diff options
author | Diego Elio Pettenò <flameeyes@gentoo.org> | 2012-12-24 17:14:14 +0000 |
---|---|---|
committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2012-12-24 17:14:14 +0000 |
commit | 78829f3301e33e42222f8f7ece9e489b5c892291 (patch) | |
tree | 1842f24b3885dcbeeb50f4396f6a39ac5e63ace8 /sys-apps/shadow/shadow-4.1.5.1-r1.ebuild | |
parent | Fix /var/run handling, per bug#448430, thanks to flameeyes (diff) | |
download | gentoo-2-78829f3301e33e42222f8f7ece9e489b5c892291.tar.gz gentoo-2-78829f3301e33e42222f8f7ece9e489b5c892291.tar.bz2 gentoo-2-78829f3301e33e42222f8f7ece9e489b5c892291.zip |
Fix pamd file for newusers (bug #448204 by Sergey Popov).
(Portage version: 2.2.0_alpha149/cvs/Linux x86_64, signed Manifest commit with key 1CD13C8AD4301342)
Diffstat (limited to 'sys-apps/shadow/shadow-4.1.5.1-r1.ebuild')
-rw-r--r-- | sys-apps/shadow/shadow-4.1.5.1-r1.ebuild | 198 |
1 files changed, 198 insertions, 0 deletions
diff --git a/sys-apps/shadow/shadow-4.1.5.1-r1.ebuild b/sys-apps/shadow/shadow-4.1.5.1-r1.ebuild new file mode 100644 index 000000000000..e8b3a5d0a467 --- /dev/null +++ b/sys-apps/shadow/shadow-4.1.5.1-r1.ebuild @@ -0,0 +1,198 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.5.1-r1.ebuild,v 1.1 2012/12/24 17:14:14 flameeyes Exp $ + +EAPI="2" + +inherit eutils libtool toolchain-funcs pam multilib + +DESCRIPTION="Utilities to deal with user accounts" +HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/" +SRC_URI="http://pkg-shadow.alioth.debian.org/releases/${P}.tar.bz2" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="acl audit cracklib nls pam selinux skey xattr" + +RDEPEND="acl? ( sys-apps/acl ) + audit? ( sys-process/audit ) + cracklib? ( >=sys-libs/cracklib-2.7-r3 ) + pam? ( virtual/pam ) + skey? ( sys-auth/skey ) + selinux? ( + >=sys-libs/libselinux-1.28 + sys-libs/libsemanage + ) + nls? ( virtual/libintl ) + xattr? ( sys-apps/attr )" +DEPEND="${RDEPEND} + nls? ( sys-devel/gettext )" +RDEPEND="${RDEPEND} + pam? ( >=sys-auth/pambase-20120417 )" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920 + epatch_user + elibtoolize + epunt_cxx +} + +src_configure() { + tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes + econf \ + --without-group-name-max-length \ + --without-tcb \ + --enable-shared=no \ + --enable-static=yes \ + $(use_with acl) \ + $(use_with audit) \ + $(use_with cracklib libcrack) \ + $(use_with pam libpam) \ + $(use_with skey) \ + $(use_with selinux) \ + $(use_enable nls) \ + $(use_with elibc_glibc nscd) \ + $(use_with xattr attr) + has_version 'sys-libs/uclibc[-rpc]' && sed -i '/RLOGIN/d' config.h #425052 +} + +set_login_opt() { + local comment="" opt=$1 val=$2 + [[ -z ${val} ]] && comment="#" + sed -i -r \ + -e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \ + "${D}"/etc/login.defs + local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs) + einfo ${res:-Unable to find ${opt} in /etc/login.defs} +} + +src_install() { + emake DESTDIR="${D}" suidperms=4711 install || die + + # Remove libshadow and libmisc; see bug 37725 and the following + # comment from shadow's README.linux: + # Currently, libshadow.a is for internal