[gentoo-commits] gentoo-x86 commit in sys-apps/shadow: ChangeLog shadow-4.1.4.2-r3.ebuild - gentoo-commits

From:	"Peter Volkov (pva)" <pva@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in sys-apps/shadow: ChangeLog shadow-4.1.4.2-r3.ebuild
Date:	Wed, 27 Jan 2010 10:32:33
Message-Id:	`E1Na5CJ-0000Tj-Hl@stork.gentoo.org`

1

pva         10/01/27 10:32:31

2

3

  Modified:             ChangeLog

4

  Added:                shadow-4.1.4.2-r3.ebuild

5

  Log:

6

  Upstream patch: su should not sanitize_env(), bug #301957.

7

  (Portage version: 2.1.7.16/cvs/Linux x86_64)

8

9

Revision  Changes    Path

10

1.231                sys-apps/shadow/ChangeLog

11

12

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/ChangeLog?rev=1.231&view=markup

13

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/ChangeLog?rev=1.231&content-type=text/plain

14

diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/ChangeLog?r1=1.230&r2=1.231

15

16

Index: ChangeLog

17

===================================================================

18

RCS file: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v

19

retrieving revision 1.230

20

retrieving revision 1.231

21

diff -u -r1.230 -r1.231

22

--- ChangeLog	15 Jan 2010 02:58:27 -0000	1.230

23

+++ ChangeLog	27 Jan 2010 10:32:31 -0000	1.231

24

@@ -1,6 +1,12 @@

25

 # ChangeLog for sys-apps/shadow

26

 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2

27

-# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.230 2010/01/15 02:58:27 vapier Exp $

28

+# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.231 2010/01/27 10:32:31 pva Exp $

29

+

30

+*shadow-4.1.4.2-r3 (27 Jan 2010)

31

+

32

+  27 Jan 2010; Peter Volkov <pva@g.o> +shadow-4.1.4.2-r3.ebuild,

33

+  +files/shadow-4.1.4.2-su_no_sanitize_env.patch:

34

+  Upstream patch: su should not sanitize_env(), bug #301957.

35

36

 *shadow-4.1.4.2-r2 (15 Jan 2010)

1.1                  sys-apps/shadow/shadow-4.1.4.2-r3.ebuild

42

43

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/shadow-4.1.4.2-r3.ebuild?rev=1.1&view=markup

44

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/shadow-4.1.4.2-r3.ebuild?rev=1.1&content-type=text/plain

45

46

Index: shadow-4.1.4.2-r3.ebuild

47

===================================================================

48

# Copyright 1999-2010 Gentoo Foundation

49

# Distributed under the terms of the GNU General Public License v2

50

# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.4.2-r3.ebuild,v 1.1 2010/01/27 10:32:31 pva Exp $

51

52

inherit eutils libtool toolchain-funcs pam multilib

53

54

DESCRIPTION="Utilities to deal with user accounts"

55

HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/"

56

SRC_URI="ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz2"

57

58

LICENSE="BSD GPL-2"

59

SLOT="0"

60

KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"

61

IUSE="audit cracklib nls pam selinux skey"

62

63

RDEPEND="audit? ( sys-process/audit )

64

	cracklib? ( >=sys-libs/cracklib-2.7-r3 )

65

	pam? ( virtual/pam )

66

	!sys-apps/pam-login

67

	!app-admin/nologin

68

	skey? ( sys-auth/skey )

69

	selinux? ( >=sys-libs/libselinux-1.28 )

70

	nls? ( virtual/libintl )"

71

DEPEND="${RDEPEND}

72

	nls? ( sys-devel/gettext )"

73

RDEPEND="${RDEPEND}

74

	pam? ( >=sys-auth/pambase-20080219.1 )"

75

76

src_unpack() {

77

	unpack ${A}

78

	cd "${S}"

79

	epatch "${FILESDIR}"/${PN}-4.1.4.2-env-reset-keep-locale.patch #283725

80

	epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920

81

	epatch "${FILESDIR}"/${PN}-4.1.4.2-groupmod-pam-check.patch #300790

82

	epatch "${FILESDIR}"/${PN}-4.1.4.2-su_no_sanitize_env.patch #301957

83

	elibtoolize

84

	epunt_cxx

85

}

86

87

src_compile() {

88

	tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes

89

	econf \

90

		--without-group-name-max-length \

91

		--enable-shared=no \

92

		--enable-static=yes \

93

		$(use_with audit) \

94

		$(use_with cracklib libcrack) \

95

		$(use_with pam libpam) \

96

		$(use_with skey) \

97

		$(use_with selinux) \

98

		$(use_enable nls) \

99

		$(use_with elibc_glibc nscd)

