summaryrefslogtreecommitdiff
path: root/repo/system
diff options
context:
space:
mode:
Diffstat (limited to 'repo/system')
-rw-r--r--repo/system/dbus.xibuild5
-rw-r--r--repo/system/elogind.xibuild16
-rw-r--r--repo/system/nsss.xibuild2
-rw-r--r--repo/system/openrc.xibuild4
-rw-r--r--repo/system/pam.xibuild63
-rw-r--r--repo/system/shadow.xibuild180
-rw-r--r--repo/system/utmps.xibuild34
7 files changed, 109 insertions, 195 deletions
diff --git a/repo/system/dbus.xibuild b/repo/system/dbus.xibuild
index 795d2d7..66ea737 100644
--- a/repo/system/dbus.xibuild
+++ b/repo/system/dbus.xibuild
@@ -53,3 +53,8 @@ EOF
install -Dm755 dbus.initd $PKG_DEST/etc/init.d/dbus
install -Dm644 dbus.confd $PKG_DEST/etc/conf.d/dbus
}
+
+postinstall () {
+ rc-update add dbus
+ rc-service dbus start
+}
diff --git a/repo/system/elogind.xibuild b/repo/system/elogind.xibuild
index 9ecc089..6ed1231 100644
--- a/repo/system/elogind.xibuild
+++ b/repo/system/elogind.xibuild
@@ -6,10 +6,11 @@ DEPS="pam gperf eudev"
PKG_VER=246.10
SOURCE=https://github.com/elogind/elogind/archive/v$PKG_VER/elogind-$PKG_VER.tar.gz
ADDITIONAL="
-https://raw.githubusercontent.com/void-linux/void-packages/master/srcpkgs/elogind/patches/id-nobody.patch
-https://raw.githubusercontent.com/void-linux/void-packages/master/srcpkgs/elogind/patches/mips.patch
-https://raw.githubusercontent.com/void-linux/void-packages/master/srcpkgs/elogind/patches/ppc64-bad-tuple.patch
-https://raw.githubusercontent.com/void-linux/void-packages/master/srcpkgs/elogind/patches/ppcle.patch
+id-nobody.patch
+mips.patch
+ppc64-bad-tuple.patch
+ppcle.patch
+elogind.initd
"
DESC="The standalone logind daemon"
@@ -51,6 +52,8 @@ package () {
ln -sf libelogind.pc $PKG_DEST/usr/lib/pkgconfig/libsystemd.pc &&
ln -sf elogind $PKG_DEST/usr/include/systemd
+ install -Dm755 elogind.initd $PKG_DEST/etc/init.d/elogind
+
sed -e '/\[Login\]/a KillUserProcesses=no' \
-i $PKG_DEST/etc/elogind/logind.conf
@@ -84,3 +87,8 @@ EOF
}
+
+postinstall () {
+ rc-update add elogind
+ rc-service elogind start
+}
diff --git a/repo/system/nsss.xibuild b/repo/system/nsss.xibuild
index dc3fb07..2623641 100644
--- a/repo/system/nsss.xibuild
+++ b/repo/system/nsss.xibuild
@@ -10,7 +10,7 @@ SOURCE=https://skarnet.org/software/nsss/nsss-$PKG_VER.tar.gz
DESC="Minimal competing implementation of glibc's Name Switch Service"
build () {
- ./configure --prefix=/usr \
+ ./configure --prefix=/usr \
--exec-prefix=/usr \
--with-dynlib=/usr/lib \
--libexecdir=/usr/lib/nsss \
diff --git a/repo/system/openrc.xibuild b/repo/system/openrc.xibuild
index f60598f..fb99da4 100644
--- a/repo/system/openrc.xibuild
+++ b/repo/system/openrc.xibuild
@@ -54,8 +54,8 @@ check () {
package () {
make LIBEXECDIR=/lib/rc DESTDIR="$PKG_DEST/" MKSYSVINIT=yes install
- # remove -n from ln in mtab
- sed -i "s/ln -snf/ln -sf/g" $PKG_DEST/etc/init.d/mtab
+ # remove -n from ln in mtab, devfs
+ sed -i "s/ln -snf/ln -sf/g" $PKG_DEST/etc/init.d/mtab $PKG_DEST/etc/init.d/devfs
ln -s openrc-init $PKG_DEST/sbin/init
diff --git a/repo/system/pam.xibuild b/repo/system/pam.xibuild
index 2637e30..366ec3c 100644
--- a/repo/system/pam.xibuild
