proj/gentoo: Initial commit

This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.

This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.

Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed

1 files changed, 93 insertions, 0 deletions

diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml
new file mode 100644
index 000000000000..97d83d57b2d5
--- /dev/null
+++ b/sys-auth/pambase/metadata.xml
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <herd>pam</herd>
+  <maintainer>
+    <email>pam-bugs@gentoo.org</email>
+  </maintainer>
+  <use>
+    <flag name="cracklib">
+      Enable pam_cracklib module on system authentication stack. This
+      produces warnings when changing password to something easily
+      crackable. It requires the same USE flag to be enabled on
+      <pkg>sys-libs/pam</pkg> or system login might be impossible.
+    </flag>
+    <flag name="consolekit">
+      Enable pam_ck_connector module on local system logins. This
+      allows for console logins to make use of ConsoleKit
+      authorization.
+    </flag>
+    <flag name="systemd">
+      Use pam_systemd module to register user sessions in the systemd
+      control group hierarchy.
+    </flag>
+    <flag name="gnome-keyring">
+      Enable pam_gnome_keyring module on system login stack. This
+      enables proper Gnome Keyring access to logins, whether they are
+      done with the login shell, a Desktop Manager or a remote login
+      systems such as SSH.
+    </flag>
+    <flag name="debug">
+      Enable debug information logging on syslog(3) for all the
+      modules supporting this in the system authentication and system
+      login stacks.
+    </flag>
+    <flag name="passwdqc">
+      Enable pam_passwdqc module on system auth stack for password
+      quality validation. This is an alternative to pam_cracklib
+      producing warnings, rejecting or providing example passwords
+      when changing your system password. It is used by default by
+      OpenWall GNU/*/Linux and by FreeBSD.
+    </flag>
+    <flag name="mktemp">
+      Enable pam_mktemp module on system auth stack for session
+      handling. This module creates a private temporary directory for
+      the user, and sets TMP and TMPDIR accordingly.
+    </flag>
+    <flag name="pam_ssh">
+      Enable pam_ssh module on system auth stack for authentication
+      and session handling. This module will accept as password the
+      passphrase of a private SSH key (one of ~/.ssh/id_rsa,
+      ~/.ssh/id_dsa or ~/.ssh/identity), and will spawn an ssh-agent
+      instance to cache the open key.
+    </flag>
+    <flag name="sha512">
+      Switch Linux-PAM's pam_unix module to use sha512 for passwords
+      hashes rather than MD5. This option requires
+      <pkg>&gt;=sys-libs/pam-1.0.1</pkg> built against
+      <pkg>&gt;=sys-libs/glibc-2.7</pkg>, if it's built against an
+      earlier version, it will silently be ignored, and MD5 hashes
+      will be used. All the passwords changed after this USE flag is
+      enabled will be saved to the shadow file hashed using SHA512
+      function. The password previously saved will be left
+      untouched. Please note that while SHA512-hashed passwords will
+      still be recognised if the USE flag is removed, the shadow file
+      will not be compatible with systems using an earlier glibc
+      version.
+    </flag>
+    <flag name="pam_krb5">
+      Enable pam_krb5 module on system auth stack, as an alternative
+      to pam_unix. If Kerberos authentication succeed, only pam_unix
+      will be ignore, and all the other modules will proceed as usual,
+      including Gnome Keyring and other session modules. It requires
+      <pkg>sys-libs/pam</pkg> as PAM implementation.
+    </flag>
+    <flag name="minimal">
+      Disables the standard PAM modules that provide extra information
+      to users on login; this includes pam_tally (and pam_tally2 for
+      Linux PAM 1.1 and later), pam_lastlog, pam_motd and other
+      similar modules. This might not be a good idea on a multi-user
+      system but could reduce slightly the overhead on single-user
+      non-networked systems.
+    </flag>
+    <flag name="nullok">
+      Enable the nullok option with the pam_unix module. This allows
+      people to login with blank passwords.
+    </flag>
+    <flag name="securetty">
+      Enable pam_securetty module in the login stack. Not generally
+      relevant anymore as the login stack only refers to local logins
+      and local terminals imply secure access in the first place.
+    </flag>
+  </use>
+</pkgmetadata>