100

	emake || die "compile problem"

101

}

102

103

set_login_opt() {

104

	local comment="" opt=$1 val=$2

105

	[[ -z ${val} ]] && comment="#"

106

	sed -i -r \

107

		-e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \

108

		"${D}"/etc/login.defs

109

	local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs)

110

	einfo ${res:-Unable to find ${opt} in /etc/login.defs}

111

}

112

113

src_install() {

114

	emake DESTDIR="${D}" suidperms=4711 install || die "install problem"

115

116

	# Remove libshadow and libmisc; see bug 37725 and the following

117

	# comment from shadow's README.linux:

118

	#   Currently, libshadow.a is for internal use only, so if you see

119

	#   -lshadow in a Makefile of some other package, it is safe to

120

	#   remove it.

121

	rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}

122

123

	insinto /etc

124

	# Using a securetty with devfs device names added

125

	# (compat names kept for non-devfs compatibility)

126

	insopts -m0600 ; doins "${FILESDIR}"/securetty

127

	if ! use pam ; then

128

		insopts -m0600

129

		doins etc/login.access etc/limits

130

fi

131

	# Output arch-specific cruft

132

	local devs

133

	case $(tc-arch) in

134

		ppc*)  devs="hvc0 hvsi0 ttyPSC0";;

135

		hppa)  devs="ttyB0";;

136

		arm)   devs="ttyFB0";;

137

		sh)    devs="ttySC0 ttySC1";;

138

	esac

139

	[[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty

140

141

	# needed for 'useradd -D'

142

	insinto /etc/default

143

	insopts -m0600

144

	doins "${FILESDIR}"/default/useradd

145

146

	# move passwd to / to help recover broke systems #64441

147

	mv "${D}"/usr/bin/passwd "${D}"/bin/

148

	dosym /bin/passwd /usr/bin/passwd

149

150

	cd "${S}"

151

	insinto /etc

152

	insopts -m0644

153

	newins etc/login.defs login.defs

154

155

	if ! use pam ; then

156

		set_login_opt MAIL_CHECK_ENAB no

157

		set_login_opt SU_WHEEL_ONLY yes

158

		set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict

159

		set_login_opt LOGIN_RETRIES 3

160

		set_login_opt ENCRYPT_METHOD SHA512

161

	else

162

		dopamd "${FILESDIR}/pam.d-include/"{su,passwd,shadow}

163

164

		newpamd "${FILESDIR}/login.pamd.2" login

165

166

		for x in chage chsh chfn chpasswd newusers \

167

				 user{add,del,mod} group{add,del,mod} ; do

168

			newpamd "${FILESDIR}"/pam.d-include/shadow ${x}

169

		done

170

171

		# comment out login.defs options that pam hates

172

		local opt

173

		for opt in \

174

			CHFN_AUTH \

175

			CRACKLIB_DICTPATH \

176

			ENV_HZ \

177

			ENVIRON_FILE \

178

			FAILLOG_ENAB \

179

			FTMP_FILE \

180

			LASTLOG_ENAB \

181

			MAIL_CHECK_ENAB \

182

			MOTD_FILE \

183

			NOLOGINS_FILE \

184

			OBSCURE_CHECKS_ENAB \

185

			PASS_ALWAYS_WARN \

186

			PASS_CHANGE_TRIES \

187

			PASS_MIN_LEN \

188

			PORTTIME_CHECKS_ENAB \

189

			QUOTAS_ENAB \

190

			SU_WHEEL_ONLY

191

do

192

			set_login_opt ${opt}

193

		done

194

195

		sed -i -f "${FILESDIR}"/login_defs_pam.sed \

196

			"${D}"/etc/login.defs

197

198

		# remove manpages that pam will install for us

199

		# and/or don't apply when using pam

200

		find "${D}"/usr/share/man \

201

			'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \

202

			-exec rm {} +

203

fi

204

205

	# Remove manpages that are handled by other packages

206

	find "${D}"/usr/share/man \

207

		'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \

208

		-exec rm {} +

209

210

	cd "${S}"

211

	dodoc ChangeLog NEWS TODO

212

	newdoc README README.download

213

	cd doc

214

	dodoc HOWTO README* WISHLIST *.txt

215

}

216

217

pkg_preinst() {

218

	rm -f "${ROOT}"/etc/pam.d/system-auth.new \

219

		"${ROOT}/etc/login.defs.new"

220

221

	use pam && pam_epam_expand "${D}"/etc/pam.d/login

222

}

223

224

pkg_postinst() {

225

	# Enable shadow groups (we need ROOT=/ here, as grpconv only

226

	# operate on / ...).

227

	if [[ ${ROOT} == / && ! -f /etc/gshadow ]] ; then

228

		if grpck -r 2>/dev/null ; then

229

			grpconv

230

		else

231

			ewarn "Running 'grpck' returned errors.  Please run it by hand, and then"

232

			ewarn "run 'grpconv' afterwards!"

