sys-apps/shadow/shadow-4.1.5.ebuild

# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.5.ebuild,v 1.3 2012/03/26 22:01:17 vapier Exp $

inherit eutils libtool toolchain-funcs pam multilib

DESCRIPTION="Utilities to deal with user accounts"
HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/"
SRC_URI="http://pkg-shadow.alioth.debian.org/releases/${P}.tar.bz2"

LICENSE="BSD GPL-2"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
IUSE="acl audit cracklib nls pam selinux skey xattr"

RDEPEND="acl? ( sys-apps/acl )
        audit? ( sys-process/audit )
        cracklib? ( >=sys-libs/cracklib-2.7-r3 )
        pam? ( virtual/pam )
        skey? ( sys-auth/skey )
        selinux? ( >=sys-libs/libselinux-1.28 )
        nls? ( virtual/libintl )
        xattr? ( sys-apps/attr )"
DEPEND="${RDEPEND}
        nls? ( sys-devel/gettext )"
RDEPEND="${RDEPEND}
        pam? ( >=sys-auth/pambase-20080219.1 )"

src_unpack() {
        unpack ${A}
        cd "${S}"
        epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920
        epatch "${FILESDIR}"/${PN}-4.1.5-stdarg.patch
        epatch "${FILESDIR}"/${PN}-4.1.5-nscd-newline-msg.patch
        epatch "${FILESDIR}"/${PN}-4.1.5-nscd-ignore-exit-1.patch
        elibtoolize
        epunt_cxx
}

src_compile() {
        tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes
        econf \
                --without-group-name-max-length \
                --without-tcb \
                --enable-shared=no \
                --enable-static=yes \
                $(use_with acl) \
                $(use_with audit) \
                $(use_with cracklib libcrack) \
                $(use_with pam libpam) \
                $(use_with skey) \
                $(use_with selinux) \
                $(use_enable nls) \
                $(use_with elibc_glibc nscd) \
                $(use_with xattr attr)
        emake || die
}

set_login_opt() {
        local comment="" opt=$1 val=$2
        [[ -z ${val} ]] && comment="#"
        sed -i -r \
                -e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \
                "${D}"/etc/login.defs
        local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs)
        einfo ${res:-Unable to find ${opt} in /etc/login.defs}
}

src_install() {
        emake DESTDIR="${D}" suidperms=4711 install || die

        # Remove libshadow and libmisc; see bug 37725 and the following
        # comment from shadow's README.linux:
        #   Currently, libshadow.a is for internal use only, so if you see
        #   -lshadow in a Makefile of some other package, it is safe to
        #   remove it.
        rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}

        insinto /etc
        # Using a securetty with devfs device names added
        # (compat names kept for non-devfs compatibility)
        insopts -m0600 ; doins "${FILESDIR}"/securetty
        if ! use pam ; then
                insopts -m0600
                doins etc/login.access etc/limits
        fi
        # Output arch-specific cruft
        local devs
        case $(tc-arch) in
                ppc*)  devs="hvc0 hvsi0 ttyPSC0";;
                hppa)  devs="ttyB0";;
                arm)   devs="ttyFB0 ttySAC0 ttySAC1 ttySAC2 ttySAC3 ttymxc0 ttymxc1 ttyO0 ttyO1 ttyO2";;
                sh)    devs="ttySC0 ttySC1";;
        esac
        [[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty

        # needed for 'useradd -D'
        insinto /etc/default
        insopts -m0600
        doins "${FILESDIR}"/default/useradd

        # move passwd to / to help recover broke systems #64441
        mv "${D}"/usr/bin/passwd "${D}"/bin/
        dosym /bin/passwd /usr/bin/passwd

        cd "${S}"
        insinto /etc
        insopts -m0644
        newins etc/login.defs login.defs

        if ! use pam ; then
                set_login_opt MAIL_CHECK_ENAB no
                set_login_opt SU_WHEEL_ONLY yes
                set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict
                set_login_opt LOGIN_RETRIES 3
                set_login_opt ENCRYPT_METHOD SHA512
        else
                dopamd "${FILESDIR}/pam.d-include/"{su,shadow}

                newpamd "${FILESDIR}/login.pamd.3" login

                for x in passwd chpasswd chgpasswd; do
                        newpamd "${FILESDIR}"/pam.d-include/passwd ${x} || die
                done

                for x in chage chsh chfn newusers \
                                 user{add,del,mod} group{add,del,mod} ; do
                        newpamd "${FILESDIR}"/pam.d-include/shadow ${x} || die
                done

