summaryrefslogtreecommitdiff
path: root/repo/shadow/shadow.xibuild
blob: 22bd2f1ae344a2c34c2dfca87737421451f3d76f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
#!/bin/sh

MAKEDEPS="make "
DEPS="acl libcap libxcrypt"

PKG_VER=4.11.1

SOURCE=https://github.com/shadow-maint/shadow/releases/download/v$PKG_VER/shadow-$PKG_VER.tar.xz
DESC="Password and account management tool suite with support for shadow files and PAM"
ADDITIONAL="
    chage.pamd
    chpasswd.pamd
    login.pamd
    newusers.pamd
    passwd.pamd
    su.pamd
"

prepare () {

    sed -i 's/groups$(EXEEXT) //' src/Makefile.in
    find man -name Makefile.in -exec sed -i 's/groups\.1 / /'   {} \;
    find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \;
    find man -name Makefile.in -exec sed -i 's/passwd\.5 / /'   {} \;

    sed -e 's:#ENCRYPT_METHOD DES:ENCRYPT_METHOD SHA512:' \
    -e 's:/var/spool/mail:/var/mail:'                 \
    -e '/PATH=/{s@/sbin:@@;s@/bin:@@}'                \
    -i etc/login.defs
    
    mkdir -p $PKG_DEST/usr/bin
    touch $PKG_DEST/usr/bin/passwd

}

build () {
    ./configure \
		--prefix=/usr \
		--sysconfdir=/etc \
		--mandir=/usr/share/man \
		--localstatedir=/var \
		--disable-account-tools-setuid \
		--disable-nls \
		--without-audit \
		--with-libpam \
		--without-selinux \
		--without-acl \
		--without-attr \
		--without-tcb \
		--with-yescrypt \
		--without-nscd \
		--without-group-name-max-length \
		--with-fcaps

    make
}

package () {
    make exec_prefix=/usr DESTDIR=$PKG_DEST install
    make DESTDIR=$PKG_DEST -C man install-man
    mkdir -p $PKG_DEST/etc/default
    
    [ -d $PKG_DEST/etc/pam.d ] && rm -rf $PKG_DEST/etc/pam.d/*


    install -m644 $PKG_DEST/etc/login.defs $PKG_DEST/etc/login.defs.orig &&
    echo "USERGROUPS_ENAB yes"> $PKG_DEST/etc/login.defs
    
    for f in $ADDITIONAL; do 
        case $f in 
            *.pamd)
                cp $f $PKG_DEST/etc/pam.d/${f%.pamd} 
                ;;
        esac
    done
    cp $PKG_DEST/etc/pam.d/su $PKG_DEST/etc/pam.d/su-l

    for PROGRAM in chfn chgpasswd chsh groupadd groupdel \
                   groupmems groupmod useradd userdel usermod
    do
        install -m644 chage.pamd $PKG_DEST/etc/pam.d/${PROGRAM}
        sed -i "s/chage/$PROGRAM/" $PKG_DEST/etc/pam.d/${PROGRAM}
    done

    [ -f $PKG_DEST/etc/login.access ] && mv $PKG_DEST/etc/login.access $PKG_DEST/etc/login.access.NOUSE || true
    [ -f $PKG_DEST/etc/limits ] && mv $PKG_DEST/etc/limits $PKG_DEST/etc/limits.NOUSE || true

    rm $PKG_DEST/usr/bin/su
}

postinstall () {

    [ ! -f /etc/passwd ] &&
    cat > /etc/passwd << "EOF"
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/dev/null:/usr/bin/false
daemon:x:6:6:Daemon User:/dev/null:/usr/bin/false
messagebus:x:18:18:D-Bus Message Daemon User:/run/dbus:/usr/bin/false
uuidd:x:80:80:UUID Generation Daemon User:/dev/null:/usr/bin/false
nobody:x:99:99:Unprivileged User:/dev/null:/usr/bin/false
EOF

    [ ! -f /etc/group ] &&
    cat > /etc/group << "EOF"
root:x:0:root
bin:x:1:daemon
sys:x:2:
kmem:x:3:
tape:x:4:
tty:x:5:
daemon:x:6:
floppy:x:7:
disk:x:8:
lp:x:9:
dialout:x:10:
audio:x:11:
video:x:12:
utmp:x:13:
usb:x:14:
cdrom:x:15:
adm:x:16:
messagebus:x:18:
input:x:24:
mail:x:34:
kvm:x:61:
uuidd:x:80:
wheel:x:97:
nogroup:x:99:
users:x:999:
EOF
    /usr/sbin/pwconv
    /usr/sbin/grpconv
    chmod 0640 /etc/shadow
    mkdir -p /etc/default
    /usr/sbin/useradd -D --gid 999
}