233

fi

234

fi

235

236

	einfo "The 'adduser' symlink to 'useradd' has been dropped."

237

}

1	pva 10/01/27 10:32:31
2
3	Modified: ChangeLog
4	Added: shadow-4.1.4.2-r3.ebuild
5	Log:
6	Upstream patch: su should not sanitize_env(), bug #301957.
7	(Portage version: 2.1.7.16/cvs/Linux x86_64)
8
9	Revision Changes Path
10	1.231 sys-apps/shadow/ChangeLog
11
12	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/ChangeLog?rev=1.231&view=markup
13	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/ChangeLog?rev=1.231&content-type=text/plain
14	diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/ChangeLog?r1=1.230&r2=1.231
15
16	Index: ChangeLog
17	===================================================================
18	RCS file: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v
19	retrieving revision 1.230
20	retrieving revision 1.231
21	diff -u -r1.230 -r1.231
22	--- ChangeLog 15 Jan 2010 02:58:27 -0000 1.230
23	+++ ChangeLog 27 Jan 2010 10:32:31 -0000 1.231
24	@@ -1,6 +1,12 @@
25	# ChangeLog for sys-apps/shadow
26	# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
27	-# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.230 2010/01/15 02:58:27 vapier Exp $
28	+# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.231 2010/01/27 10:32:31 pva Exp $
29	+
30	+*shadow-4.1.4.2-r3 (27 Jan 2010)
31	+
32	+ 27 Jan 2010; Peter Volkov <pva@g.o> +shadow-4.1.4.2-r3.ebuild,
33	+ +files/shadow-4.1.4.2-su_no_sanitize_env.patch:
34	+ Upstream patch: su should not sanitize_env(), bug #301957.
35
36	*shadow-4.1.4.2-r2 (15 Jan 2010)
37
38
39
40
41	1.1 sys-apps/shadow/shadow-4.1.4.2-r3.ebuild
42
43	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/shadow-4.1.4.2-r3.ebuild?rev=1.1&view=markup
44	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/shadow-4.1.4.2-r3.ebuild?rev=1.1&content-type=text/plain
45
46	Index: shadow-4.1.4.2-r3.ebuild
47	===================================================================
48	# Copyright 1999-2010 Gentoo Foundation
49	# Distributed under the terms of the GNU General Public License v2
50	# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.4.2-r3.ebuild,v 1.1 2010/01/27 10:32:31 pva Exp $
51
52	inherit eutils libtool toolchain-funcs pam multilib
53
54	DESCRIPTION="Utilities to deal with user accounts"
55	HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/"
56	SRC_URI="ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz2"
57
58	LICENSE="BSD GPL-2"
59	SLOT="0"
60	KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
61	IUSE="audit cracklib nls pam selinux skey"
62
63	RDEPEND="audit? ( sys-process/audit )
64	cracklib? ( >=sys-libs/cracklib-2.7-r3 )
65	pam? ( virtual/pam )
66	!sys-apps/pam-login
67	!app-admin/nologin
68	skey? ( sys-auth/skey )
69	selinux? ( >=sys-libs/libselinux-1.28 )
70	nls? ( virtual/libintl )"
71	DEPEND="${RDEPEND}
72	nls? ( sys-devel/gettext )"
73	RDEPEND="${RDEPEND}
74	pam? ( >=sys-auth/pambase-20080219.1 )"
75
76	src_unpack() {
77	unpack ${A}
78	cd "${S}"
79	epatch "${FILESDIR}"/${PN}-4.1.4.2-env-reset-keep-locale.patch #283725
80	epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920
81	epatch "${FILESDIR}"/${PN}-4.1.4.2-groupmod-pam-check.patch #300790
82	epatch "${FILESDIR}"/${PN}-4.1.4.2-su_no_sanitize_env.patch #301957
83	elibtoolize
84	epunt_cxx
85	}
86
87	src_compile() {
88	tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes
89	econf \
90	--without-group-name-max-length \
91	--enable-shared=no \
92	--enable-static=yes \
93	$(use_with audit) \
94	$(use_with cracklib libcrack) \
95	$(use_with pam libpam) \
96	$(use_with skey) \
97	$(use_with selinux) \
98	$(use_enable nls) \
99	$(use_with elibc_glibc nscd)
100	emake \|\| die "compile problem"
101	}
102
103	set_login_opt() {
104	local comment="" opt=$1 val=$2
