diff options
| author |   Diego Elio Pettenò <flameeyes@gentoo.org> | 2007-07-01 20:10:16 +0000 |
|---|---|---|
| committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2007-07-01 20:10:16 +0000 |
| commit | 212aa34c7b7ab257cd4f04ad9e86bf89f72dc943 (patch) | |
| tree | 9a28b4c46a2b75b822174d035129bcb873588ef5 /sys-apps/shadow | |
| parent | Stable on alpha. This fixes the compilation error (CFI related) when compilin... (diff) | |
| download | historical-212aa34c7b7ab257cd4f04ad9e86bf89f72dc943.tar.gz historical-212aa34c7b7ab257cd4f04ad9e86bf89f72dc943.tar.bz2 historical-212aa34c7b7ab257cd4f04ad9e86bf89f72dc943.zip | |
Revision bump with a fixed pam.d/login file that actually honours stuff like pam_nologin.
Package-Manager: portage-2.1.3_rc6
Diffstat (limited to 'sys-apps/shadow')
| -rw-r--r-- | sys-apps/shadow/ChangeLog | 9 | ||||
| -rw-r--r-- | sys-apps/shadow/Manifest | 29 | ||||
| -rw-r--r-- | sys-apps/shadow/files/digest-shadow-4.0.18.1-r1 | 3 | ||||
| -rw-r--r-- | sys-apps/shadow/files/login.pamd.1 | 31 | ||||
| -rw-r--r-- | sys-apps/shadow/shadow-4.0.18.1-r1.ebuild | 208 |
5 files changed, 275 insertions, 5 deletions
diff --git a/sys-apps/shadow/ChangeLog b/sys-apps/shadow/ChangeLog index a2cc1fbd20cf..2e3f30906ab7 100644 --- a/sys-apps/shadow/ChangeLog +++ b/sys-apps/shadow/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-apps/shadow # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.169 2007/06/23 02:36:07 dsd Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.170 2007/07/01 20:10:16 flameeyes Exp $ + +*shadow-4.0.18.1-r1 (01 Jul 2007) + + 01 Jul 2007; Diego Pettenò <flameeyes@gentoo.org> +files/login.pamd.1, + +shadow-4.0.18.1-r1.ebuild: + Revision bump with a fixed pam.d/login file that actually honours stuff like + pam_nologin. 23 Jun 2007; Daniel Drake <dsd@gentoo.org> shadow-4.0.18.1.ebuild: Add GPL to license, as vipw is GPL-licensed (bug #175257) diff --git a/sys-apps/shadow/Manifest b/sys-apps/shadow/Manifest index 5509970f6504..0fa6a6dc92b8 100644 --- a/sys-apps/shadow/Manifest +++ b/sys-apps/shadow/Manifest @@ -1,3 +1,6 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + AUX default/useradd 96 RMD160 55c38953c800c6aae1ebe4312028560f77e7414f SHA1 348916abd4f794ee99310e1c006fbf00296ea2d7 SHA256 31aa2cbe4a34a9f7d4d134c1fecd007c9bbf4d40e19d0dcddbcd396f1853b490 MD5 6e0bc0211949c624da0ea08d994a7038 files/default/useradd 96 RMD160 55c38953c800c6aae1ebe4312028560f77e7414f files/default/useradd 96 @@ -10,6 +13,10 @@ AUX login.pamd 1019 RMD160 062e018d7c0e6c3b9963f695051322f762809edc SHA1 9d7d986 MD5 e01e197ed3b6d2ec6ae83d23b33088b8 files/login.pamd 1019 RMD160 062e018d7c0e6c3b9963f695051322f762809edc files/login.pamd 1019 SHA256 4d1844dbfc9292ae82789c26767190b6ca2cad0f77a55fee86dbf292444762e0 files/login.pamd 1019 +AUX login.pamd.1 1020 RMD160 9f0ec8ff53bf96b89dc8a03d73839e5d8ea83552 SHA1 544aed588284a68aa6d4162d835664a24a993e39 