From: dataCobra <dataCobra@users.noreply.github.com>
To: ml@inbox.vuxu.org
Subject: Re: [PR PATCH] [Updated] shadow: update to 4.14.5.
Date: Sat, 24 Feb 2024 18:38:43 +0100 [thread overview]
Message-ID: <20240224173843.9BE89238DF@inbox.vuxu.org> (raw)
In-Reply-To: <gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-48813@inbox.vuxu.org>
[-- Attachment #1: Type: text/plain, Size: 674 bytes --]
There is an updated pull request by dataCobra against master on the void-packages repository
https://github.com/dataCobra/void-packages shadow
https://github.com/void-linux/void-packages/pull/48813
shadow: update to 4.14.5.
#### Testing the changes
- I tested the changes in this PR: **YES**
#### Local build testing
- I built this PR locally for my native architecture, (x86_64-glibc)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- x86_64-musl
- i686
I welcome everyone to test this version. Maybe also on a new installation.
A patch file from https://github.com/void-linux/void-packages/pull/48813.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-shadow-48813.patch --]
[-- Type: text/x-diff, Size: 36723 bytes --]
From 2d486227307412c08ed13067154144e4cc2d5bf2 Mon Sep 17 00:00:00 2001
From: dataCobra <datacobra@thinkbot.de>
Date: Sat, 24 Feb 2024 18:38:27 +0100
Subject: [PATCH] shadow: update to 4.14.5.
---
common/shlibs | 1 +
srcpkgs/shadow/files/login.defs | 87 ---
...pt-login.defs-for-PAM-and-util-linux.patch | 721 ++++++++++++++++++
...d-Arch-Linux-defaults-for-login.defs.patch | 55 ++
.../patches/fix-undefined-reference.patch | 19 +
.../shadow/patches/shadow-strncpy-usage.patch | 23 -
srcpkgs/shadow/patches/useradd-defaults.patch | 21 +
srcpkgs/shadow/patches/xstrdup.patch | 15 +-
srcpkgs/shadow/template | 46 +-
9 files changed, 851 insertions(+), 137 deletions(-)
delete mode 100644 srcpkgs/shadow/files/login.defs
create mode 100644 srcpkgs/shadow/patches/0002-Adapt-login.defs-for-PAM-and-util-linux.patch
create mode 100644 srcpkgs/shadow/patches/0003-Add-Arch-Linux-defaults-for-login.defs.patch
create mode 100644 srcpkgs/shadow/patches/fix-undefined-reference.patch
delete mode 100644 srcpkgs/shadow/patches/shadow-strncpy-usage.patch
create mode 100644 srcpkgs/shadow/patches/useradd-defaults.patch
diff --git a/common/shlibs b/common/shlibs
index 0750383d854a98..b205e0d008e749 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -4284,3 +4284,4 @@ libunicode_ucd.so.0.4 libunicode-0.4.0_1
libunicode_loader.so.0.4 libunicode-0.4.0_1
force-stage.so.0.1 void-force-stage-0.1_1
libliftoff.so.0 libliftoff-0.4.1_1
+libsubid.so.4 shadow-4.14.5_1
diff --git a/srcpkgs/shadow/files/login.defs b/srcpkgs/shadow/files/login.defs
deleted file mode 100644
index 350764846af4b0..00000000000000
--- a/srcpkgs/shadow/files/login.defs
+++ /dev/null
@@ -1,87 +0,0 @@
-# Configuration file for login(1). For more information see
-# login.defs(5).
-
-# Directory where mailboxes reside, _or_ name of file, relative to the
-# home directory. If you do define both, MAIL_DIR takes precedence.
-#
-MAIL_DIR /var/mail
-#MAIL_FILE .mail
-
-# Password aging controls:
-#
-# PASS_MAX_DAYS Maximum number of days a password may be used.
-# PASS_MIN_DAYS Minimum number of days allowed between password changes.
-# PASS_MIN_LEN Minimum acceptable password length.
-# PASS_WARN_AGE Number of days warning given before a password expires.
-PASS_MAX_DAYS 99999
-PASS_MIN_DAYS 0
-PASS_WARN_AGE 7
-
-# Min/max values for automatic uid selection in useradd
-UID_MIN 1000
-UID_MAX 60000
-# System accounts
-SYS_UID_MIN 100
-SYS_UID_MAX 999
-
-# Min/max values for automatic gid selection in groupadd
-GID_MIN 1000
-GID_MAX 60000
-# System accounts
-SYS_GID_MIN 100
-SYS_GID_MAX 999
-
-# If useradd should create home directories for users by default
-CREATE_HOME yes
-
-# This enables userdel to remove user groups if no members exist.
-USERGROUPS_ENAB yes
-
-# Disable MOTD_FILE (empty); use pam_motd(8) instead.
-MOTD_FILE
-
-
-# If defined, either full pathname of a file containing device names or
-# a ":" delimited list of device names. Root logins will be allowed only
-# upon these devices.
-#
-CONSOLE /etc/securetty
-
-# Terminal permissions
-#
-# TTYGROUP Login tty will be assigned this group ownership.
-# TTYPERM Login tty will be set to this permission.
-#
-# If you have a "write" program which is "setgid" to a special group
-# which owns the terminals, define TTYGROUP to the group number and
-# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
-# TTYPERM to either 622 or 600.
-#
-TTYGROUP tty
-TTYPERM 0600
-
-# Login configuration initializations:
-#
-# ERASECHAR Terminal ERASE character ('\010' = backspace).
-# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
-# UMASK Default "umask" value.
-#
-# The ERASECHAR and KILLCHAR are used only on System V machines.
-# The ULIMIT is used only if the system supports it.
-# (now it works with setrlimit too; ulimit is in 512-byte units)
-#
-# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
-#
-ERASECHAR 0177
-KILLCHAR 025
-UMASK 022
-HOME_MODE 0700
-
-# Max number of login retries if password is bad
-#
-LOGIN_RETRIES 5
-
-#
-# Max time in seconds for login
-#
-LOGIN_TIMEOUT 60
diff --git a/srcpkgs/shadow/patches/0002-Adapt-login.defs-for-PAM-and-util-linux.patch b/srcpkgs/shadow/patches/0002-Adapt-login.defs-for-PAM-and-util-linux.patch
new file mode 100644
index 00000000000000..dc794a7c14591f
--- /dev/null
+++ b/srcpkgs/shadow/patches/0002-Adapt-login.defs-for-PAM-and-util-linux.patch
@@ -0,0 +1,721 @@
+From dcc12b1d2bd612923c6c73d0da92fbe1aefa46b1 Mon Sep 17 00:00:00 2001
+From: David Runge <dvzrv@archlinux.org>
+Date: Mon, 31 Oct 2022 09:45:13 +0100
+Subject: [PATCH 2/3] Adapt login.defs for PAM and util-linux
+
+etc/login.defs:
+Remove unused login.defs options, that are either irrelevant due to the
+use of PAM or because the util-linux version of a binary does not
+support them.
