diff options
Diffstat (limited to 'repo/system')
-rw-r--r-- | repo/system/dbus.xibuild | 5 | ||||
-rw-r--r-- | repo/system/elogind.xibuild | 16 | ||||
-rw-r--r-- | repo/system/nsss.xibuild | 2 | ||||
-rw-r--r-- | repo/system/openrc.xibuild | 4 | ||||
-rw-r--r-- | repo/system/pam.xibuild | 63 | ||||
-rw-r--r-- | repo/system/shadow.xibuild | 180 | ||||
-rw-r--r-- | repo/system/utmps.xibuild | 34 |
7 files changed, 109 insertions, 195 deletions
diff --git a/repo/system/dbus.xibuild b/repo/system/dbus.xibuild index 795d2d7..66ea737 100644 --- a/repo/system/dbus.xibuild +++ b/repo/system/dbus.xibuild @@ -53,3 +53,8 @@ EOF install -Dm755 dbus.initd $PKG_DEST/etc/init.d/dbus install -Dm644 dbus.confd $PKG_DEST/etc/conf.d/dbus } + +postinstall () { + rc-update add dbus + rc-service dbus start +} diff --git a/repo/system/elogind.xibuild b/repo/system/elogind.xibuild index 9ecc089..6ed1231 100644 --- a/repo/system/elogind.xibuild +++ b/repo/system/elogind.xibuild @@ -6,10 +6,11 @@ DEPS="pam gperf eudev" PKG_VER=246.10 SOURCE=https://github.com/elogind/elogind/archive/v$PKG_VER/elogind-$PKG_VER.tar.gz ADDITIONAL=" -https://raw.githubusercontent.com/void-linux/void-packages/master/srcpkgs/elogind/patches/id-nobody.patch -https://raw.githubusercontent.com/void-linux/void-packages/master/srcpkgs/elogind/patches/mips.patch -https://raw.githubusercontent.com/void-linux/void-packages/master/srcpkgs/elogind/patches/ppc64-bad-tuple.patch -https://raw.githubusercontent.com/void-linux/void-packages/master/srcpkgs/elogind/patches/ppcle.patch +id-nobody.patch +mips.patch +ppc64-bad-tuple.patch +ppcle.patch +elogind.initd " DESC="The standalone logind daemon" @@ -51,6 +52,8 @@ package () { ln -sf libelogind.pc $PKG_DEST/usr/lib/pkgconfig/libsystemd.pc && ln -sf elogind $PKG_DEST/usr/include/systemd + install -Dm755 elogind.initd $PKG_DEST/etc/init.d/elogind + sed -e '/\[Login\]/a KillUserProcesses=no' \ -i $PKG_DEST/etc/elogind/logind.conf @@ -84,3 +87,8 @@ EOF } + +postinstall () { + rc-update add elogind + rc-service elogind start +} diff --git a/repo/system/nsss.xibuild b/repo/system/nsss.xibuild index dc3fb07..2623641 100644 --- a/repo/system/nsss.xibuild +++ b/repo/system/nsss.xibuild @@ -10,7 +10,7 @@ SOURCE=https://skarnet.org/software/nsss/nsss-$PKG_VER.tar.gz DESC="Minimal competing implementation of glibc's Name Switch Service" build () { - ./configure --prefix=/usr \ + ./configure --prefix=/usr \ --exec-prefix=/usr \ --with-dynlib=/usr/lib \ --libexecdir=/usr/lib/nsss \ diff --git a/repo/system/openrc.xibuild b/repo/system/openrc.xibuild index f60598f..fb99da4 100644 --- a/repo/system/openrc.xibuild +++ b/repo/system/openrc.xibuild @@ -54,8 +54,8 @@ check () { package () { make LIBEXECDIR=/lib/rc DESTDIR="$PKG_DEST/" MKSYSVINIT=yes install - # remove -n from ln in mtab - sed -i "s/ln -snf/ln -sf/g" $PKG_DEST/etc/init.d/mtab + # remove -n from ln in mtab, devfs + sed -i "s/ln -snf/ln -sf/g" $PKG_DEST/etc/init.d/mtab $PKG_DEST/etc/init.d/devfs ln -s openrc-init $PKG_DEST/sbin/init diff --git a/repo/system/pam.xibuild b/repo/system/pam.xibuild index 2637e30..366ec3c 100644 --- a/repo/system/pam.xibuild +++ b/repo/system/pam.xibuild @@ -5,6 +5,13 @@ DEPS="musl libxcrypt" PKG_VER=1.5.2 SOURCE=https://github.com/linux-pam/linux-pam/releases/download/v$PKG_VER/Linux-PAM-$PKG_VER.tar.xz +ADDITIONAL=" + system-auth.pamd + system-account.pamd + system-password.pamd + system-session.pamd + other.pamd +" DESC="PAM (Pluggable Authentication Modules) library" prepare () { @@ -29,53 +36,11 @@ package () { make DESTDIR=$PKG_DEST install install -m755 -d $PKG_DEST/etc/pam.d - install -dm755 $PKG_DEST/etc/pam.d - cat > $PKG_DEST/etc/pam.d/system-account << "EOF" -# Begin /etc/pam.d/system-account - -account required pam_unix.so - -# End /etc/pam.d/system-account -EOF - - cat > $PKG_DEST/etc/pam.d/system-auth << "EOF" -# Begin /etc/pam.d/system-auth - -auth required pam_unix.so - -# End /etc/pam.d/system-auth -EOF - - cat > $PKG_DEST/etc/pam.d/system-session << "EOF" -# Begin /etc/pam.d/system-session - -session required pam_unix.so - -# End /etc/pam.d/system-session -EOF - - cat > $PKG_DEST/etc/pam.d/system-password << "EOF" -# Begin /etc/pam.d/system-password - -# use sha512 hash for encryption, use shadow, and try to use any previously -# defined authentication token (chosen password) set by any prior module -password required pam_unix.so sha512 shadow try_first_pass - -# End /etc/pam.d/system-password -EOF - cat > $PKG_DEST/etc/pam.d/other << "EOF" -# Begin /etc/pam.d/other - -auth required pam_warn.so -auth required pam_deny.so -account required pam_warn.so -account required pam_deny.so -password required pam_warn.so -password required pam_deny.so -session required pam_warn.so -session required pam_deny.so - -# End /etc/pam.d/other -EOF - + cp system-account.pamd $PKG_DEST/etc/pam.d/system-account + cp system-auth.pamd $PKG_DEST/etc/pam.d/system-auth + cp system-password.pamd $PKG_DEST/etc/pam.d/system-password + cp system-session.pamd $PKG_DEST/etc/pam.d/system-session + cp other.pamd $PKG_DEST/etc/pam.d/other + [ -d $PKG_DEST/usr/lib/systemd ] && rm -r $PKG_DEST/usr/lib/systemd + return 0 } diff --git a/repo/system/shadow.xibuild b/repo/system/shadow.xibuild index 9d490c4..22bd2f1 100644 --- a/repo/system/shadow.xibuild +++ b/repo/system/shadow.xibuild @@ -7,6 +7,14 @@ PKG_VER=4.11.1 SOURCE=https://github.com/shadow-maint/shadow/releases/download/v$PKG_VER/shadow-$PKG_VER.tar.xz DESC="Password and account management tool suite with support for shadow files and PAM" +ADDITIONAL=" + chage.pamd + chpasswd.pamd + login.pamd + newusers.pamd + passwd.pamd + su.pamd +" prepare () { @@ -26,7 +34,24 @@ prepare () { } build () { - ./configure --sysconfdir=/etc --with-group-name-max-length=32 + ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --localstatedir=/var \ + --disable-account-tools-setuid \ + --disable-nls \ + --without-audit \ + --with-libpam \ + --without-selinux \ + --without-acl \ + --without-attr \ + --without-tcb \ + --with-yescrypt \ + --without-nscd \ + --without-group-name-max-length \ + --with-fcaps + make } @@ -34,150 +59,33 @@ package () { make exec_prefix=/usr DESTDIR=$PKG_DEST install make DESTDIR=$PKG_DEST -C man install-man mkdir -p $PKG_DEST/etc/default + + [ -d $PKG_DEST/etc/pam.d ] && rm -rf $PKG_DEST/etc/pam.d/* + install -m644 $PKG_DEST/etc/login.defs $PKG_DEST/etc/login.defs.orig && - for FUNCTION in FAIL_DELAY \ - FAILLOG_ENAB \ - LASTLOG_ENAB \ - MAIL_CHECK_ENAB \ - OBSCURE_CHECKS_ENAB \ - PORTTIME_CHECKS_ENAB \ - QUOTAS_ENAB \ - CONSOLE MOTD_FILE \ - FTMP_FILE NOLOGINS_FILE \ - ENV_HZ PASS_MIN_LEN \ - SU_WHEEL_ONLY \ - CRACKLIB_DICTPATH \ - PASS_CHANGE_TRIES \ - PASS_ALWAYS_WARN \ - CHFN_AUTH ENCRYPT_METHOD \ - ENVIRON_FILE - do - sed -i "s/^${FUNCTION}/# &/" $PKG_DEST/etc/login.defs + echo "USERGROUPS_ENAB yes"> $PKG_DEST/etc/login.defs + + for f in $ADDITIONAL; do + case $f in + *.pamd) + cp $f $PKG_DEST/etc/pam.d/${f%.pamd} + ;; + esac done - - cat > $PKG_DEST/etc/pam.d/login << "EOF" -# Begin /etc/pam.d/login - -# Set failure delay before next prompt to 3 seconds -auth optional pam_faildelay.so delay=3000000 - -# Check to make sure that the user is allowed to login -auth requisite pam_nologin.so - -# Check to make sure that root is allowed to login -# Disabled by default. You will need to create /etc/securetty -# file for this module to function. See man 5 securetty. -#auth required pam_securetty.so - -# Additional group memberships - disabled by default -#auth optional pam_group.so - -# include system auth settings -auth include system-auth - -# check access for the user -account required pam_access.so - -# include system account settings -account include system-account - -# Set default environment variables for the user -session required pam_env.so - -# Set resource limits for the user -session required pam_limits.so - -# Display date of last login - Disabled by default -#session optional pam_lastlog.so - -# Display the message of the day - Disabled by default -#session optional pam_motd.so - -# Check user's mail - Disabled by default -#session optional pam_mail.so standard quiet - -# include system session and password settings -session include system-session -password include system-password - -# End /etc/pam.d/login -EOF - - cat > $PKG_DEST/etc/pam.d/passwd << "EOF" -# Begin /etc/pam.d/passwd - -password include system-password - -# End /etc/pam.d/passwd -EOF - - cat > $PKG_DEST/etc/pam.d/su << "EOF" -# Begin /etc/pam.d/su - -# always allow root -auth sufficient pam_rootok.so - -# Allow users in the wheel group to execute su without a password -# disabled by default -#auth sufficient pam_wheel.so trust use_uid - -# include system auth settings -auth include system-auth - -# limit su to users in the wheel group -auth required pam_wheel.so use_uid - -# include system account settings -account include system-account - -# Set default environment variables for the service user -session required pam_env.so - -# include system session settings -session include system-session - -# End /etc/pam.d/su -EOF - - cat > $PKG_DEST/etc/pam.d/chpasswd << "EOF" -# Begin /etc/pam.d/chpasswd - -# always allow root -auth sufficient pam_rootok.so - -# include system auth and account settings -auth include system-auth -account include system-account -password include system-password - -# End /etc/pam.d/chpasswd -EOF - -sed -e s/chpasswd/newusers/ $PKG_DEST/etc/pam.d/chpasswd >$PKG_DEST/etc/pam.d/newusers - - cat > $PKG_DEST/etc/pam.d/chage << "EOF" -# Begin /etc/pam.d/chage - -# always allow root -auth sufficient pam_rootok.so - -# include system auth and account settings -auth include system-auth -account include system-account - -# End /etc/pam.d/chage -EOF + cp $PKG_DEST/etc/pam.d/su $PKG_DEST/etc/pam.d/su-l for PROGRAM in chfn chgpasswd chsh groupadd groupdel \ groupmems groupmod useradd userdel usermod do - install -m644 $PKG_DEST/etc/pam.d/chage $PKG_DEST/etc/pam.d/${PROGRAM} + install -m644 chage.pamd $PKG_DEST/etc/pam.d/${PROGRAM} sed -i "s/chage/$PROGRAM/" $PKG_DEST/etc/pam.d/${PROGRAM} done - [ -f $PKG_DEST/etc/login.access ] && mv $PKG_DEST/etc/login.access{,.NOUSE} || true - [ -f $PKG_DEST/etc/limits ] && mv $PKG_DEST/etc/limits{,.NOUSE} || true + [ -f $PKG_DEST/etc/login.access ] && mv $PKG_DEST/etc/login.access $PKG_DEST/etc/login.access.NOUSE || true + [ -f $PKG_DEST/etc/limits ] && mv $PKG_DEST/etc/limits $PKG_DEST/etc/limits.NOUSE || true + + rm $PKG_DEST/usr/bin/su } postinstall () { @@ -222,7 +130,7 @@ users:x:999: EOF /usr/sbin/pwconv /usr/sbin/grpconv + chmod 0640 /etc/shadow mkdir -p /etc/default /usr/sbin/useradd -D --gid 999 - } diff --git a/repo/system/utmps.xibuild b/repo/system/utmps.xibuild index c5c5922..900aae8 100644 --- a/repo/system/utmps.xibuild +++ b/repo/system/utmps.xibuild @@ -6,6 +6,16 @@ DEPS="skalibs" PKG_VER=0.1.1.0 SOURCE=https://skarnet.org/software/utmps/utmps-$PKG_VER.tar.gz +ADDITIONAL=" +btmpd.initd +btmpd.logrotate +utmpd.initd +utmp-init.initd +utmp-prepare.initd +wtmpd.initd +wtmpd.logrotate +" + DESC="Library implementing utmpx.h family of functions" build () { @@ -31,8 +41,13 @@ Requires.private: skalibs Libs: -lutmps Cflags: -I/usr/include/utmps EOF - - #ln -s utmps/wtmp /var/log/wtmp + install -D -m755 utmp-prepare.initd "$PKG_DEST/etc/init.d/utmp-prepare" + install -D -m755 utmpd.initd "$PKG_DEST/etc/init.d/utmpd" + install -D -m755 wtmpd.initd "$PKG_DEST/etc/init.d/wtmpd" + install -D -m755 btmpd.initd "$PKG_DEST/etc/init.d/btmpd" + install -D -m755 utmp-init.initd "$PKG_DEST/etc/init.d/utmp-init" + install -D -m644 wtmpd.logrotate "$PKG_DEST/etc/logrotate.d/wtmpd" + install -D -m644 btmpd.logrotate "$PKG_DEST/etc/logrotate.d/btmpd" } postinstall () { @@ -40,8 +55,21 @@ postinstall () { command -v useradd || exit 1 command -v chown || exit 1 - useradd -c "utmps user" -d /run/utmps \ + grep -q "utmps" /etc/passwd || useradd -c "utmps user" -d /run/utmps \ -u 984 -g utmp -s /bin/false utmp [ -d /var/log/utmps ] || mkdir -p /var/log/utmps + [ -d /var/log/wtmp ] && mv /var/log/wtmp /var/log/utmps chown -R utmp:utmp /var/log/utmps + [ -e /var/log/wtmp ] || ln -s utmps/wtmp /var/log/wtmp + +# utmps is broken, dont try to make services with it without s6 ipc +# rc-update add utmp-prepare boot +# rc-update add utmpd boot +# rc-update add wtmpd boot +# rc-update add btmpd boot +# rc-update add utmp-init boot +# rc-service utmp-prepare start +# rc-service utmpd start +# rc-service wtmpd start +# rc-service btmpd start } |