105	[[ -z ${val} ]] && comment="#"
106	sed -i -r \
107	-e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \
108	"${D}"/etc/login.defs
109	local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs)
110	einfo ${res:-Unable to find ${opt} in /etc/login.defs}
111	}
112
113	src_install() {
114	emake DESTDIR="${D}" suidperms=4711 install \|\| die "install problem"
115
116	# Remove libshadow and libmisc; see bug 37725 and the following
117	# comment from shadow's README.linux:
118	# Currently, libshadow.a is for internal use only, so if you see
119	# -lshadow in a Makefile of some other package, it is safe to
120	# remove it.
121	rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}
122
123	insinto /etc
124	# Using a securetty with devfs device names added
125	# (compat names kept for non-devfs compatibility)
126	insopts -m0600 ; doins "${FILESDIR}"/securetty
127	if ! use pam ; then
128	insopts -m0600
129	doins etc/login.access etc/limits
130	fi
131	# Output arch-specific cruft
132	local devs
133	case $(tc-arch) in
134	ppc*) devs="hvc0 hvsi0 ttyPSC0";;
135	hppa) devs="ttyB0";;
136	arm) devs="ttyFB0";;
137	sh) devs="ttySC0 ttySC1";;
138	esac
139	[[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty
140
141	# needed for 'useradd -D'
142	insinto /etc/default
143	insopts -m0600
144	doins "${FILESDIR}"/default/useradd
145
146	# move passwd to / to help recover broke systems #64441
147	mv "${D}"/usr/bin/passwd "${D}"/bin/
148	dosym /bin/passwd /usr/bin/passwd
149
150	cd "${S}"
151	insinto /etc
152	insopts -m0644
153	newins etc/login.defs login.defs
154
155	if ! use pam ; then
156	set_login_opt MAIL_CHECK_ENAB no
157	set_login_opt SU_WHEEL_ONLY yes
158	set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict
159	set_login_opt LOGIN_RETRIES 3
160	set_login_opt ENCRYPT_METHOD SHA512
161	else
162	dopamd "${FILESDIR}/pam.d-include/"{su,passwd,shadow}
163
164	newpamd "${FILESDIR}/login.pamd.2" login
165
166	for x in chage chsh chfn chpasswd newusers \
167	user{add,del,mod} group{add,del,mod} ; do
168	newpamd "${FILESDIR}"/pam.d-include/shadow ${x}
169	done
170
171	# comment out login.defs options that pam hates
172	local opt
173	for opt in \
174	CHFN_AUTH \
175	CRACKLIB_DICTPATH \
176	ENV_HZ \
177	ENVIRON_FILE \
178	FAILLOG_ENAB \
179	FTMP_FILE \
180	LASTLOG_ENAB \
181	MAIL_CHECK_ENAB \
182	MOTD_FILE \
183	NOLOGINS_FILE \
184	OBSCURE_CHECKS_ENAB \
185	PASS_ALWAYS_WARN \
186	PASS_CHANGE_TRIES \
187	PASS_MIN_LEN \
188	PORTTIME_CHECKS_ENAB \
189	QUOTAS_ENAB \
190	SU_WHEEL_ONLY
191	do
192	set_login_opt ${opt}
193	done
194
195	sed -i -f "${FILESDIR}"/login_defs_pam.sed \
196	"${D}"/etc/login.defs
197
198	# remove manpages that pam will install for us
199	# and/or don't apply when using pam
200	find "${D}"/usr/share/man \
201	'(' -name 'limits.5' -o -name 'suauth.5' ')' \
202	-exec rm {} +
203	fi
204
205	# Remove manpages that are handled by other packages
206	find "${D}"/usr/share/man \
207	'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
208	-exec rm {} +
209
210	cd "${S}"
211	dodoc ChangeLog NEWS TODO
212	newdoc README README.download
213	cd doc
214	dodoc HOWTO README* WISHLIST *.txt
215	}
216
217	pkg_preinst() {
218	rm -f "${ROOT}"/etc/pam.d/system-auth.new \
219	"${ROOT}/etc/login.defs.new"
220
221	use pam && pam_epam_expand "${D}"/etc/pam.d/login
222	}
223
224	pkg_postinst() {
225	# Enable shadow groups (we need ROOT=/ here, as grpconv only
226	# operate on / ...).
227	if [[ ${ROOT} == / && ! -f /etc/gshadow ]] ; then
228	if grpck -r 2>/dev/null ; then
229	grpconv
230	else
231	ewarn "Running 'grpck' returned errors. Please run it by hand, and then"
232	ewarn "run 'grpconv' afterwards!"
233	fi
234	fi
235
236	einfo "The 'adduser' symlink to 'useradd' has been dropped."
237	}

Gentoo Archives: gentoo-commits