SHA256 592c941fc935a85a0605df993ac130aadca0f5cb156aeed163d97fbc9483f457 +MD5 1e2cdd4317dbb505d470e78a4925394f files/login.pamd.1 1020 +RMD160 9f0ec8ff53bf96b89dc8a03d73839e5d8ea83552 files/login.pamd.1 1020 +SHA256 592c941fc935a85a0605df993ac130aadca0f5cb156aeed163d97fbc9483f457 files/login.pamd.1 1020 AUX login_defs.awk 738 RMD160 4c05e7ab04b1b630bba093fdb2c2501c11a2d5be SHA1 74a28544ec0de8dbc530846c54af763f8ebc9f18 SHA256 6ceb9e03c2f7df817f3162de48886c9c66a596cb2af98fbf523c93e26840113b MD5 372a33c569b7078d247058c7dab1cae2 files/login_defs.awk 738 RMD160 4c05e7ab04b1b630bba093fdb2c2501c11a2d5be files/login_defs.awk 738 @@ -87,14 +94,18 @@ MD5 aa1259020b925cd3088cb7a36fbe7753 files/shadow-4.0.18.1-useradd-usermod.patch RMD160 65bb85eba9f2e08f4febeea97d522d515f7d9fb7 files/shadow-4.0.18.1-useradd-usermod.patch 1081 SHA256 ca34bc36424585c9f1d64c6b4201ce62c964773c7c6c16faecdd2610ad655cfb files/shadow-4.0.18.1-useradd-usermod.patch 1081 DIST shadow-4.0.18.1.tar.bz2 1516296 RMD160 05a1f609370371de3112479cb6a98d966c45fa6c SHA1 1a30458e9db05560bfc82529048bd5d60b45cf9b SHA256 3da368d87a94270c3db4bae6ff634b8db5dcbc8822d554dbfea955a676c1ab12 +EBUILD shadow-4.0.18.1-r1.ebuild 5873 RMD160 eac580d5bd2341781dcaa33e4fd24d79d0e052df SHA1 9a7831c16f1222b76d69464d223cae6790639007 SHA256 c8fa8ff37e01cdf1849b1d1effd827e3adeebd321ea5a5b81ee8c7fcd8b58344 +MD5 16e9354b8239a03e42aa87e47d9891a7 shadow-4.0.18.1-r1.ebuild 5873 +RMD160 eac580d5bd2341781dcaa33e4fd24d79d0e052df shadow-4.0.18.1-r1.ebuild 5873 +SHA256 c8fa8ff37e01cdf1849b1d1effd827e3adeebd321ea5a5b81ee8c7fcd8b58344 shadow-4.0.18.1-r1.ebuild 5873 EBUILD shadow-4.0.18.1.ebuild 5859 RMD160 caf526835bd96be3051e0c37ea408c0ade4de577 SHA1 ebb94a434fede49fad7319db95f55d13f8805bc0 SHA256 e28db8fc8d8a764af7d794afb6022ef56473daf8c4bf3698bcfa7ae5a48e5b94 MD5 558b5963b31ba03c50b75227177f0389 shadow-4.0.18.1.ebuild 5859 RMD160 caf526835bd96be3051e0c37ea408c0ade4de577 shadow-4.0.18.1.ebuild 5859 SHA256 e28db8fc8d8a764af7d794afb6022ef56473daf8c4bf3698bcfa7ae5a48e5b94 shadow-4.0.18.1.ebuild 5859 -MISC ChangeLog 30405 RMD160 97ae72e1e33a34ae9728c0de1174205764b1de01 SHA1 b84cdb80baf5d3613cd6da752ffde4780fe81a4f SHA256 66804f6deebfdf938748bb891bb10363f72e3dcb9b4f9095cf9c8f715afac86f -MD5 65a645c3b7fcf1e14f85ac11f979c5be ChangeLog 30405 -RMD160 97ae72e1e33a34ae9728c0de1174205764b1de01 ChangeLog 30405 -SHA256 66804f6deebfdf938748bb891bb10363f72e3dcb9b4f9095cf9c8f715afac86f ChangeLog 30405 +MISC ChangeLog 30645 RMD160 d90466747b1effc9b546d2f1de200f1107bb7425 SHA1 63ea43581f1851c99b3aa16e1909ecd5ece38db1 SHA256 38854851a533427ec7151fe9d20cb77362b0179c78949802a34d90ac92b74332 +MD5 6915bf1a15572841d66e12227ea0ab65 ChangeLog 30645 +RMD160 d90466747b1effc9b546d2f1de200f1107bb7425 ChangeLog 30645 +SHA256 38854851a533427ec7151fe9d20cb77362b0179c78949802a34d90ac92b74332 ChangeLog 30645 MISC metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 