pkgname=shadow pkgver=4.18.0 pkgdesc="Password and account management tool suite with support for shadow files and PAM" homepage="https://github.com/shadow-maint/shadow" license=(BSD-3-Clause) depends=( glibc ) makedepends=( acl docbook-xsl itstool libxcrypt libxslt pam ) sources=("${pkgname}-${pkgver}.tar.xz" "useradd" "chpasswd" "passwd" "shadow" "shadow-r1" ) urls=("https://github.com/shadow-maint/shadow/releases/download/${pkgver}/${sources[0]}" "useradd" "pam.d-include/chpasswd" "pam.d-include/passwd" "pam.d-include/shadow" "pam.d-include/shadow-r1" ) md5sums=("30ef46f54363db1d624587be68794ef2" "6e0bc0211949c624da0ea08d994a7038" "df93f963a2b6dd7cae9437c203018e1d" "70a5e95a9bbf8b7beedccd815bfac85f" "50d7c96eab701fd6ddbf4b283e493b4c" "9f6d28cd09dc30a93fcf3e8a353117e6" ) src_prepare() { tar -xf ${distdir}/${sources[0]} --strip-components=1 sed -i 's/groups$(EXEEXT) //' src/Makefile.in find man -name Makefile.in -exec sed -i 's/groups\.1 / /' {} \; find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \; find man -name Makefile.in -exec sed -i 's/passwd\.5 / /' {} \; sed -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD YESCRYPT@' \ -e 's@/var/spool/mail@/var/mail@' \ -e '/PATH=/{s@/sbin:@@;s@/bin:@@}' \ -i etc/login.defs } src_build() { local configure_options=( --enable-lastlog --bindir=/usr/bin --disable-account-tools-setuid # no setuid for chgpasswd, chpasswd, groupadd, groupdel, groupmod, newusers, useradd, userdel, usermod --libdir=/usr/lib --mandir=/usr/share/man --prefix=/usr --sbindir=/usr/bin --sysconfdir=/etc --disable-static --with-btrfs --without-tcb --without-group-name-max-length --with-yescrypt --with-bcrypt --without-libbsd # shadow can use internal implementation for getting passphrase --enable-nls --enable-logind --with-acl --without-audit --without-libcrack --without-nscd --with-libpam --without-selinux --without-skey --with-su --with-attr ) ./configure "${configure_options[@]}" make } set_login_opt() { local comment="" opt=${1} val=${2} if [[ -z ${val} ]]; then comment="#" sed -i \ -e "/^${opt}\>/s:^:#:" \ "${pkgdir}"/etc/login.defs || die else sed -i -r \ -e "/^#?${opt}\>/s:.*:${opt} ${val}:" \ "${pkgdir}"/etc/login.defs fi local res=$(grep "^${comment}${opt}\>" "${pkgdir}"/etc/login.defs) echo -e "${PURPLE_COLOR}${res:-Unable to find ${opt} in /etc/login.defs}${CLEAR_COLOR}" } src_install() { make DESTDIR="$pkgdir" install make DESTDIR="$pkgdir" -C man install find "${pkgdir}" -name '*.la' -type f -delete install -vDm0600 "${filedir}/useradd" "${pkgdir}/etc/default/useradd" # the following one is not needed since `make install` will do so # install -vDm0644 etc/login.defs "${pkgdir}/etc/login.defs" # change login.defs set_login_opt CREATE_HOME yes install -vDm644 "${filedir}/pam.d-include/shadow" "${pkgdir}/etc/pam.d/shadow" for x in chsh chfn ; do install -vDm644 "${filedir}"/pam.d-include/passwd "${pkgdir}/etc/pam.d/${x}" done for x in chpasswd newusers ; do install -vDm644 "${filedir}"/pam.d-include/chpasswd "${pkgdir}/etc/pam.d/${x}" done install -vDm644 "${filedir}/pam.d-include/shadow-r1" "${pkgdir}/etc/pam.d/groupmems" # Comment out login.defs options that pam hates local opt sed_args=() for opt in \ CHFN_AUTH \ CONSOLE \ CRACKLIB_DICTPATH \ ENV_HZ \ ENVIRON_FILE \ FAILLOG_ENAB \ FTMP_FILE \ LASTLOG_ENAB \ MAIL_CHECK_ENAB \ MOTD_FILE \ NOLOGINS_FILE \ OBSCURE_CHECKS_ENAB \ PASS_ALWAYS_WARN \ PASS_CHANGE_TRIES \ PASS_MIN_LEN \ PORTTIME_CHECKS_ENAB \ QUOTAS_ENAB \ SU_WHEEL_ONLY \ FAIL_DELAY \ ENCRYPT_METHOD do set_login_opt ${opt} sed_args+=( -e "/^#${opt}\>/b pamnote" ) done sed -i "${sed_args[@]}" \ -e 'b exit' \ -e ': pamnote; i# NOTE: This setting should be configured via /etc/pam.d/ and not in this file.' \ -e ': exit' \ "${pkgdir}"/etc/login.defs # Remove manpages that pam will install for us # and/or don't apply when using pam find "${pkgdir}"/usr/share/man -type f \ '(' -name 'limits.5*' -o -name 'suauth.5*' ')' \ -delete # Remove pam.d files provided by pambase. rm "${pkgdir}"/etc/pam.d/{login,passwd} rm "${pkgdir}"/etc/pam.d/su # license install -vDm 644 COPYING -t "$pkgdir/usr/share/licenses/$pkgname/" } # vim:ft=sh syn=sh et sw=2: