%define shadowgroupid 15 Summary: Utilities for managing shadow password files and user/group accounts Name: shadow Version: 4.8.1 Group: Applications/Security Release: 2mamba Vendor: openmamba Distribution: openmamba Packager: Silvan Calarco URL: http://pkg-shadow.alioth.debian.org/ Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz Source1: shadow-useradd Source2: shadow-pam-shadow Source3: shadow-pam-useradd Source4: shadow-pam-su Source5: shadow-pam-passwd Source6: shadow-pam-login Patch0: %{name}-4.0.3.patch Patch1: %{name}-pam-makefile.patch Patch2: %{name}-4.0.7-fixpam.patch Patch3: %{name}-4.1.4.2-login_defs.patch Patch4: %{name}-4.1.4.2-cross_compile.patch License: BSD ## AUTOBUILDREQ-BEGIN BuildRequires: glibc-devel BuildRequires: libacl-devel BuildRequires: libattr-devel BuildRequires: libaudit-devel BuildRequires: libcrack-devel BuildRequires: libpam-devel %if "%{stage1}" != "1" BuildRequires: libselinux-devel BuildRequires: libsepol-devel %endif BuildRequires: pam-devel ## AUTOBUILDREQ-END BuildRequires: skey-devel Requires: pam >= 0.77 Requires: shadow-common == %{version}-%{release} BuildRoot: %{_tmppath}/%{name}-%{version}-root Provides: shadowtool Provides: pwdutils Obsoletes: pwdutils %description The shadow package includes the necessary programs for converting UNIX password files to the shadow password format, plus programs for managing user and group accounts. - The pwconv command converts passwords to the shadow password format. - The pwunconv command unconverts shadow passwords and generates an npasswd file (a standard UNIX password file). - The pwck command checks the integrity of password and shadow files. - The lastlog command prints out the last login times for all users. - The useradd, userdel and usermod commands are used for managing user accounts. - The groupadd, groupdel and groupmod commands are used for managing group accounts. %package common Summary: Common tools used both by shadow tools and pwdutils Group: Applications/Security %description common The shadow-common package includes the necessary programs for converting UNIX password files to the shadow password format, plus programs for managing user and group accounts. %package extra Summary: Extra tools provided also by util-linux Group: Applications/Security %description extra The shadow-common package includes the necessary programs for converting UNIX password files to the shadow password format, plus programs for managing user and group accounts. %prep [ "%{buildroot}" != / ] && rm -rf %{buildroot} %setup -q #%patch1 -p1 #%patch2 -p1 #%patch3 -p1 #%patch4 -p1 %build %if "%{_host}" != "%{_build}" cat > config.cache << EOF ac_cv_func_setpgrp_void=yes EOF LDFLAGS="-ldl -lcrypt -lpam -lpam_misc -lselinux" ./configure \ --cache-file=config.cache \ %else LDFLAGS="-ldl" ./configure \ %endif --with-libpam \ --host=%{_host} \ --build=%{_build} \ --prefix=%{_prefix} \ --exec-prefix=%{_prefix} \ --mandir=%{_mandir} \ --libdir=%{_libdir} \ --sysconfdir=%{_sysconfdir} \ --enable-shared \ --with-libcrack \ --with-skey LDFLAGS="-ldl" make %{_smp_mflags} LIBSELINUX="-lselinux -lsepol" %install LIBRARY_PATH=LIBRARY_PATH:%{buildroot}%{_libdir} \ LDFLAGS="-ldl" make install \ DESTDIR=%{buildroot} \ gnulocaledir=%{buildroot}%{_datadir}/locale mkdir -p %{buildroot}/etc/default cp etc/{limits,login.access} %{buildroot}/etc install -m 744 %{SOURCE1} %{buildroot}/etc/default/useradd install -m 0644 etc/login.defs %{buildroot}/etc/login.defs #mkdir %{buildroot}/lib #mv %{buildroot}%{_libdir}/libshadow.so.0* \ # %{buildroot}/lib #ln -sf ../../lib/libshadow.so.0 %{buildroot}%{_libdir}/libshadow.so ##ln -sf ../../lib/libmisc.so.0 %{buildroot}%{_libdir}/libmisc.so mv %{buildroot}%{_mandir}/man5/passwd.5 \ %{buildroot}%{_mandir}/man5/passwd-shadow.5 mkdir -p %{buildroot}%{_sysconfdir}/pam.d cp %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/shadow cp %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/chage cp %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/chpasswd cp %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/newusers cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/useradd cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/userdel cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/usermod cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/groupadd cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/groupdel cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/groupmod # FIXME: /etc/pam.d/su is installed though moved to coreutils # because an upgrade of shadow-common and coreutils would make # it disappear (an RPM issue) #cp %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/su cp %{SOURCE5} %{buildroot}%{_sysconfdir}/pam.d/passwd cp %{SOURCE6} %{buildroot}%{_sysconfdir}/pam.d/login #touch %{buildroot}%{_sysconfdir}/shadow %find_lang shadow for l in cs da de fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW; do for m in man1/groups.1 man5/faillog.5 man8/lastlog.8 man8/newusers.8; do [ -e %{buildroot}%{_mandir}/$l/$m ] && \ echo "%lang(%l) %{_mandir}/$l/$m*" >> shadow.lang done for m in `ls %{buildroot}%{_mandir}/$l/*/*`; do m1=`echo $m | sed "s|%{buildroot}||"` grep $m1 shadow.lang || \ echo "%lang(%l) /${m1}*" >> shadow-main.man done done for m in man1/groups.1 man5/faillog.5 man8/lastlog.8 man8/newusers.8; do [ -e %{buildroot}%{_mandir}/$m ] && \ echo "%{_mandir}/$m*" >> shadow.lang done for m in `ls %{buildroot}%{_mandir}/*/*\.[1-9]`; do m1=`echo $m | sed "s|%{buildroot}||"` grep $m1 shadow.lang || \ echo "/${m1}*" >> shadow-main.man done %clean [ "%{buildroot}" != / ] && rm -rf %{buildroot} %post groupadd shadow -g %{shadowgroupid} 2>/dev/null || : if [ ! -e /etc/shadow ]; then # upgrade/create passwords to shadow system # for a new install or an upgrade /usr/sbin/pwconv chmod 0640 /etc/shadow chgrp shadow /etc/shadow fi exit 0 #% post common #/sbin/ldconfig #exit 0 #% preun common #/sbin/ldconfig #exit 0 #% posttrans common #if [ -e /etc/shadow.rpmsave ]; then # SAVEPWD=`grep "^root:" /etc/shadow.rpmsave | sed "s|root:\([^:]*\):.*|\1|"` # NEWPWD=`grep "^root:" /etc/shadow | sed "s|root:\([^:]*\):.*|\1|"` # if [ "$NEWPWD" == "" -o "$NEWPWD" == "!" -o "$NEWPWD" == "x" ]; then # if [ "$SAVEPWD" != "!" -a "$SAVEPWD" != "" -a "$SAVEPWD" != "x" ]; then # mv /etc/shadow.rpmsave /etc/shadow # else # echo "Unexpected error updating /etc/shadow file: root password was lost, recovery needed!" # fi # fi #fi #chmod 0640 /etc/shadow #chgrp shadow /etc/shadow #exit 0 %files -f shadow-main.man %defattr(-,root,root) %{_bindir}/chage %{_bindir}/expiry %{_bindir}/gpasswd %{_bindir}/newgrp %{_bindir}/passwd %{_bindir}/sg %{_sbindir}/* %exclude %{_sbindir}/newusers %{_sysconfdir}/default/useradd %attr(644,root,root) %config /etc/pam.d/passwd %attr(644,root,root) %config /etc/pam.d/shadow %attr(644,root,root) %config /etc/pam.d/useradd %attr(644,root,root) %config /etc/pam.d/userdel %attr(644,root,root) %config /etc/pam.d/usermod %attr(644,root,root) %config /etc/pam.d/groupadd %attr(644,root,root) %config /etc/pam.d/groupdel %attr(644,root,root) %config /etc/pam.d/groupmod %attr(644,root,root) %config /etc/pam.d/chage %attr(644,root,root) %config /etc/pam.d/chpasswd %exclude %{_mandir}/man1/chfn.1* %exclude %{_mandir}/man1/chsh.1* %exclude %{_mandir}/man1/login.1* %exclude %{_mandir}/man1/su.1* %exclude %{_mandir}/man8/nologin.8* %files common -f shadow.lang %defattr(-,root,root) #%attr(640,root,shadow) %config(noreplace) %{_sysconfdir}/shadow %{_sysconfdir}/limits #%attr(644,root,root) %config /etc/pam.d/chgpasswd %attr(644,root,root) %config /etc/pam.d/groupmems %attr(644,root,root) %config /etc/pam.d/newusers %dir %{_sysconfdir}/default /bin/groups %{_bindir}/faillog %{_bindir}/lastlog %{_bindir}/newgidmap %{_bindir}/newuidmap %{_sbindir}/newusers %files extra %defattr(-,root,root) %{_sysconfdir}/login.access %{_sysconfdir}/login.defs %attr(644,root,root) %config /etc/pam.d/login %attr(644,root,root) %config /etc/pam.d/chfn %attr(644,root,root) %config /etc/pam.d/chsh %attr(644,root,root) %config /etc/pam.d/su /bin/login /bin/su %{_bindir}/chfn %{_bindir}/chsh /sbin/nologin %{_mandir}/man1/chfn.1* %{_mandir}/man1/chsh.1* %{_mandir}/man1/login.1* %{_mandir}/man1/su.1* %{_mandir}/man8/nologin.8* %changelog * Sun Jan 31 2021 Silvan Calarco 4.8.1-2mamba - shadow-pam-shadow: fix chpasswd by setting password field to use pam_unix.so * Fri Feb 07 2020 Automatic Build System 4.8.1-1mamba - automatic version update by autodist * Mon Aug 05 2019 Automatic Build System 4.7-1mamba - automatic version update by autodist * Wed Aug 22 2018 Automatic Build System 4.6-1mamba - automatic version update by autodist * Wed Nov 15 2017 Silvan Calarco 4.5-4mamba - create /etc/shadow with pwconv if not existing in %post * Thu Nov 09 2017 Silvan Calarco 4.5-3mamba - create /etc/shadow if missing * Mon Nov 06 2017 Silvan Calarco 4.5-2mamba - move to shadow-extra files conflicting with util-linux * Sun Nov 05 2017 Silvan Calarco 4.5-1mamba - update to 4.5 * Wed Jun 04 2014 Silvan Calarco 4.2.1-1mamba - update to 4.2.1 * Sat Dec 08 2012 Automatic Build System 4.1.5.1-1mamba - update to 4.1.5.1 * Fri Sep 14 2012 Silvan Calarco 4.1.4.3-3mamba - also move login.1 man page from shadow-common to shadow * Sun Sep 09 2012 Silvan Calarco 4.1.4.3-2mamba - move login from shadow-common to main (unused) package following utill-linux 2.22 * Sun Mar 06 2011 Automatic Build System 4.1.4.3-1mamba - automatic update by autodist * Tue Sep 21 2010 Silvan Calarco 4.1.4.2-6mamba - fixed /etc/shadow checks to prevent password loss on upgrade from old installations * Mon Jul 19 2010 Silvan Calarco 4.1.4.2-5mamba - don't own /etc/shadow * Mon Jun 28 2010 Silvan Calarco 4.1.4.2-4mamba - run pwconv on install to correctly create /etc/shadow * Wed Feb 10 2010 Silvan Calarco 4.1.4.2-3mamba - patched default /etc/login.defs to remove not supported options due to pam enabled * Tue Feb 09 2010 Silvan Calarco 4.1.4.2-2mamba - removed obsolete pwconv code in post script - added S/Key support * Fri Feb 05 2010 Silvan Calarco 4.1.4.2-1mamba - update to 4.1.4.2 * Mon May 04 2009 Silvan Calarco 4.0.7-10mamba - reset /etc/shadow file permissions on update * Sat May 02 2009 Silvan Calarco 4.0.7-9mamba - set shadow group with read permission for /etc/shadow * Mon Jun 25 2007 Silvan Calarco 4.0.7-8mamba - pam files changed to support pam 0.99.7 * Wed May 18 2005 Silvan Calarco 4.0.7-6qilnx - removed su which is replaced by coreutils's * Mon Mar 07 2005 Silvan Calarco 4.0.7-5qilnx - fix login script to work with pam_unix2 * Wed Mar 02 2005 Silvan Calarco 4.0.7-4qilnx - added missing pam files for some service who now use them instead of shadow - added empty /etc/shadow file * Fri Feb 25 2005 Silvan Calarco 4.0.7-3qilnx - fixed requirement for libmisc * Fri Feb 25 2005 Silvan Calarco 4.0.7-2qilnx - package split into shadow and shadow-common, the latter for use with pwdutils * Fri Feb 25 2005 Silvan Calarco 4.0.7-1qilnx - update to version 4.0.7 by autospec * Fri May 28 2004 Davide Madrisan 4.0.4.1-2qilnx - added missing ldconfig to preun and postun scripts * Thu May 27 2004 Silvan Calarco 4.0.4.1-1qilnx - new version build - removed pam_console from services that used it * Fri May 09 2003 Silvan Calarco 4.0.3-8qilnx - fixed login pam configuration module * Fri May 09 2003 Silvan Calarco 4.0.3-7qilnx - added login pam configuration module - fixed configuration files for shadow and useradd * Thu May 08 2003 Silvan Calarco 4.0.3-6qilnx - added /etc/pam.d files: su, shadow, passwd, useradd * Tue May 06 2003 Alessandro Ramazzina 4.0.3-5qilnx - added useradd file in /etc/default directory - added patch for pam support * Sun Apr 27 2003 Silvan Calarco 4.0.3-4qilnx - added post and preun pw conversion scripts * Tue Apr 22 2003 Silvan Calarco 4.0.3-2qilnx - removed Prefix variable definition - PAM support added * Tue Apr 08 2003 Luca Tinelli - first Build