new blfs: sys-apps/shadow-4.18.0

2026-01-10 06:48:35 -05:00
parent 21d9608f05
commit 662be0634a
6 changed files with 204 additions and 0 deletions
--- a/sys-apps/shadow-4.18.0.PKGBUILD
+++ b/sys-apps/shadow-4.18.0.PKGBUILD
@@ -0,0 +1,171 @@
+pkgname=shadow
+pkgver=4.18.0
+pkgdesc="Password and account management tool suite with support for shadow files and PAM"
+homepage="https://github.com/shadow-maint/shadow"
+license=(BSD-3-Clause)
+depends=(
+  glibc
+)
+makedepends=(
+  acl
+  docbook-xsl
+  itstool
+  libxcrypt
+  libxslt
+  pam
+)
+sources=("${pkgname}-${pkgver}.tar.xz"
+  "useradd"
+  "chpasswd"
+  "passwd"
+  "shadow"
+  "shadow-r1"
+)
+urls=("https://github.com/shadow-maint/shadow/releases/download/${pkgver}/${sources[0]}"
+  "useradd"
+  "pam.d-include/chpasswd"
+  "pam.d-include/passwd"
+  "pam.d-include/shadow"
+  "pam.d-include/shadow-r1"
+)
+md5sums=("30ef46f54363db1d624587be68794ef2"
+  "6e0bc0211949c624da0ea08d994a7038"
+  "df93f963a2b6dd7cae9437c203018e1d"
+  "70a5e95a9bbf8b7beedccd815bfac85f"
+  "50d7c96eab701fd6ddbf4b283e493b4c"
+  "9f6d28cd09dc30a93fcf3e8a353117e6"
+)
+
+src_prepare() {
+  tar -xf ${distdir}/${sources[0]} --strip-components=1
+
+  sed -i 's/groups$(EXEEXT) //' src/Makefile.in
+
+  find man -name Makefile.in -exec sed -i 's/groups\.1 / /'   {} \;
+  find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \;
+  find man -name Makefile.in -exec sed -i 's/passwd\.5 / /'   {} \;
+  
+  sed -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD YESCRYPT@' \
+      -e 's@/var/spool/mail@/var/mail@'                   \
+      -e '/PATH=/{s@/sbin:@@;s@/bin:@@}'                  \
+      -i etc/login.defs
+}
+
+src_build() {
+  local configure_options=(
+    --enable-lastlog
+    --bindir=/usr/bin
+    --disable-account-tools-setuid  # no setuid for chgpasswd, chpasswd, groupadd, groupdel, groupmod, newusers, useradd, userdel, usermod
+    --libdir=/usr/lib
+    --mandir=/usr/share/man
+    --prefix=/usr
+    --sbindir=/usr/bin
+    --sysconfdir=/etc
+    --disable-static
+    --with-btrfs
+    --without-tcb
+    --without-group-name-max-length
+    --with-yescrypt
+    --with-bcrypt
+    --without-libbsd  # shadow can use internal implementation for getting passphrase
+    --enable-nls
+    --enable-logind
+    --with-acl
+    --without-audit
+    --without-libcrack
+    --without-nscd
+    --with-libpam
+    --without-selinux
+    --without-skey
+    --with-su
+    --with-attr
+  )
+  ./configure "${configure_options[@]}"
+  make
+}
+
+set_login_opt() {
+  local comment="" opt=${1} val=${2}
+  if [[ -z ${val} ]]; then
+    comment="#"
+    sed -i \
+        -e "/^${opt}\>/s:^:#:" \
+        "${pkgdir}"/etc/login.defs || die
+  else
+    sed -i -r \
+        -e "/^#?${opt}\>/s:.*:${opt} ${val}:" \
+        "${pkgdir}"/etc/login.defs
+  fi
+  local res=$(grep "^${comment}${opt}\>" "${pkgdir}"/etc/login.defs)
+  echo -e "${PURPLE_COLOR}${res:-Unable to find ${opt} in /etc/login.defs}${CLEAR_COLOR}"
+}
+
+src_install() {
+  make DESTDIR="$pkgdir" install
+  make DESTDIR="$pkgdir" -C man install
+
+  find "${pkgdir}" -name '*.la' -type f -delete