+++ b/repo/system/pam.xibuild
@@ -5,6 +5,13 @@ DEPS="musl libxcrypt"
PKG_VER=1.5.2
SOURCE=https://github.com/linux-pam/linux-pam/releases/download/v$PKG_VER/Linux-PAM-$PKG_VER.tar.xz
+ADDITIONAL="
+ system-auth.pamd
+ system-account.pamd
+ system-password.pamd
+ system-session.pamd
+ other.pamd
+"
DESC="PAM (Pluggable Authentication Modules) library"
prepare () {
@@ -29,53 +36,11 @@ package () {
make DESTDIR=$PKG_DEST install
install -m755 -d $PKG_DEST/etc/pam.d
- install -dm755 $PKG_DEST/etc/pam.d
- cat > $PKG_DEST/etc/pam.d/system-account << "EOF"
-# Begin /etc/pam.d/system-account
-
-account required pam_unix.so
-
-# End /etc/pam.d/system-account
-EOF
-
- cat > $PKG_DEST/etc/pam.d/system-auth << "EOF"
-# Begin /etc/pam.d/system-auth
-
-auth required pam_unix.so
-
-# End /etc/pam.d/system-auth
-EOF
-
- cat > $PKG_DEST/etc/pam.d/system-session << "EOF"
-# Begin /etc/pam.d/system-session
-
-session required pam_unix.so
-
-# End /etc/pam.d/system-session
-EOF
-
- cat > $PKG_DEST/etc/pam.d/system-password << "EOF"
-# Begin /etc/pam.d/system-password
-
-# use sha512 hash for encryption, use shadow, and try to use any previously
-# defined authentication token (chosen password) set by any prior module
-password required pam_unix.so sha512 shadow try_first_pass
-
-# End /etc/pam.d/system-password
-EOF
- cat > $PKG_DEST/etc/pam.d/other << "EOF"
-# Begin /etc/pam.d/other
-
-auth required pam_warn.so
-auth required pam_deny.so
-account required pam_warn.so
-account required pam_deny.so
-password required pam_warn.so
-password required pam_deny.so
-session required pam_warn.so
-session required pam_deny.so
-
-# End /etc/pam.d/other
-EOF
-
+ cp system-account.pamd $PKG_DEST/etc/pam.d/system-account
+ cp system-auth.pamd $PKG_DEST/etc/pam.d/system-auth
+ cp system-password.pamd $PKG_DEST/etc/pam.d/system-password
+ cp system-session.pamd $PKG_DEST/etc/pam.d/system-session
+ cp other.pamd $PKG_DEST/etc/pam.d/other
+ [ -d $PKG_DEST/usr/lib/systemd ] && rm -r $PKG_DEST/usr/lib/systemd
+ return 0
}
diff --git a/repo/system/shadow.xibuild b/repo/system/shadow.xibuild
index 9d490c4..22bd2f1 100644
--- a/repo/system/shadow.xibuild
+++ b/repo/system/shadow.xibuild
@@ -7,6 +7,14 @@ PKG_VER=4.11.1
SOURCE=https://github.com/shadow-maint/shadow/releases/download/v$PKG_VER/shadow-$PKG_VER.tar.xz
DESC="Password and account management tool suite with support for shadow files and PAM"
+ADDITIONAL="
+ chage.pamd
+ chpasswd.pamd
+ login.pamd
+ newusers.pamd
+ passwd.pamd
+ su.pamd
+"
prepare () {
@@ -26,7 +34,24 @@ prepare () {
}
build () {
- ./configure --sysconfdir=/etc --with-group-name-max-length=32
+ ./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --mandir=/usr/share/man \
+ --localstatedir=/var \
+ --disable-account-tools-setuid \
+ --disable-nls \
+ --without-audit \
+ --with-libpam \
+ --without-selinux \
+ --without-acl \
+ --without-attr \
+ --without-tcb \
+ --with-yescrypt \
+ --without-nscd \
+ --without-group-name-max-length \
+ --with-fcaps
+
make
}
@@ -34,150 +59,33 @@ package () {
make exec_prefix=/usr DESTDIR=$PKG_DEST install
make DESTDIR=$PKG_DEST -C man install-man
