shadow/shadow.spec

377 lines
13 KiB
RPMSpec

%define shadowgroupid 15
Summary: Utilities for managing shadow password files and user/group accounts
Name: shadow
Version: 4.7
Group: Applications/Security
Release: 1mamba
Vendor: openmamba
Distribution: openmamba
Packager: Silvan Calarco <silvan.calarco@mambasoft.it>
URL: http://pkg-shadow.alioth.debian.org/
Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz
Source1: shadow-useradd
Source2: shadow-pam-shadow
Source3: shadow-pam-useradd
Source4: shadow-pam-su
Source5: shadow-pam-passwd
Source6: shadow-pam-login
Patch0: %{name}-4.0.3.patch
Patch1: %{name}-pam-makefile.patch
Patch2: %{name}-4.0.7-fixpam.patch
Patch3: %{name}-4.1.4.2-login_defs.patch
Patch4: %{name}-4.1.4.2-cross_compile.patch
License: BSD
## AUTOBUILDREQ-BEGIN
BuildRequires: glibc-devel
BuildRequires: libacl-devel
BuildRequires: libattr-devel
BuildRequires: libaudit-devel
BuildRequires: libcrack-devel
BuildRequires: libpam-devel
%if "%{stage1}" != "1"
BuildRequires: libselinux-devel
BuildRequires: libsepol-devel
%endif
BuildRequires: pam-devel
## AUTOBUILDREQ-END
BuildRequires: skey-devel
Requires: pam >= 0.77
Requires: shadow-common == %{version}-%{release}
BuildRoot: %{_tmppath}/%{name}-%{version}-root
Provides: shadowtool
Provides: pwdutils
Obsoletes: pwdutils
%description
The shadow package includes the necessary programs for converting UNIX password files to the shadow password format, plus programs for managing user and group accounts.
- The pwconv command converts passwords to the shadow password format.
- The pwunconv command unconverts shadow passwords and generates an npasswd file (a standard UNIX password file).
- The pwck command checks the integrity of password and shadow files.
- The lastlog command prints out the last login times for all users.
- The useradd, userdel and usermod commands are used for managing user accounts.
- The groupadd, groupdel and groupmod commands are used for managing group accounts.
%package common
Summary: Common tools used both by shadow tools and pwdutils
Group: Applications/Security
%description common
The shadow-common package includes the necessary programs for converting UNIX password files to the shadow password format, plus programs for managing user and group accounts.
%package extra
Summary: Extra tools provided also by util-linux
Group: Applications/Security
%description extra
The shadow-common package includes the necessary programs for converting UNIX password files to the shadow password format, plus programs for managing user and group accounts.
%prep
[ "%{buildroot}" != / ] && rm -rf %{buildroot}
%setup -q
#%patch1 -p1
#%patch2 -p1
#%patch3 -p1
#%patch4 -p1
%build
%if "%{_host}" != "%{_build}"
cat > config.cache << EOF
ac_cv_func_setpgrp_void=yes
EOF
LDFLAGS="-ldl -lcrypt -lpam -lpam_misc -lselinux" ./configure \
--cache-file=config.cache \
