core/shadow/shadow-4.13-r1.smage2

# $Id$

PNAME="shadow"
PVER="4.13"
PBUILD="r1"

PCAT="sys-apps"

DESCRIPTION="Utilities to deal with user accounts, with pam support."
HOMEPAGE="https://github.com/shadow-maint/shadow/"

DEPEND=">= virtual/glibc
	>= sys-apps/base-files-0.7
	>= app-shells/bash-5
	>= sys-libs/pam-1.1
	>= sys-libs/cracklib-2.8
	>= sys-libs/readline-8.2
	>= sys-libs/libxcrypt-4.4
	>= sys-apps/coreutils-9.3"

SDEPEND=">= sys-dev/autoconf-5
	>= sys-dev/automake-4
	>= sys-dev/libtool-2.4"

SRCFILE="${PNAME}-${PVER}.tar.xz"
SRCDIR="${BUILDDIR}/${PNAME}-${PVER}"

sminclude mtools

PAMD_CHAGE_REV=1.3
PAMD_LOGIN_REV=1.3
PAMD_SU_REV=1.3

SRC_URI=(
	https://github.com/shadow-maint/${PNAME}/releases/download/${PVER}/${SRCFILE}
	mirror://${PNAME}/${SRCFILE}
	mirror://${PNAME}/pamd-systemauth/chage-${PAMD_CHAGE_REV}
	mirror://${PNAME}/pamd-systemauth/login-${PAMD_LOGIN_REV}
	mirror://${PNAME}/pamd-systemauth/su-${PAMD_SU_REV}
	mirror://${PNAME}/pamd-systemauth/passwd
)

UP2DATE="updatecmd ${HOMEPAGE} | grep 'New release' | sed 's/.*: \(.*\).*/\1/;q'"

src_prepare()
{
	munpack ${SRCFILE} || die
	cd ${SRCDIR}

	# do not build 'groups'; coreutils provide a better version
	sed -i 's/groups$(EXEEXT) //' src/Makefile.in || die
	sed -i '/groups/d' man/Makefile.in || die
}

src_compile()
{
	cd ${SRCDIR}

	# configures shadow with pam
	mconfigure \
		--bindir=/usr/bin \
		--sbindir=/usr/sbin \
		--enable-shared \
		--with-libpam \
		--with-libcrack \
		--with-libbcrypt \
		--with-libyescrypt \
		--enable-nls \
		--without-selinux \
		--with-group-name-max-length=32 \
		|| die

	mmake || die
}

src_install()
{
	cd ${SRCDIR}

	# added exec_prefix for better bin location
	mmake DESTDIR=${BINDIR} install || die

	minstalletc etc/login.access login.access || die

	# install pam related configuration files
	minstallpam login-${PAMD_LOGIN_REV} login || die
	minstallpam su-${PAMD_SU_REV} su || die
	local i
	for i in chgpasswd chpasswd passwd
	do
		minstallpam passwd ${i} || die
	done
	for i in chage chfn chsh \
		groupadd groupdel groupmems groupmod \
		newusers useradd userdel usermod
	do
		minstallpam chage-${PAMD_CHAGE_REV} ${i} || die
	done

	# disable these checks as pam controls them now
	sed -e "s/^DIALUPS_CHECK_ENAB/# &/" \
		-e "s/^LASTLOG_ENAB/# &/" \
		-e "s/^MAIL_CHECK_ENAB/# &/" \
		-e "s/^PORTTIME_CHECKS_ENAB/# &/" \
		-e "s/^CONSOLE/# &/" \
		-e "s/^MOTD_FILE/# &/" \
		-e "s/^NOLOGINS_FILE/# &/" \
		-e "s/^PASS_MIN_LEN/# &/" \
		-e "s/^SU_WHEEL_ONLY/# &/" \
		-e "s/^CONSOLE_GROUPS/# &/" \
		-e "s/^ENVIRON_FILE/# &/" \
		-e "s/^OBSCURE_CHECKS_ENAB/# &/" \
		-e "s/^CRACKLIB_DICTPATH/# &/" \
		-e "s/^PASS_CHANGE_TRIES/# &/" \
		-e "s/^PASS_ALWAYS_WARN/# &/" \
		-e "s/^FAILLOG_ENAB/# &/" \
		-e "s/^QUOTAS_ENAB/# &/" \
		-e "s/^FTMP_FILE/# &/" \
		-e "s/^ENV_HZ/# &/" \
		-e "s/^CHFN_AUTH/# &/" \
		etc/login.defs > ${BINDIR}/etc/login.defs || die

	# fix some pathes in login.defs
	# md5crypt is also controlled by pam !
	sed -i -e "s/^MD5_CRYPT_ENAB/# &/" \
		-e 's%/var/spool/mail%/var/mail%' \
		-e 's@DICTPATH.*@DICTPATH\t/lib/cracklib/pw_dict@' \
		${BINDIR}/etc/login.defs || die

