -perm 555 -exec chmod 755 {} \;
-# Patch to use Tcl 8.5:
-zcat $CWD/emacspeak.tcl8.5.diff.gz | patch -p1 || exit 1
+# Patch to use Tcl 8.6:
+zcat $CWD/emacspeak.tcl8.6.diff.gz | patch -p1 || exit 1
# Compile the main program against Emacs:
make config
diff --git a/extra/source/emacspeak/emacspeak.tcl8.5.diff b/extra/source/emacspeak/emacspeak.tcl8.6.diff
index 41a003e2..9cfe0374 100644
--- a/extra/source/emacspeak/emacspeak.tcl8.5.diff
+++ b/extra/source/emacspeak/emacspeak.tcl8.6.diff
@@ -5,7 +5,7 @@
LABEL=1.1
DIST=software-dtk-$(LABEL)
-TCL_VERSION=8.4
-+TCL_VERSION=8.5
++TCL_VERSION=8.6
CFLAGS+=-O3 -fpic -pedantic -ansi -Wall -I/usr/include/tcl$(TCL_VERSION)
CPPFLAGS+=-DSTDC_HEADERS=1 -Dclock_t=long -DRETSIGTYPE=void
INSTALL=install
@@ -16,7 +16,7 @@
LIBPARENTDIR = ${PREFIX}/share/emacs/site-lisp
LIBDIR =$(LIBPARENTDIR)/emacspeak/servers/linux-espeak
-TCL_VERSION = 8.4
-+TCL_VERSION = 8.5
++TCL_VERSION = 8.6
TCL_INCLUDE= /usr/include/tcl$(TCL_VERSION)
CXXFLAGS+= -g -O2 -fPIC -DPIC -pedantic -ansi -Wall -Wno-long-long -I$(TCL_INCLUDE)
@@ -27,7 +27,7 @@
LIBDIR =$(LIBPARENTDIR)/emacspeak/servers/linux-outloud
-TCL_VERSION=8.4
-+TCL_VERSION=8.5
++TCL_VERSION=8.6
TCL_INCLUDE=/usr/include/tcl$(TCL_VERSION)
#CFLAGS+= -g -O2 -fPIC -DPIC -pedantic -ansi -Wall -Wno-long-long -I$(TCL_INCLUDE)
CFLAGS+= -m32 -g -O2 -fPIC -DPIC -pedantic -ansi -Wall -Wno-long-long -I$(TCL_INCLUDE)
diff --git a/extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild b/extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild
index 48c7acea..ed2a324d 100755
--- a/extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild
+++ b/extra/source/flashplayer-plugin/flashplayer-plugin.SlackBuild
@@ -1,5 +1,5 @@
#!/bin/sh
-# Copyright 2008, 2009, 2010, 2011, 2012 Eric Hameleers, Eindhoven, NL
+# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Eric Hameleers, Eindhoven, NL
# All rights reserved.
#
# Permission to use, copy, modify, and distribute this software for
@@ -70,6 +70,30 @@
# * Minor update.
# 11.2.202.236-1:19/jun/2012 by Eric Hameleers <alien@slackware.com>
# * Minor update.
+# 11.2.202.238-1:15/aug/2012 by Eric Hameleers <alien@slackware.com>
+# * Security update.
+# 11.2.202.243-1:10/oct/2012 by Eric Hameleers <alien@slackware.com>
+# * Update.
+# 11.2.202.251-1:08/nov/2012 by Eric Hameleers <alien@slackware.com>
+# * Update.
+# 11.2.202.258-1:13/dec/2012 by Eric Hameleers <alien@slackware.com>
+# * Update.
+# 11.2.202.261-1:12/jan/2013 by Eric Hameleers <alien@slackware.com>
+# * Update fixes critical vulnerabilities. See APSB13-01.
+# 11.2.202.270-1:12/feb/2013 by Eric Hameleers <alien@slackware.com>
+# * Update fixes critical vulnerabilities. See APSB13-04.
+# 11.2.202.273-1:01/mar/2013 by Eric Hameleers <alien@slackware.com>
+# * Update fixes critical vulnerabilities. See APSB13-08.
+# 11.2.202.275-1:13/mar/2013 by Eric Hameleers <alien@slackware.com>
+# * Update fixes critical vulnerabilities. See APSB13-09.
+# 11.2.202.280-1:10/apr/2013 by Eric Hameleers <alien@slackware.com>
+# * Update fixes critical vulnerabilities. See APSB13-11.
+# 11.2.202.285-1:15/may/2013 by Eric Hameleers <alien@slackware.com>
+# * Update fixes critical vulnerabilities. See APSB13-14.
+# 11.2.202.291-1:12/jun/2013 by Eric Hameleers <alien@slackware.com>
+# * Update fixes critical vulnerabilities. See APSB13-16.
+# 11.2.202.297-1:21/jul/2013 by Eric Hameleers <alien@slackware.com>
+# * Update fixes critical vulnerabilities. See APSB13-17.
#
# Run 'sh flashplayer-plugin.SlackBuild' to build a Slackware package.
# The package (.txz) and .txt file as well as build logs are created in /tmp .
@@ -80,7 +104,7 @@
# Set initial variables:
PRGNAM=flashplayer-plugin
-VERSION=${VERSION:-"11.2.202.236"}
+VERSION=${VERSION:-"11.2.202.297"}
MAJVER=$(echo $VERSION | cut -d. -f1)
BUILD=${BUILD:-1}
TAG=${TAG:-"alien"}
@@ -93,23 +117,18 @@ TMP=${TMP:-/tmp/build}
PKG=$TMP/package-$PRGNAM
OUTPUT=${OUTPUT:-/tmp}
-if [ -z "$ARCH" ]; then
- case "$( uname -m )" in
- i?86) export ARCH=i386 ;;
- arm*) export ARCH=arm ;;
- # Unless $ARCH is already set, use uname -m for all other archs:
- *) export ARCH=$( uname -m ) ;;
- esac
-fi
-
-case "$ARCH" in
+# Automatically determine the architecture we're building on:
+MARCH=${ARCH:-$( uname -m )}
+case "$MARCH" in
x86_64)
LIBDIRSUFFIX="64"
ARCHBITS="64"
+ export ARCH=x86_64
;;
i?86)
LIBDIRSUFFIX=""
ARCHBITS="32"
+ export ARCH=i386
;;
*)
echo "Unsupported architecture '$ARCH'"
@@ -117,7 +136,7 @@ case "$ARCH" in
;;
esac
-SOURCE="$SRCDIR/install_flash_player_${VERSION}_linux.${ARCH}.tar.gz"
+SOURCE="$SRCDIR/install_flash_player_${VERSION}_linux_${ARCH}.tar.gz"
SRCURL="http://fpdownload.macromedia.com/get/flashplayer/pdc/${VERSION}/install_flash_player_${MAJVER}_linux.${ARCH}.tar.gz"
##
@@ -198,6 +217,9 @@ esac
## Move lib to lib64 if needed:
#[ "$ARCH" = "x86_64" ] && mv usr/lib usr/lib${LIBDIRSUFFIX}
+# Remove 32-bit bogus compatibility in 64-bit package:
+[ "$ARCH" = "x86_64" ] && rm -rf $PKG/usr/lib
+
# Install the plugin to the mozilla plugins dir and fix library file attributes:
mkdir -p usr/lib${LIBDIRSUFFIX}/mozilla/plugins
mv libflashplayer.so usr/lib${LIBDIRSUFFIX}/mozilla/plugins/
diff --git a/extra/source/grub/grub-0.97-x86_64.patch b/extra/source/grub/grub-0.97-x86_64.patch
deleted file mode 100644
index 480e38fc..00000000
--- a/extra/source/grub/grub-0.97-x86_64.patch
+++ /dev/null
@@ -1,809 +0,0 @@
-diff -Naur grub-0.97.orig/docs/multiboot.h grub-0.97.patched/docs/multiboot.h
---- grub-0.97.orig/docs/multiboot.h 2003-07-09 05:45:36.000000000 -0600
-+++ grub-0.97.patched/docs/multiboot.h 2006-08-26 22:44:02.000000000 -0600
-@@ -44,76 +44,81 @@
- /* Do not include here in boot.S. */
-
- /* Types. */
-+#ifndef __x86_64__
-+typedef unsigned long UINT32;
-+#else
-+typedef unsigned UINT32;
-+#endif
-
- /* The Multiboot header. */
- typedef struct multiboot_header
- {
-- unsigned long magic;
-- unsigned long flags;
-- unsigned long checksum;
-- unsigned long header_addr;
-- unsigned long load_addr;
-- unsigned long load_end_addr;
-- unsigned long bss_end_addr;
-- unsigned long entry_addr;
-+ UINT32 magic;
-+ UINT32 flags;
-+ UINT32 checksum;
-+ UINT32 header_addr;
-+ UINT32 load_addr;
-+ UINT32 load_end_addr;
-+ UINT32 bss_end_addr;
-+ UINT32 entry_addr;
- } multiboot_header_t;
-
- /* The symbol table for a.out. */
- typedef struct aout_symbol_table
- {
-- unsigned long tabsize;
-- unsigned long strsize;
-- unsigned long addr;
-- unsigned long reserved;
-+ UINT32 tabsize;
-+ UINT32 strsize;
-+ UINT32 addr;
-+ UINT32 reserved;
- } aout_symbol_table_t;
-
- /* The section header table for ELF. */
- typedef struct elf_section_header_table
- {
-- unsigned long num;
-- unsigned long size;
-- unsigned long addr;
-- unsigned long shndx;
-+ UINT32 num;
-+ UINT32 size;
-+ UINT32 addr;
-+ UINT32 shndx;
- } elf_section_header_table_t;
-
- /* The Multiboot information. */
- typedef struct multiboot_info
- {
-- unsigned long flags;
-- unsigned long mem_lower;
-- unsigned long mem_upper;
-- unsigned long boot_device;
-- unsigned long cmdline;
-- unsigned long mods_count;
-- unsigned long mods_addr;
-+ UINT32 flags;
-+ UINT32 mem_lower;
-+ UINT32 mem_upper;
-+ UINT32 boot_device;
-+ UINT32 cmdline;
-+ UINT32 mods_count;
-+ UINT32 mods_addr;
- union
- {
- aout_symbol_table_t aout_sym;
- elf_section_header_table_t elf_sec;
- } u;
-- unsigned long mmap_length;
-- unsigned long mmap_addr;
-+ UINT32 mmap_length;
-+ UINT32 mmap_addr;
- } multiboot_info_t;
-
- /* The module structure. */
- typedef struct module
- {
-- unsigned long mod_start;
-- unsigned long mod_end;
-- unsigned long string;
-- unsigned long reserved;
-+ UINT32 mod_start;
-+ UINT32 mod_end;
-+ UINT32 string;
-+ UINT32 reserved;
- } module_t;
-
- /* The memory map. Be careful that the offset 0 is base_addr_low
- but no size. */
- typedef struct memory_map
- {
-- unsigned long size;
-- unsigned long base_addr_low;
-- unsigned long base_addr_high;
-- unsigned long length_low;
-- unsigned long length_high;
-- unsigned long type;
-+ UINT32 size;
-+ UINT32 base_addr_low;
-+ UINT32 base_addr_high;
-+ UINT32 length_low;
-+ UINT32 length_high;
-+ UINT32 type;
- } memory_map_t;
-
- #endif /* ! ASM */
-diff -Naur grub-0.97.orig/docs/x86_64.txt grub-0.97.patched/docs/x86_64.txt
---- grub-0.97.orig/docs/x86_64.txt 1969-12-31 17:00:00.000000000 -0700
-+++ grub-0.97.patched/docs/x86_64.txt 2006-10-10 10:39:42.000000000 -0600
-@@ -0,0 +1,81 @@
-+[PATCH] - Make GRUB recognize and boot an x86_64 elf image
-+
-+
-+HOW IT WORKS
-+------------
-+* Grub interface is unchanged.
-+* Upon passing an elf-x86_64 file via "kernel=", GRUB will load and parse it
-+ correctly.
-+* Upon the "boot" directive, GRUB will switch from protected 32-bit
-+ mode to long 64-bit mode and transfer control to the image's entrypoint.
-+
-+
-+INSTALL
-+-------
-+cd grub-0.97
-+patch -p1 < grub-x86_64-elf.patch
-+./configure
-+make
-+su -c "make install"
-+
-+Note: You do not need to re-install your bootsectors, but you WILL need
-+ to copy the modified stage2 file(s) from /usr/share/grub to
-+ your actual boot filesystem (usually /boot/grub for GNU/Linux).
-+
-+
-+WHY?
-+----
-+Because in our world, all elves and elf images are created equal, and have
-+been endowed with the ability to be bootable. :-)
-+
-+
-+THE NITTY GRITTY - GRUB SIDE
-+----------------------------
-+* Since paging is manditory in 64-bit long mode, the first 4GB of physical
-+ memory (whether present or not) is identity mapped into the linear
-+ address space using 2MB pages.
-+* Paging data structures are written to physical 0x70000-0x75fff in the
-+ same area reserved for the raw device buffer. This happens after the
-+ "boot" command is issued so the raw device buffer won't mind. Paging
-+ can be relocated and reconfigured after the kernel is running.
-+* Header files have been added to describe the x86_64 elf image structure.
-+
-+
-+THE NITTY GRITTY - KERNEL SIDE
-+------------------------------
-+* Parameters passed to the assembly entrypoint are unchanged including
-+ magic number and pointer to multiboot info structure.
-+* The assembly entrypoint should be designated as ".code64".
-+* The Global Descriptor Table (GDT) shared by the GRUB and KERNEL sides
-+ has been expanded to include 3 additional 64-bit ('L' bit set) segments:
-+ 0x28 (code) and 0x30 (data).
-+* An updated "multiboot.h" file is provided to reflect the difference in
-+ "unsigned long" sizes between i386 and x86_64 architectures for use by
-+ the client kernel.
-+
-+
-+CAVEATS
-+-------
-+Possible collisions with existing GRUB patch sets are unknown. Use "darcs"
-+and worry not.
-+
-+ http://abridgegame.org/darcs
-+
-+(An intelligent alternative to cvs and greying hair in the distributed
-+post-mainframe age.)
-+
-+
-+DOCUMENTATION CHANGES
-+---------------------
-+This is it. Sorry, stuff to do.
-+
-+
-+APOLOGIES TO GRUB2
-+------------------
-+We would have liked to use GRUB2 for this, but needed it today for our
-+kernel. Of course there is probably no technical reason why this
-+functionality cannot be in included in GRUB2 at a future time. Thank you
-+for a way cool bootloader and may all your boots be bogon (and Vogon) free.
-+
-+<mcnster@gmail.com>
-+October 10, 2006
-diff -Naur grub-0.97.orig/grub/asmstub.c grub-0.97.patched/grub/asmstub.c
---- grub-0.97.orig/grub/asmstub.c 2005-02-16 13:45:14.000000000 -0700
-+++ grub-0.97.patched/grub/asmstub.c 2006-08-26 22:43:24.000000000 -0600
-@@ -313,6 +313,12 @@
- stop ();
- }
-
-+void
-+multi_boot_64bit_doit (int start, int mb_info)
-+{
-+ stop ();
-+}
-+
- /* sets it to linear or wired A20 operation */
- void
- gateA20 (int linear)
-diff -Naur grub-0.97.orig/stage2/asm.S grub-0.97.patched/stage2/asm.S
---- grub-0.97.orig/stage2/asm.S 2004-06-19 10:55:22.000000000 -0600
-+++ grub-0.97.patched/stage2/asm.S 2006-09-25 14:59:48.000000000 -0600
-@@ -1809,6 +1809,54 @@
- /* error */
- call EXT_C(stop)
-
-+ENTRY(multi_boot_64bit_doit)
-+ call EXT_C(stop_floppy)
-+
-+ /* dont squash these! */
-+ movl 0x8(%esp), %esi
-+ movl 0x4(%esp), %edi
-+
-+ cli
-+
-+ mov %cr0, %eax
-+ and $0x7fffffff, %eax
-+ mov %eax, %cr0
-+
-+ /* enable pae */
-+ mov %cr4, %eax
-+ or $0x20, %eax
-+ mov %eax, %cr4
-+
-+ /* load cr3 with pml4 */
-+ mov $PML4, %eax
-+ mov %eax, %cr3
-+
-+ /* trigger long mode */
-+ mov $0xc0000080, %ecx
-+ rdmsr
-+ or $0x100, %eax
-+ wrmsr
-+
-+ /* enable paging to actually switch modes */
-+ mov %cr0, %eax
-+ or $0x80000000, %eax
-+ mov %eax, %cr0
-+
-+ /* jump to relocation, flush prefetch queue, and reload %cs */
-+ ljmp $0x28, $longmode
-+.code64
-+longmode:
-+ mov $0x2BADB002, %eax
-+
-+ mov %rsi, %rbx
-+ and $0xffffffff, %rsi
-+
-+ and $0xffffffff, %rdi
-+ call *%rdi
-+ /* NOTREACHED */
-+ call EXT_C(stop)
-+
-+.code32
- #endif /* ! STAGE1_5 */
-
- /*
-@@ -2341,27 +2389,35 @@
-
- .p2align 2 /* force 4-byte alignment */
- gdt:
-- .word 0, 0
-+ .word 0, 0 /* 0x0000 */
- .byte 0, 0, 0, 0
-
-- /* code segment */
-+ /* code segment */ /* 0x0008 */
- .word 0xFFFF, 0
- .byte 0, 0x9A, 0xCF, 0
-
-- /* data segment */
-+ /* data segment */ /* 0x0010 */
- .word 0xFFFF, 0
- .byte 0, 0x92, 0xCF, 0
-
-- /* 16 bit real mode CS */
-+ /* 16 bit real mode CS */ /* 0x0018 */
- .word 0xFFFF, 0
- .byte 0, 0x9E, 0, 0
-
-- /* 16 bit real mode DS */
-+ /* 16 bit real mode DS/SS */ /* 0x0020 */
- .word 0xFFFF, 0
- .byte 0, 0x92, 0, 0
-
-+ /* 64 bit long mode CS */ /* 0x0028 */
-+ .word 0xFFFF, 0
-+ .byte 0, 0x9A, 0xAF, 0
-+
-+ /* 64-bit long mode SS */ /* 0x0030 */
-+ .word 0xFFFF, 0
-+ .byte 0, 0x92, 0xAF, 0
-
- /* this is the GDT descriptor */
- gdtdesc:
-- .word 0x27 /* limit */
-+ .word 0x33 /* limit */
- .long gdt /* addr */
-+ .long 0 /* in case we go to 64-bit mode */
-diff -Naur grub-0.97.orig/stage2/boot.c grub-0.97.patched/stage2/boot.c
---- grub-0.97.orig/stage2/boot.c 2004-03-30 04:44:08.000000000 -0700
-+++ grub-0.97.patched/stage2/boot.c 2006-08-25 22:20:17.000000000 -0600
-@@ -23,10 +23,11 @@
-
- #include "freebsd.h"
- #include "imgact_aout.h"
--#include "i386-elf.h"
-+#include "elf.h"
-
- static int cur_addr;
- entry_func entry_addr;
-+unsigned long_64bit_mode = 0;
- static struct mod_list mll[99];
- static int linux_mem_size;
-
-@@ -50,7 +51,7 @@
- {
- struct multiboot_header *mb;
- struct exec *aout;
-- Elf32_Ehdr *elf;
-+ Elf_Ehdr *elf;
- }
- pu;
- /* presuming that MULTIBOOT_SEARCH is large enough to encompass an
-@@ -100,21 +101,25 @@
- || pu.elf->e_ident[EI_OSABI] == ELFOSABI_FREEBSD
- || grub_strcmp (pu.elf->e_ident + EI_BRAND, "FreeBSD") == 0
- || suggested_type == KERNEL_TYPE_NETBSD)
-- && len > sizeof (Elf32_Ehdr)
-- && BOOTABLE_I386_ELF ((*((Elf32_Ehdr *) buffer))))
-+ && len > SIZEOF_ELF_EHDR (pu.elf)
-+ && (BOOTABLE_I386_ELF ((*((Elf32_Ehdr *) buffer)))
-+ || BOOTABLE_X86_64_ELF ((*((Elf64_Ehdr *) buffer)))))
- {
-+ if (BOOTABLE_X86_64_ELF ((*((Elf64_Ehdr *) buffer))))
-+ long_64bit_mode = 1;
-+
- if (type == KERNEL_TYPE_MULTIBOOT)
-- entry_addr = (entry_func) pu.elf->e_entry;
-+ entry_addr = (entry_func) E_ENTRY (pu.elf);
- else
-- entry_addr = (entry_func) (pu.elf->e_entry & 0xFFFFFF);
-+ entry_addr = (entry_func) (E_ENTRY (pu.elf) & 0xFFFFFF);
-
- if (entry_addr < (entry_func) 0x100000)
- errnum = ERR_BELOW_1MB;
-
- /* don't want to deal with ELF program header at some random
- place in the file -- this generally won't happen */
-- if (pu.elf->e_phoff == 0 || pu.elf->e_phnum == 0
-- || ((pu.elf->e_phoff + (pu.elf->e_phentsize * pu.elf->e_phnum))
-+ if (E_PHOFF (pu.elf) == 0 || E_PHNUM (pu.elf) == 0
-+ || ((E_PHOFF (pu.elf) + (E_PHENTSIZE (pu.elf) * E_PHNUM (pu.elf)))
- >= len))
- errnum = ERR_EXEC_FORMAT;
- str = "elf";
-@@ -590,39 +595,38 @@
- /* ELF executable */
- {
- unsigned loaded = 0, memaddr, memsiz, filesiz;
-- Elf32_Phdr *phdr;
-+ Elf_Phdr *phdr;
-
- /* reset this to zero for now */
- cur_addr = 0;
-
- /* scan for program segments */
-- for (i = 0; i < pu.elf->e_phnum; i++)
-+ for (i = 0; i < E_PHNUM (pu.elf); i++)
- {
-- phdr = (Elf32_Phdr *)
-- (pu.elf->e_phoff + ((int) buffer)
-- + (pu.elf->e_phentsize * i));
-- if (phdr->p_type == PT_LOAD)
-+ phdr = (Elf_Phdr *) (E_PHOFF (pu.elf) + ((int) buffer)
-+ + (E_PHENTSIZE (pu.elf) * i));
-+ if (P_TYPE (pu.elf, phdr) == PT_LOAD)
- {
- /* offset into file */
-- grub_seek (phdr->p_offset);
-- filesiz = phdr->p_filesz;
-+ grub_seek (P_OFFSET (pu.elf, phdr));
-+ filesiz = P_FILESZ (pu.elf, phdr);
-
- if (type == KERNEL_TYPE_FREEBSD || type == KERNEL_TYPE_NETBSD)
-- memaddr = RAW_ADDR (phdr->p_paddr & 0xFFFFFF);
-+ memaddr = RAW_ADDR (P_PADDR (pu.elf, phdr) & 0xFFFFFF);
- else
-- memaddr = RAW_ADDR (phdr->p_paddr);
-+ memaddr = RAW_ADDR (P_PADDR (pu.elf, phdr));
-
-- memsiz = phdr->p_memsz;
-+ memsiz = P_MEMSZ (pu.elf, phdr);
- if (memaddr < RAW_ADDR (0x100000))
- errnum = ERR_BELOW_1MB;
-
- /* If the memory range contains the entry address, get the
- physical address here. */
- if (type == KERNEL_TYPE_MULTIBOOT
-- && (unsigned) entry_addr >= phdr->p_vaddr
-- && (unsigned) entry_addr < phdr->p_vaddr + memsiz)
-+ && (unsigned) entry_addr >= P_VADDR (pu.elf, phdr)
-+ && (unsigned) entry_addr < P_VADDR (pu.elf, phdr) + memsiz)
- real_entry_addr = (entry_func) ((unsigned) entry_addr
-- + memaddr - phdr->p_vaddr);
-+ + memaddr - P_VADDR (pu.elf, phdr));
-
- /* make sure we only load what we're supposed to! */
- if (filesiz > memsiz)
-@@ -654,26 +658,26 @@
- else
- {
- /* Load ELF symbols. */
-- Elf32_Shdr *shdr = NULL;
-+ Elf_Shdr *shdr = NULL;
- int tab_size, sec_size;
- int symtab_err = 0;
-
-- mbi.syms.e.num = pu.elf->e_shnum;
-- mbi.syms.e.size = pu.elf->e_shentsize;
-- mbi.syms.e.shndx = pu.elf->e_shstrndx;
-+ mbi.syms.e.num = E_SHNUM (pu.elf);
-+ mbi.syms.e.size = E_SHENTSIZE (pu.elf);
-+ mbi.syms.e.shndx = E_SHSTRNDX (pu.elf);
-
- /* We should align to a 4K boundary here for good measure. */
- if (align_4k)
- cur_addr = (cur_addr + 0xFFF) & 0xFFFFF000;
-
-- tab_size = pu.elf->e_shentsize * pu.elf->e_shnum;
-+ tab_size = E_SHENTSIZE (pu.elf) * E_SHNUM (pu.elf);
-
-- grub_seek (pu.elf->e_shoff);
-+ grub_seek (E_SHOFF (pu.elf));
- if (grub_read ((char *) RAW_ADDR (cur_addr), tab_size)
- == tab_size)
- {
- mbi.syms.e.addr = cur_addr;
-- shdr = (Elf32_Shdr *) mbi.syms.e.addr;
-+ shdr = (Elf_Shdr *) mbi.syms.e.addr;
- cur_addr += tab_size;
-
- printf (", shtab=0x%x", cur_addr);
-@@ -682,20 +686,20 @@
- {
- /* This section is a loaded section,
- so we don't care. */
-- if (shdr[i].sh_addr != 0)
-+ if (SH_ADDR_AT (pu.elf, shdr, i) != 0)
- continue;
-
- /* This section is empty, so we don't care. */
-- if (shdr[i].sh_size == 0)
-+ if (SH_SIZE_AT (pu.elf, shdr, i) == 0)
- continue;
-
- /* Align the section to a sh_addralign bits boundary. */
-- cur_addr = ((cur_addr + shdr[i].sh_addralign) &
-- - (int) shdr[i].sh_addralign);
-+ cur_addr = ((cur_addr + SH_ADDRALIGN_AT (pu.elf, shdr, i)) &
-+ - (int) SH_ADDRALIGN_AT (pu.elf, shdr, i));
-
-- grub_seek (shdr[i].sh_offset);
-+ grub_seek (SH_OFFSET_AT (pu.elf, shdr, i));
-
-- sec_size = shdr[i].sh_size;
-+ sec_size = SH_SIZE_AT (pu.elf, shdr, i);
-
- if (! (memcheck (cur_addr, sec_size)
- && (grub_read ((char *) RAW_ADDR (cur_addr),
-@@ -706,7 +710,7 @@
- break;
- }
-
-- shdr[i].sh_addr = cur_addr;
-+ SET_SH_ADDR_AT (pu.elf, shdr, i, cur_addr);
- cur_addr += sec_size;
- }
- }
-diff -Naur grub-0.97.orig/stage2/builtins.c grub-0.97.patched/stage2/builtins.c
---- grub-0.97.orig/stage2/builtins.c 2005-02-15 14:58:23.000000000 -0700
-+++ grub-0.97.patched/stage2/builtins.c 2006-09-25 14:59:16.000000000 -0600
-@@ -81,6 +81,7 @@
- /* Prototypes for allowing straightfoward calling of builtins functions
- inside other functions. */
- static int configfile_func (char *arg, int flags);
-+static void multi_boot_64bit (int entry_addr, int mbi);
-
- /* Initialize the data for builtins. */
- void
-@@ -297,8 +298,11 @@
- break;
-
- case KERNEL_TYPE_MULTIBOOT:
-- /* Multiboot */
-- multi_boot ((int) entry_addr, (int) &mbi);
-+
-+ if (long_64bit_mode)
-+ multi_boot_64bit((int) entry_addr, (int) &mbi);
-+ else
-+ multi_boot ((int) entry_addr, (int) &mbi);
- break;
-
- default:
-@@ -309,6 +313,73 @@
- return 0;
- }
-
-+#define TABLE_BITS 0x7 /* user, r/w, present */
-+#define PAGE_BITS 0x87 /* not pat, not global, not dirty, not accessed, user, r/w, present */
-+
-+#define NOT_PRESENT_TABLE 0x6
-+#define NOT_PRESENT_PAGE 0x86
-+
-+
-+static void
-+multi_boot_64bit (int entry_addr, int mbi)
-+{
-+ unsigned *pml4 = PML4;
-+ unsigned *pdpt0x000 = PDPT0x000;
-+ unsigned *pd0x000_000 = PD0x000_000;
-+ unsigned *pd0x000_001 = PD0x000_001;
-+ unsigned *pd0x000_002 = PD0x000_002;
-+ unsigned *pd0x000_003 = PD0x000_003;
-+ int i;
-+ unsigned long base;
-+
-+ /* identity map 1st 4 GB */
-+
-+ for (i = 0; i < 512; i++)
-+ {
-+ pml4[i * 2 + 0] = NOT_PRESENT_TABLE;
-+ pml4[i * 2 + 1] = 0;
-+
-+ pdpt0x000[i * 2 + 0] = NOT_PRESENT_TABLE;
-+ pdpt0x000[i * 2 + 1] = 0;
-+
-+ pd0x000_000[i * 2 + 0] = NOT_PRESENT_PAGE;
-+ pd0x000_000[i * 2 + 1] = 0;
-+ pd0x000_001[i * 2 + 0] = NOT_PRESENT_PAGE;
-+ pd0x000_001[i * 2 + 1] = 0;
-+ pd0x000_002[i * 2 + 0] = NOT_PRESENT_PAGE;
-+ pd0x000_002[i * 2 + 1] = 0;
-+ pd0x000_003[i * 2 + 0] = NOT_PRESENT_PAGE;
-+ pd0x000_003[i * 2 + 1] = 0;
-+ }
-+
-+ pml4[0x000 * 2 + 0] = PDPT0x000 + TABLE_BITS;
-+ pml4[0x000 * 2 + 1] = 0;
-+
-+ pdpt0x000[0x000 * 2 + 0] = PD0x000_000 + TABLE_BITS;
-+ pdpt0x000[0x000 * 2 + 1] = 0;
-+ pdpt0x000[0x001 * 2 + 0] = PD0x000_001 + TABLE_BITS;
-+ pdpt0x000[0x001 * 2 + 1] = 0;
-+ pdpt0x000[0x002 * 2 + 0] = PD0x000_002 + TABLE_BITS;
-+ pdpt0x000[0x002 * 2 + 1] = 0;
-+ pdpt0x000[0x003 * 2 + 0] = PD0x000_003 + TABLE_BITS;
-+ pdpt0x000[0x003 * 2 + 1] = 0;
-+
-+ for (i = 0, base = 0; i < 1005; i++, base += 0x200000)
-+ {
-+ pd0x000_000[i * 2 + 0] = base + PAGE_BITS;
-+ pd0x000_000[i * 2 + 1] = 0;
-+ pd0x000_001[i * 2 + 0] = base + (1 * 0x200 * 0x20000) + PAGE_BITS;
-+ pd0x000_001[i * 2 + 1] = 0;
-+ pd0x000_002[i * 2 + 0] = base + (2 * 0x200 * 0x20000) + PAGE_BITS;
-+ pd0x000_002[i * 2 + 1] = 0;
-+ pd0x000_003[i * 2 + 0] = base + (3 * 0x200 * 0x20000) + PAGE_BITS;
-+ pd0x000_003[i * 2 + 1] = 0;
-+ }
-+
-+ multi_boot_64bit_doit (entry_addr, mbi);
-+ /* NOTREACHED */
-+}
-+
- static struct builtin builtin_boot =
- {
- "boot",
-diff -Naur grub-0.97.orig/stage2/elf.h grub-0.97.patched/stage2/elf.h
---- grub-0.97.orig/stage2/elf.h 1969-12-31 17:00:00.000000000 -0700
-+++ grub-0.97.patched/stage2/elf.h 2006-08-25 21:58:37.000000000 -0600
-@@ -0,0 +1,79 @@
-+/*
-+ * GRUB -- GRand Unified Bootloader
-+ * Copyright (C) 2001,2002,2006 Free Software Foundation, Inc.