                # comment out login.defs options that pam hates
                local opt
                for opt in \
                        CHFN_AUTH \
                        CRACKLIB_DICTPATH \
                        ENV_HZ \
                        ENVIRON_FILE \
                        FAILLOG_ENAB \
                        FTMP_FILE \
                        LASTLOG_ENAB \
                        MAIL_CHECK_ENAB \
                        MOTD_FILE \
                        NOLOGINS_FILE \
                        OBSCURE_CHECKS_ENAB \
                        PASS_ALWAYS_WARN \
                        PASS_CHANGE_TRIES \
                        PASS_MIN_LEN \
                        PORTTIME_CHECKS_ENAB \
                        QUOTAS_ENAB \
                        SU_WHEEL_ONLY
                do
                        set_login_opt ${opt}
                done

                sed -i -f "${FILESDIR}"/login_defs_pam.sed \
                        "${D}"/etc/login.defs

                # remove manpages that pam will install for us
                # and/or don't apply when using pam
                find "${D}"/usr/share/man \
                        '(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
                        -exec rm {} +
        fi

        # Remove manpages that are handled by other packages
        find "${D}"/usr/share/man \
                '(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
                -exec rm {} +

        cd "${S}"
        dodoc ChangeLog NEWS TODO
        newdoc README README.download
        cd doc
        dodoc HOWTO README* WISHLIST *.txt
}

pkg_preinst() {
        rm -f "${ROOT}"/etc/pam.d/system-auth.new \
                "${ROOT}/etc/login.defs.new"

        use pam && pam_epam_expand "${D}"/etc/pam.d/login
}

pkg_postinst() {
        # Enable shadow groups.
        if [ ! -f "${ROOT}"/etc/gshadow ] ; then
                if grpck -r -R "${ROOT}" 2>/dev/null ; then
                        grpconv -R "${ROOT}"
                else
                        ewarn "Running 'grpck' returned errors.  Please run it by hand, and then"
                        ewarn "run 'grpconv' afterwards!"
                fi
        fi