	# remove /bin adn /sbin from path, as these are symlinks
	sed -i '/PATH=/{s@/sbin:@@;s@/bin:@@}'  ${BINDIR}/etc/login.defs || die

	# use much secure yescrypt
	sed -i 's:#ENCRYPT_METHOD DES:ENCRYPT_METHOD YESCRYPT:' ${BINDIR}/etc/login.defs || die

	# generate useradd default settings file
	minstalldir /etc/default || die
	cat > ${BINDIR}/etc/default/useradd << EOF
# The default group for users
GROUP=users

# The default home directory.
HOME=/home

# Number of days after a password expires after the account was disabled
INACTIVE=-1

# Default account expire date in days
EXPIRE=

# The default login shell
SHELL=/bin/bash

# Location of user skeleton files
SKEL=/etc/skel

# Defines wether a mail spool should be created while creating an account
CREATE_MAIL_SPOOL=no
EOF
}

postinstall()
{
	if [[ -z ${MROOT} ]] || [[ ${MROOT} = / ]]
	then
		/usr/sbin/pwconv
		/usr/sbin/grpconv
	elif [[ -x $(type -P chroot) ]] && [[ -d ${MROOT} ]]
	then
		chroot ${MROOT} /usr/sbin/pwconv || die
		chroot ${MROOT} /usr/sbin/grpconv || die
	else
		echo
		echo "pwconv and grpconv could not run in MROOT='${MROOT}'."
		echo "PAM is not usable without any shadow/gshadow files."
		echo "Please chroot in your systemroot and run them by hand."
		echo
	fi