-+ *
-+ * This program is free software; you can redistribute it and/or modify
-+ * it under the terms of the GNU General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or
-+ * (at your option) any later version.
-+ *
-+ * This program is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+ * GNU General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU General Public License
-+ * along with this program; if not, write to the Free Software
-+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-+ */
-+
-+
-+#include "i386-elf.h"
-+#include "x86-64-elf.h"
-+
-+
-+typedef union
-+{
-+ unsigned char e_ident[EI_NIDENT];
-+ Elf32_Ehdr elf32;
-+ Elf64_Ehdr elf64;
-+}
-+Elf_Ehdr;
-+
-+
-+typedef union
-+{
-+ Elf32_Phdr elf32;
-+ Elf64_Phdr elf64;
-+}
-+Elf_Phdr;
-+
-+
-+typedef union
-+{
-+ Elf32_Shdr elf32;
-+ Elf64_Shdr elf64;
-+}
-+Elf_Shdr;
-+
-+
-+#define SIZEOF_ELF_EHDR(h) (h->e_ident[EI_CLASS] == ELFCLASS32 ? sizeof (Elf32_Ehdr) : sizeof (Elf64_Ehdr))
-+
-+#define E_ENTRY(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_entry : h->elf64.e_entry))
-+#define E_PHOFF(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_phoff : h->elf64.e_phoff))
-+#define E_PHNUM(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_phnum : h->elf64.e_phnum))
-+#define E_PHENTSIZE(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_phentsize : h->elf64.e_phentsize))
-+#define E_SHNUM(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_shnum : h->elf64.e_shnum))
-+#define E_SHENTSIZE(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_shentsize : h->elf64.e_shentsize))
-+#define E_SHSTRNDX(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_shstrndx : h->elf64.e_shstrndx))
-+#define E_SHOFF(h) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? h->elf32.e_shoff : h->elf64.e_shoff))
-+
-+#define P_TYPE(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_type : p->elf64.p_type))
-+#define P_OFFSET(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_offset : p->elf64.p_offset))
-+#define P_PADDR(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_paddr : p->elf64.p_paddr))
-+#define P_MEMSZ(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_memsz : p->elf64.p_memsz))
-+#define P_VADDR(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_vaddr : p->elf64.p_vaddr))
-+#define P_FILESZ(h, p) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? p->elf32.p_filesz : p->elf64.p_filesz))
-+
-+#define SH_ADDR_AT(h, sh, i) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? ((&(sh->elf32))[i]).sh_addr : ((&(sh->elf64))[i]).sh_addr))
-+#define SH_SIZE_AT(h, sh, i) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? ((&(sh->elf32))[i]).sh_size : ((&(sh->elf64))[i]).sh_size))
-+#define SH_ADDRALIGN_AT(h, sh, i) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? ((&(sh->elf32))[i]).sh_addralign : ((&(sh->elf64))[i]).sh_addralign))
-+#define SH_OFFSET_AT(h, sh, i) ((unsigned) (h->e_ident[EI_CLASS] == ELFCLASS32 ? ((&(sh->elf32))[i]).sh_offset : ((&(sh->elf64))[i]).sh_offset))
-+
-+#define SET_SH_ADDR_AT(h, sh, i, v) \
-+ { \
-+ if (h->e_ident[EI_CLASS] == ELFCLASS32) \
-+ ((&(sh->elf32))[i]).sh_addr = v; \
-+ else \
-+ ((&(sh->elf64))[i]).sh_addr = v; \
-+ }
-diff -Naur grub-0.97.orig/stage2/shared.h grub-0.97.patched/stage2/shared.h
---- grub-0.97.orig/stage2/shared.h 2004-06-19 10:40:09.000000000 -0600
-+++ grub-0.97.patched/stage2/shared.h 2006-09-25 14:54:53.000000000 -0600
-@@ -70,6 +70,13 @@
-
- #define BOOT_PART_TABLE RAW_ADDR (0x07be)
-
-+#define PML4 0x70000
-+#define PDPT0x000 0x71000
-+#define PD0x000_000 0x72000
-+#define PD0x000_001 0x73000
-+#define PD0x000_002 0x74000
-+#define PD0x000_003 0x75000
-+
- /*
- * BIOS disk defines
- */
-@@ -692,6 +699,8 @@
-
- extern entry_func entry_addr;
-
-+extern unsigned long_64bit_mode;
-+
- /* Enter the stage1.5/stage2 C code after the stack is set up. */
- void cmain (void);
-
-@@ -739,6 +748,9 @@
- /* booting a multiboot executable */
- void multi_boot (int start, int mb_info) __attribute__ ((noreturn));
-
-+/* boot into 64-bit long mode */
-+void multi_boot_64bit_doit (int start, int mb_info) __attribute__ ((noreturn));
-+
- /* If LINEAR is nonzero, then set the Intel processor to linear mode.
- Otherwise, bit 20 of all memory accesses is always forced to zero,
- causing a wraparound effect for bugwards compatibility with the
-diff -Naur grub-0.97.orig/stage2/x86-64-elf.h grub-0.97.patched/stage2/x86-64-elf.h
---- grub-0.97.orig/stage2/x86-64-elf.h 1969-12-31 17:00:00.000000000 -0700
-+++ grub-0.97.patched/stage2/x86-64-elf.h 2006-08-26 21:45:22.000000000 -0600
-@@ -0,0 +1,86 @@
-+/*
-+ * GRUB -- GRand Unified Bootloader
-+ * Copyright (C) 2001,2002,2006 Free Software Foundation, Inc.
-+ *
-+ * This program is free software; you can redistribute it and/or modify
-+ * it under the terms of the GNU General Public License as published by
-+ * the Free Software Foundation; either version 2 of the License, or
-+ * (at your option) any later version.
-+ *
-+ * This program is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+ * GNU General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU General Public License
-+ * along with this program; if not, write to the Free Software
-+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-+ */
-+
-+
-+typedef unsigned short Elf64_Half;
-+typedef unsigned long Elf64_Word;
-+typedef unsigned long long Elf64_Off;
-+typedef unsigned long long Elf64_Addr;
-+typedef unsigned long long Elf64_Xword;
-+
-+
-+typedef struct
-+{
-+ unsigned char e_ident[EI_NIDENT]; /* basic identification block */
-+ Elf64_Half e_type; /* file types */
-+ Elf64_Half e_machine; /* machine types */
-+ Elf64_Word e_version; /* use same as "EI_VERSION" above */
-+ Elf64_Addr e_entry; /* entry point of the program */
-+ Elf64_Off e_phoff; /* program header table file offset */
-+ Elf64_Off e_shoff; /* section header table file offset */
-+ Elf64_Word e_flags; /* flags */
-+ Elf64_Half e_ehsize; /* elf header size in bytes */
-+ Elf64_Half e_phentsize; /* program header entry size */
-+ Elf64_Half e_phnum; /* number of entries in program header */
-+ Elf64_Half e_shentsize; /* section header entry size */
-+ Elf64_Half e_shnum; /* number of entries in section header */
-+ Elf64_Half e_shstrndx; /* section header table index */
-+}
-+Elf64_Ehdr;
-+
-+
-+typedef struct
-+{
-+ Elf64_Word p_type;
-+ Elf64_Word p_flags;
-+ Elf64_Off p_offset;
-+ Elf64_Addr p_vaddr;
-+ Elf64_Addr p_paddr;
-+ Elf64_Xword p_filesz;
-+ Elf64_Xword p_memsz;
-+ Elf64_Xword p_align;
-+}
-+Elf64_Phdr;
-+
-+
-+typedef struct
-+{
-+ Elf64_Word sh_name; /* Section name (string tbl index) */
-+ Elf64_Word sh_type; /* Section type */
-+ Elf64_Xword sh_flags; /* Section flags */
-+ Elf64_Addr sh_addr; /* Section virtual addr at execution */
-+ Elf64_Off sh_offset; /* Section file offset */
-+ Elf64_Xword sh_size; /* Section size in bytes */
-+ Elf64_Word sh_link; /* Link to another section */
-+ Elf64_Word sh_info; /* Additional section information */
-+ Elf64_Xword sh_addralign; /* Section alignment */
-+ Elf64_Xword sh_entsize; /* Entry size if section holds table */
-+}
-+Elf64_Shdr;
-+
-+#define ELFCLASS64 2
-+
-+#define EM_X86_64 0x3e
-+
-+#define BOOTABLE_X86_64_ELF(h) \
-+ ((h.e_ident[EI_MAG0] == ELFMAG0) & (h.e_ident[EI_MAG1] == ELFMAG1) \
-+ & (h.e_ident[EI_MAG2] == ELFMAG2) & (h.e_ident[EI_MAG3] == ELFMAG3) \
-+ & (h.e_ident[EI_CLASS] == ELFCLASS64) & (h.e_ident[EI_DATA] == ELFDATA2LSB) \
-+ & (h.e_ident[EI_VERSION] == EV_CURRENT) & (h.e_type == ET_EXEC) \
-+ & (h.e_machine == EM_X86_64) & (h.e_version == EV_CURRENT))
diff --git a/extra/source/grub/grub.SlackBuild b/extra/source/grub/grub.SlackBuild
deleted file mode 100755
index 417cb636..00000000
--- a/extra/source/grub/grub.SlackBuild
+++ /dev/null
@@ -1,121 +0,0 @@
-#!/bin/sh
-
-# Copyright 2009 Patrick J. Volkerding, Sebeka, MN, USA
-# All rights reserved.
-#
-# Redistribution and use of this script, with or without modification, is
-# permitted provided that the following conditions are met:
-#
-# 1. Redistributions of this script must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
-# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
-# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
-# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-
-VERSION=0.97
-GCVER=1.28
-ARCH=${ARCH:-x86_64}
-BUILD=7
-
-NUMJOBS=${NUMJOBS:-" -j7 "}
-
-if [ "$ARCH" = "i486" ]; then
- SLKCFLAGS="-O2 -march=i486 -mtune=i686"
-elif [ "$ARCH" = "s390" ]; then
- SLKCFLAGS="-O2"
-elif [ "$ARCH" = "x86_64" ]; then
- SLKCFLAGS="-O2"
-fi
-
-CWD=$(pwd)
-TMP=${TMP:-/tmp}
-PKG=$TMP/package-grub
-
-rm -rf $PKG
-mkdir -p $PKG $TMP
-cd $TMP
-rm -rf grub-$VERSION
-tar xvf $CWD/grub-$VERSION.tar.gz || exit 1
-cd grub-$VERSION || exit 1
-
-# This is needed for the optional (but now default) increase in
-# inode size from 128 to 256 bytes with ext2 and ext3:
-zcat $CWD/grub_support_256byte_inode.patch.gz | patch -p1 --verbose || exit 1
-
-zcat $CWD/grub-0.97-x86_64.patch.gz | patch -p1 || exit 1
-
-chown -R root:root .
-find . \
- \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
- -exec chmod 755 {} \; -o \
- \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
- -exec chmod 644 {} \;
-
-CFLAGS="$SLKCFLAGS" \
-./configure \
- --prefix=/usr \
- --infodir=/usr/info \
- --mandir=/usr/man
-
-make $NUMJOBS || make || exit 1
-make install DESTDIR=$PKG || exit 1
-
-find $PKG | xargs file | grep -e "executable" -e "shared object" \
- | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
-
-# Compress and if needed symlink the man pages:
-if [ -d $PKG/usr/man ]; then
- ( cd $PKG/usr/man
- for manpagedir in $(find . -type d -name "man*") ; do
- ( cd $manpagedir
- for eachpage in $( find . -type l -maxdepth 1) ; do
- ln -s $( readlink $eachpage ).gz $eachpage.gz
- rm $eachpage
- done
- gzip -9 *.?
- )
- done
- )
-fi
-
-# Compress info pages and purge "dir" file from the package:
-if [ -d $PKG/usr/info ]; then
- ( cd $PKG/usr/info
- rm -f dir
- gzip -9 *
- )
-fi
-
-mkdir -p $PKG/usr/doc/grub-$VERSION
-cp -a \
- AUTHORS BUGS COPYING INSTALL MAINTENANCE NEWS README THANKS TODO \
- $PKG/usr/doc/grub-$VERSION
-
-mkdir -p $PKG/install
-cat $CWD/slack-desc > $PKG/install/slack-desc
-
-# Add Kent's grubconfig tool:
-cd $TMP
-rm -rf grubconfig-$GCVER
-tar xf $CWD/grubconfig-${GCVER}.tar.gz || exit 1
-cd grubconfig-$GCVER || exit 1
-zcat $CWD/grubconfig_localefix.patch.gz | patch || exit 1
-chown -R root:root .
-chmod 644 README
-chmod 755 grubconfig
-mkdir -p $PKG/usr/doc/grubconfig-${GCVER}
-cp -a README $PKG/usr/doc/grubconfig-${GCVER}
-cp -a grubconfig $PKG/usr/sbin/grubconfig
-
-cd $PKG
-/sbin/makepkg -l y -c n $TMP/grub-$VERSION-$ARCH-$BUILD.txz
-
diff --git a/extra/source/grub/grub_support_256byte_inode.patch b/extra/source/grub/grub_support_256byte_inode.patch
deleted file mode 100644
index bef3bc18..00000000
--- a/extra/source/grub/grub_support_256byte_inode.patch
+++ /dev/null
@@ -1,94 +0,0 @@
-diff -Nrup a/stage2/fsys_ext2fs.c b/stage2/fsys_ext2fs.c
---- a/stage2/fsys_ext2fs.c 2004-08-08 20:19:18.000000000 +0200
-+++ b/stage2/fsys_ext2fs.c 2008-01-30 14:27:20.000000000 +0100
-@@ -79,7 +79,52 @@ struct ext2_super_block
- __u32 s_rev_level; /* Revision level */
- __u16 s_def_resuid; /* Default uid for reserved blocks */
- __u16 s_def_resgid; /* Default gid for reserved blocks */
-- __u32 s_reserved[235]; /* Padding to the end of the block */
-+ /*
-+ * These fields are for EXT2_DYNAMIC_REV superblocks only.
-+ *
-+ * Note: the difference between the compatible feature set and
-+ * the incompatible feature set is that if there is a bit set
-+ * in the incompatible feature set that the kernel doesn't
-+ * know about, it should refuse to mount the filesystem.
-+ *
-+ * e2fsck's requirements are more strict; if it doesn't know
-+ * about a feature in either the compatible or incompatible
-+ * feature set, it must abort and not try to meddle with
-+ * things it doesn't understand...
-+ */
-+ __u32 s_first_ino; /* First non-reserved inode */
-+ __u16 s_inode_size; /* size of inode structure */
-+ __u16 s_block_group_nr; /* block group # of this superblock */
-+ __u32 s_feature_compat; /* compatible feature set */
-+ __u32 s_feature_incompat; /* incompatible feature set */
-+ __u32 s_feature_ro_compat; /* readonly-compatible feature set */
-+ __u8 s_uuid[16]; /* 128-bit uuid for volume */
-+ char s_volume_name[16]; /* volume name */
-+ char s_last_mounted[64]; /* directory where last mounted */
-+ __u32 s_algorithm_usage_bitmap; /* For compression */
-+ /*
-+ * Performance hints. Directory preallocation should only
-+ * happen if the EXT2_FEATURE_COMPAT_DIR_PREALLOC flag is on.
-+ */
-+ __u8 s_prealloc_blocks; /* Nr of blocks to try to preallocate*/
-+ __u8 s_prealloc_dir_blocks; /* Nr to preallocate for dirs */
-+ __u16 s_reserved_gdt_blocks;/* Per group table for online growth */
-+ /*
-+ * Journaling support valid if EXT2_FEATURE_COMPAT_HAS_JOURNAL set.
-+ */
-+ __u8 s_journal_uuid[16]; /* uuid of journal superblock */
-+ __u32 s_journal_inum; /* inode number of journal file */
-+ __u32 s_journal_dev; /* device number of journal file */
-+ __u32 s_last_orphan; /* start of list of inodes to delete */
-+ __u32 s_hash_seed[4]; /* HTREE hash seed */
-+ __u8 s_def_hash_version; /* Default hash version to use */
-+ __u8 s_jnl_backup_type; /* Default type of journal backup */
-+ __u16 s_reserved_word_pad;
-+ __u32 s_default_mount_opts;
-+ __u32 s_first_meta_bg; /* First metablock group */
-+ __u32 s_mkfs_time; /* When the filesystem was created */
-+ __u32 s_jnl_blocks[17]; /* Backup of the journal inode */
-+ __u32 s_reserved[172]; /* Padding to the end of the block */
- };
-
- struct ext2_group_desc
-@@ -218,6 +263,9 @@ struct ext2_dir_entry
- #define EXT2_ADDR_PER_BLOCK(s) (EXT2_BLOCK_SIZE(s) / sizeof (__u32))
- #define EXT2_ADDR_PER_BLOCK_BITS(s) (log2(EXT2_ADDR_PER_BLOCK(s)))
-
-+#define EXT2_INODE_SIZE(s) (SUPERBLOCK->s_inode_size)
-+#define EXT2_INODES_PER_BLOCK(s) (EXT2_BLOCK_SIZE(s)/EXT2_INODE_SIZE(s))
-+
- /* linux/ext2_fs.h */
- #define EXT2_BLOCK_SIZE_BITS(s) ((s)->s_log_block_size + 10)
- /* kind of from ext2/super.c */
-@@ -553,7 +601,7 @@ ext2fs_dir (char *dirname)
- gdp = GROUP_DESC;
- ino_blk = gdp[desc].bg_inode_table +
- (((current_ino - 1) % (SUPERBLOCK->s_inodes_per_group))
-- >> log2 (EXT2_BLOCK_SIZE (SUPERBLOCK) / sizeof (struct ext2_inode)));
-+ >> log2 (EXT2_INODES_PER_BLOCK (SUPERBLOCK)));
- #ifdef E2DEBUG
- printf ("inode table fsblock=%d\n", ino_blk);
- #endif /* E2DEBUG */
-@@ -565,13 +613,12 @@ ext2fs_dir (char *dirname)
- /* reset indirect blocks! */
- mapblock2 = mapblock1 = -1;
-
-- raw_inode = INODE +
-- ((current_ino - 1)
-- & (EXT2_BLOCK_SIZE (SUPERBLOCK) / sizeof (struct ext2_inode) - 1));
-+ raw_inode = (struct ext2_inode *)((char *)INODE +
-+ ((current_ino - 1) & (EXT2_INODES_PER_BLOCK (SUPERBLOCK) - 1)) *
-+ EXT2_INODE_SIZE (SUPERBLOCK));
- #ifdef E2DEBUG
- printf ("ipb=%d, sizeof(inode)=%d\n",
-- (EXT2_BLOCK_SIZE (SUPERBLOCK) / sizeof (struct ext2_inode)),
-- sizeof (struct ext2_inode));
-+ EXT2_INODES_PER_BLOCK (SUPERBLOCK), EXT2_INODE_SIZE (SUPERBLOCK));
- printf ("inode=%x, raw_inode=%x\n", INODE, raw_inode);
- printf ("offset into inode table block=%d\n", (int) raw_inode - (int) INODE);
- for (i = (unsigned char *) INODE; i <= (unsigned char *) raw_inode;
diff --git a/extra/source/grub/grubconfig_localefix.patch b/extra/source/grub/grubconfig_localefix.patch
deleted file mode 100644
index 6c1d4e9f..00000000
--- a/extra/source/grub/grubconfig_localefix.patch
+++ /dev/null
@@ -1,32 +0,0 @@
---- /usr/sbin/grubconfig 2006-03-24 09:28:41.000000000 +0100
-+++ _developpement/debug/grubconfig 2007-05-12 16:51:57.000000000 +0200
-@@ -53,6 +53,10 @@
- rm -rf $TMP $BOOT_TMP
- mkdir -p $TMP $BOOT_TMP
-
-+# We need to ensure the output is in english in order to match the devices
-+# with fdisk.
-+export LC_ALL=C
-+
- PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin
-
- # Menu to check if we want to use VESA framebuffer support:
-@@ -475,7 +479,8 @@
- chmod 644 $BOOT/grub/$grub_config
- message=yes
- installcolor;
-- umount $BOOT_TMP 2>$TMP/null && rmdir $BOOT_TMP
-+ umount $BOOT_TMP 2> $TMP/null
-+ rmdir $BOOT_TMP 2> $TMP/null
- rm -rf $TMP
- }
-
-@@ -1004,8 +1009,6 @@
- KILL=NO
- fi
- simplegrub
-- umount $BOOT_TMP 2>$TMP/null
-- rm -rf $TMP $BOOT_TMP
- chroot_umount
- exit
- fi
diff --git a/extra/source/grub/slack-desc b/extra/source/grub/slack-desc
deleted file mode 100644
index f3bead79..00000000
--- a/extra/source/grub/slack-desc
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description. Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in. You must
-# make exactly 11 lines for the formatting to be correct. It's also
-# customary to leave one space after the ':'.
-
- |-----handy-ruler------------------------------------------------------|
-grub: grub (GNU GRUB Legacy bootloader)
-grub:
-grub: This is the legacy (0.9x) version of GNU GRUB, the GRand Unified
-grub: Bootloader. GRUB is an alternative to other familiar bootloaders
-grub: such as LILO. Unlike LILO, it loads a kernel through direct file-
-grub: system support rather than a block list so it does not need to be
-grub: updated if a new kernel is installed.
-grub:
-grub: Also included is Kent Robotti's 'grubconfig' tool (similar to the
-grub: Slackware 'liloconfig' setup tool).
-grub:
diff --git a/extra/source/pam/make-pam-solibs-for-chrome.sh b/extra/source/pam/make-pam-solibs-for-chrome.sh
deleted file mode 100755
index e7cd4c9e..00000000
--- a/extra/source/pam/make-pam-solibs-for-chrome.sh
+++ /dev/null
@@ -1,84 +0,0 @@
-#!/bin/sh
-
-# Copyright 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA
-# All rights reserved.
-#
-# Redistribution and use of this script, with or without modification, is
-# permitted provided that the following conditions are met:
-#
-# 1. Redistributions of this script must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
-# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
-# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
-# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-# This expects to find a file pam-*.txz in the local directory that
-# will contain a usable PAM shared library to satify the requirement
-# for that library. To get whatever is actually using PAM working is
-# going to need more PAM structure installed, but luckily I've yet to
-# encounter what needs it and everything works fine with only the
-# libpam.so.0 installed.
-
-if ! ls pam-*-*-*.txz 1> /dev/null 2> /dev/null ; then
- echo "FAIL: no Slackware pam txz package found."
- exit 1
-fi
-
-PKGNAM=google-chrome-pam-solibs
-VERSION=${VERSION:-$(echo pam-*-*-*.txz | cut -f 2 -d -)}
-ARCH=${ARCH:-$(echo pam-*-*-*.txz | cut -f 3 -d -)}
-BUILD=${BUILD:-$(echo pam-*-*-*.txz | cut -f 4 -d - | cut -f 1 -d .)}
-
-CWD=$(pwd)
-TMP=${TMP:-/tmp}
-PKG=$TMP/package-$PKGNAM
-rm -rf $PKG
-mkdir -p $TMP $PKG
-
-cd $PKG
-mkdir tmp
-( cd tmp
- explodepkg $CWD/pam-$VERSION-$ARCH-$BUILD.txz
- sh install/doinst.sh
-)
-mkdir -p $PKG/opt/google/chrome
-if [ -d tmp/lib64 ]; then
- cp -a tmp/lib64/libpam.so.0* $PKG/opt/google/chrome
-else
- cp -a tmp/lib/libpam.so.0* $PKG/opt/google/chrome
-fi
-rm -rf $PKG/tmp
-
-mkdir -p $PKG/install
-cat << EOF > $PKG/install/slack-desc
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description. Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in. You must
-# make exactly 11 lines for the formatting to be correct. It's also
-# customary to leave one space after the ':'.
- |-----handy-ruler------------------------------------------------------|
-google-chrome-pam-solibs: google-chrome-pam-solibs (libpam.so.0)
-google-chrome-pam-solibs:
-google-chrome-pam-solibs: This is a package that provides libpam.so.0 to satisfy the library
-google-chrome-pam-solibs: requirement for Google Chrome when that is installed in the
-google-chrome-pam-solibs: usual /opt/google/chrome directory. It does not provide any other
-google-chrome-pam-solibs: PAM features, and cannot be used to compile against or by other
-google-chrome-pam-solibs: programs. If you need real PAM for some reason (like to compile
-google-chrome-pam-solibs: Chromium), please see the pam.SlackBuild in the source directory.
-google-chrome-pam-solibs:
-google-chrome-pam-solibs:
-google-chrome-pam-solibs:
-EOF
-
-cd $PKG
-/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD$TAG.txz
-
diff --git a/extra/source/pam/pam.SlackBuild b/extra/source/pam/pam.SlackBuild
deleted file mode 100755
index bbea0617..00000000
--- a/extra/source/pam/pam.SlackBuild
+++ /dev/null
@@ -1,173 +0,0 @@
-#!/bin/sh
-
-# Copyright 2010 Vincent Batts, vbatts@hashbangbash.com
-# Copyright 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA
-# All rights reserved.
-#
-# Redistribution and use of this script, with or without modification, is
-# permitted provided that the following conditions are met:
-#
-# 1. Redistributions of this script must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
-# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
-# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
-# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-# Call the church police! ;-)
-SRCNAM=Linux-PAM
-PKGNAM=pam
-PAMRHVER=${PAMRHVER:-$(echo pam-redhat-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1,2 -d - | rev)}
-VERSION=${VERSION:-$(echo $SRCNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
-
-# Automatically determine the architecture we're building on:
-if [ -z "$ARCH" ]; then
- case "$( uname -m )" in
- i?86) export ARCH=i486 ;;
- arm*) export ARCH=arm ;;
- # Unless $ARCH is already set, use uname -m for all other archs:
- *) export ARCH=$( uname -m ) ;;
- esac
-fi
-
-NUMJOBS=${NUMJOBS:--j7}
-
-if [ "$ARCH" = "i386" ]; then
- SLKCFLAGS="-O2 -march=i386 -mcpu=i686"
- LIBDIRSUFFIX=""
-elif [ "$ARCH" = "i486" ]; then
- SLKCFLAGS="-O2 -march=i486 -mtune=i686"
- LIBDIRSUFFIX=""
-elif [ "$ARCH" = "s390" ]; then
- SLKCFLAGS="-O2"
- LIBDIRSUFFIX=""
-elif [ "$ARCH" = "x86_64" ]; then
- SLKCFLAGS="-O2 -fPIC"
- LIBDIRSUFFIX="64"
-else
- SLKCFLAGS="-O2"
- LIBDIRSUFFIX=""
-fi
-
-CWD=$(pwd)
-TMP=${TMP:-/tmp}
-PKG=$TMP/package-$PKGNAM
-
-rm -rf $PKG
-mkdir -p $TMP $PKG
-
-cd $TMP
-rm -rf $SRCNAM-$VERSION
-tar xvf $CWD/$SRCNAM-$VERSION.tar.?z* || exit 1
-cd $SRCNAM-$VERSION || exit 1
-
-# Better take the Red Hat added modules and patches, because that's very
-# likely to be the most standard as far as PAM goes:
-tar xvf $CWD/pam-redhat-$PAMRHVER.tar.?z* || exit 1
-mv pam-redhat-$PAMRHVER/{CHANGELOG*,COPYING*,README*} .