        einfo "The 'adduser' symlink to 'useradd' has been dropped."
}
1	# Copyright 1999-2012 Gentoo Foundation
2	# Distributed under the terms of the GNU General Public License v2
3	# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.5.ebuild,v 1.3 2012/03/26 22:01:17 vapier Exp $
4
5	inherit eutils libtool toolchain-funcs pam multilib
6
7	DESCRIPTION="Utilities to deal with user accounts"
8	HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/"
9	SRC_URI="http://pkg-shadow.alioth.debian.org/releases/${P}.tar.bz2"
10
11	LICENSE="BSD GPL-2"
12	SLOT="0"
13	KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
14	IUSE="acl audit cracklib nls pam selinux skey xattr"
15
16	RDEPEND="acl? ( sys-apps/acl )
17	audit? ( sys-process/audit )
18	cracklib? ( >=sys-libs/cracklib-2.7-r3 )
19	pam? ( virtual/pam )
20	skey? ( sys-auth/skey )
21	selinux? ( >=sys-libs/libselinux-1.28 )
22	nls? ( virtual/libintl )
23	xattr? ( sys-apps/attr )"
24	DEPEND="${RDEPEND}
25	nls? ( sys-devel/gettext )"
26	RDEPEND="${RDEPEND}
27	pam? ( >=sys-auth/pambase-20080219.1 )"
28
29	src_unpack() {
30	unpack ${A}
31	cd "${S}"
32	epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920
33	epatch "${FILESDIR}"/${PN}-4.1.5-stdarg.patch
34	epatch "${FILESDIR}"/${PN}-4.1.5-nscd-newline-msg.patch
35	epatch "${FILESDIR}"/${PN}-4.1.5-nscd-ignore-exit-1.patch
36	elibtoolize
37	epunt_cxx
38	}
39
40	src_compile() {
41	tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes
42	econf \
43	--without-group-name-max-length \
44	--without-tcb \
45	--enable-shared=no \
46	--enable-static=yes \
47	$(use_with acl) \
48	$(use_with audit) \
49	$(use_with cracklib libcrack) \
50	$(use_with pam libpam) \
51	$(use_with skey) \
52	$(use_with selinux) \
53	$(use_enable nls) \
54	$(use_with elibc_glibc nscd) \
55	$(use_with xattr attr)
56	emake \|\| die
57	}
58
59	set_login_opt() {
60	local comment="" opt=$1 val=$2
61	[[ -z ${val} ]] && comment="#"
62	sed -i -r \
63	-e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \
64	"${D}"/etc/login.defs
65	local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs)
66	einfo ${res:-Unable to find ${opt} in /etc/login.defs}
67	}
68
69	src_install() {
70	emake DESTDIR="${D}" suidperms=4711 install \|\| die
71
72	# Remove libshadow and libmisc; see bug 37725 and the following
73	# comment from shadow's README.linux:
74	# Currently, libshadow.a is for internal use only, so if you see
75	# -lshadow in a Makefile of some other package, it is safe to
76	# remove it.
77	rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}
78
79	insinto /etc
80	# Using a securetty with devfs device names added
81	# (compat names kept for non-devfs compatibility)
82	insopts -m0600 ; doins "${FILESDIR}"/securetty
83	if ! use pam ; then
84	insopts -m0600
85	doins etc/login.access etc/limits
86	fi
87	# Output arch-specific cruft
88	local devs
89	case $(tc-arch) in
90	ppc*) devs="hvc0 hvsi0 ttyPSC0";;
91	hppa) devs="ttyB0";;
92	arm) devs="ttyFB0 ttySAC0 ttySAC1 ttySAC2 ttySAC3 ttymxc0 ttymxc1 ttyO0 ttyO1 ttyO2";;
93	sh) devs="ttySC0 ttySC1";;
94	esac
95	[[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty
96
97	# needed for 'useradd -D'
98	insinto /etc/default
99	insopts -m0600
100	doins "${FILESDIR}"/default/useradd
101
102	# move passwd to / to help recover broke systems #64441
103	mv "${D}"/usr/bin/passwd "${D}"/bin/
104	dosym /bin/passwd /usr/bin/passwd
105
106	cd "${S}"
107	insinto /etc
108	insopts -m0644
109	newins etc/login.defs login.defs
110
111	if ! use pam ; then
112	set_login_opt MAIL_CHECK_ENAB no
113	set_login_opt SU_WHEEL_ONLY yes
114	set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict
115	set_login_opt LOGIN_RETRIES 3
116	set_login_opt ENCRYPT_METHOD SHA512
117	else
118	dopamd "${FILESDIR}/pam.d-include/"{su,shadow}
119
120	newpamd "${FILESDIR}/login.pamd.3" login
121
122	for x in passwd chpasswd chgpasswd; do
123	newpamd "${FILESDIR}"/pam.d-include/passwd ${x} \|\| die
124	done
125
126	for x in chage chsh chfn newusers \
127	user{add,del,mod} group{add,del,mod} ; do
128	newpamd "${FILESDIR}"/pam.d-include/shadow ${x} \|\| die
129	done
130
131	# comment out login.defs options that pam hates
132	local opt
133	for opt in \
134	CHFN_AUTH \
135	CRACKLIB_DICTPATH \
136	ENV_HZ \
137	ENVIRON_FILE \
138	FAILLOG_ENAB \
139	FTMP_FILE \
140	LASTLOG_ENAB \
141	MAIL_CHECK_ENAB \
142	MOTD_FILE \
143	NOLOGINS_FILE \
144	OBSCURE_CHECKS_ENAB \
145	PASS_ALWAYS_WARN \
146	PASS_CHANGE_TRIES \
147	PASS_MIN_LEN \
148	PORTTIME_CHECKS_ENAB \
149	QUOTAS_ENAB \
150	SU_WHEEL_ONLY
151	do
152	set_login_opt ${opt}
153	done
154
155	sed -i -f "${FILESDIR}"/login_defs_pam.sed \
156	"${D}"/etc/login.defs
157
158	# remove manpages that pam will install for us
159	# and/or don't apply when using pam
160	find "${D}"/usr/share/man \
161	'(' -name 'limits.5' -o -name 'suauth.5' ')' \
162	-exec rm {} +
163	fi
164
165	# Remove manpages that are handled by other packages
166	find "${D}"/usr/share/man \
167	'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
168	-exec rm {} +
169
170	cd "${S}"
171	dodoc ChangeLog NEWS TODO
172	newdoc README README.download
173	cd doc
174	dodoc HOWTO README* WISHLIST *.txt
175	}
176
177	pkg_preinst() {
178	rm -f "${ROOT}"/etc/pam.d/system-auth.new \
179	"${ROOT}/etc/login.defs.new"
180
181	use pam && pam_epam_expand "${D}"/etc/pam.d/login
182	}
183
184	pkg_postinst() {
185	# Enable shadow groups.
186	if [ ! -f "${ROOT}"/etc/gshadow ] ; then
187	if grpck -r -R "${ROOT}" 2>/dev/null ; then
188	grpconv -R "${ROOT}"
189	else
190	ewarn "Running 'grpck' returned errors. Please run it by hand, and then"
191	ewarn "run 'grpconv' afterwards!"
192	fi
193	fi
194
195	einfo "The 'adduser' symlink to 'useradd' has been dropped."
196	}