blob: 2e4469b43d009f7744085f596a787ff35e362bf1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
# Copyright 1999-2002 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License, v2 or later
# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.0.2-r4.ebuild,v 1.2 2002/07/11 06:30:55 drobbins Exp $
S=${WORKDIR}/${P}
DESCRIPTION="Utilities to deal with user accounts"
SRC_URI="ftp://ftp.pld.org.pl/software/shadow/${P}.tar.gz"
DEPEND=">=sys-libs/pam-0.75-r4
>=sys-libs/cracklib-2.7-r3
sys-devel/gettext"
RDEPEND=">=sys-libs/pam-0.75-r4
>=sys-libs/cracklib-2.7-r3"
pkg_preinst() {
rm -f ${ROOT}/etc/pam.d/system-auth.new
}
src_compile() {
libtoolize --copy --force
local myconf=""
use nls || myconf="${myconf} --disable-nls"
./configure --disable-desrpc \
--with-libcrypt \
--with-libcrack \
--with-libpam \
--enable-shared=no \
--enable-static=yes \
--host=${CHOST} \
${myconf} || die "bad configure"
# Parallel make fails sometimes
make LDFLAGS="-lcrack -lcrypt" \
LIBS="../libmisc/nscd.o" || die "compile problem"
}
src_install() {
dodir /etc/default /etc/skel
make prefix=${D}/usr \
exec_prefix=${D} \
mandir=${D}/usr/share/man \
install || die "install problem"
#do not install this login, but rather the one from
#util-linux, as this one have a serious root exploit
#with pam_limits in use.
rm ${D}/bin/login
mv ${D}/lib ${D}/usr
dosed "s:/lib':/usr/lib':g" /usr/lib/libshadow.la
dosed "s:/lib/:/usr/lib/:g" /usr/lib/libshadow.la
dosed "s:/lib':/usr/lib':g" /usr/lib/libmisc.la
dosed "s:/lib/:/usr/lib/:g" /usr/lib/libmisc.la
dosym /usr/bin/newgrp /usr/bin/sg
dosym /usr/sbin/useradd /usr/sbin/adduser
dosym /usr/sbin/vipw /usr/sbin/vigr
# remove dead links
rm -f ${D}/bin/{sg,vipw}
insinto /etc
# Using a securetty with devfs device names added
# (compat names kept for non-devfs compatibility)
insopts -m0600 ; doins ${FILESDIR}/securetty
insopts -m0600 ; doins ${S}/etc/login.access
insopts -m0644 ; doins ${S}/etc/limits
insopts -m0644 ; doins ${FILESDIR}/login.defs
insinto /etc/pam.d ; insopts -m0644
cd ${FILESDIR}/pam.d
doins *
newins system-auth system-auth.new
newins shadow chage
newins shadow chsh
newins shadow chfn
newins shadow useradd
newins shadow groupadd
cd ${S}
# the manpage install is beyond my comprehension, and also broken.
# just do it over.
rm -rf ${D}/usr/share/man/*
for q in man/*.[0-9]
do
local dir="${D}/usr/share/man/man${q##*.}"
mkdir -p $dir
cp $q $dir
done
#dont install the manpage, since we dont use
#login with shadow
rm ${D}/usr/share/man/man1/login.*
cd ${S}/doc
dodoc ANNOUNCE INSTALL LICENSE README WISHLIST
docinto txt
dodoc HOWTO LSM README.* *.txt
}
pkg_postinst() {
echo
echo "****************************************************"
echo " Due to a security issue, ${ROOT}etc/pam.d/system-auth "
echo " is being updated automatically. Your old "
echo " system-auth will be backed up as:"
echo " ${ROOT}etc/pam.d/system-auth.bak"
echo "****************************************************"
echo
local CHECK1=`md5sum ${ROOT}/etc/pam.d/system-auth | cut -d ' ' -f 1`
local CHECK2=`md5sum ${ROOT}/etc/pam.d/system-auth.new | cut -d ' ' -f 1`
if [ "$CHECK1" != "$CHECK2" ];
then
cp -a ${ROOT}/etc/pam.d/system-auth \
${ROOT}/etc/pam.d/system-auth.bak;
mv -f ${ROOT}/etc/pam.d/system-auth.new \
${ROOT}/etc/pam.d/system-auth
else
rm -f ${ROOT}/etc/pam.d/system-auth.new
fi
}
|
GitWeb