-mv pam-redhat-$PAMRHVER/* modules
-zcat $CWD/patches/pam-1.0.90-redhat-modules.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/patches/pam-1.0.91-std-noclose.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/patches/pam-1.1.0-notally.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/patches/pam-1.1.1-faillock.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/patches/pam-1.1.2-noflex.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/patches/pam-1.1.3-faillock-screensaver.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/patches/pam-1.1.3-limits-nosetreuid.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/patches/pam-1.1.3-limits-range.patch.gz | patch -p0 --verbose || exit 1
-zcat $CWD/patches/pam-1.1.3-nouserenv.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/patches/pam-1.1.3-pwhistory-incomplete.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/patches/pam-1.1.3-securetty-console.patch.gz | patch -p0 --verbose || exit 1
-
-# Churn some patches from .am -> .in:
-autoreconf -f
-
-# Make these 2 man pages or the build falls over later on:
-( cd modules/pam_faillock
- xmlto man faillock.8.xml
- xmlto man pam_faillock.8.xml
-)
-
-chown -R root:root .
-find . \
- \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
- -exec chmod 755 {} \; -o \
- \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
- -exec chmod 644 {} \;
-
-CFLAGS="$SLKCFLAGS" \
-CXXFLAGS="$SLKCFLAGS" \
-./configure \
- --prefix=/ \
- --libdir=/lib${LIBDIRSUFFIX} \
- --sysconfdir=/etc \
- --includedir=/usr/include/security \
- --datarootdir=/usr/share \
- --localstatedir=/var \
- --mandir=/usr/man \
- --docdir=/usr/doc/$PKGNAM-$VERSION \
- --enable-read-both-confs \
- --disable-prelude \
- --disable-selinux \
- --build=$ARCH-slackware-linux || exit 1
-
-make $NUMJOBS || make || exit 1
-make install DESTDIR=$PKG || exit 1
-
-# this is a pam helper, that can only be called from pam
-chown root:shadow $PKG/sbin/unix_chkpwd
-chmod g+s $PKG/sbin/unix_chkpwd
-
-# Strip binaries:
-( cd $PKG
- find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
- find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
-)
-
-# Compress and if needed symlink the man pages:
-if [ -d $PKG/usr/man ]; then
- ( cd $PKG/usr/man
- for manpagedir in $(find . -type d -name "man*") ; do
- ( cd $manpagedir
- for eachpage in $( find . -type l -maxdepth 1) ; do
- ln -s $( readlink $eachpage ).gz $eachpage.gz
- rm $eachpage
- done
- gzip -9 *.?
- )
- done
- )
-fi
-
-mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
-cp -a \
- AUTHORS COPYING* Copyright NEWS README* \
- $PKG/usr/doc/$PKGNAM-$VERSION
-
-# If there's a ChangeLog, installing at least part of the recent history
-# is useful, but don't let it get totally out of control:
-if [ -r ChangeLog ]; then
- DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION)
- cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog
- touch -r ChangeLog $DOCSDIR/ChangeLog
-fi
-if [ -r CHANGELOG ]; then
- DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION)
- cat CHANGELOG | head -n 1000 > $DOCSDIR/CHANGELOG
- touch -r CHANGELOG $DOCSDIR/CHANGELOG
-fi
-rm -f $PKG/usr/doc/$PKGNAM-$VERSION/index.html
-
-mkdir -p $PKG/install
-cat $CWD/slack-desc > $PKG/install/slack-desc
-
-cd $PKG
-/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD$TAG.txz
-
diff --git a/extra/source/pam/patches/pam-1.0.90-redhat-modules.patch b/extra/source/pam/patches/pam-1.0.90-redhat-modules.patch
deleted file mode 100644
index 3ad41ccc..00000000
--- a/extra/source/pam/patches/pam-1.0.90-redhat-modules.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-diff -up Linux-PAM-1.0.90/modules/Makefile.am.redhat-modules Linux-PAM-1.0.90/modules/Makefile.am
---- Linux-PAM-1.0.90/modules/Makefile.am.redhat-modules 2008-11-29 08:27:35.000000000 +0100
-+++ Linux-PAM-1.0.90/modules/Makefile.am 2008-12-16 13:40:16.000000000 +0100
-@@ -3,6 +3,7 @@
- #
-
- SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \
-+ pam_chroot pam_console pam_postgresok \
- pam_env pam_exec pam_faildelay pam_filter pam_ftp \
- pam_group pam_issue pam_keyinit pam_lastlog pam_limits \
- pam_listfile pam_localuser pam_loginuid pam_mail \
-diff -up Linux-PAM-1.0.90/configure.in.redhat-modules Linux-PAM-1.0.90/configure.in
---- Linux-PAM-1.0.90/configure.in.redhat-modules 2008-12-02 16:25:01.000000000 +0100
-+++ Linux-PAM-1.0.90/configure.in 2008-12-16 13:39:11.000000000 +0100
-@@ -531,6 +531,8 @@ AC_CONFIG_FILES([Makefile libpam/Makefil
- libpam_misc/Makefile conf/Makefile conf/pam_conv1/Makefile \
- po/Makefile.in \
- modules/Makefile \
-+ modules/pam_chroot/Makefile modules/pam_console/Makefile \
-+ modules/pam_postgresok/Makefile \
- modules/pam_access/Makefile modules/pam_cracklib/Makefile \
- modules/pam_debug/Makefile modules/pam_deny/Makefile \
- modules/pam_echo/Makefile modules/pam_env/Makefile \
diff --git a/extra/source/pam/patches/pam-1.0.91-std-noclose.patch b/extra/source/pam/patches/pam-1.0.91-std-noclose.patch
deleted file mode 100644
index 73594849..00000000
--- a/extra/source/pam/patches/pam-1.0.91-std-noclose.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-diff -up Linux-PAM-1.0.91/modules/pam_mkhomedir/pam_mkhomedir.c.std-noclose Linux-PAM-1.0.91/modules/pam_mkhomedir/pam_mkhomedir.c
---- Linux-PAM-1.0.91/modules/pam_mkhomedir/pam_mkhomedir.c.std-noclose 2009-03-03 14:56:01.000000000 +0100
-+++ Linux-PAM-1.0.91/modules/pam_mkhomedir/pam_mkhomedir.c 2009-03-26 10:02:15.000000000 +0100
-@@ -131,13 +131,21 @@ create_homedir (pam_handle_t *pamh, int
- if (child == 0) {
- int i;
- struct rlimit rlim;
-+ int dummyfds[2];
- static char *envp[] = { NULL };
- char *args[] = { NULL, NULL, NULL, NULL, NULL };
-
-+ /* replace std file descriptors with a dummy pipe */
-+ if (pipe(dummyfds) == 0) {
-+ dup2(dummyfds[0], STDIN_FILENO);
-+ dup2(dummyfds[1], STDOUT_FILENO);
-+ dup2(dummyfds[1], STDERR_FILENO);
-+ }
-+
- if (getrlimit(RLIMIT_NOFILE, &rlim)==0) {
- if (rlim.rlim_max >= MAX_FD_NO)
- rlim.rlim_max = MAX_FD_NO;
-- for (i=0; i < (int)rlim.rlim_max; i++) {
-+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) {
- close(i);
- }
- }
-diff -up Linux-PAM-1.0.91/modules/pam_unix/support.c.std-noclose Linux-PAM-1.0.91/modules/pam_unix/support.c
---- Linux-PAM-1.0.91/modules/pam_unix/support.c.std-noclose 2009-03-03 14:56:01.000000000 +0100
-+++ Linux-PAM-1.0.91/modules/pam_unix/support.c 2009-03-26 10:08:59.000000000 +0100
-@@ -443,13 +443,16 @@ static int _unix_run_helper_binary(pam_h
-
- /* reopen stdin as pipe */
- dup2(fds[0], STDIN_FILENO);
-+ /* and replace also the stdout/err as the helper will
-+ not write anything there */
-+ dup2(fds[1], STDOUT_FILENO);
-+ dup2(fds[1], STDERR_FILENO);
-
- if (getrlimit(RLIMIT_NOFILE,&rlim)==0) {
- if (rlim.rlim_max >= MAX_FD_NO)
- rlim.rlim_max = MAX_FD_NO;
-- for (i=0; i < (int)rlim.rlim_max; i++) {
-- if (i != STDIN_FILENO)
-- close(i);
-+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) {
-+ close(i);
- }
- }
-
-diff -up Linux-PAM-1.0.91/modules/pam_unix/pam_unix_passwd.c.std-noclose Linux-PAM-1.0.91/modules/pam_unix/pam_unix_passwd.c
---- Linux-PAM-1.0.91/modules/pam_unix/pam_unix_passwd.c.std-noclose 2009-03-03 14:56:01.000000000 +0100
-+++ Linux-PAM-1.0.91/modules/pam_unix/pam_unix_passwd.c 2009-03-26 10:07:06.000000000 +0100
-@@ -175,13 +175,16 @@ static int _unix_run_update_binary(pam_h
-
- /* reopen stdin as pipe */
- dup2(fds[0], STDIN_FILENO);
-+ /* and replace also the stdout/err as the helper will
-+ not write anything there */
-+ dup2(fds[1], STDOUT_FILENO);
-+ dup2(fds[1], STDERR_FILENO);
-
- if (getrlimit(RLIMIT_NOFILE,&rlim)==0) {
- if (rlim.rlim_max >= MAX_FD_NO)
- rlim.rlim_max = MAX_FD_NO;
-- for (i=0; i < (int)rlim.rlim_max; i++) {
-- if (i != STDIN_FILENO)
-- close(i);
-+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) {
-+ close(i);
- }
- }
-
-diff -up Linux-PAM-1.0.91/modules/pam_unix/pam_unix_acct.c.std-noclose Linux-PAM-1.0.91/modules/pam_unix/pam_unix_acct.c
---- Linux-PAM-1.0.91/modules/pam_unix/pam_unix_acct.c.std-noclose 2009-03-03 14:56:01.000000000 +0100
-+++ Linux-PAM-1.0.91/modules/pam_unix/pam_unix_acct.c 2009-03-26 10:05:41.000000000 +0100
-@@ -100,16 +100,18 @@ int _unix_run_verify_binary(pam_handle_t
-
- /* reopen stdout as pipe */
- dup2(fds[1], STDOUT_FILENO);
-+ /* and replace also the stdin, stderr so we do not exec the helper with
-+ tty as stdin, it will not read anything from there anyway */
-+ dup2(fds[0], STDIN_FILENO);
-+ dup2(fds[1], STDERR_FILENO);
-
- /* XXX - should really tidy up PAM here too */
-
- if (getrlimit(RLIMIT_NOFILE,&rlim)==0) {
- if (rlim.rlim_max >= MAX_FD_NO)
- rlim.rlim_max = MAX_FD_NO;
-- for (i=0; i < (int)rlim.rlim_max; i++) {
-- if (i != STDOUT_FILENO) {
-- close(i);
-- }
-+ for (i = STDERR_FILENO + 1; i < (int)rlim.rlim_max; i++) {
-+ close(i);
- }
- }
-
diff --git a/extra/source/pam/patches/pam-1.1.0-notally.patch b/extra/source/pam/patches/pam-1.1.0-notally.patch
deleted file mode 100644
index 9327eecb..00000000
--- a/extra/source/pam/patches/pam-1.1.0-notally.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -up Linux-PAM-1.1.0/modules/Makefile.am.notally Linux-PAM-1.1.0/modules/Makefile.am
---- Linux-PAM-1.1.0/modules/Makefile.am.notally 2009-07-27 17:39:25.000000000 +0200
-+++ Linux-PAM-1.1.0/modules/Makefile.am 2009-09-01 17:40:16.000000000 +0200
-@@ -10,7 +10,7 @@ SUBDIRS = pam_access pam_cracklib pam_de
- pam_mkhomedir pam_motd pam_namespace pam_nologin \
- pam_permit pam_pwhistory pam_rhosts pam_rootok pam_securetty \
- pam_selinux pam_sepermit pam_shells pam_stress \
-- pam_succeed_if pam_tally pam_tally2 pam_time pam_timestamp \
-+ pam_succeed_if pam_tally2 pam_time pam_timestamp \
- pam_tty_audit pam_umask \
- pam_unix pam_userdb pam_warn pam_wheel pam_xauth
-
diff --git a/extra/source/pam/patches/pam-1.1.1-faillock.patch b/extra/source/pam/patches/pam-1.1.1-faillock.patch
deleted file mode 100644
index 46f30374..00000000
--- a/extra/source/pam/patches/pam-1.1.1-faillock.patch
+++ /dev/null
@@ -1,1712 +0,0 @@
-diff -up Linux-PAM-1.1.1/configure.in.faillock Linux-PAM-1.1.1/configure.in
---- Linux-PAM-1.1.1/configure.in.faillock 2010-09-17 15:58:41.000000000 +0200
-+++ Linux-PAM-1.1.1/configure.in 2010-09-17 15:58:41.000000000 +0200
-@@ -539,7 +539,7 @@ AC_CONFIG_FILES([Makefile libpam/Makefil
- modules/pam_access/Makefile modules/pam_cracklib/Makefile \
- modules/pam_debug/Makefile modules/pam_deny/Makefile \
- modules/pam_echo/Makefile modules/pam_env/Makefile \
-- modules/pam_faildelay/Makefile \
-+ modules/pam_faildelay/Makefile modules/pam_faillock/Makefile \
- modules/pam_filter/Makefile modules/pam_filter/upperLOWER/Makefile \
- modules/pam_ftp/Makefile modules/pam_group/Makefile \
- modules/pam_issue/Makefile modules/pam_keyinit/Makefile \
-diff -up Linux-PAM-1.1.1/doc/sag/pam_faillock.xml.faillock Linux-PAM-1.1.1/doc/sag/pam_faillock.xml
---- Linux-PAM-1.1.1/doc/sag/pam_faillock.xml.faillock 2010-09-17 16:05:56.000000000 +0200
-+++ Linux-PAM-1.1.1/doc/sag/pam_faillock.xml 2010-09-17 16:08:26.000000000 +0200
-@@ -0,0 +1,38 @@
-+<?xml version='1.0' encoding='UTF-8'?>
-+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
-+ "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
-+<section id='sag-pam_faillock'>
-+ <title>pam_faillock - temporarily locking access based on failed authentication attempts during an interval</title>
-+ <cmdsynopsis>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_faillock-cmdsynopsisauth"]/*)'/>
-+ </cmdsynopsis>
-+ <cmdsynopsis>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//cmdsynopsis[@id = "pam_faillock-cmdsynopsisacct"]/*)'/>
-+ </cmdsynopsis>
-+ <section id='sag-pam_faillock-description'>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-description"]/*)'/>
-+ </section>
-+ <section id='sag-pam_faillock-options'>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-options"]/*)'/>
-+ </section>
-+ <section id='sag-pam_faillock-types'>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-types"]/*)'/>
-+ </section>
-+ <section id='sag-pam_faillock-return_values'>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-return_values"]/*)'/>
-+ </section>
-+ <section id='sag-pam_faillock-examples'>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-examples"]/*)'/>
-+ </section>
-+ <section id='sag-pam_faillock-author'>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="../../modules/pam_faillock/pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-author"]/*)'/>
-+ </section>
-+</section>
-diff -up Linux-PAM-1.1.1/modules/Makefile.am.faillock Linux-PAM-1.1.1/modules/Makefile.am
---- Linux-PAM-1.1.1/modules/Makefile.am.faillock 2010-09-17 15:58:41.000000000 +0200
-+++ Linux-PAM-1.1.1/modules/Makefile.am 2010-09-17 15:58:41.000000000 +0200
-@@ -3,7 +3,7 @@
- #
-
- SUBDIRS = pam_access pam_cracklib pam_debug pam_deny pam_echo \
-- pam_chroot pam_console pam_postgresok \
-+ pam_chroot pam_console pam_postgresok pam_faillock \
- pam_env pam_exec pam_faildelay pam_filter pam_ftp \
- pam_group pam_issue pam_keyinit pam_lastlog pam_limits \
- pam_listfile pam_localuser pam_loginuid pam_mail \
-diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.c.faillock Linux-PAM-1.1.1/modules/pam_faillock/faillock.c
---- Linux-PAM-1.1.1/modules/pam_faillock/faillock.c.faillock 2010-09-17 15:58:41.000000000 +0200
-+++ Linux-PAM-1.1.1/modules/pam_faillock/faillock.c 2010-09-17 15:58:41.000000000 +0200
-@@ -0,0 +1,147 @@
-+/*
-+ * Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com>
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the above copyright
-+ * notice, and the entire permission notice in its entirety,
-+ * including the disclaimer of warranties.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. The name of the author may not be used to endorse or promote
-+ * products derived from this software without specific prior
-+ * written permission.
-+ *
-+ * ALTERNATIVELY, this product may be distributed under the terms of
-+ * the GNU Public License, in which case the provisions of the GPL are
-+ * required INSTEAD OF the above restrictions. (This clause is
-+ * necessary due to a potential bad interaction between the GPL and
-+ * the restrictions contained in a BSD-style copyright.)
-+ *
-+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
-+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
-+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-+ * OF THE POSSIBILITY OF SUCH DAMAGE.
-+ */
-+
-+#include "config.h"
-+#include <string.h>
-+#include <stdlib.h>
-+#include <unistd.h>
-+#include <errno.h>
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <sys/file.h>
-+#include <fcntl.h>
-+#include <security/pam_modutil.h>
-+
-+#include "faillock.h"
-+
-+int
-+open_tally (const char *dir, const char *user, int create)
-+{
-+ char *path;
-+ int flags = O_RDWR;
-+ int fd;
-+
-+ if (strstr(user, "../") != NULL)
-+ /* just a defensive programming as the user must be a
-+ * valid user on the system anyway
-+ */
-+ return -1;
-+ path = malloc(strlen(dir) + strlen(user) + 2);
-+ if (path == NULL)
-+ return -1;
-+
-+ strcpy(path, dir);
-+ if (*dir && dir[strlen(dir) - 1] != '/') {
-+ strcat(path, "/");
-+ }
-+ strcat(path, user);
-+
-+ if (create) {
-+ flags |= O_CREAT;
-+ }
-+
-+ fd = open(path, flags, 0600);
-+
-+ if (fd != -1)
-+ while (flock(fd, LOCK_EX) == -1 && errno == EINTR);
-+
-+ return fd;
-+}
-+
-+#define CHUNK_SIZE (64 * sizeof(struct tally))
-+#define MAX_RECORDS 1024
-+
-+int
-+read_tally(int fd, struct tally_data *tallies)
-+{
-+ void *data = NULL, *newdata;
-+ unsigned int count = 0;
-+ ssize_t chunk = 0;
-+
-+ do {
-+ newdata = realloc(data, count * sizeof(struct tally) + CHUNK_SIZE);
-+ if (newdata == NULL) {
-+ free(data);
-+ return -1;
-+ }
-+
-+ data = newdata;
-+
-+ chunk = pam_modutil_read(fd, (char *)data + count * sizeof(struct tally), CHUNK_SIZE);
-+ if (chunk < 0) {
-+ free(data);
-+ return -1;
-+ }
-+
-+ count += chunk/sizeof(struct tally);
-+
-+ if (count >= MAX_RECORDS)
-+ break;
-+ }
-+ while (chunk == CHUNK_SIZE);
-+
-+ tallies->records = data;
-+ tallies->count = count;
-+
-+ return 0;
-+}
-+
-+int
-+update_tally(int fd, struct tally_data *tallies)
-+{
-+ void *data = tallies->records;
-+ unsigned int count = tallies->count;
-+ ssize_t chunk;
-+
-+ if (tallies->count > MAX_RECORDS) {
-+ data = tallies->records + (count - MAX_RECORDS);
-+ count = MAX_RECORDS;
-+ }
-+
-+ if (lseek(fd, 0, SEEK_SET) == (off_t)-1) {
-+ return -1;
-+ }
-+
-+ chunk = pam_modutil_write(fd, data, count * sizeof(struct tally));
-+
-+ if (chunk != (ssize_t)(count * sizeof(struct tally))) {
-+ return -1;
-+ }
-+
-+ if (ftruncate(fd, count * sizeof(struct tally)) == -1)
-+ return -1;
-+
-+ return 0;
-+}
-diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.h.faillock Linux-PAM-1.1.1/modules/pam_faillock/faillock.h
---- Linux-PAM-1.1.1/modules/pam_faillock/faillock.h.faillock 2010-09-17 15:58:41.000000000 +0200
-+++ Linux-PAM-1.1.1/modules/pam_faillock/faillock.h 2010-09-17 15:58:41.000000000 +0200
-@@ -0,0 +1,72 @@
-+/*
-+ * Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com>
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the above copyright
-+ * notice, and the entire permission notice in its entirety,
-+ * including the disclaimer of warranties.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. The name of the author may not be used to endorse or promote
-+ * products derived from this software without specific prior
-+ * written permission.
-+ *
-+ * ALTERNATIVELY, this product may be distributed under the terms of
-+ * the GNU Public License, in which case the provisions of the GPL are
-+ * required INSTEAD OF the above restrictions. (This clause is
-+ * necessary due to a potential bad interaction between the GPL and
-+ * the restrictions contained in a BSD-style copyright.)
-+ *
-+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
-+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
-+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-+ * OF THE POSSIBILITY OF SUCH DAMAGE.
-+ */
-+
-+/*
-+ * faillock.h - authentication failure data file record structure
-+ *
-+ * Each record in the file represents an instance of login failure of
-+ * the user at the recorded time
-+ */
-+
-+
-+#ifndef _FAILLOCK_H
-+#define _FAILLOCK_H
-+
-+#include <stdint.h>
-+
-+#define TALLY_STATUS_VALID 0x1 /* the tally file entry is valid */
-+#define TALLY_STATUS_RHOST 0x2 /* the source is rhost */
-+#define TALLY_STATUS_TTY 0x4 /* the source is tty - if both TALLY_FLAG_RHOST and TALLY_FLAG_TTY are not set the source is service */
-+
-+struct tally {
-+ char source[52]; /* rhost or tty of the login failure (not necessarily NULL terminated) */
-+ uint16_t reserved; /* reserved for future use */
-+ uint16_t status; /* record status */
-+ uint64_t time; /* time of the login failure */
-+};
-+/* 64 bytes per entry */
-+
-+struct tally_data {
-+ struct tally *records; /* array of tallies */
-+ unsigned int count; /* number of records */
-+};
-+
-+#define FAILLOCK_DEFAULT_TALLYDIR "/var/run/faillock"
-+
-+int open_tally(const char *dir, const char *user, int create);
-+int read_tally(int fd, struct tally_data *tallies);
-+int update_tally(int fd, struct tally_data *tallies);
-+#endif
-+
-diff -up Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml.faillock Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml
---- Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml.faillock 2010-09-17 15:58:41.000000000 +0200
-+++ Linux-PAM-1.1.1/modules/pam_faillock/faillock.8.xml 2010-09-17 15:58:41.000000000 +0200
-@@ -0,0 +1,123 @@
-+<?xml version="1.0" encoding='UTF-8'?>
-+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
-+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
-+
-+<refentry id="faillock">
-+
-+ <refmeta>
-+ <refentrytitle>faillock</refentrytitle>
-+ <manvolnum>8</manvolnum>
-+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
-+ </refmeta>
-+
-+ <refnamediv id="pam_faillock-name">
-+ <refname>faillock</refname>
-+ <refpurpose>Tool for displaying and modifying the authentication failure record files</refpurpose>
-+ </refnamediv>
-+
-+ <refsynopsisdiv>
-+ <cmdsynopsis id="faillock-cmdsynopsis">
-+ <command>faillock</command>
-+ <arg choice="opt">
-+ --dir <replaceable>/path/to/tally-directory</replaceable>
-+ </arg>
-+ <arg choice="opt">
-+ --user <replaceable>username</replaceable>
-+ </arg>
-+ <arg choice="opt">
-+ --reset
-+ </arg>
-+ </cmdsynopsis>
-+ </refsynopsisdiv>
-+
-+ <refsect1 id="faillock-description">
-+
-+ <title>DESCRIPTION</title>
-+
-+ <para>
-+ The <emphasis>pam_faillock.so</emphasis> module maintains a list of
-+ failed authentication attempts per user during a specified interval
-+ and locks the account in case there were more than
-+ <replaceable>deny</replaceable> consecutive failed authentications.
-+ It stores the failure records into per-user files in the tally
-+ directory.
-+ </para>
-+ <para>
-+ The <command>faillock</command> command is an application which
-+ can be used to examine and modify the contents of the
-+ the tally files. It can display the recent failed authentication
-+ attempts of the <replaceable>username</replaceable> or clear the tally
-+ files of all or individual <replaceable>usernames</replaceable>.
-+ </para>
-+ </refsect1>
-+
-+ <refsect1 id="faillock-options">
-+
-+ <title>OPTIONS</title>
-+ <variablelist>
-+ <varlistentry>
-+ <term>
-+ <option>--dir <replaceable>/path/to/tally-directory</replaceable></option>
-+ </term>
-+ <listitem>
-+ <para>
-+ The directory where the user files with the failure records are kept. The
-+ default is <filename>/var/run/faillock</filename>.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>
-+ <option>--user <replaceable>username</replaceable></option>
-+ </term>
-+ <listitem>
-+ <para>
-+ The user whose failure records should be displayed or cleared.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>
-+ <option>--reset</option>
-+ </term>
-+ <listitem>
-+ <para>
-+ Instead of displaying the user's failure records, clear them.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ </variablelist>
-+ </refsect1>
-+
-+ <refsect1 id="faillock-files">
-+ <title>FILES</title>
-+ <variablelist>
-+ <varlistentry>
-+ <term><filename>/var/run/faillock/*</filename></term>
-+ <listitem>
-+ <para>the files logging the authentication failures for users</para>
-+ </listitem>
-+ </varlistentry>
-+ </variablelist>
-+ </refsect1>
-+
-+ <refsect1 id='faillock-see_also'>
-+ <title>SEE ALSO</title>
-+ <para>
-+ <citerefentry>
-+ <refentrytitle>pam_faillock</refentrytitle><manvolnum>8</manvolnum>
-+ </citerefentry>,
-+ <citerefentry>
-+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
-+ </citerefentry>
-+ </para>
-+ </refsect1>
-+
-+ <refsect1 id='faillock-author'>
-+ <title>AUTHOR</title>
-+ <para>
-+ faillock was written by Tomas Mraz.
-+ </para>
-+ </refsect1>
-+
-+</refentry>
-diff -up Linux-PAM-1.1.1/modules/pam_faillock/main.c.faillock Linux-PAM-1.1.1/modules/pam_faillock/main.c
---- Linux-PAM-1.1.1/modules/pam_faillock/main.c.faillock 2010-09-17 15:58:41.000000000 +0200
-+++ Linux-PAM-1.1.1/modules/pam_faillock/main.c 2010-09-17 15:58:41.000000000 +0200
-@@ -0,0 +1,231 @@
-+/*
-+ * Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com>
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the above copyright
-+ * notice, and the entire permission notice in its entirety,
-+ * including the disclaimer of warranties.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. The name of the author may not be used to endorse or promote
-+ * products derived from this software without specific prior
-+ * written permission.
-+ *
-+ * ALTERNATIVELY, this product may be distributed under the terms of
-+ * the GNU Public License, in which case the provisions of the GPL are
-+ * required INSTEAD OF the above restrictions. (This clause is
-+ * necessary due to a potential bad interaction between the GPL and
-+ * the restrictions contained in a BSD-style copyright.)
-+ *
-+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
-+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
-+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-+ * OF THE POSSIBILITY OF SUCH DAMAGE.
