diff options
author | Diego Elio Pettenò <flameeyes@gentoo.org> | 2008-02-19 11:43:40 +0000 |
---|---|---|
committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2008-02-19 11:43:40 +0000 |
commit | f4c7aa4e09c0c9dca3aef7ccfaa0a88e018c9642 (patch) | |
tree | 7bb88de6692c7b95d28a0a04af52f5d1352d30b0 /sys-apps | |
parent | New revision that works with the new sys-auth/pambase (and requires it). (diff) | |
download | gentoo-2-f4c7aa4e09c0c9dca3aef7ccfaa0a88e018c9642.tar.gz gentoo-2-f4c7aa4e09c0c9dca3aef7ccfaa0a88e018c9642.tar.bz2 gentoo-2-f4c7aa4e09c0c9dca3aef7ccfaa0a88e018c9642.zip |
Add a new revision that uses the new system-login provided by pambase.
(Portage version: 2.1.4.4)
Diffstat (limited to 'sys-apps')
-rw-r--r-- | sys-apps/shadow/ChangeLog | 10 | ||||
-rw-r--r-- | sys-apps/shadow/files/login.pamd.3 | 10 | ||||
-rw-r--r-- | sys-apps/shadow/shadow-4.0.18.2-r1.ebuild | 176 |
3 files changed, 194 insertions, 2 deletions
diff --git a/sys-apps/shadow/ChangeLog b/sys-apps/shadow/ChangeLog index b4d3f7023556..ba79a650681f 100644 --- a/sys-apps/shadow/ChangeLog +++ b/sys-apps/shadow/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for sys-apps/shadow -# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.179 2007/11/04 15:12:28 flameeyes Exp $ +# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.180 2008/02/19 11:43:39 flameeyes Exp $ + +*shadow-4.0.18.2-r1 (19 Feb 2008) + + 19 Feb 2008; Diego Pettenò <flameeyes@gentoo.org> +files/login.pamd.3, + +shadow-4.0.18.2-r1.ebuild: + Add a new revision that uses the new system-login provided by pambase. 04 Nov 2007; Diego Pettenò <flameeyes@gentoo.org> +files/login.pamd.2, shadow-4.0.18.2.ebuild: diff --git a/sys-apps/shadow/files/login.pamd.3 b/sys-apps/shadow/files/login.pamd.3 new file mode 100644 index 000000000000..545de84a0683 --- /dev/null +++ b/sys-apps/shadow/files/login.pamd.3 @@ -0,0 +1,10 @@ +auth required pam_securetty.so +auth include system-login + +account include system-login + +password include system-login + +session include system-login +session optional pam_motd.so motd=/etc/motd +session optional pam_mail.so diff --git a/sys-apps/shadow/shadow-4.0.18.2-r1.ebuild b/sys-apps/shadow/shadow-4.0.18.2-r1.ebuild new file mode 100644 index 000000000000..6e6230e6c27b --- /dev/null +++ b/sys-apps/shadow/shadow-4.0.18.2-r1.ebuild @@ -0,0 +1,176 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.0.18.2-r1.ebuild,v 1.1 2008/02/19 11:43:39 flameeyes Exp $ + +inherit eutils libtool toolchain-funcs autotools pam + +DESCRIPTION="Utilities to deal with user accounts" +HOMEPAGE="http://shadow.pld.org.pl/ http://packages.qa.debian.org/s/shadow.html" +SRC_URI="mirror://debian/pool/main/s/shadow/shadow_${PV}.orig.tar.gz" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="" +IUSE="nls pam selinux skey nousuid cracklib" + +RDEPEND="cracklib? ( >=sys-libs/cracklib-2.7-r3 ) + pam? ( sys-auth/pambase ) + !sys-apps/pam-login + !app-admin/nologin + skey? ( app-admin/skey ) + selinux? ( >=sys-libs/libselinux-1.28 ) + nls? ( virtual/libintl )" +DEPEND="${RDEPEND} + nls? ( sys-devel/gettext )" + +src_unpack() { + unpack ${A} + cd "${S}" + + # uclibc support, corrects NIS usage + epatch "${FILESDIR}"/${PN}-4.0.13-nonis.patch + + # If su should not simulate a login shell, use '/bin/sh' as shell to enable + # running of commands as user with /bin/false as shell, closing bug #15015. + # *** This one could be a security hole; disable for now *** + #epatch "${FILESDIR}"/${P}-nologin-run-sh.patch + + # tweak the default login.defs + epatch "${FILESDIR}"/${PN}-4.0.17-login.defs.patch + + # Make user/group names more flexible #3485 / #22920 + epatch "${FILESDIR}"/${PN}-4.0.13-dots-in-usernames.patch + epatch "${FILESDIR}"/${PN}-4.0.13-long-groupnames.patch + + # Fix compiling with gcc-2.95.x + epatch "${FILESDIR}"/${PN}-4.0.12-gcc2.patch + + # lock down setuid perms #47208 + epatch "${FILESDIR}"/${PN}-4.0.11.1-perms.patch + + epatch "${FILESDIR}"/${PN}-4.0.15-uclibc-missing-l64a.patch + epatch "${FILESDIR}"/${PN}-4.0.16-fix-useradd-usergroups.patch #128715 + epatch "${FILESDIR}"/${PN}-4.0.18.2-useradd.patch + + # Needed by the UCLIBC patches + eautoconf || die + + elibtoolize + epunt_cxx +} + +src_compile() { + tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes + econf \ + --disable-desrpc \ + --with-libcrypt \ + --enable-shared=no \ + --enable-static=yes \ + $(use_with cracklib libcrack) \ + $(use_with pam libpam) \ + $(use_with skey) \ + $(use_with selinux) \ + $(use_enable nls) \ + || die "bad configure" + emake || die "compile problem" +} + +src_install() { + local perms=4711 + use nousuid && perms=711 + make DESTDIR="${D}" suiduperms=${perms} install || die "install problem" + dosym useradd /usr/sbin/adduser + + # Remove libshadow and libmisc; see bug 37725 and the following + # comment from shadow's README.linux: + # Currently, libshadow.a is for internal use only, so if you see + # -lshadow in a Makefile of some other package, it is safe to + # remove it. + rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la} + + insinto /etc + # Using a securetty with devfs device names added + # (compat names kept for non-devfs compatibility) + insopts -m0600 ; doins "${FILESDIR}"/securetty + if ! use pam ; then + insopts -m0600 + doins etc/login.access etc/limits + fi + # Output arch-specific cruft + case $(tc-arch) in + ppc*) echo "hvc0" >> "${D}"/etc/securetty + echo "hvsi0" >> "${D}"/etc/securetty + echo "ttyPSC0" >> "${D}"/etc/securetty;; + hppa) echo "ttyB0" >> "${D}"/etc/securetty;; + arm) echo "ttyFB0" >> "${D}"/etc/securetty;; + sh) echo "ttySC0" >> "${D}"/etc/securetty + echo "ttySC1" >> "${D}"/etc/securetty;; + esac + + # needed for 'adduser -D' + insinto /etc/default + insopts -m0600 + doins "${FILESDIR}"/default/useradd + + # move passwd to / to help recover broke systems #64441 + mv "${D}"/usr/bin/passwd "${D}"/bin/ + dosym /bin/passwd /usr/bin/passwd + + cd "${S}" + insinto /etc + insopts -m0644 + newins etc/login.defs login.defs + + if use pam ; then + dopamd "${FILESDIR}/pam.d-include/"{su,passwd,shadow} + + newpamd "${FILESDIR}/login.pamd.3" login + + for x in chage chsh chfn chpasswd newusers \ + user{add,del,mod} group{add,del,mod} ; do + newpamd "${FILESDIR}"/pam.d-include/shadow ${x} + done + + # comment out login.defs options that pam hates + gawk -f "${FILESDIR}"/login_defs.awk \ + lib/getdef.c etc/login.defs \ + > "${D}"/etc/login.defs + + # remove manpages that pam will install for us + # and/or don't apply when using pam + find "${D}"/usr/share/man \ + '(' -name 'limits.5*' -o -name 'suauth.5*' ')' \ + -exec rm {} \; + fi + + # Remove manpages that are handled by other packages + find "${D}"/usr/share/man \ + '(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \ + -exec rm {} \; + + cd "${S}" + dodoc ChangeLog NEWS TODO + newdoc README README.download + cd doc + dodoc HOWTO README* WISHLIST *.txt +} + +pkg_preinst() { + rm -f "${ROOT}"/etc/pam.d/system-auth.new \ + "${ROOT}/etc/login.defs.new" + + use pam && pam_epam_expand "${D}"/etc/pam.d/login +} + +pkg_postinst() { + # Enable shadow groups (we need ROOT=/ here, as grpconv only + # operate on / ...). + if [[ ${ROOT} == / && ! -f /etc/gshadow ]] ; then + if grpck -r &>/dev/null; then + grpconv + else + ewarn "Running 'grpck' returned errors. Please run it by hand, and then" + ewarn "run 'grpconv' afterwards!" + fi + fi +} |