%else
LDFLAGS="-ldl" ./configure \
%endif
--with-libpam \
--host=%{_host} \
--build=%{_build} \
--prefix=%{_prefix} \
--mandir=%{_mandir} \
--libdir=%{_libdir} \
--sysconfdir=%{_sysconfdir} \
--enable-shared \
--with-libcrack \
--with-skey
LDFLAGS="-ldl" make %{_smp_mflags} LIBSELINUX="-lselinux -lsepol"
%install
LIBRARY_PATH=LIBRARY_PATH:%{buildroot}%{_libdir} \
LDFLAGS="-ldl" make install \
DESTDIR=%{buildroot} \
gnulocaledir=%{buildroot}%{_datadir}/locale
mkdir -p %{buildroot}/etc/default
cp etc/{limits,login.access} %{buildroot}/etc
install -m 744 %{SOURCE1} %{buildroot}/etc/default/useradd
install -m 0644 etc/login.defs %{buildroot}/etc/login.defs
#mkdir %{buildroot}/lib
#mv %{buildroot}%{_libdir}/libshadow.so.0* \
# %{buildroot}/lib
#ln -sf ../../lib/libshadow.so.0 %{buildroot}%{_libdir}/libshadow.so
##ln -sf ../../lib/libmisc.so.0 %{buildroot}%{_libdir}/libmisc.so
mv %{buildroot}%{_mandir}/man5/passwd.5 \
%{buildroot}%{_mandir}/man5/passwd-shadow.5
mkdir -p %{buildroot}%{_sysconfdir}/pam.d
cp %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/shadow
cp %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/chage
cp %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/chpasswd
cp %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/newusers
cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/useradd
cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/userdel
cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/usermod
cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/groupadd
cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/groupdel
cp %{SOURCE3} %{buildroot}%{_sysconfdir}/pam.d/groupmod
# FIXME: /etc/pam.d/su is installed though moved to coreutils
# because an upgrade of shadow-common and coreutils would make
# it disappear (an RPM issue)
#cp %{SOURCE4} %{buildroot}%{_sysconfdir}/pam.d/su
cp %{SOURCE5} %{buildroot}%{_sysconfdir}/pam.d/passwd
cp %{SOURCE6} %{buildroot}%{_sysconfdir}/pam.d/login
#touch %{buildroot}%{_sysconfdir}/shadow
%find_lang shadow
for l in cs da de fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW; do
for m in man1/groups.1 man5/faillog.5 man8/lastlog.8 man8/newusers.8; do
[ -e %{buildroot}%{_mandir}/$l/$m ] && \
echo "%lang(%l) %{_mandir}/$l/$m*" >> shadow.lang
done
for m in `ls %{buildroot}%{_mandir}/$l/*/*`; do
m1=`echo $m | sed "s|%{buildroot}||"`
grep $m1 shadow.lang || \
echo "%lang(%l) /${m1}*" >> shadow-main.man
done
done
for m in man1/groups.1 man5/faillog.5 man8/lastlog.8 man8/newusers.8; do
[ -e %{buildroot}%{_mandir}/$m ] && \
echo "%{_mandir}/$m*" >> shadow.lang
done
for m in `ls %{buildroot}%{_mandir}/*/*\.[1-9]`; do
m1=`echo $m | sed "s|%{buildroot}||"`
grep $m1 shadow.lang || \
echo "/${m1}*" >> shadow-main.man
done
%clean
[ "%{buildroot}" != / ] && rm -rf %{buildroot}
%post
groupadd shadow -g %{shadowgroupid} 2>/dev/null || :