-+ */
-+
-+#include "config.h"
-+
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <string.h>
-+#include <dirent.h>
-+#include <errno.h>
-+#include <pwd.h>
-+#include <time.h>
-+#ifdef HAVE_LIBAUDIT
-+#include <libaudit.h>
-+#endif
-+
-+#include "faillock.h"
-+
-+struct options {
-+ unsigned int reset;
-+ const char *dir;
-+ const char *user;
-+ const char *progname;
-+};
-+
-+static int
-+args_parse(int argc, char **argv, struct options *opts)
-+{
-+ int i;
-+ memset(opts, 0, sizeof(*opts));
-+
-+ opts->dir = FAILLOCK_DEFAULT_TALLYDIR;
-+ opts->progname = argv[0];
-+
-+ for (i = 1; i < argc; ++i) {
-+
-+ if (strcmp(argv[i], "--dir") == 0) {
-+ ++i;
-+ if (i >= argc || strlen(argv[i]) == 0) {
-+ fprintf(stderr, "%s: No directory supplied.\n", argv[0]);
-+ return -1;
-+ }
-+ opts->dir = argv[i];
-+ }
-+ else if (strcmp(argv[i], "--user") == 0) {
-+ ++i;
-+ if (i >= argc || strlen(argv[i]) == 0) {
-+ fprintf(stderr, "%s: No user name supplied.\n", argv[0]);
-+ return -1;
-+ }
-+ opts->user = argv[i];
-+ }
-+ else if (strcmp(argv[i], "--reset") == 0) {
-+ opts->reset = 1;
-+ }
-+ else {
-+ fprintf(stderr, "%s: Unknown option: %s\n", argv[0], argv[i]);
-+ return -1;
-+ }
-+ }
-+ return 0;
-+}
-+
-+static void
-+usage(const char *progname)
-+{
-+ fprintf(stderr, _("Usage: %s [--dir /path/to/tally-directory] [--user username] [--reset]\n"),
-+ progname);
-+}
-+
-+static int
-+do_user(struct options *opts, const char *user)
-+{
-+ int fd;
-+ int rv;
-+ struct tally_data tallies;
-+
-+ fd = open_tally(opts->dir, user, 0);
-+
-+ if (fd == -1) {
-+ if (errno == ENOENT) {
-+ return 0;
-+ }
-+ else {
-+ fprintf(stderr, "%s: Error opening the tally file for %s:",
-+ opts->progname, user);
-+ perror(NULL);
-+ return 3;
-+ }
-+ }
-+ if (opts->reset) {
-+#ifdef HAVE_LIBAUDIT
-+ char buf[64];
-+ int audit_fd;
-+#endif
-+
-+ while ((rv=ftruncate(fd, 0)) == -1 && errno == EINTR);
-+ if (rv == -1) {
-+ fprintf(stderr, "%s: Error clearing the tally file for %s:",
-+ opts->progname, user);
-+ perror(NULL);
-+#ifdef HAVE_LIBAUDIT
-+ }
-+ if ((audit_fd=audit_open()) >= 0) {
-+ struct passwd *pwd;
-+
-+ if ((pwd=getpwnam(user)) != NULL) {
-+ snprintf(buf, sizeof(buf), "faillock reset uid=%u",
-+ pwd->pw_uid);
-+ audit_log_user_message(audit_fd, AUDIT_USER_ACCT,
-+ buf, NULL, NULL, NULL, rv == 0);
-+ }
-+ close(audit_fd);
-+ }
-+ if (rv == -1) {
-+#endif
-+ close(fd);
-+ return 4;
-+ }
-+ }
-+ else {
-+ unsigned int i;
-+
-+ memset(&tallies, 0, sizeof(tallies));
-+ if ((rv=read_tally(fd, &tallies)) == -1) {
-+ fprintf(stderr, "%s: Error reading the tally file for %s:",
-+ opts->progname, user);
-+ perror(NULL);
-+ close(fd);
-+ return 5;
-+ }
-+
-+ printf("%s:\n", user);
-+ printf("%-19s %-5s %-48s %-5s\n", "When", "Type", "Source", "Valid");
-+
-+ for (i = 0; i < tallies.count; i++) {
-+ struct tm *tm;
-+ char timebuf[80];
-+ uint16_t status = tallies.records[i].status;
-+ time_t when = tallies.records[i].time;
-+
-+ tm = localtime(&when);
-+ strftime(timebuf, sizeof(timebuf), "%Y-%m-%d %H:%M:%S", tm);
-+ printf("%-19s %-5s %-52.52s %s\n", timebuf,
-+ status & TALLY_STATUS_RHOST ? "RHOST" : (status & TALLY_STATUS_TTY ? "TTY" : "SVC"),
-+ tallies.records[i].source, status & TALLY_STATUS_VALID ? "V":"I");
-+ }
-+ free(tallies.records);
-+ }
-+ close(fd);
-+ return 0;
-+}
-+
-+static int
-+do_allusers(struct options *opts)
-+{
-+ struct dirent **userlist;
-+ int rv, i;
-+
-+ rv = scandir(opts->dir, &userlist, NULL, alphasort);
-+ if (rv < 0) {
-+ fprintf(stderr, "%s: Error reading tally directory: ", opts->progname);
-+ perror(NULL);
-+ return 2;
-+ }
-+
-+ for (i = 0; i < rv; i++) {
-+ if (userlist[i]->d_name[0] == '.') {
-+ if ((userlist[i]->d_name[1] == '.' && userlist[i]->d_name[2] == '\0') ||
-+ userlist[i]->d_name[1] == '\0')
-+ continue;
-+ }
-+ do_user(opts, userlist[i]->d_name);
-+ free(userlist[i]);
-+ }
-+ free(userlist);
-+
-+ return 0;
-+}
-+
-+
-+/*-----------------------------------------------------------------------*/
-+int
-+main (int argc, char *argv[])
-+{
-+ struct options opts;
-+
-+ if (args_parse(argc, argv, &opts)) {
-+ usage(argv[0]);
-+ return 1;
-+ }
-+
-+ if (opts.user == NULL) {
-+ return do_allusers(&opts);
-+ }
-+
-+ return do_user(&opts, opts.user);
-+}
-+
-diff -up Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am.faillock Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am
---- Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am.faillock 2010-09-17 15:58:41.000000000 +0200
-+++ Linux-PAM-1.1.1/modules/pam_faillock/Makefile.am 2010-09-17 15:58:41.000000000 +0200
-@@ -0,0 +1,43 @@
-+#
-+# Copyright (c) 2005, 2006, 2007, 2009 Thorsten Kukuk <kukuk@thkukuk.de>
-+# Copyright (c) 2008 Red Hat, Inc.
-+# Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com>
-+#
-+
-+CLEANFILES = *~
-+MAINTAINERCLEANFILES = $(MANS) README
-+
-+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_faillock
-+
-+man_MANS = pam_faillock.8 faillock.8
-+XMLS = README.xml pam_faillock.8.xml faillock.8.xml
-+
-+TESTS = tst-pam_faillock
-+
-+securelibdir = $(SECUREDIR)
-+secureconfdir = $(SCONFIGDIR)
-+
-+noinst_HEADERS = faillock.h
-+
-+faillock_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
-+pam_faillock_la_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include
-+
-+pam_faillock_la_LDFLAGS = -no-undefined -avoid-version -module
-+pam_faillock_la_LIBADD = -L$(top_builddir)/libpam -lpam $(LIBAUDIT)
-+if HAVE_VERSIONING
-+ pam_faillock_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
-+endif
-+
-+faillock_LDADD = -L$(top_builddir)/libpam -lpam $(LIBAUDIT)
-+
-+securelib_LTLIBRARIES = pam_faillock.la
-+sbin_PROGRAMS = faillock
-+
-+pam_faillock_la_SOURCES = pam_faillock.c faillock.c
-+faillock_SOURCES = main.c faillock.c
-+
-+if ENABLE_REGENERATE_MAN
-+noinst_DATA = README
-+README: pam_faillock.8.xml
-+-include $(top_srcdir)/Make.xml.rules
-+endif
-diff -up Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c.faillock Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c
---- Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c.faillock 2010-09-17 15:58:41.000000000 +0200
-+++ Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.c 2010-09-17 15:58:41.000000000 +0200
-@@ -0,0 +1,550 @@
-+/*
-+ * Copyright (c) 2010 Tomas Mraz <tmraz@redhat.com>
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the above copyright
-+ * notice, and the entire permission notice in its entirety,
-+ * including the disclaimer of warranties.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. The name of the author may not be used to endorse or promote
-+ * products derived from this software without specific prior
-+ * written permission.
-+ *
-+ * ALTERNATIVELY, this product may be distributed under the terms of
-+ * the GNU Public License, in which case the provisions of the GPL are
-+ * required INSTEAD OF the above restrictions. (This clause is
-+ * necessary due to a potential bad interaction between the GPL and
-+ * the restrictions contained in a BSD-style copyright.)
-+ *
-+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
-+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
-+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-+ * OF THE POSSIBILITY OF SUCH DAMAGE.
-+ */
-+
-+#include "config.h"
-+#include <stdio.h>
-+#include <string.h>
-+#include <unistd.h>
-+#include <stdint.h>
-+#include <stdlib.h>
-+#include <errno.h>
-+#include <time.h>
-+#include <pwd.h>
-+#include <syslog.h>
-+
-+#ifdef HAVE_LIBAUDIT
-+#include <libaudit.h>
-+#endif
-+
-+#include <security/pam_modules.h>
-+#include <security/pam_modutil.h>
-+#include <security/pam_ext.h>
-+
-+#include "faillock.h"
-+
-+#define PAM_SM_AUTH
-+#define PAM_SM_ACCOUNT
-+
-+#define FAILLOCK_ACTION_PREAUTH 0
-+#define FAILLOCK_ACTION_AUTHSUCC 1
-+#define FAILLOCK_ACTION_AUTHFAIL 2
-+
-+#define FAILLOCK_FLAG_DENY_ROOT 0x1
-+#define FAILLOCK_FLAG_AUDIT 0x2
-+#define FAILLOCK_FLAG_SILENT 0x4
-+#define FAILLOCK_FLAG_NO_LOG_INFO 0x8
-+#define FAILLOCK_FLAG_UNLOCKED 0x10
-+
-+#define MAX_TIME_INTERVAL 604800 /* 7 days */
-+
-+struct options {
-+ unsigned int action;
-+ unsigned int flags;
-+ unsigned short deny;
-+ unsigned int fail_interval;
-+ unsigned int unlock_time;
-+ unsigned int root_unlock_time;
-+ const char *dir;
-+ const char *user;
-+ int failures;
-+ uint64_t latest_time;
-+ uid_t uid;
-+ uint64_t now;
-+};
-+
-+static void
-+args_parse(pam_handle_t *pamh, int argc, const char **argv,
-+ int flags, struct options *opts)
-+{
-+ int i;
-+ memset(opts, 0, sizeof(*opts));
-+
-+ opts->dir = FAILLOCK_DEFAULT_TALLYDIR;
-+ opts->deny = 3;
-+ opts->fail_interval = 900;
-+ opts->unlock_time = 600;
-+ opts->root_unlock_time = MAX_TIME_INTERVAL+1;
-+
-+ for (i = 0; i < argc; ++i) {
-+
-+ if (strncmp(argv[i], "dir=", 4) == 0) {
-+ if (argv[i][4] != '/') {
-+ pam_syslog(pamh, LOG_ERR,
-+ "Tally directory is not absolute path (%s); keeping default", argv[i]);
-+ } else {
-+ opts->dir = argv[i]+4;
-+ }
-+ }
-+ else if (strncmp(argv[i], "deny=", 5) == 0) {
-+ if (sscanf(argv[i]+5, "%hu", &opts->deny) != 1) {
-+ pam_syslog(pamh, LOG_ERR,
-+ "Bad number supplied for deny argument");
-+ }
-+ }
-+ else if (strncmp(argv[i], "fail_interval=", 14) == 0) {
-+ unsigned int temp;
-+ if (sscanf(argv[i]+14, "%u", &temp) != 1 ||
-+ temp > MAX_TIME_INTERVAL) {
-+ pam_syslog(pamh, LOG_ERR,
-+ "Bad number supplied for fail_interval argument");
-+ } else {
-+ opts->fail_interval = temp;
-+ }
-+ }
-+ else if (strncmp(argv[i], "unlock_time=", 12) == 0) {
-+ unsigned int temp;
-+ if (sscanf(argv[i]+12, "%u", &temp) != 1 ||
-+ temp > MAX_TIME_INTERVAL) {
-+ pam_syslog(pamh, LOG_ERR,
-+ "Bad number supplied for unlock_time argument");
-+ } else {
-+ opts->unlock_time = temp;
-+ }
-+ }
-+ else if (strncmp(argv[i], "root_unlock_time=", 17) == 0) {
-+ unsigned int temp;
-+ if (sscanf(argv[i]+17, "%u", &temp) != 1 ||
-+ temp > MAX_TIME_INTERVAL) {
-+ pam_syslog(pamh, LOG_ERR,
-+ "Bad number supplied for root_unlock_time argument");
-+ } else {
-+ opts->root_unlock_time = temp;
-+ }
-+ }
-+ else if (strcmp(argv[i], "preauth") == 0) {
-+ opts->action = FAILLOCK_ACTION_PREAUTH;
-+ }
-+ else if (strcmp(argv[i], "authfail") == 0) {
-+ opts->action = FAILLOCK_ACTION_AUTHFAIL;
-+ }
-+ else if (strcmp(argv[i], "authsucc") == 0) {
-+ opts->action = FAILLOCK_ACTION_AUTHSUCC;
-+ }
-+ else if (strcmp(argv[i], "even_deny_root") == 0) {
-+ opts->flags |= FAILLOCK_FLAG_DENY_ROOT;
-+ }
-+ else if (strcmp(argv[i], "audit") == 0) {
-+ opts->flags |= FAILLOCK_FLAG_AUDIT;
-+ }
-+ else if (strcmp(argv[i], "silent") == 0) {
-+ opts->flags |= FAILLOCK_FLAG_SILENT;
-+ }
-+ else if (strcmp(argv[i], "no_log_info") == 0) {
-+ opts->flags |= FAILLOCK_FLAG_NO_LOG_INFO;
-+ }
-+ else {
-+ pam_syslog(pamh, LOG_ERR, "Unknown option: %s", argv[i]);
-+ }
-+ }
-+
-+ if (opts->root_unlock_time == MAX_TIME_INTERVAL+1)
-+ opts->root_unlock_time = opts->unlock_time;
-+ if (flags & PAM_SILENT)
-+ opts->flags |= FAILLOCK_FLAG_SILENT;
-+}
-+
-+static int get_pam_user(pam_handle_t *pamh, struct options *opts)
-+{
-+ const char *user;
-+ int rv;
-+ struct passwd *pwd;
-+
-+ if ((rv=pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS) {
-+ return rv;
-+ }
-+
-+ if (*user == '\0') {
-+ return PAM_IGNORE;
-+ }
-+
-+ if ((pwd=pam_modutil_getpwnam(pamh, user)) == NULL) {
-+ if (opts->flags & FAILLOCK_FLAG_AUDIT) {
-+ pam_syslog(pamh, LOG_ERR, "User unknown: %s", user);
-+ }
-+ else {
-+ pam_syslog(pamh, LOG_ERR, "User unknown");
-+ }
-+ return PAM_IGNORE;
-+ }
-+ opts->user = user;
-+ opts->uid = pwd->pw_uid;
-+ return PAM_SUCCESS;
-+}
-+
-+static int
-+check_tally(pam_handle_t *pamh, struct options *opts, struct tally_data *tallies, int *fd)
-+{
-+ int tfd;
-+ unsigned int i;
-+ uint64_t latest_time;
-+ int failures;
-+
-+ opts->now = time(NULL);
-+
-+ tfd = open_tally(opts->dir, opts->user, 0);
-+
-+ *fd = tfd;
-+
-+ if (tfd == -1) {
-+ if (errno == EACCES || errno == ENOENT) {
-+ return PAM_SUCCESS;
-+ }
-+ pam_syslog(pamh, LOG_ERR, "Error opening the tally file for %s: %m", opts->user);
-+ return PAM_SYSTEM_ERR;
-+ }
-+
-+ if (read_tally(tfd, tallies) != 0) {
-+ pam_syslog(pamh, LOG_ERR, "Error reading the tally file for %s: %m", opts->user);
-+ return PAM_SYSTEM_ERR;
-+ }
-+
-+ if (opts->uid == 0 && !(opts->flags & FAILLOCK_FLAG_DENY_ROOT)) {
-+ return PAM_SUCCESS;
-+ }
-+
-+ latest_time = 0;
-+ for(i = 0; i < tallies->count; i++) {
-+ if ((tallies->records[i].status & TALLY_STATUS_VALID) &&
-+ tallies->records[i].time > latest_time)
-+ latest_time = tallies->records[i].time;
-+ }
-+
-+ opts->latest_time = latest_time;
-+
-+ failures = 0;
-+ for(i = 0; i < tallies->count; i++) {
-+ if ((tallies->records[i].status & TALLY_STATUS_VALID) &&
-+ latest_time - tallies->records[i].time < opts->fail_interval) {
-+ ++failures;
-+ }
-+ }
-+
-+ opts->failures = failures;
-+
-+ if (opts->uid == 0 && !(opts->flags & FAILLOCK_FLAG_DENY_ROOT)) {
-+ return PAM_SUCCESS;
-+ }
-+
-+ if (opts->deny && failures >= opts->deny) {
-+ if ((opts->uid && latest_time + opts->unlock_time < opts->now) ||
-+ (!opts->uid && latest_time + opts->root_unlock_time < opts->now)) {
-+#ifdef HAVE_LIBAUDIT
-+ if (opts->action != FAILLOCK_ACTION_PREAUTH) { /* do not audit in preauth */
-+ char buf[64];
-+ int audit_fd;
-+
-+ audit_fd = audit_open();
-+ /* If there is an error & audit support is in the kernel report error */
-+ if ((audit_fd < 0) && !(errno == EINVAL || errno == EPROTONOSUPPORT ||
-+ errno == EAFNOSUPPORT))
-+ return PAM_SYSTEM_ERR;
-+
-+ snprintf(buf, sizeof(buf), "pam_faillock uid=%u ", opts->uid);
-+ audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_UNLOCK_TIMED, buf,
-+ NULL, NULL, NULL, 1);
-+ }
-+#endif
-+ opts->flags |= FAILLOCK_FLAG_UNLOCKED;
-+ return PAM_SUCCESS;
-+ }
-+ return PAM_AUTH_ERR;
-+ }
-+ return PAM_SUCCESS;
-+}
-+
-+static void
-+reset_tally(pam_handle_t *pamh, struct options *opts, int *fd)
-+{
-+ int rv;
-+
-+ while ((rv=ftruncate(*fd, 0)) == -1 && errno == EINTR);
-+ if (rv == -1) {
-+ pam_syslog(pamh, LOG_ERR, "Error clearing the tally file for %s: %m", opts->user);
-+ }
-+}
-+
-+static int
-+write_tally(pam_handle_t *pamh, struct options *opts, struct tally_data *tallies, int *fd)
-+{
-+ struct tally *records;
-+ unsigned int i;
-+ int failures;
-+ unsigned int oldest;
-+ uint64_t oldtime;
-+ const void *source = NULL;
-+
-+ if (*fd == -1) {
-+ *fd = open_tally(opts->dir, opts->user, 1);
-+ }
-+ if (*fd == -1) {
-+ if (errno == EACCES) {
-+ return PAM_SUCCESS;
-+ }
-+ pam_syslog(pamh, LOG_ERR, "Error opening the tally file for %s: %m", opts->user);
-+ return PAM_SYSTEM_ERR;
-+ }
-+
-+ oldtime = 0;
-+ oldest = 0;
-+ failures = 0;
-+
-+ for (i = 0; i < tallies->count; ++i) {
-+ if (tallies->records[i].time < oldtime) {
-+ oldtime = tallies->records[i].time;
-+ oldest = i;
-+ }
-+ if (opts->flags & FAILLOCK_FLAG_UNLOCKED ||
-+ opts->now - tallies->records[i].time >= opts->fail_interval ) {
-+ tallies->records[i].status &= ~TALLY_STATUS_VALID;
-+ } else {
-+ ++failures;
-+ }
-+ }
-+
-+ if (oldest >= tallies->count || (tallies->records[oldest].status & TALLY_STATUS_VALID)) {
-+ oldest = tallies->count;
-+
-+ if ((records=realloc(tallies->records, (oldest+1) * sizeof (*tallies->records))) == NULL) {
-+ pam_syslog(pamh, LOG_CRIT, "Error allocating memory for tally records: %m");
-+ return PAM_BUF_ERR;
-+ }
-+
-+ ++tallies->count;
-+ tallies->records = records;
-+ }
-+
-+ memset(&tallies->records[oldest], 0, sizeof (*tallies->records));
-+
-+ tallies->records[oldest].status = TALLY_STATUS_VALID;
-+ if (pam_get_item(pamh, PAM_RHOST, &source) != PAM_SUCCESS || source == NULL) {
-+ if (pam_get_item(pamh, PAM_TTY, &source) != PAM_SUCCESS || source == NULL) {
-+ if (pam_get_item(pamh, PAM_SERVICE, &source) != PAM_SUCCESS || source == NULL) {
-+ source = "";
-+ }
-+ }
-+ else {
-+ tallies->records[oldest].status |= TALLY_STATUS_TTY;
-+ }
-+ }
-+ else {
-+ tallies->records[oldest].status |= TALLY_STATUS_RHOST;
-+ }
-+
-+ strncpy(tallies->records[oldest].source, source, sizeof(tallies->records[oldest].source));
-+ /* source does not have to be null terminated */
-+
-+ tallies->records[oldest].time = opts->now;
-+
-+ ++failures;
-+
-+ if (opts->deny && failures == opts->deny) {
-+#ifdef HAVE_LIBAUDIT
-+ char buf[64];
-+ int audit_fd;
-+
-+ audit_fd = audit_open();
-+ /* If there is an error & audit support is in the kernel report error */
-+ if ((audit_fd < 0) && !(errno == EINVAL || errno == EPROTONOSUPPORT ||
-+ errno == EAFNOSUPPORT))
-+ return PAM_SYSTEM_ERR;
-+
-+ snprintf(buf, sizeof(buf), "pam_faillock uid=%u ", opts->uid);
-+ audit_log_user_message(audit_fd, AUDIT_ANOM_LOGIN_FAILURES, buf,
-+ NULL, NULL, NULL, 1);
-+
-+ if (opts->uid != 0 || (opts->flags & FAILLOCK_FLAG_DENY_ROOT)) {
-+ audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_LOCK, buf,
-+ NULL, NULL, NULL, 1);
-+ }
-+ close(audit_fd);
-+#endif
-+ if (!(opts->flags & FAILLOCK_FLAG_NO_LOG_INFO)) {
-+ pam_syslog(pamh, LOG_INFO, "Consecutive login failures for user %s account temporarily locked",
-+ opts->user);
-+ }
-+ }
-+
-+ if (update_tally(*fd, tallies) == 0)
-+ return PAM_SUCCESS;
-+
-+ return PAM_SYSTEM_ERR;
-+}
-+
-+static void
-+faillock_message(pam_handle_t *pamh, struct options *opts)
-+{
-+ int64_t left;
-+
-+ if (!(opts->flags & FAILLOCK_FLAG_SILENT)) {
-+ if (opts->uid) {
-+ left = opts->latest_time + opts->unlock_time - opts->now;
-+ }
-+ else {
-+ left = opts->latest_time + opts->root_unlock_time - opts->now;
-+ }
-+
-+ left /= 60; /* minutes */
-+
-+ pam_info(pamh, _("Account temporarily locked due to %d failed logins"),
-+ opts->failures);
-+ pam_info(pamh, _("(%d minutes left to unlock)"), (int)left);
-+ }
-+}
-+
-+static void
-+tally_cleanup(struct tally_data *tallies, int fd)
-+{
-+ if (fd != -1) {
-+ close(fd);
-+ }
-+
-+ free(tallies->records);
-+}
-+
-+/*---------------------------------------------------------------------*/
-+
-+PAM_EXTERN int
-+pam_sm_authenticate(pam_handle_t *pamh, int flags,
-+ int argc, const char **argv)
-+{
-+ struct options opts;
-+ int rv, fd = -1;
-+ struct tally_data tallies;
-+
-+ memset(&tallies, 0, sizeof(tallies));
-+
-+ args_parse(pamh, argc, argv, flags, &opts);
-+
-+ pam_fail_delay(pamh, 2000000); /* 2 sec delay for on failure */
-+
-+ if ((rv=get_pam_user(pamh, &opts)) != PAM_SUCCESS) {
-+ return rv;
-+ }
-+
-+ switch (opts.action) {
-+ case FAILLOCK_ACTION_PREAUTH:
-+ rv = check_tally(pamh, &opts, &tallies, &fd);
-+ if (rv == PAM_AUTH_ERR && !(opts.flags & FAILLOCK_FLAG_SILENT)) {
-+ faillock_message(pamh, &opts);
-+ }
-+ break;
-+
-+ case FAILLOCK_ACTION_AUTHSUCC:
-+ rv = check_tally(pamh, &opts, &tallies, &fd);
-+ if (rv == PAM_SUCCESS && fd != -1) {
-+ reset_tally(pamh, &opts, &fd);
-+ }
-+ break;
-+
-+ case FAILLOCK_ACTION_AUTHFAIL:
-+ rv = check_tally(pamh, &opts, &tallies, &fd);
-+ if (rv == PAM_SUCCESS) {
-+ rv = PAM_IGNORE; /* this return value should be ignored */
-+ write_tally(pamh, &opts, &tallies, &fd);
-+ }
-+ break;
-+ }
-+
-+ tally_cleanup(&tallies, fd);
-+
-+ return rv;
-+}
-+
-+/*---------------------------------------------------------------------*/
-+
-+PAM_EXTERN int
-+pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED,
-+ int argc UNUSED, const char **argv UNUSED)
-+{
-+ return PAM_SUCCESS;
-+}
-+
-+/*---------------------------------------------------------------------*/
-+
-+PAM_EXTERN int
-+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
-+ int argc, const char **argv)
-+{
-+ struct options opts;
-+ int rv, fd = -1;
-+ struct tally_data tallies;
-+
-+ memset(&tallies, 0, sizeof(tallies));
-+
-+ args_parse(pamh, argc, argv, flags, &opts);
-+
-+ opts.action = FAILLOCK_ACTION_AUTHSUCC;
-+
-+ if ((rv=get_pam_user(pamh, &opts)) != PAM_SUCCESS) {
-+ return rv;
-+ }
-+
-+ check_tally(pamh, &opts, &tallies, &fd);
-+ if (fd != -1) {
-+ reset_tally(pamh, &opts, &fd);
-+ }
-+
-+ tally_cleanup(&tallies, fd);
-+
-+ return PAM_SUCCESS;
-+}
-+
-+/*-----------------------------------------------------------------------*/
-+
-+#ifdef PAM_STATIC
-+
-+/* static module data */
-+
-+struct pam_module _pam_faillock_modstruct = {
-+ MODULE_NAME,
-+#ifdef PAM_SM_AUTH
-+ pam_sm_authenticate,
-+ pam_sm_setcred,
-+#else
-+ NULL,
-+ NULL,
-+#endif
-+#ifdef PAM_SM_ACCOUNT
-+ pam_sm_acct_mgmt,
-+#else
-+ NULL,
-+#endif
-+ NULL,
-+ NULL,
-+ NULL,
-+};
-+
-+#endif /* #ifdef PAM_STATIC */
-+
-diff -up Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml.faillock Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml
---- Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml.faillock 2010-09-17 15:58:41.000000000 +0200
-+++ Linux-PAM-1.1.1/modules/pam_faillock/pam_faillock.8.xml 2010-09-17 15:58:41.000000000 +0200
-@@ -0,0 +1,396 @@
-+<?xml version="1.0" encoding='UTF-8'?>
-+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
-+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
-+
-+<refentry id="pam_faillock">
-+
-+ <refmeta>
-+ <refentrytitle>pam_faillock</refentrytitle>
-+ <manvolnum>8</manvolnum>
-+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
-+ </refmeta>
-+
-+ <refnamediv id="pam_faillock-name">
-+ <refname>pam_faillock</refname>
-+ <refpurpose>Module counting authentication failures during a specified interval</refpurpose>
-+ </refnamediv>
-+
-+ <refsynopsisdiv>
-+ <cmdsynopsis id="pam_faillock-cmdsynopsisauth">
-+ <command>auth ... pam_faillock.so</command>
-+ <arg choice="req">
-+ preauth|authfail|authsucc
-+ </arg>
-+ <arg choice="opt">
-+ dir=<replaceable>/path/to/tally-directory</replaceable>
-+ </arg>
-+ <arg choice="opt">
-+ even_deny_root
-+ </arg>
-+ <arg choice="opt">
-+ deny=<replaceable>n</replaceable>
-+ </arg>
-+ <arg choice="opt">
-+ fail_interval=<replaceable>n</replaceable>
-+ </arg>
-+ <arg choice="opt">
-+ unlock_time=<replaceable>n</replaceable>
-+ </arg>
-+ <arg choice="opt">
-+ root_unlock_time=<replaceable>n</replaceable>
-+ </arg>
-+ <arg choice="opt">
-+ audit
-+ </arg>
-+ <arg choice="opt">
-+ silent
-+ </arg>
-+ <arg choice="opt">
-+ no_log_info
-+ </arg>
-+ </cmdsynopsis>
-+ <cmdsynopsis id="pam_faillock-cmdsynopsisacct">
-+ <command>account ... pam_faillock.so</command>
-+ <arg choice="opt">
-+ dir=<replaceable>/path/to/tally-directory</replaceable>
-+ </arg>
-+ <arg choice="opt">
-+ no_log_info
-+ </arg>
-+ </cmdsynopsis>
-+ </refsynopsisdiv>
-+
-+ <refsect1 id="pam_faillock-description">
-+
-+ <title>DESCRIPTION</title>
-+
-+ <para>
-+ This module maintains a list of failed authentication attempts per
-+ user during a specified interval and locks the account in case
-+ there were more than <replaceable>deny</replaceable> consecutive
-+ failed authentications.
-+ </para>
-+ <para>
-+ Normally, failed attempts to authenticate <emphasis>root</emphasis> will
-+ <emphasis remap='B'>not</emphasis> cause the root account to become
-+ blocked, to prevent denial-of-service: if your users aren't given
-+ shell accounts and root may only login via <command>su</command> or
-+ at the machine console (not telnet/rsh, etc), this is safe.
-+ </para>
-+ </refsect1>
-+
-+ <refsect1 id="pam_faillock-options">
-+
-+ <title>OPTIONS</title>
-+ <variablelist>
-+ <varlistentry>
-+ <term>
-+ <option>{preauth|authfail|authsucc}</option>
-+ </term>
-+ <listitem>
-+ <para>
-+ This argument must be set accordingly to the position of this module
-+ instance in the PAM stack.
-+ </para>
-+ <para>
-+ The <emphasis>preauth</emphasis> argument must be used when the module
-+ is called before the modules which ask for the user credentials such
-+ as the password. The module just examines whether the user should
-+ be blocked from accessing the service in case there were anomalous
-+ number of failed consecutive authentication attempts recently. This
-+ call is optional if <emphasis>authsucc</emphasis> is used.
-+ </para>
-+ <para>
-+ The <emphasis>authfail</emphasis> argument must be used when the module
-+ is called after the modules which determine the authentication outcome,
-+ failed. Unless the user is already blocked due to previous authentication
-+ failures, the module will record the failure into the appropriate user
-+ tally file.