use only, so if you see + # -lshadow in a Makefile of some other package, it is safe to + # remove it. + rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la} + + insinto /etc + # Using a securetty with devfs device names added + # (compat names kept for non-devfs compatibility) + insopts -m0600 ; doins "${FILESDIR}"/securetty + if ! use pam ; then + insopts -m0600 + doins etc/login.access etc/limits + fi + # Output arch-specific cruft + local devs + case $(tc-arch) in + ppc*) devs="hvc0 hvsi0 ttyPSC0";; + hppa) devs="ttyB0";; + arm) devs="ttyFB0 ttySAC0 ttySAC1 ttySAC2 ttySAC3 ttymxc0 ttymxc1 ttyO0 ttyO1 ttyO2";; + sh) devs="ttySC0 ttySC1";; + esac + [[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty + + # needed for 'useradd -D' + insinto /etc/default + insopts -m0600 + doins "${FILESDIR}"/default/useradd + + # move passwd to / to help recover broke systems #64441 + mv "${D}"/usr/bin/passwd "${D}"/bin/ + dosym /bin/passwd /usr/bin/passwd + + cd "${S}" + insinto /etc + insopts -m0644 + newins etc/login.defs login.defs + + if ! use pam ; then + set_login_opt MAIL_CHECK_ENAB no + set_login_opt SU_WHEEL_ONLY yes + set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict + set_login_opt LOGIN_RETRIES 3 + set_login_opt ENCRYPT_METHOD SHA512 + else + dopamd "${FILESDIR}"/pam.d-include/shadow || die + + for x in chpasswd chgpasswd newusers; do + newpamd "${FILESDIR}"/pam.d-include/passwd ${x} || die + done + + for x in chage chsh chfn \ + user{add,del,mod} group{add,del,mod} ; do + newpamd "${FILESDIR}"/pam.d-include/shadow ${x} || die + done + + # comment out login.defs options that pam hates + local opt + for opt in \ + CHFN_AUTH \ + CRACKLIB_DICTPATH \ + ENV_HZ \ + ENVIRON_FILE \ + FAILLOG_ENAB \ + FTMP_FILE \ + LASTLOG_ENAB \ + MAIL_CHECK_ENAB \ + MOTD_FILE \ + NOLOGINS_FILE \ + OBSCURE_CHECKS_ENAB \ + PASS_ALWAYS_WARN \ + PASS_CHANGE_TRIES \ + PASS_MIN_LEN \ + PORTTIME_CHECKS_ENAB \ + QUOTAS_ENAB \ + SU_WHEEL_ONLY + do + set_login_opt ${opt} + done + + sed -i -f "${FILESDIR}"/login_defs_pam.sed \ + "${D}"/etc/login.defs + + # remove manpages that pam will install for us + # and/or don't apply when using pam + find "${D}"/usr/share/man \ + '(' -name 'limits.5*' -o -name 'suauth.5*' ')' \ + -exec rm {} + + + # Remove pam.d files provided by pambase. + rm "${D}"/etc/pam.d/{login,passwd,su} || die + fi + + # Remove manpages that are handled by other packages + find "${D}"/usr/share/man \ + '(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \ + -exec rm {} + + + cd "${S}" + dodoc ChangeLog NEWS TODO + newdoc README README.download + cd doc + dodoc HOWTO README* WISHLIST *.txt +} + +pkg_preinst() { + rm -f "${ROOT}"/etc/pam.d/system-auth.new \ + "${ROOT}/etc/login.defs.new" + + use pam && pam_epam_expand "${D}"/etc/pam.d/login +} + +pkg_postinst() { + # Enable shadow groups. + if [ ! -f "${ROOT}"/etc/gshadow ] ; then + if grpck -r -R "${ROOT}" 2>/dev/null ; then + grpconv -R "${ROOT}" + else + ewarn "Running 'grpck' returned errors. Please run it by hand, and then" + ewarn "run 'grpconv' afterwards!" + fi + fi + + einfo "The 'adduser' symlink to 'useradd' has been dropped." +} |