+Modify all options that are ignored when using PAM, but are supported by
+util-linux.
+
+Removed options because they are part of PAMDEFS (options in PAMDEFS are
+options silently ignored by shadow when built with PAM enabled):
+* CHFN_AUTH
+* CRACKLIB_DICTPATH
+* ENV_HZ
+* ENVIRON_FILE
+* ENV_TZ
+* FAILLOG_ENAB
+* FTMP_FILE
+* ISSUE_FILE
+* LASTLOG_ENAB
+* LOGIN_STRING
+* MAIL_CHECK_ENAB
+* NOLOGINS_FILE
+* OBSCURE_CHECKS_ENAB
+* PASS_ALWAYS_WARN
+* PASS_CHANGE_TRIES
+* PASS_MAX_LEN
+* PASS_MIN_LEN
+* PORTTIME_CHECKS_ENAB
+* QUOTAS_ENAB
+* SU_WHEEL_ONLY
+* SYSLOG_SU_ENAB
+* ULIMIT
+
+Removed options because they are not availablbe with PAM enabled:
+* BCRYPT_MIN_ROUNDS
+* BCRYPT_MAX_ROUNDS
+* CONSOLE_GROUPS
+* CONSOLE
+* MD5_CRYPT_ENAB
+* PREVENT_NO_AUTH
+
+Removed encryption methods (`ENCRYPT_METHOD`), because they are unsafe
+or not available with PAM:
+* BCRYPT
+* MD5
+
+Removed options because they are not supported by login from util-linux:
+* ERASECHAR
+* KILLCHAR
+* LOG_OK_LOGINS
+* TTYTYPE_FILE
+
+Removed options because they are not supported by su from util-linux:
+* SULOG_FILE
+* SU_NAME
+
+Adapted options because they are in PAMDEFS but are supported by login
+from util-linux:
+* MOTD_FILE
+
+man/login.defs.5.xml:
+Remove unavailable options from man 5 login.defs.
+---
+ etc/login.defs | 228 +------------------------------------------
+ man/login.defs.5.xml | 150 +---------------------------
+ 2 files changed, 8 insertions(+), 370 deletions(-)
+
+diff --git a/etc/login.defs b/etc/login.defs
+index 114dbcd9..797ca6b3 100644
+--- a/etc/login.defs
++++ b/etc/login.defs
+@@ -3,6 +3,8 @@
+ #
+ # $Id$
+ #
++# NOTE: This file is adapted for the use on Arch Linux!
++# Unsupported options due to the use of util-linux or PAM are removed.
+
+ #
+ # Delay in seconds before being allowed another attempt after a login failure
+@@ -11,26 +13,11 @@
+ #
+ FAIL_DELAY 3
+
+-#
+-# Enable logging and display of /var/log/faillog login(1) failure info.
+-#
+-FAILLOG_ENAB yes
+-
+ #
+ # Enable display of unknown usernames when login(1) failures are recorded.
+ #
+ LOG_UNKFAIL_ENAB no
+
+-#
+-# Enable logging of successful logins
+-#
+-LOG_OK_LOGINS no
+-
+-#
+-# Enable logging and display of /var/log/lastlog login(1) time info.
+-#
+-LASTLOG_ENAB yes
+-
+ #
+ # Limit the highest user ID number for which the lastlog entries should
+ # be updated.
+@@ -40,88 +27,13 @@ LASTLOG_ENAB yes
+ #
+ #LASTLOG_UID_MAX
+
+-#
+-# Enable checking and display of mailbox status upon login.
+-#
+-# Disable if the shell startup files already check for mail
+-# ("mailx -e" or equivalent).
+-#
+-MAIL_CHECK_ENAB yes
+-
+-#
+-# Enable additional checks upon password changes.
+-#
+-OBSCURE_CHECKS_ENAB yes
+-
+-#
+-# Enable checking of time restrictions specified in /etc/porttime.
+-#
+-PORTTIME_CHECKS_ENAB yes
+-
+-#
+-# Enable setting of ulimit, umask, and niceness from passwd(5) gecos field.
+-#
+-QUOTAS_ENAB yes
+-
+-#
+-# Enable "syslog" logging of su(1) activity - in addition to sulog file logging.
+-# SYSLOG_SG_ENAB does the same for newgrp(1) and sg(1).
+-#
+-SYSLOG_SU_ENAB yes
+-SYSLOG_SG_ENAB yes
+-
+-#
+-# If defined, either full pathname of a file containing device names or
+-# a ":" delimited list of device names. Root logins will be allowed only
+-# from these devices.
+-#
+-CONSOLE /etc/securetty
+-#CONSOLE console:tty01:tty02:tty03:tty04
+-
+-#
+-# If defined, all su(1) activity is logged to this file.
+-#
+-#SULOG_FILE /var/log/sulog
+-
+ #
+ # If defined, ":" delimited list of "message of the day" files to
+ # be displayed upon login.
+ #
+-MOTD_FILE /etc/motd
++MOTD_FILE
+ #MOTD_FILE /etc/motd:/usr/lib/news/news-motd
+
+-#
+-# If defined, this file will be output before each login(1) prompt.
+-#
+-#ISSUE_FILE /etc/issue
+-
+-#
+-# If defined, file which maps tty line to TERM environment parameter.
+-# Each line of the file is in a format similar to "vt100 tty01".
+-#
+-#TTYTYPE_FILE /etc/ttytype
+-
+-#
+-# If defined, login(1) failures will be logged here in a utmp format.
+-# last(1), when invoked as lastb(1), will read /var/log/btmp, so...
+-#
+-FTMP_FILE /var/log/btmp
+-
+-#
+-# If defined, name of file whose presence will inhibit non-root
+-# logins. The content of this file should be a message indicating
+-# why logins are inhibited.
+-#
+-NOLOGINS_FILE /etc/nologin
+-
+-#
+-# If defined, the command name to display when running "su -". For
+-# example, if this is defined as "su" then ps(1) will display the
+-# command as "-su". If not defined, then ps(1) will display the
+-# name of the shell actually being run, e.g. something like "-sh".