-+ </para>
-+ <para>
-+ The <emphasis>authsucc</emphasis> argument must be used when the module
-+ is called after the modules which determine the authentication outcome,
-+ succeded. Unless the user is already blocked due to previous authentication
-+ failures, the module will then clear the record of the failures in the
-+ respective user tally file. Otherwise it will return authentication error.
-+ If this call is not done, the pam_faillock will not distinguish between
-+ consecutive and non-consecutive failed authentication attempts. The
-+ <emphasis>preauth</emphasis> call must be used in such case. Due to
-+ complications in the way the PAM stack can be configured it is also
-+ possible to call <emphasis>pam_faillock</emphasis> as an account module.
-+ In such configuration the module must be also called in the
-+ <emphasis>preauth</emphasis> stage.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>
-+ <option>dir=<replaceable>/path/to/tally-directory</replaceable></option>
-+ </term>
-+ <listitem>
-+ <para>
-+ The directory where the user files with the failure records are kept. The
-+ default is <filename>/var/run/faillock</filename>.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>
-+ <option>audit</option>
-+ </term>
-+ <listitem>
-+ <para>
-+ Will log the user name into the system log if the user is not found.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>
-+ <option>silent</option>
-+ </term>
-+ <listitem>
-+ <para>
-+ Don't print informative messages. This option is implicite
-+ in the <emphasis>authfail</emphasis> and <emphasis>authsucc</emphasis>
-+ functions.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>
-+ <option>no_log_info</option>
-+ </term>
-+ <listitem>
-+ <para>
-+ Don't log informative messages via <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>
-+ <option>deny=<replaceable>n</replaceable></option>
-+ </term>
-+ <listitem>
-+ <para>
-+ Deny access if the number of consecutive authentication failures
-+ for this user during the recent interval exceeds
-+ <replaceable>n</replaceable>. The default is 3.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>
-+ <option>fail_interval=<replaceable>n</replaceable></option>
-+ </term>
-+ <listitem>
-+ <para>
-+ The length of the interval during which the consecutive
-+ authentication failures must happen for the user account
-+ lock out is <replaceable>n</replaceable> seconds.
-+ The default is 900 (15 minutes).
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>
-+ <option>unlock_time=<replaceable>n</replaceable></option>
-+ </term>
-+ <listitem>
-+ <para>
-+ The access will be reenabled after
-+ <replaceable>n</replaceable> seconds after the lock out.
-+ The default is 600 (10 minutes).
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>
-+ <option>even_deny_root</option>
-+ </term>
-+ <listitem>
-+ <para>
-+ Root account can become locked as well as regular accounts.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>
-+ <option>root_unlock_time=<replaceable>n</replaceable></option>
-+ </term>
-+ <listitem>
-+ <para>
-+ This option implies <option>even_deny_root</option> option.
-+ Allow access after <replaceable>n</replaceable> seconds
-+ to root account after the account is locked. In case the
-+ option is not specified the value is the same as of the
-+ <option>unlock_time</option> option.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ </variablelist>
-+ </refsect1>
-+
-+ <refsect1 id="pam_faillock-types">
-+ <title>MODULE TYPES PROVIDED</title>
-+ <para>
-+ The <option>auth</option> and <option>account</option> module types are
-+ provided.
-+ </para>
-+ </refsect1>
-+
-+ <refsect1 id='pam_faillock-return_values'>
-+ <title>RETURN VALUES</title>
-+ <variablelist>
-+ <varlistentry>
-+ <term>PAM_AUTH_ERR</term>
-+ <listitem>
-+ <para>
-+ A invalid option was given, the module was not able
-+ to retrieve the user name, no valid counter file
-+ was found, or too many failed logins.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>PAM_SUCCESS</term>
-+ <listitem>
-+ <para>
-+ Everything was successful.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ <varlistentry>
-+ <term>PAM_IGNORE</term>
-+ <listitem>
-+ <para>
-+ User not present in passwd database.
-+ </para>
-+ </listitem>
-+ </varlistentry>
-+ </variablelist>
-+ </refsect1>
-+
-+ <refsect1 id='pam_faillock-notes'>
-+ <title>NOTES</title>
-+ <para>
-+ <emphasis>pam_faillock</emphasis> setup in the PAM stack is different
-+ from the <emphasis>pam_tally2</emphasis> module setup.
-+ </para>
-+ <para>
-+ There is no setuid wrapper for access to the data file such as when the
-+ <emphasis remap='B'>pam_faillock.so</emphasis> module is called from
-+ a screensaver. As this would make it impossible to share PAM configuration
-+ with such services the following workaround is used: If the data file
-+ cannot be opened because of insufficient permissions
-+ (<errorcode>EACCES</errorcode>) the module returns
-+ <errorcode>PAM_SUCCESS</errorcode>.
-+ </para>
-+ <para>
-+ Note that using the module in <option>preauth</option> without the
-+ <option>silent</option> option or with <emphasis>requisite</emphasis>
-+ control field leaks an information about existence or
-+ non-existence of an user account in the system because
-+ the failures are not recorded for the unknown users. The message
-+ about the user account being locked is never displayed for nonexisting
-+ user accounts allowing the adversary to infer that a particular account
-+ is not existing on a system.
-+ </para>
-+ </refsect1>
-+
-+ <refsect1 id='pam_faillock-examples'>
-+ <title>EXAMPLES</title>
-+ <para>
-+ Here are two possible configuration examples for <filename>/etc/pam.d/login</filename>.
-+ They make <emphasis>pam_faillock</emphasis> to lock the account after 4 consecutive
-+ failed logins during the default interval of 15 minutes. Root account will be locked
-+ as well. The accounts will be automatically unlocked after 20 minutes.
-+ </para>
-+ <para>
-+ In the first example the module is called only in the <emphasis>auth</emphasis>
-+ phase and the module does not print any information about the account blocking
-+ by <emphasis>pam_faillock</emphasis>. The <emphasis>preauth</emphasis> call can
-+ be added to tell the user that his login is blocked by the module and also to abort
-+ the authentication without even asking for password in such case.
-+ </para>
-+ <programlisting>
-+auth required pam_securetty.so
-+auth required pam_env.so
-+auth required pam_nologin.so
-+# optionally call: auth requisite pam_faillock.so preauth deny=4 even_deny_root unlock_time=1200
-+# to display the message about account being locked
-+auth [success=1 default=bad] pam_unix.so
-+auth [default=die] pam_faillock.so authfail deny=4 even_deny_root unlock_time=1200
-+auth sufficient pam_faillock.so authsucc deny=4 even_deny_root unlock_time=1200
-+auth required pam_deny.so
-+account required pam_unix.so
-+password required pam_unix.so shadow
-+session required pam_selinux.so close
-+session required pam_loginuid.so
-+session required pam_unix.so
-+session required pam_selinux.so open
-+ </programlisting>
-+ <para>
-+ In the second example the module is called both in the <emphasis>auth</emphasis>
-+ and <emphasis>account</emphasis> phases and the module gives the authenticating
-+ user message when the account is locked
-+ </para>
-+ <programlisting>
-+auth required pam_securetty.so
-+auth required pam_env.so
-+auth required pam_nologin.so
-+auth required pam_faillock.so preauth silent deny=4 even_deny_root unlock_time=1200
-+# optionally use requisite above if you do not want to prompt for the password
-+# on locked accounts, possibly with removing the silent option as well
-+auth sufficient pam_unix.so
-+auth [default=die] pam_faillock.so authfail deny=4 even_deny_root unlock_time=1200
-+auth required pam_deny.so
-+account required pam_faillock.so
-+# if you drop the above call to pam_faillock.so the lock will be done also
-+# on non-consecutive authentication failures
-+account required pam_unix.so
-+password required pam_unix.so shadow
-+session required pam_selinux.so close
-+session required pam_loginuid.so
-+session required pam_unix.so
-+session required pam_selinux.so open
-+ </programlisting>
-+ </refsect1>
-+
-+ <refsect1 id="pam_faillock-files">
-+ <title>FILES</title>
-+ <variablelist>
-+ <varlistentry>
-+ <term><filename>/var/run/faillock/*</filename></term>
-+ <listitem>
-+ <para>the files logging the authentication failures for users</para>
-+ </listitem>
-+ </varlistentry>
-+ </variablelist>
-+ </refsect1>
-+
-+ <refsect1 id='pam_faillock-see_also'>
-+ <title>SEE ALSO</title>
-+ <para>
-+ <citerefentry>
-+ <refentrytitle>faillock</refentrytitle><manvolnum>8</manvolnum>
-+ </citerefentry>,
-+ <citerefentry>
-+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
-+ </citerefentry>,
-+ <citerefentry>
-+ <refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum>
-+ </citerefentry>,
-+ <citerefentry>
-+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
-+ </citerefentry>
-+ </para>
-+ </refsect1>
-+
-+ <refsect1 id='pam_faillock-author'>
-+ <title>AUTHOR</title>
-+ <para>
-+ pam_faillock was written by Tomas Mraz.
-+ </para>
-+ </refsect1>
-+
-+</refentry>
-diff -up Linux-PAM-1.1.1/modules/pam_faillock/README.xml.faillock Linux-PAM-1.1.1/modules/pam_faillock/README.xml
---- Linux-PAM-1.1.1/modules/pam_faillock/README.xml.faillock 2010-09-17 15:58:41.000000000 +0200
-+++ Linux-PAM-1.1.1/modules/pam_faillock/README.xml 2010-09-17 15:58:41.000000000 +0200
-@@ -0,0 +1,46 @@
-+<?xml version="1.0" encoding='UTF-8'?>
-+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
-+"http://www.docbook.org/xml/4.3/docbookx.dtd"
-+[
-+<!--
-+<!ENTITY pamaccess SYSTEM "pam_faillock.8.xml">
-+-->
-+]>
-+
-+<article>
-+
-+ <articleinfo>
-+
-+ <title>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="pam_faillock.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_faillock-name"]/*)'/>
-+ </title>
-+
-+ </articleinfo>
-+
-+ <section>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-description"]/*)'/>
-+ </section>
-+
-+ <section>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-options"]/*)'/>
-+ </section>
-+
-+ <section>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-notes"]/*)'/>
-+ </section>
-+
-+ <section>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-examples"]/*)'/>
-+ </section>
-+
-+ <section>
-+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
-+ href="pam_faillock.8.xml" xpointer='xpointer(//refsect1[@id = "pam_faillock-author"]/*)'/>
-+ </section>
-+
-+</article>
-diff -up Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock.faillock Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock
---- Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock.faillock 2010-09-17 15:58:41.000000000 +0200
-+++ Linux-PAM-1.1.1/modules/pam_faillock/tst-pam_faillock 2010-09-17 15:58:41.000000000 +0200
-@@ -0,0 +1,2 @@
-+#!/bin/sh
-+../../tests/tst-dlopen .libs/pam_faillock.so
diff --git a/extra/source/pam/patches/pam-1.1.2-noflex.patch b/extra/source/pam/patches/pam-1.1.2-noflex.patch
deleted file mode 100644
index fc965559..00000000
--- a/extra/source/pam/patches/pam-1.1.2-noflex.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-diff -up Linux-PAM-1.1.2/doc/Makefile.am.noflex Linux-PAM-1.1.2/doc/Makefile.am
---- Linux-PAM-1.1.2/doc/Makefile.am.noflex 2008-02-04 16:05:51.000000000 +0100
-+++ Linux-PAM-1.1.2/doc/Makefile.am 2010-09-20 10:40:59.000000000 +0200
-@@ -2,7 +2,7 @@
- # Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de>
- #
-
--SUBDIRS = man specs sag adg mwg
-+SUBDIRS = man sag adg mwg
-
- CLEANFILES = *~
-
-diff -up Linux-PAM-1.1.2/Makefile.am.noflex Linux-PAM-1.1.2/Makefile.am
---- Linux-PAM-1.1.2/Makefile.am.noflex 2010-07-08 14:04:19.000000000 +0200
-+++ Linux-PAM-1.1.2/Makefile.am 2010-09-20 10:04:56.000000000 +0200
-@@ -5,9 +5,9 @@
- AUTOMAKE_OPTIONS = 1.9 gnu dist-bzip2 check-news
-
- if STATIC_MODULES
--SUBDIRS = modules libpam libpamc libpam_misc tests po conf doc examples xtests
-+SUBDIRS = modules libpam libpamc libpam_misc tests po doc examples xtests
- else
--SUBDIRS = libpam tests libpamc libpam_misc modules po conf doc examples xtests
-+SUBDIRS = libpam tests libpamc libpam_misc modules po doc examples xtests
- endif
-
- CLEANFILES = *~
diff --git a/extra/source/pam/patches/pam-1.1.3-faillock-screensaver.patch b/extra/source/pam/patches/pam-1.1.3-faillock-screensaver.patch
deleted file mode 100644
index 249d2850..00000000
--- a/extra/source/pam/patches/pam-1.1.3-faillock-screensaver.patch
+++ /dev/null
@@ -1,167 +0,0 @@
-diff -up Linux-PAM-1.1.3/modules/pam_faillock/faillock.c.screensaver Linux-PAM-1.1.3/modules/pam_faillock/faillock.c
---- Linux-PAM-1.1.3/modules/pam_faillock/faillock.c.screensaver 2010-11-10 11:46:07.000000000 +0100
-+++ Linux-PAM-1.1.3/modules/pam_faillock/faillock.c 2010-11-10 11:46:07.000000000 +0100
-@@ -41,13 +41,14 @@
- #include <sys/types.h>
- #include <sys/stat.h>
- #include <sys/file.h>
-+#include <sys/stat.h>
- #include <fcntl.h>
- #include <security/pam_modutil.h>
-
- #include "faillock.h"
-
- int
--open_tally (const char *dir, const char *user, int create)
-+open_tally (const char *dir, const char *user, uid_t uid, int create)
- {
- char *path;
- int flags = O_RDWR;
-@@ -69,8 +70,18 @@ open_tally (const char *dir, const char
-
- fd = open(path, flags, 0600);
-
-- if (fd != -1)
-+ free(path);
-+
-+ if (fd != -1) {
-+ struct stat st;
-+
- while (flock(fd, LOCK_EX) == -1 && errno == EINTR);
-+ if (fstat(fd, &st) == 0) {
-+ if (st.st_uid != uid) {
-+ fchown(fd, uid, -1);
-+ }
-+ }
-+ }
-
- return fd;
- }
-diff -up Linux-PAM-1.1.3/modules/pam_faillock/faillock.h.screensaver Linux-PAM-1.1.3/modules/pam_faillock/faillock.h
---- Linux-PAM-1.1.3/modules/pam_faillock/faillock.h.screensaver 2010-11-10 11:46:07.000000000 +0100
-+++ Linux-PAM-1.1.3/modules/pam_faillock/faillock.h 2010-11-10 11:46:07.000000000 +0100
-@@ -45,6 +45,7 @@
- #define _FAILLOCK_H
-
- #include <stdint.h>
-+#include <sys/types.h>
-
- #define TALLY_STATUS_VALID 0x1 /* the tally file entry is valid */
- #define TALLY_STATUS_RHOST 0x2 /* the source is rhost */
-@@ -65,7 +66,7 @@ struct tally_data {
-
- #define FAILLOCK_DEFAULT_TALLYDIR "/var/run/faillock"
-
--int open_tally(const char *dir, const char *user, int create);
-+int open_tally(const char *dir, const char *user, uid_t uid, int create);
- int read_tally(int fd, struct tally_data *tallies);
- int update_tally(int fd, struct tally_data *tallies);
- #endif
-diff -up Linux-PAM-1.1.3/modules/pam_faillock/main.c.screensaver Linux-PAM-1.1.3/modules/pam_faillock/main.c
---- Linux-PAM-1.1.3/modules/pam_faillock/main.c.screensaver 2010-11-10 11:46:07.000000000 +0100
-+++ Linux-PAM-1.1.3/modules/pam_faillock/main.c 2010-11-10 11:46:07.000000000 +0100
-@@ -106,8 +106,11 @@ do_user(struct options *opts, const char
- int fd;
- int rv;
- struct tally_data tallies;
-+ struct passwd *pwd;
-
-- fd = open_tally(opts->dir, user, 0);
-+ pwd = getpwnam(user);
-+
-+ fd = open_tally(opts->dir, user, pwd != NULL ? pwd->pw_uid : 0, 0);
-
- if (fd == -1) {
- if (errno == ENOENT) {
-@@ -134,9 +137,8 @@ do_user(struct options *opts, const char
- #ifdef HAVE_LIBAUDIT
- }
- if ((audit_fd=audit_open()) >= 0) {
-- struct passwd *pwd;
-
-- if ((pwd=getpwnam(user)) != NULL) {
-+ if (pwd != NULL) {
- snprintf(buf, sizeof(buf), "faillock reset uid=%u",
- pwd->pw_uid);
- audit_log_user_message(audit_fd, AUDIT_USER_ACCT,
-diff -up Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.c.screensaver Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.c
---- Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.c.screensaver 2010-11-10 11:46:07.000000000 +0100
-+++ Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.c 2010-11-10 11:46:07.000000000 +0100
-@@ -213,7 +213,7 @@ check_tally(pam_handle_t *pamh, struct o
-
- opts->now = time(NULL);
-
-- tfd = open_tally(opts->dir, opts->user, 0);
-+ tfd = open_tally(opts->dir, opts->user, opts->uid, 0);
-
- *fd = tfd;
-
-@@ -289,9 +289,14 @@ reset_tally(pam_handle_t *pamh, struct o
- {
- int rv;
-
-- while ((rv=ftruncate(*fd, 0)) == -1 && errno == EINTR);
-- if (rv == -1) {
-- pam_syslog(pamh, LOG_ERR, "Error clearing the tally file for %s: %m", opts->user);
-+ if (*fd == -1) {
-+ *fd = open_tally(opts->dir, opts->user, opts->uid, 1);
-+ }
-+ else {
-+ while ((rv=ftruncate(*fd, 0)) == -1 && errno == EINTR);
-+ if (rv == -1) {
-+ pam_syslog(pamh, LOG_ERR, "Error clearing the tally file for %s: %m", opts->user);
-+ }
- }
- }
-
-@@ -306,7 +311,7 @@ write_tally(pam_handle_t *pamh, struct o
- const void *source = NULL;
-
- if (*fd == -1) {
-- *fd = open_tally(opts->dir, opts->user, 1);
-+ *fd = open_tally(opts->dir, opts->user, opts->uid, 1);
- }
- if (*fd == -1) {
- if (errno == EACCES) {
-@@ -463,7 +468,7 @@ pam_sm_authenticate(pam_handle_t *pamh,
-
- case FAILLOCK_ACTION_AUTHSUCC:
- rv = check_tally(pamh, &opts, &tallies, &fd);
-- if (rv == PAM_SUCCESS && fd != -1) {
-+ if (rv == PAM_SUCCESS) {
- reset_tally(pamh, &opts, &fd);
- }
- break;
-@@ -511,10 +516,8 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int
- return rv;
- }
-
-- check_tally(pamh, &opts, &tallies, &fd);
-- if (fd != -1) {
-- reset_tally(pamh, &opts, &fd);
-- }
-+ check_tally(pamh, &opts, &tallies, &fd); /* for auditing */
-+ reset_tally(pamh, &opts, &fd);
-
- tally_cleanup(&tallies, fd);
-
-diff -up Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.8.xml.screensaver Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.8.xml
---- Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.8.xml.screensaver 2010-11-10 11:46:07.000000000 +0100
-+++ Linux-PAM-1.1.3/modules/pam_faillock/pam_faillock.8.xml 2010-11-10 11:47:14.000000000 +0100
-@@ -277,13 +277,9 @@
- from the <emphasis>pam_tally2</emphasis> module setup.
- </para>
- <para>
-- There is no setuid wrapper for access to the data file such as when the
-- <emphasis remap='B'>pam_faillock.so</emphasis> module is called from
-- a screensaver. As this would make it impossible to share PAM configuration
-- with such services the following workaround is used: If the data file
-- cannot be opened because of insufficient permissions
-- (<errorcode>EACCES</errorcode>) the module returns
-- <errorcode>PAM_SUCCESS</errorcode>.
-+ The individual files with the failure records are created as owned by
-+ the user. This allows <emphasis remap='B'>pam_faillock.so</emphasis> module
-+ to work correctly when it is called from a screensaver.
- </para>
- <para>
- Note that using the module in <option>preauth</option> without the
diff --git a/extra/source/pam/patches/pam-1.1.3-limits-nosetreuid.patch b/extra/source/pam/patches/pam-1.1.3-limits-nosetreuid.patch
deleted file mode 100644
index 885690d0..00000000
--- a/extra/source/pam/patches/pam-1.1.3-limits-nosetreuid.patch
+++ /dev/null
@@ -1,64 +0,0 @@
-diff -up Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c.nosetreuid Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c
---- Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c.nosetreuid 2009-02-20 14:27:14.000000000 +0100
-+++ Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c 2010-11-11 12:31:04.000000000 +0100
-@@ -103,7 +103,6 @@ struct pam_limit_s {
- /* argument parsing */
-
- #define PAM_DEBUG_ARG 0x0001
--#define PAM_DO_SETREUID 0x0002
- #define PAM_UTMP_EARLY 0x0004
- #define PAM_NO_AUDIT 0x0008
-
-@@ -127,8 +126,6 @@ _pam_parse (const pam_handle_t *pamh, in
- ctrl |= PAM_DEBUG_ARG;
- } else if (!strncmp(*argv,"conf=",5)) {
- pl->conf_file = *argv+5;
-- } else if (!strncmp(*argv,"change_uid",10)) {
-- ctrl |= PAM_DO_SETREUID;
- } else if (!strcmp(*argv,"utmp_early")) {
- ctrl |= PAM_UTMP_EARLY;
- } else if (!strcmp(*argv,"noaudit")) {
-@@ -777,10 +774,6 @@ out:
- return retval;
- }
-
-- if (ctrl & PAM_DO_SETREUID) {
-- setreuid(pwd->pw_uid, -1);
-- }
--
- retval = setup_limits(pamh, pwd->pw_name, pwd->pw_uid, ctrl, pl);
- if (retval & LOGIN_ERR)
- pam_error(pamh, _("Too many logins for '%s'."), pwd->pw_name);
-diff -up Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml.nosetreuid Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml
---- Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml.nosetreuid 2009-06-01 09:03:20.000000000 +0200
-+++ Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml 2010-11-11 12:32:35.000000000 +0100
-@@ -23,9 +23,6 @@
- <cmdsynopsis id="pam_limits-cmdsynopsis">
- <command>pam_limits.so</command>
- <arg choice="opt">
-- change_uid
-- </arg>
-- <arg choice="opt">
- conf=<replaceable>/path/to/limits.conf</replaceable>
- </arg>
- <arg choice="opt">
-@@ -72,19 +69,6 @@
- <variablelist>
- <varlistentry>
- <term>
-- <option>change_uid</option>
-- </term>
-- <listitem>
-- <para>
-- Change real uid to the user for who the limits are set up. Use this
-- option if you have problems like login not forking a shell for user
-- who has no processes. Be warned that something else may break when
-- you do this.
-- </para>
-- </listitem>
-- </varlistentry>
-- <varlistentry>
-- <term>
- <option>conf=<replaceable>/path/to/limits.conf</replaceable></option>
- </term>
- <listitem>
diff --git a/extra/source/pam/patches/pam-1.1.3-limits-range.patch b/extra/source/pam/patches/pam-1.1.3-limits-range.patch
deleted file mode 100644
index c357eb28..00000000
--- a/extra/source/pam/patches/pam-1.1.3-limits-range.patch
+++ /dev/null
@@ -1,351 +0,0 @@
-Index: modules/pam_limits/limits.conf.5.xml
-===================================================================
-RCS file: /cvsroot/pam/Linux-PAM/modules/pam_limits/limits.conf.5.xml,v
-retrieving revision 1.9
-retrieving revision 1.11
-diff -u -p -r1.9 -r1.11
---- modules/pam_limits/limits.conf.5.xml 20 Feb 2009 13:27:14 -0000 1.9
-+++ modules/pam_limits/limits.conf.5.xml 14 Dec 2010 08:40:40 -0000 1.11
-@@ -53,7 +53,38 @@
- <listitem>
- <para>
- the wildcard <emphasis remap='B'>%</emphasis>, for maxlogins limit only,
-- can also be used with <emphasis remap='b'>%group</emphasis> syntax.
-+ can also be used with <emphasis remap='B'>%group</emphasis> syntax. If the
-+ <emphasis remap='B'>%</emphasis> wildcard is used alone it is identical
-+ to using <emphasis remap='B'>*</emphasis> with maxsyslogins limit. With
-+ a group specified after <emphasis remap='B'>%</emphasis> it limits the total
-+ number of logins of all users that are member of the group.
-+ </para>
-+ </listitem>
-+ <listitem>
-+ <para>
-+ an uid range specified as <replaceable>&lt;min_uid&gt;</replaceable><emphasis
-+ remap='B'>:</emphasis><replaceable>&lt;max_uid&gt;</replaceable>. If min_uid
-+ is omitted, the match is exact for the max_uid. If max_uid is omitted, all
-+ uids greater than or equal min_uid match.
-+ </para>
-+ </listitem>
-+ <listitem>
-+ <para>
-+ a gid range specified as <emphasis
-+ remap='B'>@</emphasis><replaceable>&lt;min_gid&gt;</replaceable><emphasis
-+ remap='B'>:</emphasis><replaceable>&lt;max_gid&gt;</replaceable>. If min_gid
-+ is omitted, the match is exact for the max_gid. If max_gid is omitted, all
-+ gids greater than or equal min_gid match. For the exact match all groups including
-+ the user's supplementary groups are examined. For the range matches only
-+ the user's primary group is examined.
-+ </para>
-+ </listitem>
-+ <listitem>
-+ <para>
-+ a gid specified as <emphasis
-+ remap='B'>%:</emphasis><replaceable>&lt;gid&gt;</replaceable> applicable
-+ to maxlogins limit only. It limits the total number of logins of all users
-+ that are member of the group with the specified gid.