	# pam handles limits from now on
	if [[ -f ${MROOT}/etc/limits ]]
	then
		echo
		echo "/etc/limits found and will be removed!"
		echo "PAM handles all system limitations from now on."
		echo "Please edit /etc/security/limits.conf accordingly."
		echo
		rm ${MROOT}/etc/limits
	fi
}
1	# $Id$
2
3	PNAME="shadow"
4	PVER="4.13"
5	PBUILD="r1"
6
7	PCAT="sys-apps"
8
9	DESCRIPTION="Utilities to deal with user accounts, with pam support."
10	HOMEPAGE="https://github.com/shadow-maint/shadow/"
11
12	DEPEND=">= virtual/glibc
13	>= sys-apps/base-files-0.7
14	>= app-shells/bash-5
15	>= sys-libs/pam-1.1
16	>= sys-libs/cracklib-2.8
17	>= sys-libs/readline-8.2
18	>= sys-libs/libxcrypt-4.4
19	>= sys-apps/coreutils-9.3"
20
21	SDEPEND=">= sys-dev/autoconf-5
22	>= sys-dev/automake-4
23	>= sys-dev/libtool-2.4"
24
25	SRCFILE="${PNAME}-${PVER}.tar.xz"
26	SRCDIR="${BUILDDIR}/${PNAME}-${PVER}"
27
28	sminclude mtools
29
30	PAMD_CHAGE_REV=1.3
31	PAMD_LOGIN_REV=1.3
32	PAMD_SU_REV=1.3
33
34	SRC_URI=(
35	https://github.com/shadow-maint/${PNAME}/releases/download/${PVER}/${SRCFILE}
36	mirror://${PNAME}/${SRCFILE}
37	mirror://${PNAME}/pamd-systemauth/chage-${PAMD_CHAGE_REV}
38	mirror://${PNAME}/pamd-systemauth/login-${PAMD_LOGIN_REV}
39	mirror://${PNAME}/pamd-systemauth/su-${PAMD_SU_REV}
40	mirror://${PNAME}/pamd-systemauth/passwd
41	)
42
43	UP2DATE="updatecmd ${HOMEPAGE} \| grep 'New release' \| sed 's/.: \(.\).*/\1/;q'"
44
45	src_prepare()
46	{
47	munpack ${SRCFILE} \|\| die
48	cd ${SRCDIR}
49
50	# do not build 'groups'; coreutils provide a better version
51	sed -i 's/groups$(EXEEXT) //' src/Makefile.in \|\| die
52	sed -i '/groups/d' man/Makefile.in \|\| die
53	}
54
55	src_compile()
56	{
57	cd ${SRCDIR}
58
59	# configures shadow with pam
60	mconfigure \
61	--bindir=/usr/bin \
62	--sbindir=/usr/sbin \
63	--enable-shared \
64	--with-libpam \
65	--with-libcrack \
66	--with-libbcrypt \
67	--with-libyescrypt \
68	--enable-nls \
69	--without-selinux \
70	--with-group-name-max-length=32 \
71	\|\| die
72
73	mmake \|\| die
74	}
75
76	src_install()
77	{
78	cd ${SRCDIR}
79
80	# added exec_prefix for better bin location
81	mmake DESTDIR=${BINDIR} install \|\| die
82
83	minstalletc etc/login.access login.access \|\| die
84
85	# install pam related configuration files
86	minstallpam login-${PAMD_LOGIN_REV} login \|\| die
87	minstallpam su-${PAMD_SU_REV} su \|\| die
88	local i
89	for i in chgpasswd chpasswd passwd
90	do
91	minstallpam passwd ${i} \|\| die
92	done
93	for i in chage chfn chsh \
94	groupadd groupdel groupmems groupmod \
95	newusers useradd userdel usermod
96	do
97	minstallpam chage-${PAMD_CHAGE_REV} ${i} \|\| die
98	done
99
100	# disable these checks as pam controls them now
101	sed -e "s/^DIALUPS_CHECK_ENAB/# &/" \
102	-e "s/^LASTLOG_ENAB/# &/" \
103	-e "s/^MAIL_CHECK_ENAB/# &/" \
104	-e "s/^PORTTIME_CHECKS_ENAB/# &/" \
105	-e "s/^CONSOLE/# &/" \
106	-e "s/^MOTD_FILE/# &/" \
107	-e "s/^NOLOGINS_FILE/# &/" \
108	-e "s/^PASS_MIN_LEN/# &/" \
109	-e "s/^SU_WHEEL_ONLY/# &/" \
110	-e "s/^CONSOLE_GROUPS/# &/" \
111	-e "s/^ENVIRON_FILE/# &/" \
112	-e "s/^OBSCURE_CHECKS_ENAB/# &/" \
113	-e "s/^CRACKLIB_DICTPATH/# &/" \
114	-e "s/^PASS_CHANGE_TRIES/# &/" \
115	-e "s/^PASS_ALWAYS_WARN/# &/" \
116	-e "s/^FAILLOG_ENAB/# &/" \
117	-e "s/^QUOTAS_ENAB/# &/" \
118	-e "s/^FTMP_FILE/# &/" \
119	-e "s/^ENV_HZ/# &/" \
120	-e "s/^CHFN_AUTH/# &/" \
121	etc/login.defs > ${BINDIR}/etc/login.defs \|\| die
122
123	# fix some pathes in login.defs
124	# md5crypt is also controlled by pam !
125	sed -i -e "s/^MD5_CRYPT_ENAB/# &/" \
126	-e 's%/var/spool/mail%/var/mail%' \
127	-e 's@DICTPATH.*@DICTPATH\t/lib/cracklib/pw_dict@' \
128	${BINDIR}/etc/login.defs \|\| die
129
130	# remove /bin adn /sbin from path, as these are symlinks
131	sed -i '/PATH=/{s@/sbin:@@;s@/bin:@@}' ${BINDIR}/etc/login.defs \|\| die
132
133	# use much secure yescrypt
134	sed -i 's:#ENCRYPT_METHOD DES:ENCRYPT_METHOD YESCRYPT:' ${BINDIR}/etc/login.defs \|\| die
135
136	# generate useradd default settings file
137	minstalldir /etc/default \|\| die
138	cat > ${BINDIR}/etc/default/useradd << EOF
139	# The default group for users
140	GROUP=users
141
142	# The default home directory.
143	HOME=/home
144
145	# Number of days after a password expires after the account was disabled
146	INACTIVE=-1
147
148	# Default account expire date in days
149	EXPIRE=
150
151	# The default login shell
152	SHELL=/bin/bash
153
154	# Location of user skeleton files
155	SKEL=/etc/skel
156
157	# Defines wether a mail spool should be created while creating an account
158	CREATE_MAIL_SPOOL=no
159	EOF
160	}
161
162	postinstall()
163	{
164	if [[ -z ${MROOT} ]] \|\| [[ ${MROOT} = / ]]
165	then
166	/usr/sbin/pwconv
167	/usr/sbin/grpconv
168	elif [[ -x $(type -P chroot) ]] && [[ -d ${MROOT} ]]
169	then
170	chroot ${MROOT} /usr/sbin/pwconv \|\| die
171	chroot ${MROOT} /usr/sbin/grpconv \|\| die
172	else
173	echo
174	echo "pwconv and grpconv could not run in MROOT='${MROOT}'."
175	echo "PAM is not usable without any shadow/gshadow files."
176	echo "Please chroot in your systemroot and run them by hand."
177	echo
178	fi
179
180	# pam handles limits from now on
181	if [[ -f ${MROOT}/etc/limits ]]
182	then
183	echo
184	echo "/etc/limits found and will be removed!"
185	echo "PAM handles all system limitations from now on."
186	echo "Please edit /etc/security/limits.conf accordingly."
187	echo
188	rm ${MROOT}/etc/limits
189	fi
190	}