1 | #!/bin/sh |
---|
2 | |
---|
3 | ### SHADOW ### |
---|
4 | cd ${SRC} |
---|
5 | LOG="shadow-pam-native.log" |
---|
6 | |
---|
7 | SELF=`basename ${0}` |
---|
8 | set_buildenv |
---|
9 | set_libdirname |
---|
10 | setup_multiarch |
---|
11 | if [ ! "${libdirname}" = "lib" ]; then |
---|
12 | extra_conf="--libdir=/usr/${libdirname}" |
---|
13 | fi |
---|
14 | |
---|
15 | unpack_tarball shadow-${SHADOW_VER} && |
---|
16 | cd ${PKGDIR} |
---|
17 | |
---|
18 | apply_patch shadow-${SHADOW_VER}-pam-1 |
---|
19 | # HACK |
---|
20 | # Issue noted with glibc-2.3-20040701 and linux-libc-headers-2.6.7 |
---|
21 | test -f libmisc/xmalloc.c-ORIG || |
---|
22 | cp -p libmisc/xmalloc.c libmisc/xmalloc.c-ORIG |
---|
23 | |
---|
24 | sed 's@^extern char \*malloc ();@/* & */@g' \ |
---|
25 | libmisc/xmalloc.c-ORIG > libmisc/xmalloc.c |
---|
26 | |
---|
27 | # Set to Y if you want a shared libmisc and libshadow and have |
---|
28 | # passwd etc linked dynamically to these |
---|
29 | BUILD_SHADOW_SHARED="Y" |
---|
30 | if [ "Y" = "${BUILD_SHADOW_SHARED}" ]; then |
---|
31 | extra_conf="${extra_conf} --enable-shared" |
---|
32 | fi |
---|
33 | |
---|
34 | # If not there touch /usr/bin/passwd |
---|
35 | if [ ! -f /usr/bin/passwd ]; then touch /usr/bin/passwd ; fi |
---|
36 | |
---|
37 | max_log_init Shadow ${SHADOW_VER} "native (shared)" ${CONFLOGS} ${LOG} |
---|
38 | CC="${CC-gcc} ${ARCH_CFLAGS}" \ |
---|
39 | CFLAGS="-O2 -pipe ${TGT_CFLAGS}" \ |
---|
40 | LIBS="-lpam -lpam_misc" \ |
---|
41 | ./configure --prefix=/usr ${extra_conf} \ |
---|
42 | --with-libpam --without-libcrack \ |
---|
43 | >> ${LOGFILE} 2>&1 && |
---|
44 | echo " o Configure OK" && |
---|
45 | |
---|
46 | echo '#define HAVE_SETLOCALE 1' >> config.h |
---|
47 | |
---|
48 | min_log_init ${BUILDLOGS} && |
---|
49 | make LDFLAGS="-s" \ |
---|
50 | >> ${LOGFILE} 2>&1 && |
---|
51 | echo " o Build OK" && |
---|
52 | |
---|
53 | min_log_init ${TESTLOGS} && |
---|
54 | make check \ |
---|
55 | >> ${LOGFILE} 2>&1 && |
---|
56 | echo " o Test OK" && |
---|
57 | |
---|
58 | min_log_init ${INSTLOGS} && |
---|
59 | make install \ |
---|
60 | >> ${LOGFILE} 2>&1 && |
---|
61 | echo " o ALL OK" || barf |
---|
62 | |
---|
63 | shadowfiles="limits login.access" |
---|
64 | for file in ${shadowfiles} ; do |
---|
65 | if [ ! -f /etc/${file} ]; then |
---|
66 | cp -v etc/${file} /etc |
---|
67 | chmod -c 644 /etc/limits |
---|
68 | fi |
---|
69 | done |
---|
70 | |
---|
71 | # LFS: User mailboxes belong in /var/mail not /var/spool/mail |
---|
72 | # From Nico's: use MD5 |
---|
73 | sed -e 's%/var/spool/mail%/var/mail%' \ |
---|
74 | -e 's%^#MD5_CRYPT_ENAB.*no%MD5_CRYPT_ENAB yes%' \ |
---|
75 | etc/login.defs.linux > /etc/login.defs |
---|
76 | |
---|
77 | #ln -sf vipw /usr/sbin/vigr |
---|
78 | # Nico: create symlink for vigr man page |
---|
79 | #ln -sf vipw.8 /usr/share/man/man8/vigr.8 |
---|
80 | |
---|
81 | # Broken symlinks |
---|
82 | mv -f /bin/vigr /usr/sbin |
---|
83 | mv -f /bin/sg /usr/bin |
---|
84 | # Wrong location |
---|
85 | mv -f /usr/bin/passwd /bin |
---|
86 | |
---|
87 | # Only need to move these if we built shared |
---|
88 | if [ "Y" = "${BUILD_SHADOW_SHARED}" ]; then |
---|
89 | mv -f /usr/${libdiriname}/lib{shadow,misc}.so.0* /${libdirname} |
---|
90 | ln -sf ../../${libdirname}/libshadow.so.0 /usr/${libdirname}/libshadow.so |
---|
91 | ln -sf ../../${libdirname}/libmisc.so.0 /usr/${libdirname}/libmisc.so |
---|
92 | ldconfig |
---|
93 | fi |
---|
94 | |
---|
95 | # Create shadow password file if not already built |
---|
96 | if [ ! -f /etc/shadow ]; then /usr/sbin/pwconv ; fi |
---|
97 | |
---|
98 | if [ ! -d /etc/pam.d ]; then mkdir /etc/pam.d ; fi |
---|
99 | # Will blow the existing files away... |
---|
100 | cat > /etc/pam.d/login << "EOF" |
---|
101 | # Begin /etc/pam.d/login |
---|
102 | |
---|
103 | auth requisite pam_securetty.so |
---|
104 | auth requisite pam_nologin.so |
---|
105 | auth required pam_env.so |
---|
106 | auth required pam_unix.so |
---|
107 | account required pam_access.so |
---|
108 | account required pam_unix.so |
---|
109 | session required pam_motd.so |
---|
110 | session required pam_limits.so |
---|
111 | session optional pam_mail.so dir=/var/mail standard |
---|
112 | session optional pam_lastlog.so |
---|
113 | session required pam_unix.so |
---|
114 | |
---|
115 | # End /etc/pam.d/login |
---|
116 | EOF |
---|
117 | |
---|
118 | cat > /etc/pam.d/passwd-nocracklib << "EOF" |
---|
119 | # Begin /etc/pam.d/passwd |
---|
120 | |
---|
121 | password required pam_unix.so md5 shadow |
---|
122 | |
---|
123 | # End /etc/pam.d/passwd |
---|
124 | EOF |
---|
125 | |
---|
126 | cat > /etc/pam.d/shadow << "EOF" |
---|
127 | # Begin /etc/pam.d/shadow |
---|
128 | |
---|
129 | auth sufficient pam_rootok.so |
---|
130 | auth required pam_unix.so |
---|
131 | account required pam_unix.so |
---|
132 | session required pam_unix.so |
---|
133 | password required pam_permit.so |
---|
134 | |
---|
135 | # End /etc/pam.d/shadow |
---|
136 | EOF |
---|
137 | |
---|
138 | cat > /etc/pam.d/su << "EOF" |
---|
139 | # Begin /etc/pam.d/su |
---|
140 | |
---|
141 | auth sufficient pam_rootok.so |
---|
142 | auth required pam_unix.so |
---|
143 | account required pam_unix.so |
---|
144 | session required pam_unix.so |
---|
145 | |
---|
146 | # End /etc/pam.d/su |
---|
147 | EOF |
---|
148 | cat > /etc/pam.d/useradd << "EOF" |
---|
149 | # Begin /etc/pam.d/useradd |
---|
150 | |
---|
151 | auth sufficient pam_rootok.so |
---|
152 | auth required pam_unix.so |
---|
153 | account required pam_unix.so |
---|
154 | session required pam_unix.so |
---|
155 | password required pam_permit.so |
---|
156 | |
---|
157 | # End /etc/pam.d/useradd |
---|
158 | EOF |
---|
159 | cat > /etc/pam.d/chage << "EOF" |
---|
160 | # Begin /etc/pam.d/chage |
---|
161 | |
---|
162 | auth sufficient pam_rootok.so |
---|
163 | auth required pam_unix.so |
---|
164 | account required pam_unix.so |
---|
165 | session required pam_unix.so |
---|
166 | password required pam_permit.so |
---|
167 | |
---|
168 | # End /etc/pam.d/chage |
---|
169 | EOF |
---|
170 | |
---|
171 | cat > /etc/pam.d/passwd << "EOF" |
---|
172 | # Begin /etc/pam.d/passwd |
---|
173 | |
---|
174 | password required pam_cracklib.so \ |
---|
175 | retry=3 difok=8 minlen=5 dcredit=3 ocredit=3 ucredit=2 lcredit=2 |
---|
176 | password required pam_unix.so md5 shadow use_authtok |
---|
177 | |
---|
178 | # End /etc/pam.d/passwd |
---|
179 | EOF |
---|
180 | |
---|
181 | cat > /etc/pam.d/other << "EOF" |
---|
182 | # Begin /etc/pam.d/other |
---|
183 | |
---|
184 | auth required pam_deny.so |
---|
185 | auth required pam_warn.so |
---|
186 | account required pam_deny.so |
---|
187 | session required pam_deny.so |
---|
188 | password required pam_deny.so |
---|
189 | password required pam_warn.so |
---|
190 | |
---|
191 | # End /etc/pam.d/other |
---|
192 | EOF |
---|
193 | |
---|
194 | # MORE TO DO FOR login.defs edits... |
---|