+-#
+-SU_NAME su
+-
+ #
+ # *REQUIRED*
+ # Directory where mailboxes reside, _or_ name of file, relative to the
+@@ -139,21 +51,6 @@ MAIL_DIR /var/spool/mail
+ HUSHLOGIN_FILE .hushlogin
+ #HUSHLOGIN_FILE /etc/hushlogins
+
+-#
+-# If defined, either a TZ environment parameter spec or the
+-# fully-rooted pathname of a file containing such a spec.
+-#
+-#ENV_TZ TZ=CST6CDT
+-#ENV_TZ /etc/tzname
+-
+-#
+-# If defined, an HZ environment parameter spec.
+-#
+-# for Linux/x86
+-ENV_HZ HZ=100
+-# For Linux/Alpha...
+-#ENV_HZ HZ=1024
+-
+ #
+ # *REQUIRED* The default PATH settings, for superuser and normal users.
+ #
+@@ -175,23 +72,6 @@ ENV_PATH PATH=/bin:/usr/bin
+ TTYGROUP tty
+ TTYPERM 0600
+
+-#
+-# Login configuration initializations:
+-#
+-# ERASECHAR Terminal ERASE character ('\010' = backspace).
+-# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
+-# ULIMIT Default "ulimit" value.
+-#
+-# The ERASECHAR and KILLCHAR are used only on System V machines.
+-# The ULIMIT is used only if the system supports it.
+-# (now it works with setrlimit too; ulimit is in 512-byte units)
+-#
+-# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+-#
+-ERASECHAR 0177
+-KILLCHAR 025
+-#ULIMIT 2097152
+-
+ # Default initial "umask" value used by login(1) on non-PAM enabled systems.
+ # Default "umask" value for pam_umask(8) on PAM enabled systems.
+ # UMASK is also used by useradd(8) and newusers(8) to set the mode for new
+@@ -211,27 +91,12 @@ UMASK 022
+ #
+ # PASS_MAX_DAYS Maximum number of days a password may be used.
+ # PASS_MIN_DAYS Minimum number of days allowed between password changes.
+-# PASS_MIN_LEN Minimum acceptable password length.
+ # PASS_WARN_AGE Number of days warning given before a password expires.
+ #
+ PASS_MAX_DAYS 99999
+ PASS_MIN_DAYS 0
+-PASS_MIN_LEN 5
+ PASS_WARN_AGE 7
+
+-#
+-# If "yes", the user must be listed as a member of the first gid 0 group
+-# in /etc/group (called "root" on most Linux systems) to be able to "su"
+-# to uid 0 accounts. If the group doesn't exist or is empty, no one
+-# will be able to "su" to uid 0.
+-#
+-SU_WHEEL_ONLY no
+-
+-#
+-# If compiled with cracklib support, sets the path to the dictionaries
+-#
+-CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict
+-
+ #
+ # Min/max values for automatic uid selection in useradd(8)
+ #
+@@ -268,28 +133,6 @@ LOGIN_RETRIES 5
+ #
+ LOGIN_TIMEOUT 60
+
+-#
+-# Maximum number of attempts to change password if rejected (too easy)
+-#
+-PASS_CHANGE_TRIES 5
+-
+-#
+-# Warn about weak passwords (but still allow them) if you are root.
+-#
+-PASS_ALWAYS_WARN yes
+-
+-#
+-# Number of significant characters in the password for crypt().
+-# Default is 8, don't change unless your crypt() is better.
+-# Ignored if MD5_CRYPT_ENAB set to "yes".
+-#
+-#PASS_MAX_LEN 8
+-
+-#
+-# Require password before chfn(1)/chsh(1) can make any changes.
+-#
+-CHFN_AUTH yes
+-
+ #
+ # Which fields may be changed by regular users using chfn(1) - use
+ # any combination of letters "frwh" (full name, room number, work
+@@ -298,38 +141,13 @@ CHFN_AUTH yes
+ #
+ CHFN_RESTRICT rwh
+
+-#
+-# Password prompt (%s will be replaced by user name).
+-#
+-# XXX - it doesn't work correctly yet, for now leave it commented out
+-# to use the default which is just "Password: ".
+-#LOGIN_STRING "%s's Password: "
+-
+-#
+-# Only works if compiled with MD5_CRYPT defined:
+-# If set to "yes", new passwords will be encrypted using the MD5-based
+-# algorithm compatible with the one used by recent releases of FreeBSD.
+-# It supports passwords of unlimited length and longer salt strings.
+-# Set to "no" if you need to copy encrypted passwords to other systems
+-# which don't understand the new algorithm. Default is "no".
+-#
+-# Note: If you use PAM, it is recommended to use a value consistent with
+-# the PAM modules configuration.
+-#
+-# This variable is deprecated. You should use ENCRYPT_METHOD instead.
+-#
+-#MD5_CRYPT_ENAB no
+-
+ #
+ # Only works if compiled with ENCRYPTMETHOD_SELECT defined:
+-# If set to MD5, MD5-based algorithm will be used for encrypting password
+ # If set to SHA256, SHA256-based algorithm will be used for encrypting password
+ # If set to SHA512, SHA512-based algorithm will be used for encrypting password
+-# If set to BCRYPT, BCRYPT-based algorithm will be used for encrypting password
+ # If set to YESCRYPT, YESCRYPT-based algorithm will be used for encrypting password
+ # If set to DES, DES-based algorithm will be used for encrypting password (default)
+ # MD5 and DES should not be used for new hashes, see crypt(5) for recommendations.
+-# Overrides the MD5_CRYPT_ENAB option
+ #
+ # Note: If you use PAM, it is recommended to use a value consistent with
+ # the PAM modules configuration.
+@@ -353,21 +171,6 @@ CHFN_RESTRICT rwh
+ #SHA_CRYPT_MIN_ROUNDS 5000
+ #SHA_CRYPT_MAX_ROUNDS 5000
+
+-#
+-# Only works if ENCRYPT_METHOD is set to BCRYPT.
+-#
+-# Define the number of BCRYPT rounds.
+-# With a lot of rounds, it is more difficult to brute-force the password.
+-# However, more CPU resources will be needed to authenticate users if
+-# this value is increased.
+-#
+-# If not specified, 13 rounds will be attempted.
+-# If only one of the MIN or MAX values is set, then this value will be used.
