source: scripts/blfs-scripts/blfs-shadow-pam.sh@ b7c9d93

clfs-1.2 clfs-2.1 clfs-3.0.0-systemd clfs-3.0.0-sysvinit systemd sysvinit
Last change on this file since b7c9d93 was 617118d, checked in by Jim Gifford <clfs@…>, 19 years ago

r561@server (orig r559): root | 2005-06-05 02:38:49 -0700
Fixed Directory Structure

  • Property mode set to 100755
File size: 5.0 KB
Line 
1#!/bin/sh
2
3### SHADOW ###
4cd ${SRC}
5LOG="shadow-pam-native.log"
6
7SELF=`basename ${0}`
8set_buildenv
9set_libdirname
10setup_multiarch
11if [ ! "${libdirname}" = "lib" ]; then
12 extra_conf="--libdir=/usr/${libdirname}"
13fi
14
15unpack_tarball shadow-${SHADOW_VER} &&
16cd ${PKGDIR}
17
18apply_patch shadow-${SHADOW_VER}-pam-1
19# HACK
20# Issue noted with glibc-2.3-20040701 and linux-libc-headers-2.6.7
21test -f libmisc/xmalloc.c-ORIG ||
22 cp -p libmisc/xmalloc.c libmisc/xmalloc.c-ORIG
23
24sed 's@^extern char \*malloc ();@/* & */@g' \
25 libmisc/xmalloc.c-ORIG > libmisc/xmalloc.c
26
27# Set to Y if you want a shared libmisc and libshadow and have
28# passwd etc linked dynamically to these
29BUILD_SHADOW_SHARED="Y"
30if [ "Y" = "${BUILD_SHADOW_SHARED}" ]; then
31 extra_conf="${extra_conf} --enable-shared"
32fi
33
34# If not there touch /usr/bin/passwd
35if [ ! -f /usr/bin/passwd ]; then touch /usr/bin/passwd ; fi
36
37max_log_init Shadow ${SHADOW_VER} "native (shared)" ${CONFLOGS} ${LOG}
38CC="${CC-gcc} ${ARCH_CFLAGS}" \
39CFLAGS="-O2 -pipe ${TGT_CFLAGS}" \
40LIBS="-lpam -lpam_misc" \
41./configure --prefix=/usr ${extra_conf} \
42 --with-libpam --without-libcrack \
43 >> ${LOGFILE} 2>&1 &&
44echo " o Configure OK" &&
45
46echo '#define HAVE_SETLOCALE 1' >> config.h
47
48min_log_init ${BUILDLOGS} &&
49make LDFLAGS="-s" \
50 >> ${LOGFILE} 2>&1 &&
51echo " o Build OK" &&
52
53min_log_init ${TESTLOGS} &&
54make check \
55 >> ${LOGFILE} 2>&1 &&
56echo " o Test OK" &&
57
58min_log_init ${INSTLOGS} &&
59make install \
60 >> ${LOGFILE} 2>&1 &&
61echo " o ALL OK" || barf
62
63shadowfiles="limits login.access"
64for file in ${shadowfiles} ; do
65 if [ ! -f /etc/${file} ]; then
66 cp -v etc/${file} /etc
67 chmod -c 644 /etc/limits
68 fi
69done
70
71# LFS: User mailboxes belong in /var/mail not /var/spool/mail
72# From Nico's: use MD5
73sed -e 's%/var/spool/mail%/var/mail%' \
74 -e 's%^#MD5_CRYPT_ENAB.*no%MD5_CRYPT_ENAB yes%' \
75 etc/login.defs.linux > /etc/login.defs
76
77#ln -sf vipw /usr/sbin/vigr
78# Nico: create symlink for vigr man page
79#ln -sf vipw.8 /usr/share/man/man8/vigr.8
80
81# Broken symlinks
82mv -f /bin/vigr /usr/sbin
83mv -f /bin/sg /usr/bin
84# Wrong location
85mv -f /usr/bin/passwd /bin
86
87# Only need to move these if we built shared
88if [ "Y" = "${BUILD_SHADOW_SHARED}" ]; then
89 mv -f /usr/${libdiriname}/lib{shadow,misc}.so.0* /${libdirname}
90 ln -sf ../../${libdirname}/libshadow.so.0 /usr/${libdirname}/libshadow.so
91 ln -sf ../../${libdirname}/libmisc.so.0 /usr/${libdirname}/libmisc.so
92 ldconfig
93fi
94
95# Create shadow password file if not already built
96if [ ! -f /etc/shadow ]; then /usr/sbin/pwconv ; fi
97
98if [ ! -d /etc/pam.d ]; then mkdir /etc/pam.d ; fi
99# Will blow the existing files away...
100cat > /etc/pam.d/login << "EOF"
101# Begin /etc/pam.d/login
102
103auth requisite pam_securetty.so
104auth requisite pam_nologin.so
105auth required pam_env.so
106auth required pam_unix.so
107account required pam_access.so
108account required pam_unix.so
109session required pam_motd.so
110session required pam_limits.so
111session optional pam_mail.so dir=/var/mail standard
112session optional pam_lastlog.so
113session required pam_unix.so
114
115# End /etc/pam.d/login
116EOF
117
118cat > /etc/pam.d/passwd-nocracklib << "EOF"
119# Begin /etc/pam.d/passwd
120
121password required pam_unix.so md5 shadow
122
123# End /etc/pam.d/passwd
124EOF
125
126cat > /etc/pam.d/shadow << "EOF"
127# Begin /etc/pam.d/shadow
128
129auth sufficient pam_rootok.so
130auth required pam_unix.so
131account required pam_unix.so
132session required pam_unix.so
133password required pam_permit.so
134
135# End /etc/pam.d/shadow
136EOF
137
138cat > /etc/pam.d/su << "EOF"
139# Begin /etc/pam.d/su
140
141auth sufficient pam_rootok.so
142auth required pam_unix.so
143account required pam_unix.so
144session required pam_unix.so
145
146# End /etc/pam.d/su
147EOF
148cat > /etc/pam.d/useradd << "EOF"
149# Begin /etc/pam.d/useradd
150
151auth sufficient pam_rootok.so
152auth required pam_unix.so
153account required pam_unix.so
154session required pam_unix.so
155password required pam_permit.so
156
157# End /etc/pam.d/useradd
158EOF
159cat > /etc/pam.d/chage << "EOF"
160# Begin /etc/pam.d/chage
161
162auth sufficient pam_rootok.so
163auth required pam_unix.so
164account required pam_unix.so
165session required pam_unix.so
166password required pam_permit.so
167
168# End /etc/pam.d/chage
169EOF
170
171cat > /etc/pam.d/passwd << "EOF"
172# Begin /etc/pam.d/passwd
173
174password required pam_cracklib.so \
175 retry=3 difok=8 minlen=5 dcredit=3 ocredit=3 ucredit=2 lcredit=2
176password required pam_unix.so md5 shadow use_authtok
177
178# End /etc/pam.d/passwd
179EOF
180
181cat > /etc/pam.d/other << "EOF"
182# Begin /etc/pam.d/other
183
184auth required pam_deny.so
185auth required pam_warn.so
186account required pam_deny.so
187session required pam_deny.so
188password required pam_deny.so
189password required pam_warn.so
190
191# End /etc/pam.d/other
192EOF
193
194# MORE TO DO FOR login.defs edits...
Note: See TracBrowser for help on using the repository browser.