- </para>
- </listitem>
- </itemizedlist>
-@@ -182,7 +213,7 @@
- <varlistentry>
- <term><option>maxsyslogins</option></term>
- <listitem>
-- <para>maximum number of logins on system</para>
-+ <para>maximum number of all logins on system</para>
- </listitem>
- </varlistentry>
- <varlistentry>
-@@ -272,12 +303,15 @@
- </para>
- <programlisting>
- * soft core 0
--* hard rss 10000
-+* hard nofile 512
- @student hard nproc 20
- @faculty soft nproc 20
- @faculty hard nproc 50
- ftp hard nproc 0
- @student - maxlogins 4
-+:123 hard cpu 5000
-+@500: soft cpu 10000
-+600:700 hard locks 10
- </programlisting>
- </refsect1>
-
-Index: modules/pam_limits/pam_limits.c
-===================================================================
-RCS file: /cvsroot/pam/Linux-PAM/modules/pam_limits/pam_limits.c,v
-retrieving revision 1.48
-retrieving revision 1.49
-diff -u -p -r1.48 -r1.49
---- modules/pam_limits/pam_limits.c 18 Nov 2010 09:37:32 -0000 1.48
-+++ modules/pam_limits/pam_limits.c 14 Dec 2010 08:40:40 -0000 1.49
-@@ -55,6 +55,12 @@
- #define LIMITS_DEF_DEFAULT 4 /* limit was set by an default entry */
- #define LIMITS_DEF_NONE 5 /* this limit was not set yet */
-
-+#define LIMIT_RANGE_ERR -1 /* error in specified uid/gid range */
-+#define LIMIT_RANGE_NONE 0 /* no range specified */
-+#define LIMIT_RANGE_ONE 1 /* exact uid/gid specified (:max_uid)*/
-+#define LIMIT_RANGE_MIN 2 /* only minimum uid/gid specified (min_uid:) */
-+#define LIMIT_RANGE_MM 3 /* both min and max uid/gid specified (min_uid:max_uid) */
-+
- static const char *limits_def_names[] = {
- "USER",
- "GROUP",
-@@ -520,8 +526,57 @@ process_limit (const pam_handle_t *pamh,
- return;
- }
-
--static int parse_config_file(pam_handle_t *pamh, const char *uname, int ctrl,
-- struct pam_limit_s *pl)
-+static int
-+parse_uid_range(pam_handle_t *pamh, const char *domain,
-+ uid_t *min_uid, uid_t *max_uid)
-+{
-+ const char *range = domain;
-+ char *pmax;
-+ char *endptr;
-+ int rv = LIMIT_RANGE_MM;
-+
-+ if ((pmax=strchr(range, ':')) == NULL)
-+ return LIMIT_RANGE_NONE;
-+ ++pmax;
-+
-+ if (range[0] == '@' || range[0] == '%')
-+ ++range;
-+
-+ if (range[0] == ':')
-+ rv = LIMIT_RANGE_ONE;
-+ else {
-+ errno = 0;
-+ *min_uid = strtoul (range, &endptr, 10);
-+ if (errno != 0 || (range == endptr) || *endptr != ':') {
-+ pam_syslog(pamh, LOG_DEBUG,
-+ "wrong min_uid/gid value in '%s'", domain);
-+ return LIMIT_RANGE_ERR;
-+ }
-+ }
-+
-+ if (*pmax == '\0') {
-+ if (rv == LIMIT_RANGE_ONE)
-+ return LIMIT_RANGE_ERR;
-+ else
-+ return LIMIT_RANGE_MIN;
-+ }
-+
-+ errno = 0;
-+ *max_uid = strtoul (pmax, &endptr, 10);
-+ if (errno != 0 || (pmax == endptr) || *endptr != '\0') {
-+ pam_syslog(pamh, LOG_DEBUG,
-+ "wrong max_uid/gid value in '%s'", domain);
-+ return LIMIT_RANGE_ERR;
-+ }
-+
-+ if (rv == LIMIT_RANGE_ONE)
-+ *min_uid = *max_uid;
-+ return rv;
-+}
-+
-+static int
-+parse_config_file(pam_handle_t *pamh, const char *uname, uid_t uid, gid_t gid,
-+ int ctrl, struct pam_limit_s *pl)
- {
- FILE *fil;
- char buf[LINE_LENGTH];
-@@ -543,8 +598,10 @@ static int parse_config_file(pam_handle_
- char item[LINE_LENGTH];
- char value[LINE_LENGTH];
- int i;
-+ int rngtype;
- size_t j;
- char *tptr,*line;
-+ uid_t min_uid = (uid_t)-1, max_uid = (uid_t)-1;
-
- line = buf;
- /* skip the leading white space */
-@@ -572,6 +629,11 @@ static int parse_config_file(pam_handle_
- for(j=0; j < strlen(ltype); j++)
- ltype[j]=tolower(ltype[j]);
-
-+ if ((rngtype=parse_uid_range(pamh, domain, &min_uid, &max_uid)) < 0) {
-+ pam_syslog(pamh, LOG_WARNING, "invalid uid range '%s' - skipped", domain);
-+ continue;
-+ }
-+
- if (i == 4) { /* a complete line */
- for(j=0; j < strlen(item); j++)
- item[j]=tolower(item[j]);
-@@ -581,47 +643,133 @@ static int parse_config_file(pam_handle_
- if (strcmp(uname, domain) == 0) /* this user have a limit */
- process_limit(pamh, LIMITS_DEF_USER, ltype, item, value, ctrl, pl);
- else if (domain[0]=='@') {
-- if (ctrl & PAM_DEBUG_ARG) {
-+ if (ctrl & PAM_DEBUG_ARG) {
- pam_syslog(pamh, LOG_DEBUG,
- "checking if %s is in group %s",
- uname, domain + 1);
-- }
-- if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1))
-- process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl,
-+ }
-+ switch(rngtype) {
-+ case LIMIT_RANGE_NONE:
-+ if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1))
-+ process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl,
-+ pl);
-+ break;
-+ case LIMIT_RANGE_ONE:
-+ if (pam_modutil_user_in_group_nam_gid(pamh, uname, (gid_t)max_uid))
-+ process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl,
- pl);
-+ break;
-+ case LIMIT_RANGE_MM:
-+ if (gid > (gid_t)max_uid)
-+ break;
-+ /* fallthrough */
-+ case LIMIT_RANGE_MIN:
-+ if (gid >= (gid_t)min_uid)
-+ process_limit(pamh, LIMITS_DEF_GROUP, ltype, item, value, ctrl,
-+ pl);
-+ }
- } else if (domain[0]=='%') {
-- if (ctrl & PAM_DEBUG_ARG) {
-+ if (ctrl & PAM_DEBUG_ARG) {
- pam_syslog(pamh, LOG_DEBUG,
- "checking if %s is in group %s",
- uname, domain + 1);
-- }
-- if (strcmp(domain,"%") == 0)
-- process_limit(pamh, LIMITS_DEF_ALL, ltype, item, value, ctrl,
-- pl);
-- else if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) {
-- strcpy(pl->login_group, domain+1);
-- process_limit(pamh, LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl,
-- pl);
- }
-- } else if (strcmp(domain, "*") == 0)
-- process_limit(pamh, LIMITS_DEF_DEFAULT, ltype, item, value, ctrl,
-- pl);
-+ switch(rngtype) {
-+ case LIMIT_RANGE_NONE:
-+ if (strcmp(domain,"%") == 0)
-+ process_limit(pamh, LIMITS_DEF_ALL, ltype, item, value, ctrl,
-+ pl);
-+ else if (pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) {
-+ strcpy(pl->login_group, domain+1);
-+ process_limit(pamh, LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl,
-+ pl);
-+ }
-+ break;
-+ case LIMIT_RANGE_ONE:
-+ if (pam_modutil_user_in_group_nam_gid(pamh, uname, (gid_t)max_uid)) {
-+ struct group *grp;
-+ grp = pam_modutil_getgrgid(pamh, (gid_t)max_uid);
-+ strncpy(pl->login_group, grp->gr_name, sizeof(pl->login_group));
-+ pl->login_group[sizeof(pl->login_group)-1] = '\0';
-+ process_limit(pamh, LIMITS_DEF_ALLGROUP, ltype, item, value, ctrl,
-+ pl);
-+ }
-+ break;
-+ case LIMIT_RANGE_MIN:
-+ case LIMIT_RANGE_MM:
-+ pam_syslog(pamh, LOG_WARNING, "range unsupported for %%group matching - ignored");
-+ }
-+ } else {
-+ switch(rngtype) {
-+ case LIMIT_RANGE_NONE:
-+ if (strcmp(domain, "*") == 0)
-+ process_limit(pamh, LIMITS_DEF_DEFAULT, ltype, item, value, ctrl,
-+ pl);
-+ break;
-+ case LIMIT_RANGE_ONE:
-+ if (uid != max_uid)
-+ break;
-+ /* fallthrough */
-+ case LIMIT_RANGE_MM:
-+ if (uid > max_uid)
-+ break;
-+ /* fallthrough */
-+ case LIMIT_RANGE_MIN:
-+ if (uid >= min_uid)
-+ process_limit(pamh, LIMITS_DEF_USER, ltype, item, value, ctrl, pl);
-+ }
-+ }
- } else if (i == 2 && ltype[0] == '-') { /* Probably a no-limit line */
- if (strcmp(uname, domain) == 0) {
- if (ctrl & PAM_DEBUG_ARG) {
- pam_syslog(pamh, LOG_DEBUG, "no limits for '%s'", uname);
- }
-- fclose(fil);
-- return PAM_IGNORE;
-- } else if (domain[0] == '@' && pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1)) {
-+ } else if (domain[0] == '@') {
-+ switch(rngtype) {
-+ case LIMIT_RANGE_NONE:
-+ if (!pam_modutil_user_in_group_nam_nam(pamh, uname, domain+1))
-+ continue; /* next line */
-+ break;
-+ case LIMIT_RANGE_ONE:
-+ if (!pam_modutil_user_in_group_nam_gid(pamh, uname, (gid_t)max_uid))
-+ continue; /* next line */
-+ break;
-+ case LIMIT_RANGE_MM:
-+ if (gid > (gid_t)max_uid)
-+ continue; /* next line */
-+ /* fallthrough */
-+ case LIMIT_RANGE_MIN:
-+ if (gid < (gid_t)min_uid)
-+ continue; /* next line */
-+ }
- if (ctrl & PAM_DEBUG_ARG) {
- pam_syslog(pamh, LOG_DEBUG,
- "no limits for '%s' in group '%s'",
- uname, domain+1);
- }
-- fclose(fil);
-- return PAM_IGNORE;
-+ } else {
-+ switch(rngtype) {
-+ case LIMIT_RANGE_NONE:
-+ continue; /* next line */
-+ case LIMIT_RANGE_ONE:
-+ if (uid != max_uid)
-+ continue; /* next line */
-+ break;
-+ case LIMIT_RANGE_MM:
-+ if (uid > max_uid)
-+ continue; /* next line */
-+ /* fallthrough */
-+ case LIMIT_RANGE_MIN:
-+ if (uid >= min_uid)
-+ break;
-+ continue; /* next line */
-+ }
-+ if (ctrl & PAM_DEBUG_ARG) {
-+ pam_syslog(pamh, LOG_DEBUG, "no limits for '%s'", uname);
-+ }
- }
-+ fclose(fil);
-+ return PAM_IGNORE;
- } else {
- pam_syslog(pamh, LOG_WARNING, "invalid line '%s' - skipped", line);
- }
-@@ -731,7 +879,7 @@ pam_sm_open_session (pam_handle_t *pamh,
- return PAM_ABORT;
- }
-
-- retval = parse_config_file(pamh, pwd->pw_name, ctrl, pl);
-+ retval = parse_config_file(pamh, pwd->pw_name, pwd->pw_uid, pwd->pw_gid, ctrl, pl);
- if (retval == PAM_IGNORE) {
- D(("the configuration file ('%s') has an applicable '<domain> -' entry", CONF_FILE));
- return PAM_SUCCESS;
-@@ -755,7 +903,7 @@ pam_sm_open_session (pam_handle_t *pamh,
- /* Parse the *.conf files. */
- for (i = 0; globbuf.gl_pathv[i] != NULL; i++) {
- pl->conf_file = globbuf.gl_pathv[i];
-- retval = parse_config_file(pamh, pwd->pw_name, ctrl, pl);
-+ retval = parse_config_file(pamh, pwd->pw_name, pwd->pw_uid, pwd->pw_gid, ctrl, pl);
- if (retval == PAM_IGNORE) {
- D(("the configuration file ('%s') has an applicable '<domain> -' entry", pl->conf_file));
- globfree(&globbuf);
diff --git a/extra/source/pam/patches/pam-1.1.3-nouserenv.patch b/extra/source/pam/patches/pam-1.1.3-nouserenv.patch
deleted file mode 100644
index f3a742c8..00000000
--- a/extra/source/pam/patches/pam-1.1.3-nouserenv.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-diff -up pam/modules/pam_env/pam_env.c.nouserenv pam/modules/pam_env/pam_env.c
---- pam/modules/pam_env/pam_env.c.nouserenv 2010-10-20 09:59:30.000000000 +0200
-+++ pam/modules/pam_env/pam_env.c 2010-11-01 14:42:01.000000000 +0100
-@@ -10,7 +10,7 @@
- #define DEFAULT_READ_ENVFILE 1
-
- #define DEFAULT_USER_ENVFILE ".pam_environment"
--#define DEFAULT_USER_READ_ENVFILE 1
-+#define DEFAULT_USER_READ_ENVFILE 0
-
- #include "config.h"
-
-diff -up pam/modules/pam_env/pam_env.8.xml.nouserenv pam/modules/pam_env/pam_env.8.xml
---- pam/modules/pam_env/pam_env.8.xml.nouserenv 2010-10-20 09:59:30.000000000 +0200
-+++ pam/modules/pam_env/pam_env.8.xml 2010-11-01 14:42:01.000000000 +0100
-@@ -147,7 +147,10 @@
- <listitem>
- <para>
- Turns on or off the reading of the user specific environment
-- file. 0 is off, 1 is on. By default this option is on.
-+ file. 0 is off, 1 is on. By default this option is off as user
-+ supplied environment variables in the PAM environment could affect
-+ behavior of subsequent modules in the stack without the consent
-+ of the system administrator.
- </para>
- </listitem>
- </varlistentry>
diff --git a/extra/source/pam/patches/pam-1.1.3-pwhistory-incomplete.patch b/extra/source/pam/patches/pam-1.1.3-pwhistory-incomplete.patch
deleted file mode 100644
index 6117b26e..00000000
--- a/extra/source/pam/patches/pam-1.1.3-pwhistory-incomplete.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-diff -up Linux-PAM-1.1.3/modules/pam_pwhistory/pam_pwhistory.c.incomplete Linux-PAM-1.1.3/modules/pam_pwhistory/pam_pwhistory.c
---- Linux-PAM-1.1.3/modules/pam_pwhistory/pam_pwhistory.c.incomplete 2008-12-18 14:09:36.000000000 +0100
-+++ Linux-PAM-1.1.3/modules/pam_pwhistory/pam_pwhistory.c 2010-11-11 14:45:02.000000000 +0100
-@@ -187,12 +187,13 @@ pam_sm_chauthtok (pam_handle_t *pamh, in
- {
- retval = pam_get_authtok (pamh, PAM_AUTHTOK, &newpass, NULL);
- if (retval != PAM_SUCCESS && retval != PAM_TRY_AGAIN)
-- return retval;
-+ {
-+ if (retval == PAM_CONV_AGAIN)
-+ retval = PAM_INCOMPLETE;
-+ return retval;
-+ }
- tries++;
-
-- if (newpass == NULL || retval == PAM_TRY_AGAIN)
-- continue;
--
- if (options.debug)
- {
- if (newpass)
-@@ -201,12 +202,8 @@ pam_sm_chauthtok (pam_handle_t *pamh, in
- pam_syslog (pamh, LOG_DEBUG, "got no auth token");
- }
-
-- if (retval != PAM_SUCCESS || newpass == NULL)
-- {
-- if (retval == PAM_CONV_AGAIN)
-- retval = PAM_INCOMPLETE;
-- return retval;
-- }
-+ if (newpass == NULL || retval == PAM_TRY_AGAIN)
-+ continue;
-
- if (options.debug)
- pam_syslog (pamh, LOG_DEBUG, "check against old password file");
-@@ -219,7 +216,6 @@ pam_sm_chauthtok (pam_handle_t *pamh, in
- newpass = NULL;
- /* Remove password item, else following module will use it */
- pam_set_item (pamh, PAM_AUTHTOK, (void *) NULL);
-- continue;
- }
- }
-
-@@ -230,8 +226,7 @@ pam_sm_chauthtok (pam_handle_t *pamh, in
- return PAM_MAXTRIES;
- }
-
-- /* Remember new password */
-- return pam_set_item (pamh, PAM_AUTHTOK, newpass);
-+ return PAM_SUCCESS;
- }
-
-
diff --git a/extra/source/pam/patches/pam-1.1.3-securetty-console.patch b/extra/source/pam/patches/pam-1.1.3-securetty-console.patch
deleted file mode 100644
index 94fa6ecf..00000000
--- a/extra/source/pam/patches/pam-1.1.3-securetty-console.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-Index: modules/pam_securetty/pam_securetty.8.xml
-===================================================================
-RCS file: /cvsroot/pam/Linux-PAM/modules/pam_securetty/pam_securetty.8.xml,v
-retrieving revision 1.4
-retrieving revision 1.6
-diff -u -p -r1.4 -r1.6
---- modules/pam_securetty/pam_securetty.8.xml 18 Aug 2008 13:29:25 -0000 1.4
-+++ modules/pam_securetty/pam_securetty.8.xml 25 Nov 2010 16:58:59 -0000 1.6
-@@ -33,7 +33,9 @@
- user is logging in on a "secure" tty, as defined by the listing
- in <filename>/etc/securetty</filename>. pam_securetty also checks
- to make sure that <filename>/etc/securetty</filename> is a plain
-- file and not world writable.
-+ file and not world writable. It will also allow root logins on
-+ the tty specified with <option>console=</option> switch on the
-+ kernel command line.
- </para>
- <para>
- This module has no effect on non-root users and requires that the
-@@ -61,6 +63,18 @@
- </para>
- </listitem>
- </varlistentry>
-+ <varlistentry>
-+ <term>
-+ <option>noconsole</option>
-+ </term>
-+ <listitem>
-+ <para>
-+ Do not automatically allow root logins on the kernel console
-+ device, as specified on the kernel command line, if it is
-+ not also specified in the <filename>/etc/securetty</filename> file.
-+ </para>
-+ </listitem>
-+ </varlistentry>
- </variablelist>
- </refsect1>
-
-Index: modules/pam_securetty/pam_securetty.c
-===================================================================
-RCS file: /cvsroot/pam/Linux-PAM/modules/pam_securetty/pam_securetty.c,v
-retrieving revision 1.14
-retrieving revision 1.15
-diff -u -p -r1.14 -r1.15
---- modules/pam_securetty/pam_securetty.c 10 Sep 2009 10:19:58 -0000 1.14
-+++ modules/pam_securetty/pam_securetty.c 24 Nov 2010 12:28:01 -0000 1.15
-@@ -2,6 +2,7 @@
-
- #define SECURETTY_FILE "/etc/securetty"
- #define TTY_PREFIX "/dev/"
-+#define CMDLINE_FILE "/proc/cmdline"
-
- /*
- * by Elliot Lee <sopwith@redhat.com>, Red Hat Software.
-@@ -22,6 +23,7 @@
- #include <pwd.h>
- #include <string.h>
- #include <ctype.h>
-+#include <limits.h>
-
- /*
- * here, we make a definition for the externally accessible function
-@@ -38,6 +40,7 @@
- #include <security/pam_ext.h>
-
- #define PAM_DEBUG_ARG 0x0001
-+#define PAM_NOCONSOLE_ARG 0x0002
-
- static int
- _pam_parse (const pam_handle_t *pamh, int argc, const char **argv)
-@@ -51,6 +54,8 @@ _pam_parse (const pam_handle_t *pamh, in
-
- if (!strcmp(*argv,"debug"))
- ctrl |= PAM_DEBUG_ARG;
-+ else if (!strcmp(*argv, "noconsole"))
-+ ctrl |= PAM_NOCONSOLE_ARG;
- else {
- pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
- }
-@@ -144,6 +149,40 @@ securetty_perform_check (pam_handle_t *p
- }
- fclose(ttyfile);
-
-+ if (retval && !(ctrl & PAM_NOCONSOLE_ARG)) {
-+ FILE *cmdlinefile;
-+
-+ /* Allow access from the kernel console, if enabled */
-+ cmdlinefile = fopen(CMDLINE_FILE, "r");
-+
-+ if (cmdlinefile != NULL) {
-+ char line[LINE_MAX], *p;
-+
-+ line[0] = 0;
-+ fgets(line, sizeof(line), cmdlinefile);
-+ fclose(cmdlinefile);
-+
-+ for (p = line; p; p = strstr(p+1, "console=")) {
-+ char *e;
-+
-+ /* Test whether this is a beginning of a word? */
-+ if (p > line && p[-1] != ' ')
-+ continue;
-+
-+ /* Ist this our console? */
-+ if (strncmp(p + 8, uttyname, strlen(uttyname)))
-+ continue;
-+
-+ /* Is there any garbage after the TTY name? */
-+ e = p + 8 + strlen(uttyname);
-+ if (*e == ',' || *e == ' ' || *e == '\n' || *e == 0) {
-+ retval = 0;
-+ break;
-+ }
-+ }
-+ }
-+ }
-+
- if (retval) {
- pam_syslog(pamh, LOG_WARNING, "access denied: tty '%s' is not secure !",
- uttyname);
diff --git a/extra/source/pam/slack-desc b/extra/source/pam/slack-desc
deleted file mode 100644
index 8b57bc0d..00000000
--- a/extra/source/pam/slack-desc
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description. Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in. You must
-# make exactly 11 lines for the formatting to be correct. It's also
-# customary to leave one space after the ':'.
-
- |-----handy-ruler------------------------------------------------------|
-pam: pam (Pluggable Authentication Modules)
-pam:
-pam: PAM = Pluggable Authentication Modules. Basically, it is a flexible
-pam: mechanism for authenticating users. PAM provides a way to develop
-pam: programs that are independent of authentication scheme. However,
-pam: these programs will need "authentication modules" (and libpam) at
-pam: run-time in order to work.
-pam:
-pam:
-pam: Homepage: http://www.kernel.org/pub/linux/libs/pam/
-pam:
diff --git a/extra/source/partitionmanager/fetch-source.sh b/extra/source/partitionmanager/fetch-source.sh
new file mode 100755
index 00000000..b7bb6566
--- /dev/null
+++ b/extra/source/partitionmanager/fetch-source.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+NAME_VERSION=partitionmanager-1.0.3
+SVN_DATE=$(date +%Y%m%d)
+
+# Remove old sources if exist
+rm -R --force ${NAME_VERSION}
+
+# Checkout svn trunk
+svn -r {${SVN_DATE}} export svn://anonsvn.kde.org/home/kde/trunk/extragear/sysadmin/partitionmanager/ ${NAME_VERSION}
+
+# Move downloaded directory to match output tarball name:
+mv ${NAME_VERSION} ${NAME_VERSION}_${SVN_DATE}svn
+
+# Create source tarball
+tar cvf ${NAME_VERSION}_${SVN_DATE}svn.tar ${NAME_VERSION}_${SVN_DATE}svn
+
+# Compress source tarball
+xz -9 -v ${NAME_VERSION}_${SVN_DATE}svn.tar
+
+# Delete temporary directories
+rm -R --force ${NAME_VERSION}_${SVN_DATE}svn
diff --git a/extra/source/partitionmanager/partitionmanager.SlackBuild b/extra/source/partitionmanager/partitionmanager.SlackBuild
index 371ef22f..8035f522 100755
--- a/extra/source/partitionmanager/partitionmanager.SlackBuild
+++ b/extra/source/partitionmanager/partitionmanager.SlackBuild
@@ -1,6 +1,6 @@
#!/bin/sh
-# Copyright 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
# Redistribution and use of this script, with or without modification, is
@@ -20,7 +20,7 @@
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-VERSION=1.0.2
+VERSION=1.0.3_20130328svn
BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
diff --git a/extra/source/tigervnc/patches/tigervnc11-java7.patch b/extra/source/tigervnc/patches/tigervnc11-java7.patch
new file mode 100644
index 00000000..6f30060d
--- /dev/null
+++ b/extra/source/tigervnc/patches/tigervnc11-java7.patch
@@ -0,0 +1,12 @@
+diff -up tigervnc-1.1.0/java/src/com/tigervnc/vncviewer/Makefile.java7 tigervnc-1.1.0/java/src/com/tigervnc/vncviewer/Makefile
+--- tigervnc-1.1.0/java/src/com/tigervnc/vncviewer/Makefile.java7 2012-03-27 14:20:20.107009796 +0200
++++ tigervnc-1.1.0/java/src/com/tigervnc/vncviewer/Makefile 2012-03-27 14:20:25.959966078 +0200
+@@ -4,7 +4,7 @@
+
+ CP = cp
+ JC = javac
+-JCFLAGS = -target 1.5 -classpath ../../../
++JCFLAGS = -target 1.7 -classpath ../../../
+ JAR = jar
+ ARCHIVE = VncViewer.jar
+ MANIFEST = MANIFEST.MF
diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg110.patch b/extra/source/tigervnc/patches/tigervnc11-xorg110.patch
new file mode 100644
index 00000000..d70d6f91
--- /dev/null
+++ b/extra/source/tigervnc/patches/tigervnc11-xorg110.patch
@@ -0,0 +1,88 @@
+diff -up xserver/configure.ac.vnc xserver/configure.ac
+--- xserver/configure.ac.vnc 2012-07-19 20:22:21.774770804 -0400
++++ xserver/configure.ac 2012-07-19 20:24:42.293014083 -0400
+@@ -72,6 +71,7 @@ dnl forcing an entire recompile.x
+ AC_CONFIG_HEADERS(include/version-config.h)
+
+ AM_PROG_AS
++AC_PROG_CXX
+ AC_PROG_LN_S
+ AC_LIBTOOL_WIN32_DLL
+ AC_DISABLE_STATIC
+@@ -1560,6 +1560,14 @@ if test "x$XVFB" = xyes; then
+ AC_SUBST([XVFB_SYS_LIBS])
+ fi
+
++dnl Xvnc DDX
++AC_SUBST([XVNC_CPPFLAGS], ["-DHAVE_DIX_CONFIG_H $XEXT_INC $FB_INC $MI_INC $RENDER_INC $RANDR_INC $MIEXT_DAMAGE_INC"])
++AC_SUBST([XVNC_LIBS], ["$FB_LIB $FIXES_LIB $XEXT_LIB $CONFIG_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $MAIN_LIB"])
++AC_SUBST([XVNC_SYS_LIBS], ["$GLX_SYS_LIBS"])
++
++dnl This is necessary to allow Xvnc to statically link with GnuTLS
++AC_ARG_VAR(GNUTLS_LDFLAGS, [Custom linker flags for using GnuTLS, e.g. -L{GnuTLS directory}/lib -lgnutls])
++AC_SUBST(GNUTLS_LDFLAGS)
+
+ dnl Xnest DDX
+
+@@ -1595,6 +1603,8 @@ if test "x$XORG" = xauto; then
+ fi
+ AC_MSG_RESULT([$XORG])
+
++AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version])
++
+ if test "x$XORG" = xyes; then
+ XORG_DDXINCS='-I$(top_srcdir)/hw/xfree86 -I$(top_srcdir)/hw/xfree86/include -I$(top_srcdir)/hw/xfree86/common'
+ XORG_OSINCS='-I$(top_srcdir)/hw/xfree86/os-support -I$(top_srcdir)/hw/xfree86/os-support/bus -I$(top_srcdir)/os'
+@@ -1813,7 +1823,6 @@ if test "x$XORG" = xyes; then
+ AC_DEFINE(XORG_SERVER, 1, [Building Xorg server])
+ AC_DEFINE(XORGSERVER, 1, [Building Xorg server])
+ AC_DEFINE(XFree86Server, 1, [Building XFree86 server])
+- AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version])
+ AC_DEFINE(NEED_XF86_TYPES, 1, [Need XFree86 typedefs])
+ AC_DEFINE(NEED_XF86_PROTOTYPES, 1, [Need XFree86 helper functions])
+ AC_DEFINE(__XSERVERNAME__, "Xorg", [Name of X server])
+@@ -2279,6 +2288,7 @@ hw/dmx/Makefile
+ hw/dmx/man/Makefile
+ hw/vfb/Makefile
+ hw/vfb/man/Makefile
++hw/vnc/Makefile
+ hw/xnest/Makefile
+ hw/xnest/man/Makefile
+ hw/xwin/Makefile
+diff -up xserver/hw/Makefile.am.vnc xserver/hw/Makefile.am
+--- xserver/hw/Makefile.am.vnc 2012-07-19 20:22:28.575685781 -0400
