1 |
pva 10/01/27 10:32:31 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: shadow-4.1.4.2-r3.ebuild |
5 |
Log: |
6 |
Upstream patch: su should not sanitize_env(), bug #301957. |
7 |
(Portage version: 2.1.7.16/cvs/Linux x86_64) |
8 |
|
9 |
Revision Changes Path |
10 |
1.231 sys-apps/shadow/ChangeLog |
11 |
|
12 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/ChangeLog?rev=1.231&view=markup |
13 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/ChangeLog?rev=1.231&content-type=text/plain |
14 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/ChangeLog?r1=1.230&r2=1.231 |
15 |
|
16 |
Index: ChangeLog |
17 |
=================================================================== |
18 |
RCS file: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v |
19 |
retrieving revision 1.230 |
20 |
retrieving revision 1.231 |
21 |
diff -u -r1.230 -r1.231 |
22 |
--- ChangeLog 15 Jan 2010 02:58:27 -0000 1.230 |
23 |
+++ ChangeLog 27 Jan 2010 10:32:31 -0000 1.231 |
24 |
@@ -1,6 +1,12 @@ |
25 |
# ChangeLog for sys-apps/shadow |
26 |
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 |
27 |
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.230 2010/01/15 02:58:27 vapier Exp $ |
28 |
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.231 2010/01/27 10:32:31 pva Exp $ |
29 |
+ |
30 |
+*shadow-4.1.4.2-r3 (27 Jan 2010) |
31 |
+ |
32 |
+ 27 Jan 2010; Peter Volkov <pva@g.o> +shadow-4.1.4.2-r3.ebuild, |
33 |
+ +files/shadow-4.1.4.2-su_no_sanitize_env.patch: |
34 |
+ Upstream patch: su should not sanitize_env(), bug #301957. |
35 |
|
36 |
*shadow-4.1.4.2-r2 (15 Jan 2010) |
37 |
|
38 |
|
39 |
|
40 |
|
41 |
1.1 sys-apps/shadow/shadow-4.1.4.2-r3.ebuild |
42 |
|
43 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/shadow-4.1.4.2-r3.ebuild?rev=1.1&view=markup |
44 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/shadow/shadow-4.1.4.2-r3.ebuild?rev=1.1&content-type=text/plain |
45 |
|
46 |
Index: shadow-4.1.4.2-r3.ebuild |
47 |
=================================================================== |
48 |
# Copyright 1999-2010 Gentoo Foundation |
49 |
# Distributed under the terms of the GNU General Public License v2 |
50 |
# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.4.2-r3.ebuild,v 1.1 2010/01/27 10:32:31 pva Exp $ |
51 |
|
52 |
inherit eutils libtool toolchain-funcs pam multilib |
53 |
|
54 |
DESCRIPTION="Utilities to deal with user accounts" |
55 |
HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/" |
56 |
SRC_URI="ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz2" |
57 |
|
58 |
LICENSE="BSD GPL-2" |
59 |
SLOT="0" |
60 |
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" |
61 |
IUSE="audit cracklib nls pam selinux skey" |
62 |
|
63 |
RDEPEND="audit? ( sys-process/audit ) |
64 |
cracklib? ( >=sys-libs/cracklib-2.7-r3 ) |
65 |
pam? ( virtual/pam ) |
66 |
!sys-apps/pam-login |
67 |
!app-admin/nologin |
68 |
skey? ( sys-auth/skey ) |
69 |
selinux? ( >=sys-libs/libselinux-1.28 ) |
70 |
nls? ( virtual/libintl )" |
71 |
DEPEND="${RDEPEND} |
72 |
nls? ( sys-devel/gettext )" |
73 |
RDEPEND="${RDEPEND} |
74 |
pam? ( >=sys-auth/pambase-20080219.1 )" |
75 |
|
76 |
src_unpack() { |
77 |
unpack ${A} |
78 |
cd "${S}" |
79 |
epatch "${FILESDIR}"/${PN}-4.1.4.2-env-reset-keep-locale.patch #283725 |
80 |
epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920 |
81 |
epatch "${FILESDIR}"/${PN}-4.1.4.2-groupmod-pam-check.patch #300790 |
82 |
epatch "${FILESDIR}"/${PN}-4.1.4.2-su_no_sanitize_env.patch #301957 |
83 |
elibtoolize |
84 |
epunt_cxx |
85 |
} |
86 |
|
87 |
src_compile() { |
88 |
tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes |
89 |
econf \ |
90 |
--without-group-name-max-length \ |
91 |
--enable-shared=no \ |
92 |
--enable-static=yes \ |
93 |
$(use_with audit) \ |
94 |
$(use_with cracklib libcrack) \ |
95 |
$(use_with pam libpam) \ |
96 |
$(use_with skey) \ |
97 |
$(use_with selinux) \ |
98 |
$(use_enable nls) \ |
99 |
$(use_with elibc_glibc nscd) |
100 |
emake || die "compile problem" |
101 |
} |
102 |
|
103 |
set_login_opt() { |
104 |
local comment="" opt=$1 val=$2 |
105 |
[[ -z ${val} ]] && comment="#" |
106 |
sed -i -r \ |
107 |
-e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \ |
108 |
"${D}"/etc/login.defs |
109 |
local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs) |
110 |
einfo ${res:-Unable to find ${opt} in /etc/login.defs} |
111 |
} |
112 |
|
113 |
src_install() { |
114 |
emake DESTDIR="${D}" suidperms=4711 install || die "install problem" |
115 |
|
116 |
# Remove libshadow and libmisc; see bug 37725 and the following |
117 |
# comment from shadow's README.linux: |
118 |
# Currently, libshadow.a is for internal use only, so if you see |
119 |
# -lshadow in a Makefile of some other package, it is safe to |
120 |
# remove it. |
121 |
rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la} |
122 |
|
123 |
insinto /etc |
124 |
# Using a securetty with devfs device names added |
125 |
# (compat names kept for non-devfs compatibility) |
126 |
insopts -m0600 ; doins "${FILESDIR}"/securetty |
127 |
if ! use pam ; then |
128 |
insopts -m0600 |
129 |
doins etc/login.access etc/limits |
130 |
fi |
131 |
# Output arch-specific cruft |
132 |
local devs |
133 |
case $(tc-arch) in |
134 |
ppc*) devs="hvc0 hvsi0 ttyPSC0";; |
135 |
hppa) devs="ttyB0";; |
136 |
arm) devs="ttyFB0";; |
137 |
sh) devs="ttySC0 ttySC1";; |
138 |
esac |
139 |
[[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty |
140 |
|
141 |
# needed for 'useradd -D' |
142 |
insinto /etc/default |
143 |
insopts -m0600 |
144 |
doins "${FILESDIR}"/default/useradd |
145 |
|
146 |
# move passwd to / to help recover broke systems #64441 |
147 |
mv "${D}"/usr/bin/passwd "${D}"/bin/ |
148 |
dosym /bin/passwd /usr/bin/passwd |
149 |
|
150 |
cd "${S}" |
151 |
insinto /etc |
152 |
insopts -m0644 |
153 |
newins etc/login.defs login.defs |
154 |
|
155 |
if ! use pam ; then |
156 |
set_login_opt MAIL_CHECK_ENAB no |
157 |
set_login_opt SU_WHEEL_ONLY yes |
158 |
set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict |
159 |
set_login_opt LOGIN_RETRIES 3 |
160 |
set_login_opt ENCRYPT_METHOD SHA512 |
161 |
else |
162 |
dopamd "${FILESDIR}/pam.d-include/"{su,passwd,shadow} |
163 |
|
164 |
newpamd "${FILESDIR}/login.pamd.2" login |
165 |
|
166 |
for x in chage chsh chfn chpasswd newusers \ |
167 |
user{add,del,mod} group{add,del,mod} ; do |
168 |
newpamd "${FILESDIR}"/pam.d-include/shadow ${x} |
169 |
done |
170 |
|
171 |
# comment out login.defs options that pam hates |
172 |
local opt |
173 |
for opt in \ |
174 |
CHFN_AUTH \ |
175 |
CRACKLIB_DICTPATH \ |
176 |
ENV_HZ \ |
177 |
ENVIRON_FILE \ |
178 |
FAILLOG_ENAB \ |
179 |
FTMP_FILE \ |
180 |
LASTLOG_ENAB \ |
181 |
MAIL_CHECK_ENAB \ |
182 |
MOTD_FILE \ |
183 |
NOLOGINS_FILE \ |
184 |
OBSCURE_CHECKS_ENAB \ |
185 |
PASS_ALWAYS_WARN \ |
186 |
PASS_CHANGE_TRIES \ |
187 |
PASS_MIN_LEN \ |
188 |
PORTTIME_CHECKS_ENAB \ |
189 |
QUOTAS_ENAB \ |
190 |
SU_WHEEL_ONLY |
191 |
do |
192 |
set_login_opt ${opt} |
193 |
done |
194 |
|
195 |
sed -i -f "${FILESDIR}"/login_defs_pam.sed \ |
196 |
"${D}"/etc/login.defs |
197 |
|
198 |
# remove manpages that pam will install for us |
199 |
# and/or don't apply when using pam |
200 |
find "${D}"/usr/share/man \ |
201 |
'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \ |
202 |
-exec rm {} + |
203 |
fi |
204 |
|
205 |
# Remove manpages that are handled by other packages |
206 |
find "${D}"/usr/share/man \ |
207 |
'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \ |
208 |
-exec rm {} + |
209 |
|
210 |
cd "${S}" |
211 |
dodoc ChangeLog NEWS TODO |
212 |
newdoc README README.download |
213 |
cd doc |
214 |
dodoc HOWTO README* WISHLIST *.txt |
215 |
} |
216 |
|
217 |
pkg_preinst() { |
218 |
rm -f "${ROOT}"/etc/pam.d/system-auth.new \ |
219 |
"${ROOT}/etc/login.defs.new" |
220 |
|
221 |
use pam && pam_epam_expand "${D}"/etc/pam.d/login |
222 |
} |
223 |
|
224 |
pkg_postinst() { |
225 |
# Enable shadow groups (we need ROOT=/ here, as grpconv only |
226 |
# operate on / ...). |
227 |
if [[ ${ROOT} == / && ! -f /etc/gshadow ]] ; then |
228 |
if grpck -r 2>/dev/null ; then |
229 |
grpconv |
230 |
else |
231 |
ewarn "Running 'grpck' returned errors. Please run it by hand, and then" |
232 |
ewarn "run 'grpconv' afterwards!" |
233 |
fi |
234 |
fi |
235 |
|
236 |
einfo "The 'adduser' symlink to 'useradd' has been dropped." |
237 |
} |