+
+  install -vDm0600 "${filedir}/useradd" "${pkgdir}/etc/default/useradd"
+  # the following one is not needed since `make install` will do so
+  # install -vDm0644 etc/login.defs "${pkgdir}/etc/login.defs"
+
+  # change login.defs
+  set_login_opt CREATE_HOME yes
+
+  install -vDm644 "${filedir}/pam.d-include/shadow" "${pkgdir}/etc/pam.d/shadow"
+  for x in chsh chfn ; do
+    install -vDm644 "${filedir}"/pam.d-include/passwd "${pkgdir}/etc/pam.d/${x}"
+  done
+  for x in chpasswd newusers ; do
+    install -vDm644 "${filedir}"/pam.d-include/chpasswd "${pkgdir}/etc/pam.d/${x}"
+  done
+  install -vDm644 "${filedir}/pam.d-include/shadow-r1" "${pkgdir}/etc/pam.d/groupmems"
+
+  # Comment out login.defs options that pam hates
+  local opt sed_args=()
+  for opt in \
+      CHFN_AUTH \
+      CONSOLE \
+      CRACKLIB_DICTPATH \
+      ENV_HZ \
+      ENVIRON_FILE \
+      FAILLOG_ENAB \
+      FTMP_FILE \
+      LASTLOG_ENAB \
+      MAIL_CHECK_ENAB \
+      MOTD_FILE \
+      NOLOGINS_FILE \
+      OBSCURE_CHECKS_ENAB \
+      PASS_ALWAYS_WARN \
+      PASS_CHANGE_TRIES \
+      PASS_MIN_LEN \
+      PORTTIME_CHECKS_ENAB \
+      QUOTAS_ENAB \
+      SU_WHEEL_ONLY \
+      FAIL_DELAY \
+      ENCRYPT_METHOD
+  do
+    set_login_opt ${opt}
+    sed_args+=( -e "/^#${opt}\>/b pamnote" )
+  done
+  sed -i "${sed_args[@]}" \
+      -e 'b exit' \
+      -e ': pamnote; i# NOTE: This setting should be configured via /etc/pam.d/ and not in this file.' \
+      -e ': exit' \
+      "${pkgdir}"/etc/login.defs
+
+  # Remove manpages that pam will install for us
+  # and/or don't apply when using pam
+  find "${pkgdir}"/usr/share/man -type f \
+      '(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
+      -delete
+  # Remove pam.d files provided by pambase.
+  rm "${pkgdir}"/etc/pam.d/{login,passwd}
+  rm "${pkgdir}"/etc/pam.d/su
+
+  # license
+  install -vDm 644 COPYING -t "$pkgdir/usr/share/licenses/$pkgname/"
+}
+
+# vim:ft=sh syn=sh et sw=2:
--- a/sys-apps/shadow-4.18.0/pam.d-include/chpasswd
+++ b/sys-apps/shadow-4.18.0/pam.d-include/chpasswd
@@ -0,0 +1,3 @@
+#%PAM-1.0
+
+password   include	system-auth
--- a/sys-apps/shadow-4.18.0/pam.d-include/passwd
+++ b/sys-apps/shadow-4.18.0/pam.d-include/passwd
@@ -0,0 +1,8 @@
+#%PAM-1.0
+
+auth       sufficient   pam_rootok.so
+auth       include	system-auth
+
+account    include	system-auth
+
+password   include	system-auth
--- a/sys-apps/shadow-4.18.0/pam.d-include/shadow
+++ b/sys-apps/shadow-4.18.0/pam.d-include/shadow
@@ -0,0 +1,8 @@
+#%PAM-1.0 
+
+auth       sufficient	pam_rootok.so
+auth       required		pam_permit.so
+
+account    include		system-auth
+
+password   required		pam_permit.so
--- a/sys-apps/shadow-4.18.0/pam.d-include/shadow-r1
+++ b/sys-apps/shadow-4.18.0/pam.d-include/shadow-r1
@@ -0,0 +1,7 @@
+#%PAM-1.0
+
+auth       sufficient	pam_rootok.so
+
+account    include		system-auth
+
+password   required		pam_permit.so
--- a/sys-apps/shadow-4.18.0/useradd
+++ b/sys-apps/shadow-4.18.0/useradd
@@ -0,0 +1,7 @@
+# useradd defaults file
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SHELL=/bin/bash
+SKEL=/etc/skel