+-# If MIN > MAX, the highest value will be used.
+-#
+-#BCRYPT_MIN_ROUNDS 13
+-#BCRYPT_MAX_ROUNDS 13
+-
+ #
+ # Only works if ENCRYPT_METHOD is set to YESCRYPT.
+ #
+@@ -381,17 +184,6 @@ CHFN_RESTRICT rwh
+ #
+ #YESCRYPT_COST_FACTOR 5
+
+-#
+-# List of groups to add to the user's supplementary group set
+-# when logging in from the console (as determined by the CONSOLE
+-# setting). Default is none.
+-#
+-# Use with caution - it is possible for users to gain permanent
+-# access to these groups, even when not logged in from the console.
+-# How to do it is left as an exercise for the reader...
+-#
+-#CONSOLE_GROUPS floppy:audio:cdrom
+-
+ #
+ # Should login be allowed if we can't cd to the home directory?
+ # Default is no.
+@@ -406,12 +198,6 @@ DEFAULT_HOME yes
+ #
+ NONEXISTENT /nonexistent
+
+-#
+-# If this file exists and is readable, login environment will be
+-# read from it. Every line should be in the form name=value.
+-#
+-ENVIRON_FILE /etc/environment
+-
+ #
+ # If defined, this command is run when removing a user.
+ # It should remove any at/cron/print jobs etc. owned by
+@@ -459,14 +245,6 @@ USERGROUPS_ENAB yes
+ #
+ #GRANT_AUX_GROUP_SUBIDS yes
+
+-#
+-# Prevents an empty password field to be interpreted as "no authentication
+-# required".
+-# Set to "yes" to prevent for all accounts
+-# Set to "superuser" to prevent for UID 0 / root (default)
+-# Set to "no" to not prevent for any account (dangerous, historical default)
+-PREVENT_NO_AUTH superuser
+-
+ #
+ # Select the HMAC cryptography algorithm.
+ # Used in pam_timestamp module to calculate the keyed-hash message
+diff --git a/man/login.defs.5.xml b/man/login.defs.5.xml
+index ab62fa86..d82c47f1 100644
+--- a/man/login.defs.5.xml
++++ b/man/login.defs.5.xml
+@@ -7,69 +7,38 @@
+ -->
+ <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+-<!ENTITY CHFN_AUTH SYSTEM "login.defs.d/CHFN_AUTH.xml">
+ <!ENTITY CHFN_RESTRICT SYSTEM "login.defs.d/CHFN_RESTRICT.xml">
+-<!ENTITY CHSH_AUTH SYSTEM "login.defs.d/CHSH_AUTH.xml">
+-<!ENTITY CONSOLE SYSTEM "login.defs.d/CONSOLE.xml">
+-<!ENTITY CONSOLE_GROUPS SYSTEM "login.defs.d/CONSOLE_GROUPS.xml">
+ <!ENTITY CREATE_HOME SYSTEM "login.defs.d/CREATE_HOME.xml">
+ <!ENTITY DEFAULT_HOME SYSTEM "login.defs.d/DEFAULT_HOME.xml">
+ <!ENTITY ENCRYPT_METHOD SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+-<!ENTITY ENV_HZ SYSTEM "login.defs.d/ENV_HZ.xml">
+ <!ENTITY ENV_PATH SYSTEM "login.defs.d/ENV_PATH.xml">
+ <!ENTITY ENV_SUPATH SYSTEM "login.defs.d/ENV_SUPATH.xml">
+-<!ENTITY ENV_TZ SYSTEM "login.defs.d/ENV_TZ.xml">
+-<!ENTITY ENVIRON_FILE SYSTEM "login.defs.d/ENVIRON_FILE.xml">
+-<!ENTITY ERASECHAR SYSTEM "login.defs.d/ERASECHAR.xml">
+ <!ENTITY FAIL_DELAY SYSTEM "login.defs.d/FAIL_DELAY.xml">
+-<!ENTITY FAILLOG_ENAB SYSTEM "login.defs.d/FAILLOG_ENAB.xml">
+-<!ENTITY FAKE_SHELL SYSTEM "login.defs.d/FAKE_SHELL.xml">
+-<!ENTITY FTMP_FILE SYSTEM "login.defs.d/FTMP_FILE.xml">
+ <!ENTITY GID_MAX SYSTEM "login.defs.d/GID_MAX.xml">
+ <!ENTITY HMAC_CRYPTO_ALGO SYSTEM "login.defs.d/HMAC_CRYPTO_ALGO.xml">
+ <!ENTITY HOME_MODE SYSTEM "login.defs.d/HOME_MODE.xml">
+ <!ENTITY HUSHLOGIN_FILE SYSTEM "login.defs.d/HUSHLOGIN_FILE.xml">
+-<!ENTITY ISSUE_FILE SYSTEM "login.defs.d/ISSUE_FILE.xml">
+-<!ENTITY KILLCHAR SYSTEM "login.defs.d/KILLCHAR.xml">
+-<!ENTITY LASTLOG_ENAB SYSTEM "login.defs.d/LASTLOG_ENAB.xml">
+ <!ENTITY LASTLOG_UID_MAX SYSTEM "login.defs.d/LASTLOG_UID_MAX.xml">
+-<!ENTITY LOG_OK_LOGINS SYSTEM "login.defs.d/LOG_OK_LOGINS.xml">