mkdir -p $PKG_DEST/etc/default
+
+ [ -d $PKG_DEST/etc/pam.d ] && rm -rf $PKG_DEST/etc/pam.d/*
+
install -m644 $PKG_DEST/etc/login.defs $PKG_DEST/etc/login.defs.orig &&
- for FUNCTION in FAIL_DELAY \
- FAILLOG_ENAB \
- LASTLOG_ENAB \
- MAIL_CHECK_ENAB \
- OBSCURE_CHECKS_ENAB \
- PORTTIME_CHECKS_ENAB \
- QUOTAS_ENAB \
- CONSOLE MOTD_FILE \
- FTMP_FILE NOLOGINS_FILE \
- ENV_HZ PASS_MIN_LEN \
- SU_WHEEL_ONLY \
- CRACKLIB_DICTPATH \
- PASS_CHANGE_TRIES \
- PASS_ALWAYS_WARN \
- CHFN_AUTH ENCRYPT_METHOD \
- ENVIRON_FILE
- do
- sed -i "s/^${FUNCTION}/# &/" $PKG_DEST/etc/login.defs
+ echo "USERGROUPS_ENAB yes"> $PKG_DEST/etc/login.defs
+
+ for f in $ADDITIONAL; do
+ case $f in
+ *.pamd)
+ cp $f $PKG_DEST/etc/pam.d/${f%.pamd}
+ ;;
+ esac
done
-
- cat > $PKG_DEST/etc/pam.d/login << "EOF"
-# Begin /etc/pam.d/login
-
-# Set failure delay before next prompt to 3 seconds
-auth optional pam_faildelay.so delay=3000000
-
-# Check to make sure that the user is allowed to login
-auth requisite pam_nologin.so
-
-# Check to make sure that root is allowed to login
-# Disabled by default. You will need to create /etc/securetty
-# file for this module to function. See man 5 securetty.
-#auth required pam_securetty.so
-
-# Additional group memberships - disabled by default
-#auth optional pam_group.so
-
-# include system auth settings
-auth include system-auth
-
-# check access for the user
-account required pam_access.so
-
-# include system account settings
-account include system-account
-
-# Set default environment variables for the user
-session required pam_env.so
-
-# Set resource limits for the user
-session required pam_limits.so
-
-# Display date of last login - Disabled by default
-#session optional pam_lastlog.so
-
-# Display the message of the day - Disabled by default
-#session optional pam_motd.so
-
-# Check user's mail - Disabled by default
-#session optional pam_mail.so standard quiet
-
-# include system session and password settings
-session include system-session
-password include system-password
-
-# End /etc/pam.d/login
-EOF
-
- cat > $PKG_DEST/etc/pam.d/passwd << "EOF"
-# Begin /etc/pam.d/passwd
-
-password include system-password
-
-# End /etc/pam.d/passwd
-EOF
-
- cat > $PKG_DEST/etc/pam.d/su << "EOF"
-# Begin /etc/pam.d/su
-
-# always allow root
-auth sufficient pam_rootok.so
-
-# Allow users in the wheel group to execute su without a password
-# disabled by default
-#auth sufficient pam_wheel.so trust use_uid
-
-# include system auth settings
-auth include system-auth
-
-# limit su to users in the wheel group
-auth required pam_wheel.so use_uid
-
-# include system account settings
-account include system-account
-
-# Set default environment variables for the service user
-session required pam_env.so
-
-# include system session settings
-session include system-session
-
-# End /etc/pam.d/su
-EOF
-
- cat > $PKG_DEST/etc/pam.d/chpasswd << "EOF"
-# Begin /etc/pam.d/chpasswd
-
-# always allow root
-auth sufficient pam_rootok.so
-
-# include system auth and account settings
-auth include system-auth
-account include system-account
-password include system-password
-
-# End /etc/pam.d/chpasswd