SHA1 9c213f5803676c56439df3716be07d6692588856 SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92 MD5 9a09f8d531c582e78977dbfd96edc1f2 metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 metadata.xml 164 @@ -102,3 +113,13 @@ SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92 metadata MD5 6be0a013e7aee78ebb6228308ca16fee files/digest-shadow-4.0.18.1 253 RMD160 31ec617739d2935bd1b4dfc1d676399d5c5f50bc files/digest-shadow-4.0.18.1 253 SHA256 6683d8ca173c809dedf056bf6e658284264bb277cab8c43e03b811ed4308d109 files/digest-shadow-4.0.18.1 253 +MD5 6be0a013e7aee78ebb6228308ca16fee files/digest-shadow-4.0.18.1-r1 253 +RMD160 31ec617739d2935bd1b4dfc1d676399d5c5f50bc files/digest-shadow-4.0.18.1-r1 253 +SHA256 6683d8ca173c809dedf056bf6e658284264bb277cab8c43e03b811ed4308d109 files/digest-shadow-4.0.18.1-r1 253 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.4 (GNU/Linux) + +iD8DBQFGiApMAiZjviIA2XgRAiIRAKC5AKvW0/UHhd8Q/P33l5xsCGN5swCg0lvg +gIKsQrC39O3lMKjAo7NlXv8= +=xJq5 +-----END PGP SIGNATURE----- diff --git a/sys-apps/shadow/files/digest-shadow-4.0.18.1-r1 b/sys-apps/shadow/files/digest-shadow-4.0.18.1-r1 new file mode 100644 index 000000000000..801875319890 --- /dev/null +++ b/sys-apps/shadow/files/digest-shadow-4.0.18.1-r1 @@ -0,0 +1,3 @@ +MD5 e7751d46ecf219c07ae0b028ab3335c6 shadow-4.0.18.1.tar.bz2 1516296 +RMD160 05a1f609370371de3112479cb6a98d966c45fa6c shadow-4.0.18.1.tar.bz2 1516296 +SHA256 3da368d87a94270c3db4bae6ff634b8db5dcbc8822d554dbfea955a676c1ab12 shadow-4.0.18.1.tar.bz2 1516296 diff --git a/sys-apps/shadow/files/login.pamd.1 b/sys-apps/shadow/files/login.pamd.1 new file mode 100644 index 000000000000..2c784e240a15 --- /dev/null +++ b/sys-apps/shadow/files/login.pamd.1 @@ -0,0 +1,31 @@ +#%PAM-1.0 + +auth required pam_securetty.so +auth required pam_tally.so file=/var/log/faillog onerr=succeed no_magic_root +auth required pam_shells.so +auth required pam_nologin.so +auth include system-auth + +account required pam_access.so +account include system-auth +account required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed no_magic_root + +password include system-auth + +@selinux@# pam_selinux.so close should be the first session rule +@selinux@session required pam_selinux.so close +@selinux@ +session required pam_env.so +session optional pam_lastlog.so +session optional pam_motd.so motd=/etc/motd +session optional pam_mail.so + +# If you want to enable pam_console, uncomment the following line +# and read carefully README.pam_console in /usr/share/doc/pam* +#session optional pam_console.so + +session include system-auth + +@selinux@# pam_selinux.so open should be the last session rule +@selinux@session required pam_selinux.so multiple open +@selinux@ diff --git a/sys-apps/shadow/shadow-4.0.18.1-r1.ebuild b/sys-apps/shadow/shadow-4.0.18.1-r1.ebuild new file mode 100644 index 000000000000..07b4791fc12a --- /dev/null +++ b/sys-apps/shadow/shadow-4.0.18.1-r1.ebuild @@ -0,0 +1,208 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.0.18.1-r1.ebuild,v 1.1 2007/07/01 20:10:16 flameeyes Exp $ + +inherit eutils libtool toolchain-funcs flag-o-matic autotools pam + +DESCRIPTION="Utilities to deal with user accounts" +HOMEPAGE="http://shadow.pld.org.pl/" +SRC_URI="ftp://ftp.pld.org.pl/software/${PN}/${P}.tar.bz2" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="nls pam selinux skey nousuid cracklib" + +RDEPEND="cracklib? ( >=sys-libs/cracklib-2.7-r3 ) + pam? ( virtual/pam ) + !sys-apps/pam-login + !app-admin/nologin + skey? ( app-admin/skey ) + selinux? ( >=sys-libs/libselinux-1.28 ) + nls? ( virtual/libintl )" +DEPEND="${RDEPEND} + nls? ( sys-devel/gettext )" + +src_unpack() { + unpack ${A} + cd "${S}" + + # uclibc support, corrects NIS usage + epatch "${FILESDIR}"/${PN}-4.0.13-nonis.patch + + # If su should not simulate a login shell, use '/bin/sh' as shell to enable + # running of commands as user with /bin/false as shell, closing bug #15015. + # *** This one could be a security hole; disable for now *** + #epatch "${FILESDIR}"/${P}-nologin-run-sh.patch + + # tweak the default login.defs + epatch "${FILESDIR}"/${PN}-4.0.17-login.defs.patch + + # Make user/group names more flexible #3485 / #22920 + epatch "${FILESDIR}"/${PN}-4.0.13-dots-in-usernames.patch + epatch "${FILESDIR}"/${PN}-4.0.13-long-groupnames.patch + + # Fix compiling with gcc-2.95.x + epatch "${FILESDIR}"/${PN}-4.0.12-gcc2.patch + + # lock down setuid perms #47208 + epatch "${FILESDIR}"/${PN}-4.0.11.1-perms.patch + + epatch "${FILESDIR}"/${PN}-4.0.15-uclibc-missing-l64a.patch + + epatch "${FILESDIR}"/${PN}-4.0.16-fix-useradd-usergroups.patch #128715 + + epatch "${FILESDIR}"/${PN}-4.0.18.1-useradd-usermod.patch + + # Needed by the UCLIBC patches + eautoconf || die + + elibtoolize + epunt_cxx +} + +src_compile() { + append-ldflags $(bindnow-flags) + tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes + econf \ + --disable-desrpc \ + --with-libcrypt \ + --enable-shared=no \ + --enable-static=yes \ + $(use_with cracklib libcrack) \ + $(use_with pam libpam) \ + $(use_with skey) \ + $(use_with selinux) \ + $(use_enable nls) \ + || die "bad configure" + emake || die "compile problem" +} + +src_install() { + local perms=4711 + use nousuid && perms=711 + make DESTDIR="${D}" suiduperms=${perms} install || die "install problem" + dosym useradd /usr/sbin/adduser + + # Remove libshadow and libmisc; see bug 37725 and the following + # comment from shadow's README.linux: + # Currently, libshadow.a is for internal use only, so if you see + # -lshadow in a Makefile of some other package, it is safe to + # remove it. + rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la} + + insinto /etc + # Using a securetty with devfs device names added + # (compat names kept for non-devfs compatibility) + insopts -m0600 ; doins "${FILESDIR}"/securetty + if ! use pam ; then + insopts -m0600 + doins etc/login.access etc/limits + else + newpamd "${FILESDIR}/login.pamd.1" login + use selinux || sed -i -e '/@selinux@/d' "${D}"/etc/pam.d/login + use selinux && sed -i -e 's:@selinux@::g' "${D}"/etc/pam.d/login + fi + # Output arch-specific cruft + case $(tc-arch) in + ppc*) echo "hvc0" >> "${D}"/etc/securetty + echo "hvsi0" >> "${D}"/etc/securetty + echo "ttyPSC0" >> "${D}"/etc/securetty;; + hppa) echo "ttyB0" >> "${D}"/etc/securetty;; + arm) echo "ttyFB0" >> "${D}"/etc/securetty;; + esac + + # needed for 'adduser -D' + insinto /etc/default + insopts -m0600 + doins "${FILESDIR}"/default/useradd + + # move passwd to / to help recover broke systems #64441 + mv "${D}"/usr/bin/passwd "${D}"/bin/ + dosym /bin/passwd /usr/bin/passwd + + if use pam ; then + local INSTALL_SYSTEM_PAMD="yes" + + # Do not install below pam.d files if we have pam-0.78 or later + has_version '>=sys-libs/pam-0.78' && \ + INSTALL_SYSTEM_PAMD="no" + + for x in "${FILESDIR}"/pam.d-include/*; do + case "${x##*/}" in + "login") + # We do no longer install this one, as its from + # pam-login now. + ;; + "system-auth"|"system-auth-1.1"|"other") + # These we only install if we do not have pam-0.78 + # or later. + [ "${INSTALL_SYSTEM_PAMD}" = "yes" ] && [ -f ${x} ] && \ + dopamd ${x} + ;; + "su") + # Disable support for pam_env and pam_wheel on openpam + has_version sys-libs/pam && dopamd ${x} + ;; + "su-openpam") + has_version sys-libs/openpam && newpamd ${x} su + ;; + *) + [ -f ${x} ] && dopamd ${x} + ;; + esac + done + for x in chage chsh chfn chpasswd newusers \ + user{add,del,mod} group{add,del,mod} ; do + newpamd "${FILESDIR}"/pam.d-include/shadow ${x} + done + + # remove manpages that pam will install for us + # and/or don't apply when using pam + + find "${D}"/usr/share/man \ + '(' -name 'limits.5*' -o -name 'suauth.5*' ')' \ + -exec rm {} \; + fi + + cd "${S}" + insinto /etc + insopts -m0644 + newins etc/login.defs login.defs + + # comment out options that pam hates + if use pam ; then + awk -f "${FILESDIR}"/login_defs.awk \ + lib/getdef.c etc/login.defs \ + > "${D}"/etc/login.defs + fi + + # Remove manpages that are handled by other packages + find "${D}"/usr/share/man \ + '(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \ + -exec rm {} \; + + cd "${S}" + dodoc ChangeLog NEWS TODO + newdoc README README.download + cd doc + dodoc HOWTO README* WISHLIST *.txt +} + +pkg_preinst() { + rm -f "${ROOT}"/etc/pam.d/system-auth.new \ + "${ROOT}/etc/login.defs.new" +} + +pkg_postinst() { + # Enable shadow groups (we need ROOT=/ here, as grpconv only + # operate on / ...). + if [[ ${ROOT} == / && ! -f /etc/gshadow ]] ; then + if grpck -r &>/dev/null; then + grpconv + else + ewarn "Running 'grpck' returned errors. Please run it by hand, and then" + ewarn "run 'grpconv' afterwards!" + fi + fi +} |