172 lines
4.6 KiB
Bash
172 lines
4.6 KiB
Bash
pkgname=shadow
|
|
pkgver=4.18.0
|
|
pkgdesc="Password and account management tool suite with support for shadow files and PAM"
|
|
homepage="https://github.com/shadow-maint/shadow"
|
|
license=(BSD-3-Clause)
|
|
depends=(
|
|
glibc
|
|
)
|
|
makedepends=(
|
|
acl
|
|
docbook-xsl
|
|
itstool
|
|
libxcrypt
|
|
libxslt
|
|
pam
|
|
)
|
|
sources=("${pkgname}-${pkgver}.tar.xz"
|
|
"useradd"
|
|
"chpasswd"
|
|
"passwd"
|
|
"shadow"
|
|
"shadow-r1"
|
|
)
|
|
urls=("https://github.com/shadow-maint/shadow/releases/download/${pkgver}/${sources[0]}"
|
|
"useradd"
|
|
"pam.d-include/chpasswd"
|
|
"pam.d-include/passwd"
|
|
"pam.d-include/shadow"
|
|
"pam.d-include/shadow-r1"
|
|
)
|
|
md5sums=("30ef46f54363db1d624587be68794ef2"
|
|
"6e0bc0211949c624da0ea08d994a7038"
|
|
"df93f963a2b6dd7cae9437c203018e1d"
|
|
"70a5e95a9bbf8b7beedccd815bfac85f"
|
|
"50d7c96eab701fd6ddbf4b283e493b4c"
|
|
"9f6d28cd09dc30a93fcf3e8a353117e6"
|
|
)
|
|
|
|
src_prepare() {
|
|
tar -xf ${distdir}/${sources[0]} --strip-components=1
|
|
|
|
sed -i 's/groups$(EXEEXT) //' src/Makefile.in
|
|
|
|
find man -name Makefile.in -exec sed -i 's/groups\.1 / /' {} \;
|
|
find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \;
|
|
find man -name Makefile.in -exec sed -i 's/passwd\.5 / /' {} \;
|
|
|
|
sed -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD YESCRYPT@' \
|
|
-e 's@/var/spool/mail@/var/mail@' \
|
|
-e '/PATH=/{s@/sbin:@@;s@/bin:@@}' \
|
|
-i etc/login.defs
|
|
}
|
|
|
|
src_build() {
|
|
local configure_options=(
|
|
--enable-lastlog
|
|
--bindir=/usr/bin
|
|
--disable-account-tools-setuid # no setuid for chgpasswd, chpasswd, groupadd, groupdel, groupmod, newusers, useradd, userdel, usermod
|
|
--libdir=/usr/lib
|
|
--mandir=/usr/share/man
|
|
--prefix=/usr
|
|
--sbindir=/usr/bin
|
|
--sysconfdir=/etc
|
|
--disable-static
|
|
--with-btrfs
|
|
--without-tcb
|
|
--without-group-name-max-length
|
|
--with-yescrypt
|
|
--with-bcrypt
|
|
--without-libbsd # shadow can use internal implementation for getting passphrase
|
|
--enable-nls
|
|
--enable-logind
|
|
--with-acl
|
|
--without-audit
|
|
--without-libcrack
|
|
--without-nscd
|
|
--with-libpam
|
|
--without-selinux
|
|
--without-skey
|
|
--with-su
|
|
--with-attr
|
|
)
|
|
./configure "${configure_options[@]}"
|
|
make
|
|
}
|
|
|
|
set_login_opt() {
|
|
local comment="" opt=${1} val=${2}
|
|
if [[ -z ${val} ]]; then
|
|
comment="#"
|
|
sed -i \
|
|
-e "/^${opt}\>/s:^:#:" \
|
|
"${pkgdir}"/etc/login.defs || die
|
|
else
|
|
sed -i -r \
|
|
-e "/^#?${opt}\>/s:.*:${opt} ${val}:" \
|
|
"${pkgdir}"/etc/login.defs
|
|
fi
|
|
local res=$(grep "^${comment}${opt}\>" "${pkgdir}"/etc/login.defs)
|
|
echo -e "${PURPLE_COLOR}${res:-Unable to find ${opt} in /etc/login.defs}${CLEAR_COLOR}"
|
|
}
|
|
|
|
src_install() {
|
|
make DESTDIR="$pkgdir" install
|
|
make DESTDIR="$pkgdir" -C man install
|
|
|
|
find "${pkgdir}" -name '*.la' -type f -delete
|
|
|
|
install -vDm0600 "${filedir}/useradd" "${pkgdir}/etc/default/useradd"
|
|
# the following one is not needed since `make install` will do so
|
|
# install -vDm0644 etc/login.defs "${pkgdir}/etc/login.defs"
|
|
|
|
# change login.defs
|
|
set_login_opt CREATE_HOME yes
|
|
|
|
install -vDm644 "${filedir}/pam.d-include/shadow" "${pkgdir}/etc/pam.d/shadow"
|
|
for x in chsh chfn ; do
|
|
install -vDm644 "${filedir}"/pam.d-include/passwd "${pkgdir}/etc/pam.d/${x}"
|
|
done
|
|
for x in chpasswd newusers ; do
|
|
install -vDm644 "${filedir}"/pam.d-include/chpasswd "${pkgdir}/etc/pam.d/${x}"
|
|
done
|
|
install -vDm644 "${filedir}/pam.d-include/shadow-r1" "${pkgdir}/etc/pam.d/groupmems"
|
|
|
|
# Comment out login.defs options that pam hates
|
|
local opt sed_args=()
|
|
for opt in \
|
|
CHFN_AUTH \
|
|
CONSOLE \
|
|
CRACKLIB_DICTPATH \
|
|
ENV_HZ \
|
|
ENVIRON_FILE \
|
|
FAILLOG_ENAB \
|
|
FTMP_FILE \
|
|
LASTLOG_ENAB \
|
|
MAIL_CHECK_ENAB \
|
|
MOTD_FILE \
|
|
NOLOGINS_FILE \
|
|
OBSCURE_CHECKS_ENAB \
|
|
PASS_ALWAYS_WARN \
|
|
PASS_CHANGE_TRIES \
|
|
PASS_MIN_LEN \
|
|
PORTTIME_CHECKS_ENAB \
|
|
QUOTAS_ENAB \
|
|
SU_WHEEL_ONLY \
|
|
FAIL_DELAY \
|
|
ENCRYPT_METHOD
|
|
do
|
|
set_login_opt ${opt}
|
|
sed_args+=( -e "/^#${opt}\>/b pamnote" )
|
|
done
|
|
sed -i "${sed_args[@]}" \
|
|
-e 'b exit' \
|
|
-e ': pamnote; i# NOTE: This setting should be configured via /etc/pam.d/ and not in this file.' \
|
|
-e ': exit' \
|
|
"${pkgdir}"/etc/login.defs
|
|
|
|
# Remove manpages that pam will install for us
|
|
# and/or don't apply when using pam
|
|
find "${pkgdir}"/usr/share/man -type f \
|
|
'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
|
|
-delete
|
|
# Remove pam.d files provided by pambase.
|
|
rm "${pkgdir}"/etc/pam.d/{login,passwd}
|
|
rm "${pkgdir}"/etc/pam.d/su
|
|
|
|
# license
|
|
install -vDm 644 COPYING -t "$pkgdir/usr/share/licenses/$pkgname/"
|
|
}
|
|
|
|
# vim:ft=sh syn=sh et sw=2:
|