+ <!ENTITY LOG_UNKFAIL_ENAB SYSTEM "login.defs.d/LOG_UNKFAIL_ENAB.xml">
+ <!ENTITY LOGIN_RETRIES SYSTEM "login.defs.d/LOGIN_RETRIES.xml">
+-<!ENTITY LOGIN_STRING SYSTEM "login.defs.d/LOGIN_STRING.xml">
+ <!ENTITY LOGIN_TIMEOUT SYSTEM "login.defs.d/LOGIN_TIMEOUT.xml">
+-<!ENTITY MAIL_CHECK_ENAB SYSTEM "login.defs.d/MAIL_CHECK_ENAB.xml">
+ <!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
+ <!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+-<!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+ <!ENTITY MOTD_FILE SYSTEM "login.defs.d/MOTD_FILE.xml">
+-<!ENTITY NOLOGINS_FILE SYSTEM "login.defs.d/NOLOGINS_FILE.xml">
+ <!ENTITY NONEXISTENT SYSTEM "login.defs.d/NONEXISTENT.xml">
+-<!ENTITY OBSCURE_CHECKS_ENAB SYSTEM "login.defs.d/OBSCURE_CHECKS_ENAB.xml">
+-<!ENTITY PASS_ALWAYS_WARN SYSTEM "login.defs.d/PASS_ALWAYS_WARN.xml">
+-<!ENTITY PASS_CHANGE_TRIES SYSTEM "login.defs.d/PASS_CHANGE_TRIES.xml">
+-<!ENTITY PASS_MAX_LEN SYSTEM "login.defs.d/PASS_MAX_LEN.xml">
+ <!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
+ <!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
+ <!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
+-<!ENTITY PORTTIME_CHECKS_ENAB SYSTEM "login.defs.d/PORTTIME_CHECKS_ENAB.xml">
+-<!ENTITY QUOTAS_ENAB SYSTEM "login.defs.d/QUOTAS_ENAB.xml">
+ <!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+-<!ENTITY SULOG_FILE SYSTEM "login.defs.d/SULOG_FILE.xml">
+-<!ENTITY SU_NAME SYSTEM "login.defs.d/SU_NAME.xml">
+-<!ENTITY SU_WHEEL_ONLY SYSTEM "login.defs.d/SU_WHEEL_ONLY.xml">
+ <!ENTITY SUB_GID_COUNT SYSTEM "login.defs.d/SUB_GID_COUNT.xml">
+ <!ENTITY SUB_UID_COUNT SYSTEM "login.defs.d/SUB_UID_COUNT.xml">
+ <!ENTITY SYS_GID_MAX SYSTEM "login.defs.d/SYS_GID_MAX.xml">
+ <!ENTITY SYSLOG_SG_ENAB SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml">
+-<!ENTITY SYSLOG_SU_ENAB SYSTEM "login.defs.d/SYSLOG_SU_ENAB.xml">
+ <!ENTITY SYS_UID_MAX SYSTEM "login.defs.d/SYS_UID_MAX.xml">
+ <!ENTITY TCB_AUTH_GROUP SYSTEM "login.defs.d/TCB_AUTH_GROUP.xml">
+ <!ENTITY TCB_SYMLINKS SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
+ <!ENTITY TTYGROUP SYSTEM "login.defs.d/TTYGROUP.xml">
+-<!ENTITY TTYTYPE_FILE SYSTEM "login.defs.d/TTYTYPE_FILE.xml">
+ <!ENTITY UID_MAX SYSTEM "login.defs.d/UID_MAX.xml">
+-<!ENTITY ULIMIT SYSTEM "login.defs.d/ULIMIT.xml">
+ <!ENTITY UMASK SYSTEM "login.defs.d/UMASK.xml">
+ <!ENTITY USERDEL_CMD SYSTEM "login.defs.d/USERDEL_CMD.xml">
+ <!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
+@@ -145,47 +114,25 @@
+ <para>The following configuration items are provided:</para>
+
+ <variablelist remap='IP'>
+- &CHFN_AUTH;
+ &CHFN_RESTRICT;
+- &CHSH_AUTH;
+- &CONSOLE;
+- &CONSOLE_GROUPS;
+ &CREATE_HOME;
+ &DEFAULT_HOME;
+ &ENCRYPT_METHOD;
+- &ENV_HZ;
+ &ENV_PATH;
+ &ENV_SUPATH;
+- &ENV_TZ;
+- &ENVIRON_FILE;
+- &ERASECHAR;
+ &FAIL_DELAY;
+- &FAILLOG_ENAB;
+- &FAKE_SHELL;
+- &FTMP_FILE;
+ &GID_MAX; <!-- documents also GID_MIN -->
+ &HMAC_CRYPTO_ALGO;
+ &HOME_MODE;
+ &HUSHLOGIN_FILE;
+- &ISSUE_FILE;
+- &KILLCHAR;
+- &LASTLOG_ENAB;
+ &LASTLOG_UID_MAX;
+- &LOG_OK_LOGINS;
+ &LOG_UNKFAIL_ENAB;
+ &LOGIN_RETRIES;
+- &LOGIN_STRING;
+ &LOGIN_TIMEOUT;
+- &MAIL_CHECK_ENAB;
+ &MAIL_DIR;
+ &MAX_MEMBERS_PER_GROUP;
+- &MD5_CRYPT_ENAB;
+ &MOTD_FILE;
+- &NOLOGINS_FILE;
+ &NONEXISTENT;
+- &OBSCURE_CHECKS_ENAB;
+- &PASS_ALWAYS_WARN;
+- &PASS_CHANGE_TRIES;
+ &PASS_MAX_DAYS;
+ &PASS_MIN_DAYS;
+ &PASS_WARN_AGE;
+@@ -195,25 +142,16 @@
+ time of account creation. Any changes to these settings won't affect
+ existing accounts.
