diff --git a/sys-apps/shadow-4.18.0.PKGBUILD b/sys-apps/shadow-4.18.0.PKGBUILD new file mode 100644 index 0000000..f429cd4 --- /dev/null +++ b/sys-apps/shadow-4.18.0.PKGBUILD @@ -0,0 +1,171 @@ +pkgname=shadow +pkgver=4.18.0 +pkgdesc="Password and account management tool suite with support for shadow files and PAM" +homepage="https://github.com/shadow-maint/shadow" +license=(BSD-3-Clause) +depends=( + glibc +) +makedepends=( + acl + docbook-xsl + itstool + libxcrypt + libxslt + pam +) +sources=("${pkgname}-${pkgver}.tar.xz" + "useradd" + "chpasswd" + "passwd" + "shadow" + "shadow-r1" +) +urls=("https://github.com/shadow-maint/shadow/releases/download/${pkgver}/${sources[0]}" + "useradd" + "pam.d-include/chpasswd" + "pam.d-include/passwd" + "pam.d-include/shadow" + "pam.d-include/shadow-r1" +) +md5sums=("30ef46f54363db1d624587be68794ef2" + "6e0bc0211949c624da0ea08d994a7038" + "df93f963a2b6dd7cae9437c203018e1d" + "70a5e95a9bbf8b7beedccd815bfac85f" + "50d7c96eab701fd6ddbf4b283e493b4c" + "9f6d28cd09dc30a93fcf3e8a353117e6" +) + +src_prepare() { + tar -xf ${distdir}/${sources[0]} --strip-components=1 + + sed -i 's/groups$(EXEEXT) //' src/Makefile.in + + find man -name Makefile.in -exec sed -i 's/groups\.1 / /' {} \; + find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \; + find man -name Makefile.in -exec sed -i 's/passwd\.5 / /' {} \; + + sed -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD YESCRYPT@' \ + -e 's@/var/spool/mail@/var/mail@' \ + -e '/PATH=/{s@/sbin:@@;s@/bin:@@}' \ + -i etc/login.defs +} + +src_build() { + local configure_options=( + --enable-lastlog + --bindir=/usr/bin + --disable-account-tools-setuid # no setuid for chgpasswd, chpasswd, groupadd, groupdel, groupmod, newusers, useradd, userdel, usermod + --libdir=/usr/lib + --mandir=/usr/share/man + --prefix=/usr + --sbindir=/usr/bin + --sysconfdir=/etc + --disable-static + --with-btrfs + --without-tcb + --without-group-name-max-length + --with-yescrypt + --with-bcrypt + --without-libbsd # shadow can use internal implementation for getting passphrase + --enable-nls + --enable-logind + --with-acl + --without-audit + --without-libcrack + --without-nscd + --with-libpam + --without-selinux + --without-skey + --with-su + --with-attr + ) + ./configure "${configure_options[@]}" + make +} + +set_login_opt() { + local comment="" opt=${1} val=${2} + if [[ -z ${val} ]]; then + comment="#" + sed -i \ + -e "/^${opt}\>/s:^:#:" \ + "${pkgdir}"/etc/login.defs || die + else + sed -i -r \ + -e "/^#?${opt}\>/s:.*:${opt} ${val}:" \ + "${pkgdir}"/etc/login.defs + fi + local res=$(grep "^${comment}${opt}\>" "${pkgdir}"/etc/login.defs) + echo -e "${PURPLE_COLOR}${res:-Unable to find ${opt} in /etc/login.defs}${CLEAR_COLOR}" +} + +src_install() { + make DESTDIR="$pkgdir" install + make DESTDIR="$pkgdir" -C man install + + find "${pkgdir}" -name '*.la' -type f -delete + + install -vDm0600 "${filedir}/useradd" "${pkgdir}/etc/default/useradd" + # the following one is not needed since `make install` will do so + # install -vDm0644 etc/login.defs "${pkgdir}/etc/login.defs" + + # change login.defs + set_login_opt CREATE_HOME yes + + install -vDm644 "${filedir}/pam.d-include/shadow" "${pkgdir}/etc/pam.d/shadow" + for x in chsh chfn ; do + install -vDm644 "${filedir}"/pam.d-include/passwd "${pkgdir}/etc/pam.d/${x}" + done + for x in chpasswd newusers ; do + install -vDm644 "${filedir}"/pam.d-include/chpasswd "${pkgdir}/etc/pam.d/${x}" + done + install -vDm644 "${filedir}/pam.d-include/shadow-r1" "${pkgdir}/etc/pam.d/groupmems" + + # Comment out login.defs options that pam hates + local opt sed_args=() + for opt in \ + CHFN_AUTH \ + CONSOLE \ + CRACKLIB_DICTPATH \ + ENV_HZ \ + ENVIRON_FILE \ + FAILLOG_ENAB \ + FTMP_FILE \ + LASTLOG_ENAB \ + MAIL_CHECK_ENAB \ + MOTD_FILE \ + NOLOGINS_FILE \ + OBSCURE_CHECKS_ENAB \ + PASS_ALWAYS_WARN \ + PASS_CHANGE_TRIES \ + PASS_MIN_LEN \ + PORTTIME_CHECKS_ENAB \ + QUOTAS_ENAB \ + SU_WHEEL_ONLY \ + FAIL_DELAY \ + ENCRYPT_METHOD + do + set_login_opt ${opt} + sed_args+=( -e "/^#${opt}\>/b pamnote" ) + done + sed -i "${sed_args[@]}" \ + -e 'b exit' \ + -e ': pamnote; i# NOTE: This setting should be configured via /etc/pam.d/ and not in this file.' \ + -e ': exit' \ + "${pkgdir}"/etc/login.defs + + # Remove manpages that pam will install for us + # and/or don't apply when using pam + find "${pkgdir}"/usr/share/man -type f \ + '(' -name 'limits.5*' -o -name 'suauth.5*' ')' \ + -delete + # Remove pam.d files provided by pambase. + rm "${pkgdir}"/etc/pam.d/{login,passwd} + rm "${pkgdir}"/etc/pam.d/su + + # license + install -vDm 644 COPYING -t "$pkgdir/usr/share/licenses/$pkgname/" +} + +# vim:ft=sh syn=sh et sw=2: diff --git a/sys-apps/shadow-4.18.0/pam.d-include/chpasswd b/sys-apps/shadow-4.18.0/pam.d-include/chpasswd new file mode 100644 index 0000000..1043726 --- /dev/null +++ b/sys-apps/shadow-4.18.0/pam.d-include/chpasswd @@ -0,0 +1,3 @@ +#%PAM-1.0 + +password include system-auth diff --git a/sys-apps/shadow-4.18.0/pam.d-include/passwd b/sys-apps/shadow-4.18.0/pam.d-include/passwd new file mode 100644 index 0000000..960b32e --- /dev/null +++ b/sys-apps/shadow-4.18.0/pam.d-include/passwd @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth include system-auth + +account include system-auth + +password include system-auth diff --git a/sys-apps/shadow-4.18.0/pam.d-include/shadow b/sys-apps/shadow-4.18.0/pam.d-include/shadow new file mode 100644 index 0000000..743b2f0 --- /dev/null +++ b/sys-apps/shadow-4.18.0/pam.d-include/shadow @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so +auth required pam_permit.so + +account include system-auth + +password required pam_permit.so diff --git a/sys-apps/shadow-4.18.0/pam.d-include/shadow-r1 b/sys-apps/shadow-4.18.0/pam.d-include/shadow-r1 new file mode 100644 index 0000000..e42e849 --- /dev/null +++ b/sys-apps/shadow-4.18.0/pam.d-include/shadow-r1 @@ -0,0 +1,7 @@ +#%PAM-1.0 + +auth sufficient pam_rootok.so + +account include system-auth + +password required pam_permit.so diff --git a/sys-apps/shadow-4.18.0/useradd b/sys-apps/shadow-4.18.0/useradd new file mode 100644 index 0000000..ae81dbb --- /dev/null +++ b/sys-apps/shadow-4.18.0/useradd @@ -0,0 +1,7 @@ +# useradd defaults file +GROUP=100 +HOME=/home +INACTIVE=-1 +EXPIRE= +SHELL=/bin/bash +SKEL=/etc/skel