++++ xserver/hw/Makefile.am 2012-07-19 20:22:31.483649426 -0400
+@@ -33,7 +33,8 @@ SUBDIRS = \
+ $(XNEST_SUBDIRS) \
+ $(DMX_SUBDIRS) \
+ $(KDRIVE_SUBDIRS) \
+- $(XQUARTZ_SUBDIRS)
++ $(XQUARTZ_SUBDIRS) \
++ vnc
+
+ DIST_SUBDIRS = dmx xfree86 vfb xnest xwin xquartz kdrive
+
+diff -up xserver/include/extinit.h.vnc xserver/include/extinit.h
+--- xserver/include/extinit.h.vnc 2012-07-19 20:25:50.465161815 -0400
++++ xserver/include/extinit.h 2012-07-19 20:25:52.490136499 -0400
+@@ -81,6 +81,8 @@ extern void DPMSExtensionInit(void);
+ extern Bool noGEExtension;
+ extern void GEExtensionInit(void);
+
++extern void vncExtensionInit(void);
++
+ #ifdef GLXEXT
+ extern _X_EXPORT Bool noGlxExtension;
+ extern void GlxExtensionInit(void);
+diff -up xserver/mi/miinitext.c.vnc xserver/mi/miinitext.c
+--- xserver/mi/miinitext.c.vnc 2012-07-19 20:22:30.000000000 -0400
++++ xserver/mi/miinitext.c 2012-07-19 20:26:48.560435524 -0400
+@@ -293,6 +293,7 @@ static ExtensionModule staticExtensions[
+ #ifdef XSELINUX
+ {SELinuxExtensionInit, SELINUX_EXTENSION_NAME, &noSELinuxExtension},
+ #endif
++ {vncExtensionInit, "VNC", NULL},
+ };
+
+ static ExtensionModule *ExtensionModuleList = NULL;
+
diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg111.patch b/extra/source/tigervnc/patches/tigervnc11-xorg111.patch
new file mode 100644
index 00000000..690ca6be
--- /dev/null
+++ b/extra/source/tigervnc/patches/tigervnc11-xorg111.patch
@@ -0,0 +1,236 @@
+diff -up xserver/hw/vnc/Input.cc.xorg111 xserver/hw/vnc/Input.cc
+--- xserver/hw/vnc/Input.cc.xorg111 2011-08-09 23:16:36.000000000 +0200
++++ xserver/hw/vnc/Input.cc 2011-11-11 11:59:14.226819903 +0100
+@@ -82,10 +82,11 @@ static KeyCode KeysymToKeycode(KeySymsPt
+ /* Event queue is shared between all devices. */
+ #if XORG == 15
+ static xEvent *eventq = NULL;
+-#else
++#elif XORG < 111
+ static EventList *eventq = NULL;
+ #endif
+
++#if XORG < 111
+ static void initEventq(void)
+ {
+ /* eventq is never free()-ed because it exists during server life. */
+@@ -100,7 +101,9 @@ static void initEventq(void)
+ #endif
+ }
+ }
++#endif /* XORG < 111 */
+
++#if XORG < 111
+ static void enqueueEvents(DeviceIntPtr dev, int n)
+ {
+ int i;
+@@ -122,6 +125,7 @@ static void enqueueEvents(DeviceIntPtr d
+ );
+ }
+ }
++#endif /* XORG < 111 */
+
+ InputDevice::InputDevice(rfb::VNCServerST *_server)
+ : server(_server), oldButtonMask(0)
+@@ -141,12 +145,17 @@ InputDevice::InputDevice(rfb::VNCServerS
+ keyboardProc, TRUE);
+ RegisterKeyboardDevice(keyboardDev);
+ #endif
++#if XORG < 111
+ initEventq();
++#endif
+ }
+
+ void InputDevice::PointerButtonAction(int buttonMask)
+ {
+- int i, n;
++ int i;
++#if XORG < 111
++ int n;
++#endif
+ #if XORG >= 110
+ ValuatorMask mask;
+ #endif
+@@ -160,13 +169,17 @@ void InputDevice::PointerButtonAction(in
+ #if XORG < 110
+ n = GetPointerEvents(eventq, pointerDev, action, i + 1,
+ POINTER_RELATIVE, 0, 0, NULL);
+-#else
++ enqueueEvents(pointerDev, n);
++#elif XORG < 111
+ valuator_mask_set_range(&mask, 0, 0, NULL);
+ n = GetPointerEvents(eventq, pointerDev, action, i + 1,
+ POINTER_RELATIVE, &mask);
+-#endif
+ enqueueEvents(pointerDev, n);
+-
++#else
++ valuator_mask_set_range(&mask, 0, 0, NULL);
++ QueuePointerEvents(pointerDev, action, i + 1,
++ POINTER_RELATIVE, &mask);
++#endif
+ }
+ }
+
+@@ -175,7 +188,10 @@ void InputDevice::PointerButtonAction(in
+
+ void InputDevice::PointerMove(const rfb::Point &pos)
+ {
+- int n, valuators[2];
++ int valuators[2];
++#if XORG < 111
++ int n;
++#endif
+ #if XORG >= 110
+ ValuatorMask mask;
+ #endif
+@@ -190,12 +206,16 @@ void InputDevice::PointerMove(const rfb:
+ #if XORG < 110
+ n = GetPointerEvents(eventq, pointerDev, MotionNotify, 0, POINTER_ABSOLUTE, 0,
+ 2, valuators);
+-#else
++ enqueueEvents(pointerDev, n);
++#elif XORG < 111
+ valuator_mask_set_range(&mask, 0, 2, valuators);
+ n = GetPointerEvents(eventq, pointerDev, MotionNotify, 0, POINTER_ABSOLUTE,
+ &mask);
+-#endif
+ enqueueEvents(pointerDev, n);
++#else
++ valuator_mask_set_range(&mask, 0, 2, valuators);
++ QueuePointerEvents(pointerDev, MotionNotify, 0, POINTER_ABSOLUTE, &mask);
++#endif
+
+ cursorPos = pos;
+ }
+@@ -299,14 +319,20 @@ void InputDevice::initInputDevice(void)
+ static inline void pressKey(DeviceIntPtr dev, int kc, bool down, const char *msg)
+ {
+ int action;
++#if XORG < 111
+ unsigned int n;
++#endif
+
+ if (msg != NULL)
+ vlog.debug("%s %d %s", msg, kc, down ? "down" : "up");
+
+ action = down ? KeyPress : KeyRelease;
+- n = GetKeyboardEvents(eventq, dev, action, kc);
++#if XORG < 111
++ n = GetKeyboardEvents(eventq, dev, action, kc, NULL);
+ enqueueEvents(dev, n);
++#else
++ QueueKeyboardEvents(dev, action, kc, NULL);
++#endif
+ }
+
+ #define IS_PRESSED(keyc, keycode) \
+@@ -341,8 +367,11 @@ public:
+ int state, maxKeysPerMod, keycode;
+ #if XORG >= 17
+ KeyCode *modmap = NULL;
+-
++#if XORG >= 111
++ state = XkbStateFieldFromRec(&dev->master->key->xkbInfo->state);
++#else /* XORG >= 111 */
+ state = XkbStateFieldFromRec(&dev->u.master->key->xkbInfo->state);
++#endif /* XORG >= 111 */
+ #else
+ KeyClassPtr keyc = dev->key;
+ state = keyc->state;
+@@ -380,7 +409,11 @@ public:
+ #if XORG >= 17
+ KeyCode *modmap = NULL;
+
++#if XORG >= 111
++ keyc = dev->master->key;
++#else /* XORG >= 111 */
+ keyc = dev->u.master->key;
++#endif /* XORG >= 111 */
+ state = XkbStateFieldFromRec(&keyc->xkbInfo->state);
+ #else
+ keyc = dev->key;
+@@ -596,7 +629,11 @@ void InputDevice::keyEvent(rdr::U32 keys
+ }
+
+ #if XORG >= 17
++#if XORG >= 111
++ keyc = keyboardDev->master->key;
++#else /* XORG >= 111 */
+ keyc = keyboardDev->u.master->key;
++#endif /* XORG >= 111 */
+
+ keymap = XkbGetCoreMap(keyboardDev);
+ if (!keymap) {
+@@ -753,7 +790,11 @@ ModeSwitchFound:
+ XkbApplyMappingChange(keyboardDev, keymap, minKeyCode,
+ maxKeyCode - minKeyCode + 1,
+ NULL, serverClient);
++#if XORG >= 111
++ XkbCopyDeviceKeymap(keyboardDev->master, keyboardDev);
++#else
+ XkbCopyDeviceKeymap(keyboardDev->u.master, keyboardDev);
++#endif
+ #endif /* XORG < 17 */
+ break;
+ }
+diff -up xserver/hw/vnc/xorg-version.h.xorg111 xserver/hw/vnc/xorg-version.h
+--- xserver/hw/vnc/xorg-version.h.xorg111 2011-08-09 23:16:36.000000000 +0200
++++ xserver/hw/vnc/xorg-version.h 2011-11-11 11:55:32.255835319 +0100
+@@ -36,6 +36,8 @@
+ #define XORG 19
+ #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (10 * 100000) + (99 * 1000))
+ #define XORG 110
++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (11 * 100000) + (99 * 1000))
++#define XORG 111
+ #else
+ #error "X.Org newer than 1.10 is not supported"
+ #endif
+diff -up xserver/hw/vnc/xvnc.cc.xorg111 xserver/hw/vnc/xvnc.cc
+--- xserver/hw/vnc/xvnc.cc.xorg111 2011-08-09 23:16:36.000000000 +0200
++++ xserver/hw/vnc/xvnc.cc 2011-11-11 11:55:32.256835319 +0100
+@@ -211,7 +211,11 @@ static void vfbFreeFramebufferMemory(vfb
+
+ extern "C" {
+
++#if XORG < 111
+ void ddxGiveUp()
++#else
++void ddxGiveUp(enum ExitCode error)
++#endif
+ {
+ int i;
+
+@@ -221,9 +225,17 @@ void ddxGiveUp()
+ }
+
+ void
++#if XORG < 111
+ AbortDDX()
++#else
++AbortDDX(enum ExitCode error)
++#endif
+ {
++#if XORG < 111
+ ddxGiveUp();
++#else
++ ddxGiveUp(error);
++#endif
+ }
+
+ #ifdef __DARWIN__
+@@ -668,8 +680,13 @@ vfbUninstallColormap(ColormapPtr pmap)
+ {
+ if (pmap->mid != pmap->pScreen->defColormap)
+ {
++#if XORG < 111
+ curpmap = (ColormapPtr) LookupIDByType(pmap->pScreen->defColormap,
+ RT_COLORMAP);
++#else
++ dixLookupResourceByType((pointer *) &curpmap, pmap->pScreen->defColormap,
++ RT_COLORMAP, serverClient, DixUnknownAccess);
++#endif
+ (*pmap->pScreen->InstallColormap)(curpmap);
+ }
+ }
+
diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg112.patch b/extra/source/tigervnc/patches/tigervnc11-xorg112.patch
new file mode 100644
index 00000000..2931cd7e
--- /dev/null
+++ b/extra/source/tigervnc/patches/tigervnc11-xorg112.patch
@@ -0,0 +1,429 @@
+diff -up xserver/hw/vnc/vncExtInit.cc.xorg112 xserver/hw/vnc/vncExtInit.cc
+--- xserver/hw/vnc/vncExtInit.cc.xorg112 2011-08-09 23:16:36.000000000 +0200
++++ xserver/hw/vnc/vncExtInit.cc 2012-03-27 12:54:56.937271323 +0200
+@@ -56,6 +56,7 @@ extern "C" {
+ #include "XserverDesktop.h"
+ #include "vncHooks.h"
+ #include "vncExtInit.h"
++#include "xorg-version.h"
+
+ extern "C" {
+
+@@ -360,10 +361,16 @@ void vncClientCutText(const char* str, i
+ ev.window = cur->window;
+ ev.time = GetTimeInMillis();
+ if (cur->client->swapped) {
++#if XORG < 112
+ int n;
+ swaps(&ev.sequenceNumber, n);
+ swapl(&ev.window, n);
+ swapl(&ev.time, n);
++#else
++ swaps(&ev.sequenceNumber);
++ swapl(&ev.window);
++ swapl(&ev.time);
++#endif
+ }
+ WriteToClient(cur->client, sizeof(xVncExtClientCutTextNotifyEvent),
+ (char *)&ev);
+@@ -406,9 +413,14 @@ void vncQueryConnect(XserverDesktop* des
+ ev.sequenceNumber = cur->client->sequence;
+ ev.window = cur->window;
+ if (cur->client->swapped) {
++#if XORG < 112
+ int n;
+ swaps(&ev.sequenceNumber, n);
+ swapl(&ev.window, n);
++#else
++ swaps(&ev.sequenceNumber);
++ swapl(&ev.window);
++#endif
+ }
+ WriteToClient(cur->client, sizeof(xVncExtQueryConnectNotifyEvent),
+ (char *)&ev);
+@@ -449,10 +461,16 @@ static void SendSelectionChangeEvent(Ato
+ ev.window = cur->window;
+ ev.selection = selection;
+ if (cur->client->swapped) {
++#if XORG < 112
+ int n;
+ swaps(&ev.sequenceNumber, n);
+ swapl(&ev.window, n);
+ swapl(&ev.selection, n);
++#else
++ swaps(&ev.sequenceNumber);
++ swapl(&ev.window);
++ swapl(&ev.selection);
++#endif
+ }
+ WriteToClient(cur->client, sizeof(xVncExtSelectionChangeNotifyEvent),
+ (char *)&ev);
+@@ -473,7 +491,6 @@ static int ProcVncExtSetParam(ClientPtr
+ param.buf[stuff->paramLen] = 0;
+
+ xVncExtSetParamReply rep;
+- int n;
+ rep.type = X_Reply;
+ rep.length = 0;
+ rep.success = 0;
+@@ -514,8 +531,14 @@ static int ProcVncExtSetParam(ClientPtr
+
+ deny:
+ if (client->swapped) {
++#if XORG < 112
++ int n;
+ swaps(&rep.sequenceNumber, n);
+ swapl(&rep.length, n);
++#else
++ swaps(&rep.sequenceNumber);
++ swapl(&rep.length);
++#endif
+ }
+ WriteToClient(client, sizeof(xVncExtSetParamReply), (char *)&rep);
+ return (client->noClientException);
+@@ -523,9 +546,13 @@ deny:
+
+ static int SProcVncExtSetParam(ClientPtr client)
+ {
+- register char n;
+ REQUEST(xVncExtSetParamReq);
++#if XORG < 112
++ register char n;
+ swaps(&stuff->length, n);
++#else
++ swaps(&stuff->length);
++#endif
+ REQUEST_AT_LEAST_SIZE(xVncExtSetParamReq);
+ return ProcVncExtSetParam(client);
+ }
+@@ -539,7 +566,6 @@ static int ProcVncExtGetParam(ClientPtr
+ param.buf[stuff->paramLen] = 0;
+
+ xVncExtGetParamReply rep;
+- int n;
+ rep.type = X_Reply;
+ rep.sequenceNumber = client->sequence;
+ rep.success = 0;
+@@ -557,9 +583,16 @@ static int ProcVncExtGetParam(ClientPtr
+ rep.length = (len + 3) >> 2;
+ rep.valueLen = len;
+ if (client->swapped) {
++#if XORG < 112
++ int n;
+ swaps(&rep.sequenceNumber, n);
+ swapl(&rep.length, n);
+ swaps(&rep.valueLen, n);
++#else
++ swaps(&rep.sequenceNumber);
++ swapl(&rep.length);
++ swaps(&rep.valueLen);
++#endif
+ }
+ WriteToClient(client, sizeof(xVncExtGetParamReply), (char *)&rep);
+ if (value)
+@@ -570,9 +603,13 @@ static int ProcVncExtGetParam(ClientPtr
+
+ static int SProcVncExtGetParam(ClientPtr client)
+ {
+- register char n;
+ REQUEST(xVncExtGetParamReq);
++#if XORG < 112
++ register char n;
+ swaps(&stuff->length, n);
++#else
++ swaps(&stuff->length);
++#endif
+ REQUEST_AT_LEAST_SIZE(xVncExtGetParamReq);
+ return ProcVncExtGetParam(client);
+ }
+@@ -586,7 +623,6 @@ static int ProcVncExtGetParamDesc(Client
+ param.buf[stuff->paramLen] = 0;
+
+ xVncExtGetParamDescReply rep;
+- int n;
+ rep.type = X_Reply;
+ rep.sequenceNumber = client->sequence;
+ rep.success = 0;
+@@ -601,9 +637,16 @@ static int ProcVncExtGetParamDesc(Client
+ rep.length = (len + 3) >> 2;
+ rep.descLen = len;
+ if (client->swapped) {
++#if XORG < 112
++ int n;
+ swaps(&rep.sequenceNumber, n);
+ swapl(&rep.length, n);
+ swaps(&rep.descLen, n);
++#else
++ swaps(&rep.sequenceNumber);
++ swapl(&rep.length);
++ swaps(&rep.descLen);
++#endif
+ }
+ WriteToClient(client, sizeof(xVncExtGetParamDescReply), (char *)&rep);
+ if (desc)
+@@ -613,9 +656,13 @@ static int ProcVncExtGetParamDesc(Client
+
+ static int SProcVncExtGetParamDesc(ClientPtr client)
+ {
+- register char n;
+ REQUEST(xVncExtGetParamDescReq);
++#if XORG < 112
++ register char n;
+ swaps(&stuff->length, n);
++#else
++ swaps(&stuff->length);
++#endif
+ REQUEST_AT_LEAST_SIZE(xVncExtGetParamDescReq);
+ return ProcVncExtGetParamDesc(client);
+ }
+@@ -626,7 +673,6 @@ static int ProcVncExtListParams(ClientPt
+ REQUEST_SIZE_MATCH(xVncExtListParamsReq);
+
+ xVncExtListParamsReply rep;
+- int n;
+ rep.type = X_Reply;
+ rep.sequenceNumber = client->sequence;
+
+@@ -642,9 +688,16 @@ static int ProcVncExtListParams(ClientPt
+ rep.length = (len + 3) >> 2;
+ rep.nParams = nParams;
+ if (client->swapped) {
++#if XORG < 112
++ int n;
+ swaps(&rep.sequenceNumber, n);
+ swapl(&rep.length, n);
+ swaps(&rep.nParams, n);
++#else
++ swaps(&rep.sequenceNumber);
++ swapl(&rep.length);
++ swaps(&rep.nParams);
++#endif
+ }
+ WriteToClient(client, sizeof(xVncExtListParamsReply), (char *)&rep);
+ rdr::U8* data = new rdr::U8[len];
+@@ -664,9 +717,13 @@ static int ProcVncExtListParams(ClientPt
+
+ static int SProcVncExtListParams(ClientPtr client)
+ {
+- register char n;
+ REQUEST(xVncExtListParamsReq);
++#if XORG < 112
++ register char n;
+ swaps(&stuff->length, n);
++#else
++ swaps(&stuff->length);
++#endif
+ REQUEST_SIZE_MATCH(xVncExtListParamsReq);
+ return ProcVncExtListParams(client);
+ }
+@@ -689,11 +746,19 @@ static int ProcVncExtSetServerCutText(Cl
+
+ static int SProcVncExtSetServerCutText(ClientPtr client)
+ {
+- register char n;
+ REQUEST(xVncExtSetServerCutTextReq);
++#if XORG < 112
++ register char n;
+ swaps(&stuff->length, n);
++#else
++ swaps(&stuff->length);
++#endif
+ REQUEST_AT_LEAST_SIZE(xVncExtSetServerCutTextReq);
++#if XORG < 112
+ swapl(&stuff->textLen, n);
++#else
++ swapl(&stuff->textLen);
++#endif
+ return ProcVncExtSetServerCutText(client);
+ }
+
+@@ -703,15 +768,21 @@ static int ProcVncExtGetClientCutText(Cl
+ REQUEST_SIZE_MATCH(xVncExtGetClientCutTextReq);
+
+ xVncExtGetClientCutTextReply rep;
+- int n;
+ rep.type = X_Reply;
+ rep.length = (clientCutTextLen + 3) >> 2;
+ rep.sequenceNumber = client->sequence;
+ rep.textLen = clientCutTextLen;
+ if (client->swapped) {
++#if XORG < 112
++ int n;
+ swaps(&rep.sequenceNumber, n);
+ swapl(&rep.length, n);
+ swapl(&rep.textLen, n);
++#else
++ swaps(&rep.sequenceNumber);
++ swapl(&rep.length);
++ swapl(&rep.textLen);
++#endif
+ }
+ WriteToClient(client, sizeof(xVncExtGetClientCutTextReply), (char *)&rep);
+ if (clientCutText)
+@@ -721,9 +792,13 @@ static int ProcVncExtGetClientCutText(Cl
+
+ static int SProcVncExtGetClientCutText(ClientPtr client)
+ {
+- register char n;
+ REQUEST(xVncExtGetClientCutTextReq);
++#if XORG < 112
++ register char n;
+ swaps(&stuff->length, n);
++#else
++ swaps(&stuff->length);
++#endif
+ REQUEST_SIZE_MATCH(xVncExtGetClientCutTextReq);
+ return ProcVncExtGetClientCutText(client);
+ }
+@@ -753,12 +828,21 @@ static int ProcVncExtSelectInput(ClientP
+
+ static int SProcVncExtSelectInput(ClientPtr client)
+ {
+- register char n;
+ REQUEST(xVncExtSelectInputReq);
++#if XORG < 112
++ register char n;
+ swaps(&stuff->length, n);
++#else
++ swaps(&stuff->length);
++#endif
+ REQUEST_SIZE_MATCH(xVncExtSelectInputReq);
++#if XORG < 112
+ swapl(&stuff->window, n);
+ swapl(&stuff->mask, n);
++#else
++ swapl(&stuff->window);
++ swapl(&stuff->mask);
++#endif
+ return ProcVncExtSelectInput(client);
+ }
+
+@@ -804,9 +888,14 @@ static int ProcVncExtConnect(ClientPtr c
+ rep.length = 0;
+ rep.sequenceNumber = client->sequence;
+ if (client->swapped) {
++#if XORG < 112
+ int n;
+ swaps(&rep.sequenceNumber, n);
+ swapl(&rep.length, n);
++#else
++ swaps(&rep.sequenceNumber);
++ swapl(&rep.length);
++#endif
+ }
+ WriteToClient(client, sizeof(xVncExtConnectReply), (char *)&rep);
+ return (client->noClientException);
+@@ -814,9 +903,13 @@ static int ProcVncExtConnect(ClientPtr c
+
+ static int SProcVncExtConnect(ClientPtr client)
+ {
+- register char n;
+ REQUEST(xVncExtConnectReq);
++#if XORG < 112
++ register char n;
+ swaps(&stuff->length, n);
++#else
++ swaps(&stuff->length);
++#endif
+ REQUEST_AT_LEAST_SIZE(xVncExtConnectReq);
+ return ProcVncExtConnect(client);
+ }
+@@ -836,7 +929,6 @@ static int ProcVncExtGetQueryConnect(Cli
+ qcTimeout = 0;
+
+ xVncExtGetQueryConnectReply rep;
+- int n;
+ rep.type = X_Reply;
+ rep.sequenceNumber = client->sequence;
+ rep.timeout = qcTimeout;
+@@ -845,11 +937,20 @@ static int ProcVncExtGetQueryConnect(Cli
+ rep.opaqueId = (CARD32)(long)queryConnectId;
+ rep.length = (rep.userLen + rep.addrLen + 3) >> 2;
+ if (client->swapped) {
++#if XORG < 112
++ int n;
+ swaps(&rep.sequenceNumber, n);
+ swapl(&rep.userLen, n);
+ swapl(&rep.addrLen, n);
+ swapl(&rep.timeout, n);
+ swapl(&rep.opaqueId, n);
++#else
++ swaps(&rep.sequenceNumber);
++ swapl(&rep.userLen);
++ swapl(&rep.addrLen);
++ swapl(&rep.timeout);
++ swapl(&rep.opaqueId);
++#endif
+ }
+ WriteToClient(client, sizeof(xVncExtGetQueryConnectReply), (char *)&rep);
+ if (qcTimeout)
+@@ -861,9 +962,13 @@ static int ProcVncExtGetQueryConnect(Cli
+
+ static int SProcVncExtGetQueryConnect(ClientPtr client)
+ {
+- register char n;
+ REQUEST(xVncExtGetQueryConnectReq);
++#if XORG < 112
++ register char n;
+ swaps(&stuff->length, n);
++#else
++ swaps(&stuff->length);
++#endif
+ REQUEST_SIZE_MATCH(xVncExtGetQueryConnectReq);
+ return ProcVncExtGetQueryConnect(client);
+ }
+@@ -888,10 +993,15 @@ static int ProcVncExtApproveConnect(Clie
+
+ static int SProcVncExtApproveConnect(ClientPtr client)
+ {
+- register char n;
+ REQUEST(xVncExtApproveConnectReq);
++#if XORG < 112
++ register char n;
+ swaps(&stuff->length, n);
+ swapl(&stuff->opaqueId, n);
++#else
++ swaps(&stuff->length);
++ swapl(&stuff->opaqueId);
++#endif
+ REQUEST_SIZE_MATCH(xVncExtApproveConnectReq);
+ return ProcVncExtApproveConnect(client);
+ }
+diff -up xserver/hw/vnc/xf86vncModule.cc.xorg112 xserver/hw/vnc/xf86vncModule.cc
+--- xserver/hw/vnc/xf86vncModule.cc.xorg112 2011-08-09 23:16:36.000000000 +0200
++++ xserver/hw/vnc/xf86vncModule.cc 2012-03-27 12:54:56.938271322 +0200
+@@ -26,6 +26,8 @@
+ #include <rfb/Logger_stdio.h>
+ #include <rfb/LogWriter.h>
+
++#include "xorg-version.h"
++
+ extern "C" {
+ #define class c_class
+ #define private c_private
+@@ -89,7 +91,12 @@ static void vncExtensionInitWithParams(I
+ ScrnInfoPtr pScrn = xf86Screens[scr];
+
+ for (ParameterIterator i(Configuration::global()); i.param; i.next()) {
+- char* val = xf86FindOptionValue(pScrn->options, i.param->getName());
++ const char *val;
++#if XORG < 112
++ val = xf86FindOptionValue(pScrn->options, i.param->getName());
++#else
++ val = xf86FindOptionValue((XF86OptionPtr)pScrn->options, i.param->getName());
++#endif
+ if (val)
+ i.param->setParam(val);
+ }
+diff -up xserver/hw/vnc/xorg-version.h.xorg112 xserver/hw/vnc/xorg-version.h
+--- xserver/hw/vnc/xorg-version.h.xorg112 2012-03-27 12:55:27.576240843 +0200
++++ xserver/hw/vnc/xorg-version.h 2012-03-27 12:56:07.541204026 +0200
+@@ -38,6 +38,8 @@
+ #define XORG 110
+ #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (11 * 100000) + (99 * 1000))
+ #define XORG 111
++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (12 * 100000) + (99 * 1000))
++#define XORG 112
+ #else
+ #error "X.Org newer than 1.10 is not supported"
+ #endif
diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg113.patch b/extra/source/tigervnc/patches/tigervnc11-xorg113.patch
new file mode 100644
index 00000000..12ce549d
--- /dev/null
+++ b/extra/source/tigervnc/patches/tigervnc11-xorg113.patch
@@ -0,0 +1,171 @@
+diff -up xserver/hw/vnc/Makefile.am.xorg113 xserver/hw/vnc/Makefile.am
+--- xserver/hw/vnc/Makefile.am.xorg113 2012-07-19 21:42:46.297455970 -0400
++++ xserver/hw/vnc/Makefile.am 2012-07-19 21:19:22.526005528 -0400
+@@ -62,7 +62,7 @@ EXTRA_DIST = Xvnc.man
+ BUILT_SOURCES = $(nodist_Xvnc_SOURCES)
+
+ fb.h: $(top_srcdir)/fb/fb.h
+- cat $(top_srcdir)/fb/fb.h | sed -e 's,and,c_and,' -e 's,xor,c_xor,' > $(srcdir)/fb.h
++ cat $(top_srcdir)/fb/fb.h | sed -e 's,and,c_and,g' -e 's,xor,c_xor,g' > $(srcdir)/fb.h
+
+ pixman.h: $(includedir)/pixman-1/pixman.h
+ cat $(includedir)/pixman-1/pixman.h | sed 's/xor/c_xor/' > $(srcdir)/pixman.h
+diff -up xserver/hw/vnc/vncHooks.cc.xorg113 xserver/hw/vnc/vncHooks.cc
+--- xserver/hw/vnc/vncHooks.cc.xorg113 2012-07-19 21:31:37.191820942 -0400
++++ xserver/hw/vnc/vncHooks.cc 2012-07-19 21:36:00.327531293 -0400
+@@ -116,7 +116,7 @@ static DevPrivateKeyRec vncHooksGCKeyRec
+
+ // screen functions
+
+-static Bool vncHooksCloseScreen(int i, ScreenPtr pScreen);
++static Bool vncHooksCloseScreen(ScreenPtr pScreen);
+ static Bool vncHooksCreateGC(GCPtr pGC);
+ static void vncHooksCopyWindow(WindowPtr pWin, DDXPointRec ptOldOrg,
+ RegionPtr pOldRegion);
+@@ -133,7 +133,7 @@ static Bool vncHooksDisplayCursor(
+ DeviceIntPtr pDev,
+ #endif
+ ScreenPtr pScreen, CursorPtr cursor);
+-static void vncHooksBlockHandler(int i, pointer blockData, pointer pTimeout,
++static void vncHooksBlockHandler(ScreenPtr pScreen_, pointer pTimeout,
+ pointer pReadmask);
+ #ifdef RENDER
+ static void vncHooksComposite(CARD8 op, PicturePtr pSrc, PicturePtr pMask,
+@@ -335,7 +335,7 @@ Bool vncHooksInit(ScreenPtr pScreen, Xse
+ // CloseScreen - unwrap the screen functions and call the original CloseScreen
+ // function
+
+-static Bool vncHooksCloseScreen(int i, ScreenPtr pScreen_)
++static Bool vncHooksCloseScreen(ScreenPtr pScreen_)
+ {
+ SCREEN_UNWRAP(pScreen_, CloseScreen);
+
+@@ -366,7 +366,7 @@ static Bool vncHooksCloseScreen(int i, S
+
+ DBGPRINT((stderr,"vncHooksCloseScreen: unwrapped screen functions\n"));
+
+- return (*pScreen->CloseScreen)(i, pScreen);
++ return (*pScreen->CloseScreen)(pScreen);
+ }
+
+ // CreateGC - wrap the "GC funcs"
+@@ -531,14 +531,14 @@ static Bool vncHooksDisplayCursor(
+ // BlockHandler - ignore any changes during the block handler - it's likely
+ // these are just drawing the cursor.