if [ ! -e /etc/shadow ]; then
# upgrade/create passwords to shadow system
# for a new install or an upgrade
/usr/sbin/pwconv
chmod 0640 /etc/shadow
chgrp shadow /etc/shadow
fi
exit 0
#% post common
#/sbin/ldconfig
#exit 0
#% preun common
#/sbin/ldconfig
#exit 0
#% posttrans common
#if [ -e /etc/shadow.rpmsave ]; then
# SAVEPWD=`grep "^root:" /etc/shadow.rpmsave | sed "s|root:\([^:]*\):.*|\1|"`
# NEWPWD=`grep "^root:" /etc/shadow | sed "s|root:\([^:]*\):.*|\1|"`
# if [ "$NEWPWD" == "" -o "$NEWPWD" == "!" -o "$NEWPWD" == "x" ]; then
# if [ "$SAVEPWD" != "!" -a "$SAVEPWD" != "" -a "$SAVEPWD" != "x" ]; then
# mv /etc/shadow.rpmsave /etc/shadow
# else
# echo "Unexpected error updating /etc/shadow file: root password was lost, recovery needed!"
# fi
# fi
#fi
#chmod 0640 /etc/shadow
#chgrp shadow /etc/shadow
#exit 0
%files -f shadow-main.man
%defattr(-,root,root)
%{_bindir}/chage
%{_bindir}/expiry
%{_bindir}/gpasswd
%{_bindir}/newgrp
%{_bindir}/passwd
%{_bindir}/sg
%{_sbindir}/*
%exclude %{_sbindir}/newusers
%{_sysconfdir}/default/useradd
%attr(644,root,root) %config /etc/pam.d/passwd
%attr(644,root,root) %config /etc/pam.d/shadow
%attr(644,root,root) %config /etc/pam.d/useradd
%attr(644,root,root) %config /etc/pam.d/userdel
%attr(644,root,root) %config /etc/pam.d/usermod
%attr(644,root,root) %config /etc/pam.d/groupadd
%attr(644,root,root) %config /etc/pam.d/groupdel
%attr(644,root,root) %config /etc/pam.d/groupmod
%attr(644,root,root) %config /etc/pam.d/chage
%attr(644,root,root) %config /etc/pam.d/chpasswd
%exclude %{_mandir}/man1/chfn.1*
%exclude %{_mandir}/man1/chsh.1*
%exclude %{_mandir}/man1/login.1*
%exclude %{_mandir}/man1/su.1*
%exclude %{_mandir}/man8/nologin.8*
%files common -f shadow.lang
%defattr(-,root,root)
#%attr(640,root,shadow) %config(noreplace) %{_sysconfdir}/shadow
%{_sysconfdir}/limits
%attr(644,root,root) %config /etc/pam.d/chgpasswd
%attr(644,root,root) %config /etc/pam.d/groupmems
%attr(644,root,root) %config /etc/pam.d/newusers
%dir %{_sysconfdir}/default
/bin/groups
%{_bindir}/faillog
%{_bindir}/lastlog
%{_bindir}/newgidmap
%{_bindir}/newuidmap
%{_sbindir}/newusers
%files extra
%defattr(-,root,root)
%{_sysconfdir}/login.access
%{_sysconfdir}/login.defs
%attr(644,root,root) %config /etc/pam.d/login
%attr(644,root,root) %config /etc/pam.d/chfn
%attr(644,root,root) %config /etc/pam.d/chsh
%attr(644,root,root) %config /etc/pam.d/su
/bin/login
/bin/su
%{_bindir}/chfn
%{_bindir}/chsh
/sbin/nologin
%{_mandir}/man1/chfn.1*
%{_mandir}/man1/chsh.1*
%{_mandir}/man1/login.1*
%{_mandir}/man1/su.1*
%{_mandir}/man8/nologin.8*
%changelog
* Mon Aug 05 2019 Automatic Build System <autodist@mambasoft.it> 4.7-1mamba
- automatic version update by autodist
* Wed Aug 22 2018 Automatic Build System <autodist@mambasoft.it> 4.6-1mamba
- automatic version update by autodist
* Wed Nov 15 2017 Silvan Calarco <silvan.calarco@mambasoft.it> 4.5-4mamba
- create /etc/shadow with pwconv if not existing in %post
* Thu Nov 09 2017 Silvan Calarco <silvan.calarco@mambasoft.it> 4.5-3mamba
- create /etc/shadow if missing
* Mon Nov 06 2017 Silvan Calarco <silvan.calarco@mambasoft.it> 4.5-2mamba
- move to shadow-extra files conflicting with util-linux
* Sun Nov 05 2017 Silvan Calarco <silvan.calarco@mambasoft.it> 4.5-1mamba
- update to 4.5
* Wed Jun 04 2014 Silvan Calarco <silvan.calarco@mambasoft.it> 4.2.1-1mamba
- update to 4.2.1
* Sat Dec 08 2012 Automatic Build System <autodist@mambasoft.it> 4.1.5.1-1mamba
- update to 4.1.5.1
* Fri Sep 14 2012 Silvan Calarco <silvan.calarco@mambasoft.it> 4.1.4.3-3mamba