-EOF
-
-sed -e s/chpasswd/newusers/ $PKG_DEST/etc/pam.d/chpasswd >$PKG_DEST/etc/pam.d/newusers
-
- cat > $PKG_DEST/etc/pam.d/chage << "EOF"
-# Begin /etc/pam.d/chage
-
-# always allow root
-auth sufficient pam_rootok.so
-
-# include system auth and account settings
-auth include system-auth
-account include system-account
-
-# End /etc/pam.d/chage
-EOF
+ cp $PKG_DEST/etc/pam.d/su $PKG_DEST/etc/pam.d/su-l
for PROGRAM in chfn chgpasswd chsh groupadd groupdel \
groupmems groupmod useradd userdel usermod
do
- install -m644 $PKG_DEST/etc/pam.d/chage $PKG_DEST/etc/pam.d/${PROGRAM}
+ install -m644 chage.pamd $PKG_DEST/etc/pam.d/${PROGRAM}
sed -i "s/chage/$PROGRAM/" $PKG_DEST/etc/pam.d/${PROGRAM}
done
- [ -f $PKG_DEST/etc/login.access ] && mv $PKG_DEST/etc/login.access{,.NOUSE} || true
- [ -f $PKG_DEST/etc/limits ] && mv $PKG_DEST/etc/limits{,.NOUSE} || true
+ [ -f $PKG_DEST/etc/login.access ] && mv $PKG_DEST/etc/login.access $PKG_DEST/etc/login.access.NOUSE || true
+ [ -f $PKG_DEST/etc/limits ] && mv $PKG_DEST/etc/limits $PKG_DEST/etc/limits.NOUSE || true
+
+ rm $PKG_DEST/usr/bin/su
}
postinstall () {
@@ -222,7 +130,7 @@ users:x:999:
EOF
/usr/sbin/pwconv
/usr/sbin/grpconv
+ chmod 0640 /etc/shadow
mkdir -p /etc/default
/usr/sbin/useradd -D --gid 999
-
}
diff --git a/repo/system/utmps.xibuild b/repo/system/utmps.xibuild
index c5c5922..900aae8 100644
--- a/repo/system/utmps.xibuild
+++ b/repo/system/utmps.xibuild
@@ -6,6 +6,16 @@ DEPS="skalibs"
PKG_VER=0.1.1.0
SOURCE=https://skarnet.org/software/utmps/utmps-$PKG_VER.tar.gz
+ADDITIONAL="
+btmpd.initd
+btmpd.logrotate
+utmpd.initd
+utmp-init.initd
+utmp-prepare.initd
+wtmpd.initd
+wtmpd.logrotate
+"
+
DESC="Library implementing utmpx.h family of functions"
build () {
@@ -31,8 +41,13 @@ Requires.private: skalibs
Libs: -lutmps
Cflags: -I/usr/include/utmps
EOF
-
- #ln -s utmps/wtmp /var/log/wtmp
+ install -D -m755 utmp-prepare.initd "$PKG_DEST/etc/init.d/utmp-prepare"
+ install -D -m755 utmpd.initd "$PKG_DEST/etc/init.d/utmpd"
+ install -D -m755 wtmpd.initd "$PKG_DEST/etc/init.d/wtmpd"
+ install -D -m755 btmpd.initd "$PKG_DEST/etc/init.d/btmpd"
+ install -D -m755 utmp-init.initd "$PKG_DEST/etc/init.d/utmp-init"
+ install -D -m644 wtmpd.logrotate "$PKG_DEST/etc/logrotate.d/wtmpd"
+ install -D -m644 btmpd.logrotate "$PKG_DEST/etc/logrotate.d/btmpd"
}
postinstall () {
@@ -40,8 +55,21 @@ postinstall () {
command -v useradd || exit 1
command -v chown || exit 1
- useradd -c "utmps user" -d /run/utmps \
+ grep -q "utmps" /etc/passwd || useradd -c "utmps user" -d /run/utmps \
-u 984 -g utmp -s /bin/false utmp
[ -d /var/log/utmps ] || mkdir -p /var/log/utmps
+ [ -d /var/log/wtmp ] && mv /var/log/wtmp /var/log/utmps
chown -R utmp:utmp /var/log/utmps
+ [ -e /var/log/wtmp ] || ln -s utmps/wtmp /var/log/wtmp
+
+# utmps is broken, dont try to make services with it without s6 ipc
+# rc-update add utmp-prepare boot
+# rc-update add utmpd boot
+# rc-update add wtmpd boot
+# rc-update add btmpd boot
+# rc-update add utmp-init boot
+# rc-service utmp-prepare start
+# rc-service utmpd start
+# rc-service wtmpd start
+# rc-service btmpd start
}