+ </para>
+- &PASS_MAX_LEN; <!-- documents also PASS_MIN_LEN -->
+- &PORTTIME_CHECKS_ENAB;
+- "AS_ENAB;
+ &SHA_CRYPT_MIN_ROUNDS; <!-- documents also SHA_CRYPT_MAX_ROUNDS -->
+- &SULOG_FILE;
+- &SU_NAME;
+- &SU_WHEEL_ONLY;
+ &SUB_GID_COUNT; <!-- documents also SUB_GID_MIN SUB_GID_MAX -->
+ &SUB_UID_COUNT; <!-- documents also SUB_UID_MIN SUB_UID_MAX -->
+ &SYS_GID_MAX; <!-- documents also SYS_GID_MIN -->
+ &SYS_UID_MAX; <!-- documents also SYS_UID_MIN -->
+ &SYSLOG_SG_ENAB;
+- &SYSLOG_SU_ENAB;
+ &TCB_AUTH_GROUP;
+ &TCB_SYMLINKS;
+ &TTYGROUP;
+- &TTYTYPE_FILE;
+ &UID_MAX; <!-- documents also UID_MIN -->
+- &ULIMIT;
+ &UMASK;
+ &USERDEL_CMD;
+ &USERGROUPS_ENAB;
+@@ -239,9 +177,7 @@
+ <term>chfn</term>
+ <listitem>
+ <para>
+- <phrase condition="no_pam">CHFN_AUTH</phrase>
+ CHFN_RESTRICT
+- <phrase condition="no_pam">LOGIN_STRING</phrase>
+ </para>
+ </listitem>
+ </varlistentry>
+@@ -249,7 +185,7 @@
+ <term>chgpasswd</term>
+ <listitem>
+ <para>
+- ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
++ ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP
+ <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+ SHA_CRYPT_MIN_ROUNDS</phrase>
+ </para>
+@@ -259,8 +195,6 @@
+ <term>chpasswd</term>
+ <listitem>
+ <para>
+- <phrase condition="no_pam">ENCRYPT_METHOD
+- MD5_CRYPT_ENAB </phrase>
+ <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+ SHA_CRYPT_MIN_ROUNDS</phrase>
+ </para>
+@@ -270,7 +204,7 @@
+ <term>chsh</term>
+ <listitem>
+ <para>
+- CHSH_AUTH LOGIN_STRING
++ CHSH_AUTH
+ </para>
+ </listitem>
+ </varlistentry>
+@@ -280,7 +214,7 @@
+ <term>gpasswd</term>
+ <listitem>
+ <para>
+- ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
++ ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP
+ <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+ SHA_CRYPT_MIN_ROUNDS</phrase>
+ </para>
+@@ -339,35 +273,6 @@
+ <para>LASTLOG_UID_MAX</para>
+ </listitem>
+ </varlistentry>
+- <varlistentry>
+- <term>login</term>
+- <listitem>
+- <para>
+- <phrase condition="no_pam">CONSOLE</phrase>
+- CONSOLE_GROUPS DEFAULT_HOME
+- <phrase condition="no_pam">ENV_HZ ENV_PATH ENV_SUPATH
+- ENV_TZ ENVIRON_FILE</phrase>
+- ERASECHAR FAIL_DELAY
+- <phrase condition="no_pam">FAILLOG_ENAB</phrase>
+- FAKE_SHELL
+- <phrase condition="no_pam">FTMP_FILE</phrase>
+- HUSHLOGIN_FILE
+- <phrase condition="no_pam">ISSUE_FILE</phrase>
+- KILLCHAR
+- <phrase condition="no_pam">LASTLOG_ENAB LASTLOG_UID_MAX</phrase>
+- LOGIN_RETRIES
+- <phrase condition="no_pam">LOGIN_STRING</phrase>
+- LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB
+- <phrase condition="no_pam">MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE
+- MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB
+- QUOTAS_ENAB</phrase>
+- TTYGROUP TTYPERM TTYTYPE_FILE
+- <phrase condition="no_pam">ULIMIT UMASK</phrase>
+- USERGROUPS_ENAB
+- </para>
+- </listitem>
+- </varlistentry>
+- <!-- logoutd: no variables -->
+ <varlistentry>
+ <term>newgrp / sg</term>
+ <listitem>
+@@ -382,7 +287,7 @@
+ <para>
+ ENCRYPT_METHOD
+ GID_MAX GID_MIN
+- MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
++ MAX_MEMBERS_PER_GROUP
+ HOME_MODE
+ PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
+ <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+@@ -399,8 +304,7 @@
+ <term>passwd</term>
+ <listitem>
+ <para>
+- ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB
+- PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN
++ ENCRYPT_METHOD
+ <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
+ SHA_CRYPT_MIN_ROUNDS</phrase>
+ </para>
+@@ -432,32 +336,6 @@
+ </para>
+ </listitem>
+ </varlistentry>
+- <varlistentry>
+- <term>su</term>
+- <listitem>
+- <para>
+- <phrase condition="no_pam">CONSOLE</phrase>
+- CONSOLE_GROUPS DEFAULT_HOME
+- <phrase condition="no_pam">ENV_HZ ENVIRON_FILE</phrase>
+- ENV_PATH ENV_SUPATH
+- <phrase condition="no_pam">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB
+- MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase>
+- SULOG_FILE SU_NAME
+- <phrase condition="no_pam">SU_WHEEL_ONLY</phrase>
+- SYSLOG_SU_ENAB
+- <phrase condition="no_pam">USERGROUPS_ENAB</phrase>
+- </para>
+- </listitem>
+- </varlistentry>
+- <varlistentry>
+- <term>sulogin</term>
+- <listitem>
+- <para>
+- ENV_HZ
+- <phrase condition="no_pam">ENV_TZ</phrase>
+- </para>
+- </listitem>
+- </varlistentry>
+ <varlistentry>
+ <term>useradd</term>
+ <listitem>
+@@ -486,24 +364,6 @@
+ </para>
+ </listitem>
+ </varlistentry>
+- <varlistentry>
+- <term>usermod</term>
+- <listitem>
+- <para>
+- LASTLOG_UID_MAX
+- MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP
+- <phrase condition="tcb">TCB_SYMLINKS USE_TCB</phrase>
+- </para>
+- </listitem>
+- </varlistentry>
+- <varlistentry condition="tcb">
+- <term>vipw</term>
+- <listitem>
+- <para>
+- <phrase condition="tcb">USE_TCB</phrase>
+- </para>
+- </listitem>
+- </varlistentry>
+ </variablelist>
+ </refsect1>
+
+--
+2.43.2
+
diff --git a/srcpkgs/shadow/patches/0003-Add-Arch-Linux-defaults-for-login.defs.patch b/srcpkgs/shadow/patches/0003-Add-Arch-Linux-defaults-for-login.defs.patch
new file mode 100644
index 00000000000000..e8b5885d1250bf
--- /dev/null
+++ b/srcpkgs/shadow/patches/0003-Add-Arch-Linux-defaults-for-login.defs.patch
@@ -0,0 +1,55 @@
+From 7eb2d0b9eff128c404ef7a6d07aa597ac9ca2d84 Mon Sep 17 00:00:00 2001
+From: David Runge <dvzrv@archlinux.org>
+Date: Mon, 31 Oct 2022 10:10:22 +0100
+Subject: [PATCH 3/3] Add Arch Linux defaults for login.defs
+
+etc/login.defs:
+- Change `ENV_SUPATH` and `ENV_SUPATH` to only use
+ /usr/local/sbin:/usr/local/bin:/usr/bin as Arch Linux is a /usr and
+ bin merge distribution.
+- Set `HOME_MODE` to `0700` to be able to rely on a `UMASK` of `022`
+ while creating home directories in a privacy conserving manner.
+- Change SYS_UID_MIN and SYS_GID_MIN to 500 which gives more space for
+ distribution added UIDs and GIDs of system users.
+- Change ENCRYPT_METHOD to YESCRYPT as it is a safer hashing algorithm
+ than DES.