- also move login.1 man page from shadow-common to shadow
* Sun Sep 09 2012 Silvan Calarco <silvan.calarco@mambasoft.it> 4.1.4.3-2mamba
- move login from shadow-common to main (unused) package following utill-linux 2.22
* Sun Mar 06 2011 Automatic Build System <autodist@mambasoft.it> 4.1.4.3-1mamba
- automatic update by autodist
* Tue Sep 21 2010 Silvan Calarco <silvan.calarco@mambasoft.it> 4.1.4.2-6mamba
- fixed /etc/shadow checks to prevent password loss on upgrade from old installations
* Mon Jul 19 2010 Silvan Calarco <silvan.calarco@mambasoft.it> 4.1.4.2-5mamba
- don't own /etc/shadow
* Mon Jun 28 2010 Silvan Calarco <silvan.calarco@mambasoft.it> 4.1.4.2-4mamba
- run pwconv on install to correctly create /etc/shadow
* Wed Feb 10 2010 Silvan Calarco <silvan.calarco@mambasoft.it> 4.1.4.2-3mamba
- patched default /etc/login.defs to remove not supported options due to pam enabled
* Tue Feb 09 2010 Silvan Calarco <silvan.calarco@mambasoft.it> 4.1.4.2-2mamba
- removed obsolete pwconv code in post script
- added S/Key support
* Fri Feb 05 2010 Silvan Calarco <silvan.calarco@mambasoft.it> 4.1.4.2-1mamba
- update to 4.1.4.2
* Mon May 04 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 4.0.7-10mamba
- reset /etc/shadow file permissions on update
* Sat May 02 2009 Silvan Calarco <silvan.calarco@mambasoft.it> 4.0.7-9mamba
- set shadow group with read permission for /etc/shadow
* Mon Jun 25 2007 Silvan Calarco <silvan.calarco@mambasoft.it> 4.0.7-8mamba
- pam files changed to support pam 0.99.7
* Wed May 18 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 4.0.7-6qilnx
- removed su which is replaced by coreutils's
* Mon Mar 07 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 4.0.7-5qilnx
- fix login script to work with pam_unix2
* Wed Mar 02 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 4.0.7-4qilnx
- added missing pam files for some service who now use them instead of shadow
- added empty /etc/shadow file
* Fri Feb 25 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 4.0.7-3qilnx
- fixed requirement for libmisc
* Fri Feb 25 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 4.0.7-2qilnx
- package split into shadow and shadow-common, the latter for use with pwdutils
* Fri Feb 25 2005 Silvan Calarco <silvan.calarco@mambasoft.it> 4.0.7-1qilnx
- update to version 4.0.7 by autospec
* Fri May 28 2004 Davide Madrisan <davide.madrisan@qilinux.it> 4.0.4.1-2qilnx
- added missing ldconfig to preun and postun scripts
* Thu May 27 2004 Silvan Calarco <silvan.calarco@mambasoft.it> 4.0.4.1-1qilnx
- new version build
- removed pam_console from services that used it
* Thu May 09 2003 Silvan Calarco <silvan.calarco@qinet.it> 4.0.3-8qilnx
- fixed login pam configuration module
* Thu May 09 2003 Silvan Calarco <silvan.calarco@qinet.it> 4.0.3-7qilnx
- added login pam configuration module
- fixed configuration files for shadow and useradd
* Thu May 08 2003 Silvan Calarco <silvan.calarco@qinet.it> 4.0.3-6qilnx
- added /etc/pam.d files: su, shadow, passwd, useradd
* Tue May 06 2003 Alessandro Ramazzina <alessandro.ramazzina@qinet.it> 4.0.3-5qilnx
- added useradd file in /etc/default directory
- added patch for pam support
* Sun Apr 27 2003 Silvan Calarco <silvan.calarco@qinet.it> 4.0.3-4qilnx
- added post and preun pw conversion scripts
* Tue Apr 22 2003 Silvan Calarco <silvan.calarco@qinet.it> 4.0.3-2qilnx
- removed Prefix variable definition
- PAM support added
* Tue Apr 08 2003 Luca Tinelli <luca.tinelli@qinet.it>
- first Build