+
+-static void vncHooksBlockHandler(int i, pointer blockData, pointer pTimeout,
++static void vncHooksBlockHandler(ScreenPtr pScreen_, pointer pTimeout,
+ pointer pReadmask)
+ {
+- SCREEN_UNWRAP(screenInfo.screens[i], BlockHandler);
++ SCREEN_UNWRAP(pScreen_, BlockHandler);
+
+ vncHooksScreen->desktop->ignoreHooks(true);
+
+- (*pScreen->BlockHandler) (i, blockData, pTimeout, pReadmask);
++ (*pScreen->BlockHandler) (pScreen, pTimeout, pReadmask);
+
+ vncHooksScreen->desktop->ignoreHooks(false);
+
+diff -up xserver/hw/vnc/xf86vncModule.cc.xorg113 xserver/hw/vnc/xf86vncModule.cc
+--- xserver/hw/vnc/xf86vncModule.cc.xorg113 2012-07-19 21:19:27.558942606 -0400
++++ xserver/hw/vnc/xf86vncModule.cc 2012-07-19 21:19:27.574942408 -0400
+@@ -53,8 +53,6 @@ ExtensionModule vncExt =
+ {
+ vncExtensionInitWithParams,
+ "VNC",
+- NULL,
+- NULL,
+ NULL
+ };
+
+diff -up xserver/hw/vnc/xorg-version.h.xorg113 xserver/hw/vnc/xorg-version.h
+--- xserver/hw/vnc/xorg-version.h.xorg113 2012-07-19 21:19:27.560942582 -0400
++++ xserver/hw/vnc/xorg-version.h 2012-07-19 21:19:27.576942382 -0400
+@@ -40,6 +40,8 @@
+ #define XORG 111
+ #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (12 * 100000) + (99 * 1000))
+ #define XORG 112
++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (13 * 100000) + (99 * 1000))
++#define XORG 113
+ #else
+ #error "X.Org newer than 1.10 is not supported"
+ #endif
+diff -up xserver/hw/vnc/xvnc.cc.xorg113 xserver/hw/vnc/xvnc.cc
+--- xserver/hw/vnc/xvnc.cc.xorg113 2012-07-19 21:36:33.078121854 -0400
++++ xserver/hw/vnc/xvnc.cc 2012-07-19 21:39:49.685663920 -0400
+@@ -267,7 +267,7 @@ OsVendorInit()
+ }
+
+ void
+-OsVendorFatalError()
++OsVendorFatalError(const char *f, va_list args)
+ {
+ }
+
+@@ -1135,9 +1135,9 @@ static Bool vncRandRSetConfig (ScreenPtr
+ #endif
+
+ static Bool
+-vfbCloseScreen(int index, ScreenPtr pScreen)
++vfbCloseScreen(ScreenPtr pScreen)
+ {
+- vfbScreenInfoPtr pvfb = &vfbScreens[index];
++ vfbScreenInfoPtr pvfb = &vfbScreens[pScreen->myNum];
+ int i;
+
+ pScreen->CloseScreen = pvfb->closeScreen;
+@@ -1149,13 +1149,13 @@ vfbCloseScreen(int index, ScreenPtr pScr
+ for (i = 0; i < MAXSCREENS; i++)
+ InstalledMaps[i] = NULL;
+
+- return pScreen->CloseScreen(index, pScreen);
++ return pScreen->CloseScreen(pScreen);
+ }
+
+ static Bool
+-vfbScreenInit(int index, ScreenPtr pScreen, int argc, char **argv)
++vfbScreenInit(ScreenPtr pScreen, int argc, char **argv)
+ {
+- vfbScreenInfoPtr pvfb = &vfbScreens[index];
++ vfbScreenInfoPtr pvfb = &vfbScreens[pScreen->myNum];
+ int dpi;
+ int ret;
+ void *pbits;
+@@ -1167,8 +1167,8 @@ vfbScreenInit(int index, ScreenPtr pScre
+
+ pbits = vfbAllocateFramebufferMemory(&pvfb->fb);
+ if (!pbits) return FALSE;
+- vncFbptr[index] = pbits;
+- vncFbstride[index] = pvfb->fb.paddedWidth;
++ vncFbptr[pScreen->myNum] = pbits;
++ vncFbstride[pScreen->myNum] = pvfb->fb.paddedWidth;
+
+ miSetPixmapDepths();
+
+diff -up xserver/include/screenint.h.xorg113 xserver/include/screenint.h
+--- xserver/include/screenint.h.xorg113 2012-07-19 21:30:38.258557709 -0400
++++ xserver/include/screenint.h 2012-07-19 21:30:45.415468235 -0400
+@@ -72,18 +72,18 @@ extern _X_EXPORT int AddGPUScreen(Bool (
+ extern _X_EXPORT void RemoveGPUScreen(ScreenPtr pScreen);
+
+ extern _X_EXPORT void
+-AttachUnboundGPU(ScreenPtr pScreen, ScreenPtr newScreen);
++AttachUnboundGPU(ScreenPtr pScreen, ScreenPtr);
+ extern _X_EXPORT void
+ DetachUnboundGPU(ScreenPtr unbound);
+
+ extern _X_EXPORT void
+-AttachOutputGPU(ScreenPtr pScreen, ScreenPtr newScreen);
++AttachOutputGPU(ScreenPtr pScreen, ScreenPtr);
+
+ extern _X_EXPORT void
+ DetachOutputGPU(ScreenPtr output);
+
+ extern _X_EXPORT void
+-AttachOffloadGPU(ScreenPtr pScreen, ScreenPtr newScreen);
++AttachOffloadGPU(ScreenPtr pScreen, ScreenPtr);
+
+ extern _X_EXPORT void
+ DetachOffloadGPU(ScreenPtr slave);
+
diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg114.patch b/extra/source/tigervnc/patches/tigervnc11-xorg114.patch
new file mode 100644
index 00000000..23c71001
--- /dev/null
+++ b/extra/source/tigervnc/patches/tigervnc11-xorg114.patch
@@ -0,0 +1,24 @@
+--- xserver/hw/vnc/xorg-version.h Mon Feb 18 08:28:49 2013
++++ xserver/hw/vnc/xorg-version.h Mon Feb 18 08:28:43 2013
+@@ -42,8 +42,10 @@
+ #define XORG 112
+ #elif XORG_VERSION_CURRENT < ((1 * 10000000) + (13 * 100000) + (99 * 1000))
+ #define XORG 113
++#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (14 * 100000) + (99 * 1000))
++#define XORG 114
+ #else
+-#error "X.Org newer than 1.10 is not supported"
++#error "X.Org newer than 1.14 is not supported"
+ #endif
+
+ #endif
+--- xserver/hw/vnc/xvnc.cc Tue Feb 19 08:50:20 2013
++++ xserver/hw/vnc/xvnc.cc Tue Feb 19 08:50:27 2013
+@@ -54,7 +54,6 @@
+ #include "servermd.h"
+ #include "fb.h"
+ #include "mi.h"
+-#include "mibstore.h"
+ #include "colormapst.h"
+ #include "gcstruct.h"
+ #include "input.h"
diff --git a/extra/source/tigervnc/patches/tigervnc11-xorg_headers.patch b/extra/source/tigervnc/patches/tigervnc11-xorg_headers.patch
new file mode 100644
index 00000000..2ef5bece
--- /dev/null
+++ b/extra/source/tigervnc/patches/tigervnc11-xorg_headers.patch
@@ -0,0 +1,16 @@
+--- tigervnc-1.1.0/unix/xserver/hw/vnc/Makefile.am.orig 2011-08-09 23:16:36.000000000 +0200
++++ tigervnc-1.1.0/unix/xserver/hw/vnc/Makefile.am 2012-07-29 14:14:55.078998592 +0200
+@@ -61,10 +61,10 @@
+ BUILT_SOURCES = $(nodist_Xvnc_SOURCES)
+
+ fb.h: $(top_srcdir)/fb/fb.h
+- cat $(top_srcdir)/fb/fb.h | sed -e 's,and,c_and,' -e 's,xor,c_xor,' > $(srcdir)/fb.h
++ cat $(top_srcdir)/fb/fb.h | sed -e 's,and,c_and,g' -e 's,xor,c_xor,g' > $(srcdir)/fb.h
+
+ pixman.h: $(includedir)/pixman-1/pixman.h
+- cat $(includedir)/pixman-1/pixman.h | sed 's/xor/c_xor/' > $(srcdir)/pixman.h
++ cat $(includedir)/pixman-1/pixman.h | sed 's/xor/c_xor/g' > $(srcdir)/pixman.h
+
+ fbrop.h: $(top_srcdir)/fb/fbrop.h
+- cat $(top_srcdir)/fb/fbrop.h | sed -e 's,and,c_and,' -e 's,xor,c_xor,' > $(srcdir)/fbrop.h
++ cat $(top_srcdir)/fb/fbrop.h | sed -e 's,and,c_and,' -e 's,xor,c_xor,g' > $(srcdir)/fbrop.h
diff --git a/extra/source/tigervnc/slack-desc b/extra/source/tigervnc/slack-desc
new file mode 100644
index 00000000..e433dd5f
--- /dev/null
+++ b/extra/source/tigervnc/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+ |-----handy-ruler------------------------------------------------------|
+tigervnc: tigervnc (VNC server and client)
+tigervnc:
+tigervnc: Virtual Network Computing (VNC) is a remote display system which
+tigervnc: allows you to view a desktop environment from anywhere on the Internet
+tigervnc: and from a wide variety of machine architectures.
+tigervnc: TigerVNC is a suite of VNC servers and clients that have a focus on
+tigervnc: performance and remote display functionality.
+tigervnc:
+tigervnc:
+tigervnc: tigervnc home: http://tigervnc.org/
+tigervnc:
diff --git a/extra/source/tigervnc/tigervnc.SlackBuild b/extra/source/tigervnc/tigervnc.SlackBuild
new file mode 100755
index 00000000..a269bc7c
--- /dev/null
+++ b/extra/source/tigervnc/tigervnc.SlackBuild
@@ -0,0 +1,311 @@
+#!/bin/sh
+# Copyright 2010, 2011, 2012, 2013 Eric Hameleers, Eindhoven. NL
+# All rights reserved.
+#
+# Permission to use, copy, modify, and distribute this software for
+# any purpose with or without fee is hereby granted, provided that
+# the above copyright notice and this permission notice appear in all
+# copies.
+#
+# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+# -----------------------------------------------------------------------------
+
+
+PKGNAM=tigervnc
+VERSION=${VERSION:-1.1.0}
+BUILD=${BUILD:-1}
+NUMJOBS=${NUMJOBS:" -j4 "}
+TAG=${TAG:-}
+
+# Do we build the java applet (needs jdk)?
+DO_APPLET=${DO_APPLET:-"NO"}
+
+# TigerVNC needs to use source of the X.Org server whose version matches
+# that of your installed X.Org package:
+XORG=${XORG:-$(X -version 2>&1 | grep "^X.Org X Server " | cut -f4 -d' ')}
+MAXPATCHVER="$(echo $XORG | cut -f1,2 -d. | tr -d '.')"
+
+# OS Stamp into the binaries:
+OSNAME="$(head -1 /etc/slackware-version)"
+OSVENDOR="Slackware Linux Project"
+BUILDER="Built by Alien BOB on $(date -u)"
+
+# This covers most filenames you'd want as documentation. Change if needed.
+DOCS="LICENCE.TXT doc/TODO doc/*.txt doc/*.odt"
+DOCS_XORG="COPYING ChangeLog"
+
+if [ -e $CWD/machine.conf ]; then
+ . $CWD/machine.conf ]
+elif [ -e /etc/slackbuild/machine.conf ]; then
+ . /etc/slackbuild/machine.conf ]
+else
+ # Automatically determine the architecture we're building on:
+ MARCH=$( uname -m )
+ if [ -z "$ARCH" ]; then
+ case "$MARCH" in
+ i?86) export ARCH=i486 ;;
+ arm*) export ARCH=arm ;;
+ # Unless $ARCH is already set, use uname -m for all other archs:
+ *) export ARCH=$MARCH ;;
+ esac
+ fi
+ # Set CFLAGS/CXXFLAGS and LIBDIRSUFFIX:
+ if [ "$ARCH" = "i486" ]; then
+ SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+ LIBDIRSUFFIX=""
+ elif [ "$ARCH" = "s390" ]; then
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+ elif [ "$ARCH" = "x86_64" ]; then
+ SLKCFLAGS="-O2 -fPIC"
+ LIBDIRSUFFIX="64"
+ elif [ "$ARCH" = "arm" ]; then
+ SLKCFLAGS="-O2 -march=armv5te"
+ LIBDIRSUFFIX=""
+ else
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+ fi
+fi
+
+case "$ARCH" in
+ arm*) TARGET=$ARCH-slackware-linux-gnueabi ;;
+ *) TARGET=$ARCH-slackware-linux ;;
+esac
+
+CWD=$(pwd)
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-$PKGNAM
+
+rm -rf $PKG
+mkdir -p $TMP $PKG
+cd $TMP
+rm -rf $PKGNAM-$VERSION
+rm -rf xorg-server-${XORG}
+tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1
+tar xvf $CWD/xorg-server-${XORG}.tar.?z* || exit 1
+cd $PKGNAM-$VERSION || exit 1
+
+# Move the xorg-server sources into the TigerVNC tree:
+mv unix/xserver/hw/vnc ../xorg-server-${XORG}/hw/
+rm -rf unix/xserver/hw
+mv ../xorg-server-${XORG}/* unix/xserver/
+
+# We have patches for X.Org later than 1.10 which tigervnc does not have:
+for PATCHVER in 111 112 113 114 ; do
+ if [ -e $CWD/patches/tigervnc$(echo $VERSION | cut -f1,2 -d. --output-delimiter=)-xorg${PATCHVER}.patch ]; then
+ cp $CWD/patches/tigervnc$(echo $VERSION | cut -f1,2 -d. --output-delimiter=)-xorg${PATCHVER}.patch unix/xserver${PATCHVER}.patch
+ fi
+done
+
+if [ $MAXPATCHVER -gt 110 ]; then
+ if [ $MAXPATCHVER -lt 113 ]; then
+ # The sed magic in the hw/vnc Makefile needs some love:
+ # ... taken care of in the xserver113 patch if we ever move to X.Org 1.13.
+ cat $CWD/patches/tigervnc$(echo $VERSION | cut -f1,2 -d. --output-delimiter=)-xorg_headers.patch | patch -p1 --verbose || exit 1
+ else
+ # We need to rewrite the xserver110.patch for X.Org 1.13 and newer:
+ cp $CWD/patches/tigervnc$(echo $VERSION | cut -f1,2 -d. --output-delimiter=)-xorg110.patch unix/xserver110.patch
+ fi
+fi
+
+# Patch the xorg-server source to include building the vnc driver
+cd unix/xserver
+ if [ $MAXPATCHVER -le 110 ]; then
+ # apply one of the tigervnc-provided patches:
+ cat ../xserver${MAXPATCHVER}.patch | patch -p1 --verbose || exit 1
+ else
+ # these external patches are incremental and must be applied in order:
+ for PATCHVER in 110 111 112 113 114 ; do
+ if [ $PATCHVER -le $MAXPATCHVER -a -e ../xserver${PATCHVER}.patch ]; then
+ cat ../xserver${PATCHVER}.patch | patch -p1 --verbose || exit 1
+ fi
+ done
+ fi
+cd -
+
+# We use Java7:
+cat $CWD/patches/tigervnc11-java7.patch | patch -p1 --verbose || exit 1
+
+# Explicitly put the java applet into a directory named 'tigervnc':
+sed -i -e 's#/vnc/class#/tigervnc/class#'g $(grep -rl vnc/class .)
+
+# Make sure ownerships and permissions are sane:
+chown -R root:root .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \;
+
+export LDFLAGS="$SLKLDFLAGS -lpthread"
+export CXXFLAGS="$SLKCFLAGS"
+export CFLAGS="$SLKCFLAGS"
+
+echo -e "\n*** Building tigervnc ***\n"
+autoreconf -vif
+./configure \
+ --prefix=/usr \
+ --libdir=/usr/lib${LIBDIRSUFFIX} \
+ --mandir=/usr/man \
+ --docdir=/usr/doc/$PKGNAM-$VERSION \
+ --localstatedir=/var \
+ --sysconfdir=/etc \
+ --disable-static \
+ --program-prefix= \
+ --program-suffix= \
+ --build=$TARGET
+
+make $NUMJOBS || make || exit 1
+make DESTDIR=$PKG install || exit 1
+
+cd unix/xserver
+ echo -e "\n*** Building xserver ***\n"
+ export CXXFLAGS="$SLKCFLAGS -fpermissive"
+ autoreconf -vif
+
+ # Default font paths to be used by the X server
+ DEF_FONTPATH="/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/misc,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic"
+
+ ./configure \
+ --prefix=/usr \
+ --libdir=/usr/lib${LIBDIRSUFFIX} \
+ --sysconfdir=/etc \
+ --localstatedir=/var \
+ --mandir=/usr/man \
+ --disable-dri \
+ --disable-static \
+ --disable-xorg --disable-xnest --disable-xvfb --disable-dmx \
+ --disable-xwin --disable-xephyr --disable-kdrive \
+ --disable-xinerama \
+ --enable-composite \
+ --enable-install-libxf86config \
+ --enable-xcsecurity \
+ --enable-glx-tls --enable-dri2 \
+ --with-pic \
+ --with-int10=x86emu \
+ --with-default-font-path="${DEF_FONTPATH}" \
+ --with-module-dir=/usr/lib${LIBDIRSUFFIX}/xorg/modules \
+ --with-dri-driver-path=/usr/lib${LIBDIRSUFFIX}/xorg/modules/dri \
+ --with-xkb-path=/etc/X11/xkb \
+ --with-xkb-output=/var/lib/xkb \
+ --disable-config-dbus \
+ --disable-config-hal \
+ --disable-config-udev \
+ --disable-devel-docs \
+ --disable-unit-tests \
+ --without-dtrace \
+ --with-os-name="$OSNAME" \
+ --with-os-vendor="$OSVENDOR" \
+ --with-builderstring="$BUILDER" \
+ --build=$TARGET
+
+ make $NUMJOBS || make || exit 1
+ make -C hw/vnc DESTDIR=$PKG install
+cd -
+
+if [ "$DO_APPLET" = "YES" ]; then
+ # Compile the java applet (needs the JDK... JRE is not enough):
+ cd java/src/com/tigervnc/vncviewer
+ make || exit 1
+ cd -
+fi
+
+# Create .png icons from the .svg file:
+make -C media
+
+if [ "$DO_APPLET" = "YES" ]; then
+ # Install the java applet:
+ cd java/src/com/tigervnc/vncviewer
+ mkdir -p $PKG/usr/share/tigervnc/classes
+ install -m0755 VncViewer.jar $PKG/usr/share/tigervnc/classes/
+ install -m0644 index.vnc $PKG/usr/share/tigervnc/classes/
+ install -m0644 *.class $PKG/usr/share/tigervnc/classes/
+ cd -
+fi
+
+# Install menu entry:
+mkdir -p $PKG/usr/share/{applications,icons/hicolor/{16x16,24x24,32x32,48x48}/apps}
+for PSIZE in 16 24 32 48; do
+ install -m644 media/icons/tigervnc_${PSIZE}.png \
+ $PKG/usr/share/icons/hicolor/${PSIZE}x${PSIZE}/apps/tigervnc.png
+done
+cat <<EOT > $PKG/usr/share/applications/tigervnc.desktop
+[Desktop Entry]
+Encoding=UTF-8
+Name=TigerVNC
+GenericName=VNCViewer (RFB Client)
+Comment=Connect to remote desktop
+SwallowExec=
+Exec=vncviewer
+MimeType=
+Icon=tigervnc
+Path=
+TerminalOptions=
+Terminal=false
+Type=Application
+Categories=Network;
+StartupWMClass=VNC Viewer: Connection Details
+EOT
+
+# Add this to the doinst.sh:
+! [ -d $PKG/install ] && mkdir -p $PKG/install
+cat <<EOT >> $PKG/install/doinst.sh
+# Update the desktop database:
+if [ -x usr/bin/update-desktop-database ]; then
+ chroot . /usr/bin/update-desktop-database usr/share/applications 1>/dev/null 2>&1
+fi
+
+# Update the mime database:
+if [ -x usr/bin/update-mime-database ]; then
+ chroot . /usr/bin/update-mime-database usr/share/mime 1>/dev/null 2>&1
+fi
+
+# Update hicolor theme cache:
+if [ -d usr/share/icons/hicolor ]; then
+ if [ -x usr/bin/gtk-update-icon-cache ]; then
+ chroot . /usr/bin/gtk-update-icon-cache -f -t usr/share/icons/hicolor 1> /dev/null 2> /dev/null
+ fi
+fi
+
+EOT
+
+# Add documentation:
+mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION
+cp -a $DOCS $PKG/usr/doc/$PKGNAM-$VERSION || true
+for FIL in $(echo $DOCS_XORG); do cp -a unix/xserver/$FIL $PKG/usr/doc/$PKGNAM-$VERSION/${FIL}.xorg ; done
+chown -R root:root $PKG/usr/doc/$PKGNAM-$VERSION
+find $PKG/usr/doc -type f -exec chmod 644 {} \;
+
+# Compress the man page(s):
+if [ -d $PKG/usr/man ]; then
+ find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \;
+ for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
+fi
+
+# Strip binaries (if any):
+find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
+ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+
+# Add a package description:
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+if [ -f $CWD/doinst.sh.gz ]; then
+ zcat $CWD/doinst.sh.gz >> $PKG/install/doinst.sh
+fi
+
+# Build the package:
+cd $PKG
+/sbin/makepkg -l y -c n $TMP/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txz
+
diff --git a/extra/source/tightvnc/doinst.sh b/extra/source/tightvnc/doinst.sh
deleted file mode 100644
index 8ce980e5..00000000
--- a/extra/source/tightvnc/doinst.sh
+++ /dev/null
@@ -1,24 +0,0 @@
-# Handle the incoming configuration files:
-config() {
- NEW="$1"
- OLD="$(dirname $NEW)/$(basename $NEW .new)"
- # If there's no config file by that name, mv it over:
- if [ ! -r $OLD ]; then
- mv $NEW $OLD
- elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
- # toss the redundant copy
- rm $NEW
- fi
- # Otherwise, we leave the .new copy for the admin to consider...
-}
-
-config etc/tightvncserver.conf.new
-config etc/rc.d/rc.vncservers.new
-config etc/rc.d/rc.vncservers.conf.new
-
-# Update the desktop database:
-if [ -x usr/bin/update-desktop-database ]; then
- chroot . /usr/bin/update-desktop-database usr/share/applications > /dev/null
-2>&1
-fi
-
diff --git a/extra/source/tightvnc/slack-desc b/extra/source/tightvnc/slack-desc
deleted file mode 100644
index 4003e63a..00000000
--- a/extra/source/tightvnc/slack-desc
+++ /dev/null
@@ -1,19 +0,0 @@
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description. Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in. You must
-# make exactly 11 lines for the formatting to be correct. It's also
-# customary to leave one space after the ':'.
-
- |-----handy-ruler------------------------------------------------------|
-tightvnc: tightvnc (remote control software)
-tightvnc:
-tightvnc: Virtual Network Computing (VNC) is a remote display system which
-tightvnc: allows you to view a desktop environment from anywhere on the Internet
-tightvnc: and from a wide variety of machine architectures.
-tightvnc: TightVNC is an enhanced VNC distribution. This package contains a
-tightvnc: client which will allow you to connect to other desktops running a
-tightvnc: VNC or a TightVNC server.
-tightvnc:
-tightvnc: tightvnc home: http://www.tightvnc.com/
-tightvnc:
diff --git a/extra/source/tightvnc/tightvnc.SlackBuild b/extra/source/tightvnc/tightvnc.SlackBuild
deleted file mode 100755
index 526b8f3d..00000000
--- a/extra/source/tightvnc/tightvnc.SlackBuild
+++ /dev/null
@@ -1,128 +0,0 @@
-#!/bin/sh
-# Copyright 2007-2009 Eric Hameleers, Eindhoven, NL
-# All rights reserved.
-#
-# Permission to use, copy, modify, and distribute this software for
-# any purpose with or without fee is hereby granted, provided that
-# the above copyright notice and this permission notice appear in all
-# copies.
-#
-# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
-# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
-# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
-# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
-# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-# SUCH DAMAGE.
-# -----------------------------------------------------------------------------
-#
-# Slackware SlackBuild script
-# ===========================
-# By: Eric Hameleers <alien@slackware.com>
-# For: tightvnc
-# Descr: remote control software
-# URL: http://www.tightvnc.com/
-# -----------------------------------------------------------------------------
-
-# Set initial variables:
-
-PRGNAM=tightvnc
-VERSION=${VERSION:-1.3.10}
-ARCH=${ARCH:-x86_64}
-BUILD=${BUILD:-1}
-
-CWD=$(pwd)
-TMP=${TMP:-/tmp}
-PKG=$TMP/package-${PRGNAM}
-rm -rf $PKG
-mkdir -p $TMP $PKG
-
-case "$ARCH" in
- i486) SLKCFLAGS="-O2 -march=i486 -mtune=i686"
- SLKLDFLAGS=""; LIBDIRSUFFIX=""
- ;;
- s390) SLKCFLAGS="-O2"
- SLKLDFLAGS=""; LIBDIRSUFFIX=""
- ;;
- x86_64) SLKCFLAGS="-O2 -fPIC"
- SLKLDFLAGS="-L/usr/lib64"; LIBDIRSUFFIX="64"
- ;;
-esac
-
-# Explode the package framework:
-cd $PKG
- explodepkg $CWD/_$PRGNAM.tar.gz
-cd -
-
-cd $TMP
-rm -rf vnc_unixsrc
-tar xvf $CWD/${PRGNAM}-${VERSION}_unixsrc.tar.?z* || exit 1
-cd vnc_unixsrc || exit 1
-
-# Make sure ownerships and permissions are sane:
-chown -R root:root .
-find . \
- \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
- -exec chmod 755 {} \; -o \
- \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
- -exec chmod 644 {} \;
-
-# Make vncserver use sane pathnames and executable permissions:
-zcat $CWD/tightvnc.paths-and-perms.diff.gz | patch -p1 --verbose || exit 1
-
-# Use xinit's Xclients script to start the session:
-cat vnc-xclients.patch | sed -e 's/Red Hat /Slackware /' | patch || exit 1
-
-xmkmf -a
-make CDEBUGFLAGS="$SLKCFLAGS" World || exit 1
-
-cd Xvnc
- LDFLAGS="$SLKLDFLAGS" \
- CFLAGS="$SLKCFLAGS" \
- CXXFLAGS="$SLKCFLAGS" \
- ./configure
- make EXTRA_LIBRARIES="-lwrap -lnss_nis" CDEBUGFLAGS="$SLKCFLAGS" \
- EXTRA_DEFINES="-DUSE_LIBWRAP=1"
-cd - # end 'cd Xvnc'
-
-# Manually install files:
-mkdir -p $PKG/usr/bin $PKG/usr/man/man1
-./vncinstall $PKG/usr/bin $PKG/usr/man
-
-mkdir -p $PKG/usr/share/tightvnc
-cp -aR classes $PKG/usr/share/tightvnc/
-
-mkdir $PKG/etc
-cp -a tightvncserver.conf $PKG/etc/tightvncserver.conf.new
-
-# Add documentation:
-mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
-cp -a \
- LICENCE.TXT README WhatsNew ChangeLog \
- $PKG/usr/doc/$PRGNAM-$VERSION
-mv $PKG/install/README.1st $PKG/usr/doc/$PRGNAM-$VERSION
-
-# Compress the man page(s):
-if [ -d $PKG/usr/man ]; then
- find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \;
- for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
-fi
-
-# Strip binaries:
-find $PKG | xargs file | grep -e "executable" -e "shared object" \
- | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
-
-# Add a package description:
-mkdir -p $PKG/install
-cat $CWD/slack-desc > $PKG/install/slack-desc
-zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
-
-# Build the package:
-cd $PKG
-/sbin/makepkg -l y -c n $TMP/${PRGNAM}-${VERSION}-${ARCH}-${BUILD}.txz
-
diff --git a/extra/source/tightvnc/tightvnc.paths-and-perms.diff b/extra/source/tightvnc/tightvnc.paths-and-perms.diff
deleted file mode 100644
index b6eb14f1..00000000
--- a/extra/source/tightvnc/tightvnc.paths-and-perms.diff
+++ /dev/null
@@ -1,52 +0,0 @@
-diff -ur vnc_unixsrc.orig/tightvncserver.conf vnc_unixsrc/tightvncserver.conf
---- vnc_unixsrc.orig/tightvncserver.conf 2009-02-12 05:27:18.000000000 +0100
-+++ vnc_unixsrc/tightvncserver.conf 2009-06-02 23:55:22.000000000 +0200
-@@ -19,15 +19,15 @@
- # $geometry = "1024x768";
- # $depth = 24;
- # $desktopName = "X";
--# $vncClasses = "/usr/local/vnc/classes";
-+# $vncClasses = "/usr/share/tightvnc/classes";
- # $vncUserDir = "$ENV{HOME}/.vnc";
--# $fontPath = "unix/:7100";
-+# $fontPath = "/usr/share/fonts/misc/,/usr/share/fonts/Type1/,/usr/share/fonts/75dpi/";
- # $authType = "-rfbauth $vncUserDir/passwd";
--# $colorPath = "/usr/lib/X11/rgb";
-+# $colorPath = "/usr/share/X11/rgb";
-
- ## Here is another example of setting the font path:
- #
--# $fontPath = "/usr/lib/X11/fonts/misc/"
-+# $fontPath = "unix/:7100";
- # $fontPath = "$fontPath,/usr/lib/X11/fonts/75dpi/";
-
- ## You might wish to make your vnc directory under /tmp, to make sure
-diff -ur vnc_unixsrc.orig/vncinstall vnc_unixsrc/vncinstall
---- vnc_unixsrc.orig/vncinstall 2002-03-19 12:44:02.000000000 +0100
-+++ vnc_unixsrc/vncinstall 2009-06-02 23:51:54.000000000 +0200
-@@ -47,7 +47,7 @@
- else
- echo "Copying $f -> $bin_dst/`basename $f`"
- cp -pf $f $bin_dst
-- chmod 0555 $bin_dst/`basename $f`
-+ chmod 0755 $bin_dst/`basename $f`
- fi
-
- # Installing man pages
-diff -ur vnc_unixsrc.orig/vncserver vnc_unixsrc/vncserver
---- vnc_unixsrc.orig/vncserver 2009-02-12 05:27:18.000000000 +0100
-+++ vnc_unixsrc/vncserver 2009-06-02 23:51:39.000000000 +0200
-@@ -32,10 +32,11 @@
- $geometry = "1024x768";
- $depth = 24;
- $desktopName = "X";
--$vncClasses = "/usr/local/vnc/classes";
-+$vncClasses = "/usr/share/tightvnc/classes";
- $vncUserDir = "$ENV{HOME}/.vnc";
--$fontPath = "unix/:7100";
-+$fontPath = "/usr/share/fonts/misc/,/usr/share/fonts/Type1/,/usr/share/fonts/75dpi/";
- $authType = "-rfbauth $vncUserDir/passwd";
-+$colorPath = "/usr/share/X11/rgb";
-
- # Read configuration from the system-wide and user files if present.
-
diff --git a/extra/source/wicd/slack-desc b/extra/source/wicd/slack-desc
index 47cf875f..7a925975 100644
--- a/extra/source/wicd/slack-desc
+++ b/extra/source/wicd/slack-desc
@@ -15,5 +15,5 @@ wicd: - Profiles for each wireless network and wired network
wicd: - Many encryption schemes, some of which include WEP/WPA/WPA2
wicd: - Compatible with wireless-tools
wicd:
-wicd: Homepage: http://wicd.net
+wicd: Homepage: http://wicd.sourceforge.net
wicd:
diff --git a/extra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild b/extra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild
index 8ea08738..b2dda17c 100755
--- a/extra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild
+++ b/extra/source/xf86-video-fbdev/xf86-video-fbdev.SlackBuild
@@ -1,6 +1,6 @@
#!/bin/sh
-# Copyright 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@@ -76,6 +76,14 @@ rm -rf $PKGNAM-$VERSION
tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1
cd $PKGNAM-$VERSION
+# Remove obsolete references to mibstore.h and miInitializeBackingStore():
+grep -r -l '#include "mibstore.h"' * | while read file ; do
+ sed -i "s/#include \"mibstore.h\"//g" $file
+done
+grep -r -l 'miInitializeBackingStore(pScreen);' | while read file ; do
+ sed -i "s/miInitializeBackingStore(pScreen);//g" $file
+done
+
chown -R root:root .
find . \
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \