source: scripts/blfs-scripts/blfs-shadow-pam.sh @ 617118d

clfs-1.2clfs-2.1clfs-3.0.0-systemdclfs-3.0.0-sysvinitsystemdsysvinit
Last change on this file since 617118d was 617118d, checked in by Jim Gifford <clfs@…>, 18 years ago

r561@server (orig r559): root | 2005-06-05 02:38:49 -0700
Fixed Directory Structure
  • Property mode set to 100755
File size: 5.0 KB
Line 
1#!/bin/sh
2
3### SHADOW ###
4cd ${SRC}
5LOG="shadow-pam-native.log"
6
7SELF=`basename ${0}`
8set_buildenv
9set_libdirname
10setup_multiarch
11if [ ! "${libdirname}" = "lib" ]; then
12   extra_conf="--libdir=/usr/${libdirname}"
13fi
14
15unpack_tarball shadow-${SHADOW_VER} &&
16cd ${PKGDIR}
17
18apply_patch shadow-${SHADOW_VER}-pam-1
19# HACK
20# Issue noted with glibc-2.3-20040701 and linux-libc-headers-2.6.7
21test -f libmisc/xmalloc.c-ORIG ||
22   cp -p libmisc/xmalloc.c libmisc/xmalloc.c-ORIG
23
24sed 's@^extern char \*malloc ();@/* & */@g' \
25   libmisc/xmalloc.c-ORIG > libmisc/xmalloc.c
26
27# Set to Y if you want a shared libmisc and libshadow and have
28# passwd etc linked dynamically to these
29BUILD_SHADOW_SHARED="Y"
30if [ "Y" = "${BUILD_SHADOW_SHARED}" ]; then 
31   extra_conf="${extra_conf} --enable-shared"
32fi
33
34# If not there touch /usr/bin/passwd
35if [ ! -f /usr/bin/passwd ]; then touch /usr/bin/passwd ; fi
36
37max_log_init Shadow ${SHADOW_VER} "native (shared)" ${CONFLOGS} ${LOG}
38CC="${CC-gcc} ${ARCH_CFLAGS}" \
39CFLAGS="-O2 -pipe ${TGT_CFLAGS}" \
40LIBS="-lpam -lpam_misc" \
41./configure --prefix=/usr ${extra_conf} \
42   --with-libpam --without-libcrack \
43   >> ${LOGFILE} 2>&1 &&
44echo " o Configure OK" &&
45
46echo '#define HAVE_SETLOCALE 1' >> config.h
47
48min_log_init ${BUILDLOGS} &&
49make LDFLAGS="-s" \
50   >> ${LOGFILE} 2>&1 &&
51echo " o Build OK" &&
52
53min_log_init ${TESTLOGS} &&
54make check \
55   >>  ${LOGFILE} 2>&1 &&
56echo " o Test OK" &&
57
58min_log_init ${INSTLOGS} &&
59make install \
60   >> ${LOGFILE} 2>&1 &&
61echo " o ALL OK" || barf
62
63shadowfiles="limits login.access"
64for file in ${shadowfiles} ; do
65   if [ ! -f /etc/${file} ]; then
66      cp -v etc/${file} /etc
67      chmod -c 644 /etc/limits
68   fi
69done
70
71# LFS:  User mailboxes belong in /var/mail not /var/spool/mail
72# From Nico's: use MD5
73sed -e 's%/var/spool/mail%/var/mail%' \
74    -e 's%^#MD5_CRYPT_ENAB.*no%MD5_CRYPT_ENAB yes%' \
75    etc/login.defs.linux > /etc/login.defs
76
77#ln -sf vipw /usr/sbin/vigr
78# Nico: create symlink for vigr man page
79#ln -sf vipw.8 /usr/share/man/man8/vigr.8
80
81# Broken symlinks
82mv -f /bin/vigr /usr/sbin
83mv -f /bin/sg /usr/bin
84# Wrong location
85mv -f /usr/bin/passwd /bin
86
87# Only need to move these if we built shared
88if [ "Y" = "${BUILD_SHADOW_SHARED}" ]; then
89   mv -f /usr/${libdiriname}/lib{shadow,misc}.so.0* /${libdirname} 
90   ln -sf ../../${libdirname}/libshadow.so.0 /usr/${libdirname}/libshadow.so
91   ln -sf ../../${libdirname}/libmisc.so.0 /usr/${libdirname}/libmisc.so
92   ldconfig
93fi
94
95# Create shadow password file if not already built
96if [ ! -f /etc/shadow ]; then /usr/sbin/pwconv ; fi
97
98if [ ! -d /etc/pam.d ]; then mkdir /etc/pam.d ; fi
99# Will blow the existing files away...
100cat > /etc/pam.d/login << "EOF"
101# Begin /etc/pam.d/login
102
103auth        requisite      pam_securetty.so
104auth        requisite      pam_nologin.so
105auth        required       pam_env.so
106auth        required       pam_unix.so
107account     required       pam_access.so
108account     required       pam_unix.so
109session     required       pam_motd.so
110session     required       pam_limits.so
111session     optional       pam_mail.so     dir=/var/mail standard
112session     optional       pam_lastlog.so
113session     required       pam_unix.so
114
115# End /etc/pam.d/login
116EOF
117
118cat > /etc/pam.d/passwd-nocracklib << "EOF"
119# Begin /etc/pam.d/passwd
120
121password    required       pam_unix.so     md5 shadow
122
123# End /etc/pam.d/passwd
124EOF
125
126cat > /etc/pam.d/shadow << "EOF"
127# Begin /etc/pam.d/shadow
128
129auth        sufficient      pam_rootok.so
130auth        required        pam_unix.so
131account     required        pam_unix.so
132session     required        pam_unix.so
133password    required        pam_permit.so
134
135# End /etc/pam.d/shadow
136EOF
137
138cat > /etc/pam.d/su << "EOF"
139# Begin /etc/pam.d/su
140
141auth        sufficient      pam_rootok.so
142auth        required        pam_unix.so
143account     required        pam_unix.so
144session     required        pam_unix.so
145
146# End /etc/pam.d/su
147EOF
148cat > /etc/pam.d/useradd << "EOF"
149# Begin /etc/pam.d/useradd
150
151auth        sufficient      pam_rootok.so
152auth        required        pam_unix.so
153account     required        pam_unix.so
154session     required        pam_unix.so
155password    required        pam_permit.so
156
157# End /etc/pam.d/useradd
158EOF
159cat > /etc/pam.d/chage << "EOF"
160# Begin /etc/pam.d/chage
161
162auth        sufficient      pam_rootok.so
163auth        required        pam_unix.so
164account     required        pam_unix.so
165session     required        pam_unix.so
166password    required        pam_permit.so
167
168# End /etc/pam.d/chage
169EOF
170
171cat > /etc/pam.d/passwd << "EOF" 
172# Begin /etc/pam.d/passwd
173
174password    required    pam_cracklib.so     \
175    retry=3  difok=8  minlen=5  dcredit=3  ocredit=3  ucredit=2  lcredit=2
176password    required    pam_unix.so     md5 shadow use_authtok
177
178# End /etc/pam.d/passwd
179EOF
180
181cat > /etc/pam.d/other << "EOF"
182# Begin /etc/pam.d/other
183
184auth        required        pam_deny.so
185auth        required        pam_warn.so
186account     required        pam_deny.so
187session     required        pam_deny.so
188password    required        pam_deny.so
189password    required        pam_warn.so
190
191# End /etc/pam.d/other
192EOF
193
194# MORE TO DO FOR login.defs edits...
Note: See TracBrowser for help on using the repository browser.