+---
+ etc/login.defs | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/etc/login.defs b/etc/login.defs
+index 797ca6b3..c4accbf8 100644
+--- a/etc/login.defs
++++ b/etc/login.defs
+@@ -55,8 +55,8 @@ HUSHLOGIN_FILE .hushlogin
+ # *REQUIRED* The default PATH settings, for superuser and normal users.
+ #
+ # (they are minimal, add the rest in the shell startup files)
+-ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin
+-ENV_PATH PATH=/bin:/usr/bin
++ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/bin
++ENV_PATH PATH=/usr/local/sbin:/usr/local/bin:/usr/bin
+
+ #
+ # Terminal permissions
+@@ -84,7 +84,7 @@ UMASK 022
+ # HOME_MODE is used by useradd(8) and newusers(8) to set the mode for new
+ # home directories.
+ # If HOME_MODE is not set, the value of UMASK is used to create the mode.
+-#HOME_MODE 0700
++HOME_MODE 0700
+
+ #
+ # Password aging controls:
+@@ -152,7 +152,7 @@ CHFN_RESTRICT rwh
+ # Note: If you use PAM, it is recommended to use a value consistent with
+ # the PAM modules configuration.
+ #
+-#ENCRYPT_METHOD DES
++ENCRYPT_METHOD YESCRYPT
+
+ #
+ # Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
+--
+2.43.2
+
diff --git a/srcpkgs/shadow/patches/fix-undefined-reference.patch b/srcpkgs/shadow/patches/fix-undefined-reference.patch
new file mode 100644
index 00000000000000..4a3e742b9837b7
--- /dev/null
+++ b/srcpkgs/shadow/patches/fix-undefined-reference.patch
@@ -0,0 +1,19 @@
+--- a/lib/alloc.h
++++ b/lib/alloc.h
+@@ -84,14 +84,14 @@
+ }
+
+
+-inline void *
++static inline void *
+ mallocarray(size_t nmemb, size_t size)
+ {
+ return reallocarray(NULL, nmemb, size);
+ }
+
+
+-inline void *
++static inline void *
+ reallocarrayf(void *p, size_t nmemb, size_t size)
+ {
+ void *q;
diff --git a/srcpkgs/shadow/patches/shadow-strncpy-usage.patch b/srcpkgs/shadow/patches/shadow-strncpy-usage.patch
deleted file mode 100644
index c5564fffdc3852..00000000000000
--- a/srcpkgs/shadow/patches/shadow-strncpy-usage.patch
+++ /dev/null
@@ -1,23 +0,0 @@
---- a/src/usermod.c 2012-02-13 08:19:43.792146449 -0500
-+++ b/src/usermod.c 2012-02-13 08:21:19.375114500 -0500
-@@ -182,7 +182,7 @@
- struct tm *tp;
-
- if (date < 0) {
-- strncpy (buf, "never", maxsize);
-+ strncpy (buf, "never", maxsize - 1);
- } else {
- time_t t = (time_t) date;
- tp = gmtime (&t);
---- a/src/login.c 2012-02-13 08:19:50.951994454 -0500
-+++ b/src/login.c 2012-02-13 08:21:04.490430937 -0500
-@@ -752,7 +752,8 @@
- _("%s login: "), hostn);
- } else {
- strncpy (loginprompt, _("login: "),
-- sizeof (loginprompt));
-+ sizeof (loginprompt) - 1);
-+ loginprompt[sizeof (loginprompt) - 1] = '\0';
- }
-
- retcode = pam_set_item (pamh, PAM_USER_PROMPT, loginprompt);
diff --git a/srcpkgs/shadow/patches/useradd-defaults.patch b/srcpkgs/shadow/patches/useradd-defaults.patch
new file mode 100644
index 00000000000000..38035df40cfcab
--- /dev/null
+++ b/srcpkgs/shadow/patches/useradd-defaults.patch
@@ -0,0 +1,21 @@
+diff --git a/src/useradd.c b/src/useradd.c
+index 677ea5a636f..49f55211a17 100644
+--- a/src/useradd.c
++++ b/src/useradd.c
+@@ -87,14 +87,14 @@ const char *Prog;
+ /*
+ * These defaults are used if there is no defaults file.
+ */
+-static gid_t def_group = 1000;
++static gid_t def_group = 100;
+ static const char *def_groups = "";
+ static const char *def_gname = "other";
+ static const char *def_home = "/home";
+ static const char *def_shell = "/bin/bash";
+ static const char *def_template = SKEL_DIR;
+ static const char *def_usrtemplate = USRSKELDIR;
+-static const char *def_create_mail_spool = "yes";
++static const char *def_create_mail_spool = "no";
+ static const char *def_log_init = "yes";
+
+ static long def_inactive = -1;
diff --git a/srcpkgs/shadow/patches/xstrdup.patch b/srcpkgs/shadow/patches/xstrdup.patch
index 562febcf4164f1..f9de5f2e8bd7a2 100644
--- a/srcpkgs/shadow/patches/xstrdup.patch
+++ b/srcpkgs/shadow/patches/xstrdup.patch
@@ -1,9 +1,10 @@
---- a/libmisc/xmalloc.c 2008-08-30 21:55:44.000000000 -0500
-+++ b/libmisc/xmalloc.c.new 2008-08-30 21:55:36.000000000 -0500
-@@ -61,5 +61,6 @@
-
- char *xstrdup (const char *str)
+--- a/lib/alloc.h
++++ b/lib/alloc.h
+@@ -108,6 +108,7 @@ reallocarrayf(void *p, size_t nmemb, size_t size)
+ inline char *
+ xstrdup(const char *str)
{
-+ if(str == NULL) return NULL;
- return strcpy (xmalloc (strlen (str) + 1), str);
++ if (str == NULL) return NULL;
+ return strcpy(XMALLOC(strlen(str) + 1, char), str);
}
+
diff --git a/srcpkgs/shadow/template b/srcpkgs/shadow/template
index c7ece33540c9a0..c7cdec783bf7a8 100644
--- a/srcpkgs/shadow/template
+++ b/srcpkgs/shadow/template
@@ -1,23 +1,35 @@
# Template file for 'shadow'
pkgname=shadow
-version=4.8.1
-revision=3
+version=4.14.5
+revision=1
build_style=gnu-configure
-configure_args="--bindir=/usr/bin --sbindir=/usr/bin
- --enable-shared --disable-static
- --with-libpam --without-selinux --with-acl --with-attr --without-su
- --disable-nls --enable-subordinate-ids --disable-account-tools-setuid
+configure_args="--bindir=/usr/bin --sbindir=/usr/bin --libdir=/usr/lib
+ --enable-shared --disable-static --enable-lastlog --with-libpam --with-yescrypt
+ --without-selinux --with-acl --with-attr --without-su --disable-nls
+ --enable-subordinate-ids --disable-account-tools-setuid
--with-group-name-max-length=32"
-hostmakedepends="libtool"
-makedepends="acl-devel pam-devel"
+hostmakedepends="libtool pkg-config"
+makedepends="acl-devel pam-devel libbsd-devel"
depends="pam"
short_desc="Shadow password file utilities"
maintainer="Enno Boland <gottox@voidlinux.org>"
license="BSD-3-Clause"
homepage="https://github.com/shadow-maint/shadow"
distfiles="${homepage}/releases/download/${version}/shadow-${version}.tar.xz"
-checksum=a3ad4630bdc41372f02a647278a8c3514844295d36eefe68ece6c3a641c1ae62
-conf_files="/etc/pam.d/* /etc/default/* /etc/login.defs"
+checksum=cba74bc7b05d89c015afe23131f9159ece38779d40a8af4cf162852e6e85ca23
+conf_files="
+ /etc/pam.d/chage
+ /etc/pam.d/chgpasswd
+ /etc/pam.d/chpasswd
+ /etc/pam.d/groupadd
+ /etc/pam.d/groupdel
+ /etc/pam.d/groupmems
+ /etc/pam.d/groupmod
+ /etc/pam.d/newusers
+ /etc/pam.d/passwd
+ /etc/pam.d/useradd
+ /etc/pam.d/userdel
+ /etc/pam.d/usermod"
if [ "$XBPS_TARGET_LIBC" = "glibc" ]; then
makedepends+=" libxcrypt-devel"
@@ -32,14 +44,16 @@ pre_configure() {
do_build() {
# Don't install groups(1), we use the one from coreutils.
- sed -i 's/groups$(EXEEXT) //' src/Makefile
- for f in $(find man -name Makefile); do
+ sed -i 's/groups$(EXEEXT) //' src/Makefile.in
+ for f in $(find man -name Makefile.in); do
sed -i 's/groups\.1 / /' $f
done
make ${makejobs}
}
post_install() {
+ make -C man DESTDIR="$DESTDIR" install-man
+
mv ${DESTDIR}/usr/sbin/* ${DESTDIR}/usr/bin
# Install our pam files not the ones supplied with shadow.
@@ -51,14 +65,6 @@ post_install() {
groupmod newusers useradd userdel usermod; do
install -m644 $DESTDIR/etc/pam.d/chage $DESTDIR/etc/pam.d/${f}
done
- install -m644 ${FILESDIR}/login.defs ${DESTDIR}/etc
-
- # Disable creating mailbox files by default.
- sed -i -e 's/yes/no/' $DESTDIR/etc/default/useradd
- # Change default group to the users gid (100).
- sed -i -e 's/^\(GROUP\)=\(.*\)$/\1=100/' ${DESTDIR}/etc/default/useradd
-
- chmod 644 ${DESTDIR}/etc/default/useradd
# Install the cron daily job.
install -Dm744 ${FILESDIR}/shadow.cron-daily \
next prev parent reply other threads:[~2024-02-24 17:38 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-18 12:12 [PR PATCH] " dataCobra
2024-02-18 12:22 ` [PR PATCH] [Updated] " dataCobra
2024-02-18 12:45 ` dataCobra
2024-02-18 13:00 ` dataCobra
2024-02-18 13:34 ` dataCobra
2024-02-19 21:25 ` [PR REVIEW] " dkwo
2024-02-19 21:26 ` dkwo
2024-02-19 21:27 ` dkwo
2024-02-19 22:08 ` dkwo
2024-02-19 22:10 ` dkwo
2024-02-20 9:10 ` [PR REVIEW] " dataCobra
2024-02-20 10:03 ` [PR PATCH] [Updated] " dataCobra
2024-02-20 10:05 ` dataCobra
2024-02-20 10:07 ` dataCobra
2024-02-20 14:21 ` [PR REVIEW] " dkwo
2024-02-20 14:21 ` dkwo
2024-02-20 14:23 ` dkwo
2024-02-20 15:11 ` [PR PATCH] [Updated] " dataCobra
2024-02-20 15:13 ` dataCobra
2024-02-20 15:14 ` dataCobra
2024-02-20 16:18 ` dkwo
2024-02-22 9:37 ` [PR REVIEW] " sgn
2024-02-22 10:01 ` dataCobra
2024-02-22 12:02 ` [PR PATCH] [Updated] " dataCobra
2024-02-22 13:44 ` dkwo
2024-02-22 15:19 ` dataCobra
2024-02-24 17:38 ` dataCobra [this message]
2024-02-24 20:40 ` dkwo
2024-02-24 20:43 ` dkwo
2024-02-25 14:26 ` [PR PATCH] [Updated] " dataCobra
2024-02-25 14:31 ` dataCobra
2024-02-25 14:31 ` dataCobra
2024-02-25 16:00 ` dkwo
2024-03-06 16:23 ` dkwo
2024-03-09 12:39 ` [PR REVIEW] " alejandro-colomar
2024-03-09 12:44 ` alejandro-colomar
2024-03-09 12:50 ` [PR REVIEW] " alejandro-colomar
2024-03-09 12:50 ` alejandro-colomar
2024-03-09 12:52 ` alejandro-colomar
2024-03-09 13:01 ` alejandro-colomar
2024-03-09 13:02 ` alejandro-colomar
2024-03-09 18:00 ` dkwo
2024-03-09 18:04 ` [PR REVIEW] " dkwo
2024-03-09 18:10 ` alejandro-colomar
2024-03-09 18:26 ` alejandro-colomar
2024-03-09 18:27 ` alejandro-colomar
2024-03-09 18:28 ` alejandro-colomar
2024-03-10 15:39 ` dataCobra
2024-03-22 19:03 ` [PR PATCH] [Updated] " dataCobra
2024-03-22 19:05 ` dataCobra
2024-03-22 19:09 ` dataCobra
2024-03-22 22:52 ` shadow: update to 4.15.0 dkwo
2024-03-22 23:12 ` alejandro-colomar
2024-03-22 23:13 ` alejandro-colomar
2024-03-24 19:40 ` dataCobra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240224173843.9BE89238DF@inbox.vuxu.org \
--to=datacobra@users.noreply.github.com \
--cc=ml@inbox.vuxu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).