diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2020-05-08 21:25:24 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2020-05-09 08:59:52 +0200 |
commit | 04ebdce888955069ae2288597a2e50339eda3f4b (patch) | |
tree | 271c1bb47037cabcc3139d95e17120058dd8c4fa /source/a/shadow | |
parent | 7f9672ea573b02b2665782f9760d8c38b83c46e9 (diff) | |
download | current-04ebdce888955069ae2288597a2e50339eda3f4b.tar.gz current-04ebdce888955069ae2288597a2e50339eda3f4b.tar.xz |
Fri May 8 21:25:24 UTC 202020200508212524
a/shadow-4.8.1-x86_64-6.txz: Rebuilt.
Include manpages for sulogin(8).
a/util-linux-2.35.1-x86_64-5.txz: Rebuilt.
ap/sysstat-12.3.3-x86_64-1.txz: Upgraded.
d/bison-3.6-x86_64-1.txz: Upgraded.
l/jansson-2.13.1-x86_64-1.txz: Upgraded.
n/NetworkManager-1.24.0-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.5-x86_64-1.txz: Upgraded.
testing/packages/PAM/shadow-4.8.1-x86_64-6_pam.txz: Rebuilt.
Include manpages for sulogin(8).
Use this version of /bin/su.
testing/packages/PAM/util-linux-2.35.1-x86_64-5_pam.txz: Rebuilt.
Don't use this version of /bin/su.
Diffstat (limited to 'source/a/shadow')
-rw-r--r-- | source/a/shadow/doinst.sh | 2 | ||||
-rw-r--r-- | source/a/shadow/pam.d-su/su | 11 | ||||
-rw-r--r-- | source/a/shadow/pam.d-su/su-l | 6 | ||||
-rwxr-xr-x | source/a/shadow/shadow.SlackBuild | 28 |
4 files changed, 40 insertions, 7 deletions
diff --git a/source/a/shadow/doinst.sh b/source/a/shadow/doinst.sh index 98c8a92c5..28d3a436e 100644 --- a/source/a/shadow/doinst.sh +++ b/source/a/shadow/doinst.sh @@ -34,7 +34,7 @@ rm -f var/log/faillog.new if [ -r etc/login.access.new ]; then config etc/login.access.new fi -for configfile in chage.new chgpasswd.new chpasswd.new groupadd.new groupdel.new groupmems.new groupmod.new newusers.new other.new passwd.new postlogin.new system-auth.new useradd.new userdel.new usermod.new ; do +for configfile in chage.new chgpasswd.new chpasswd.new groupadd.new groupdel.new groupmems.new groupmod.new newusers.new other.new passwd.new postlogin.new su.new su-l.new system-auth.new useradd.new userdel.new usermod.new ; do if [ -r etc/pam.d/$configfile ]; then config etc/pam.d/$configfile fi diff --git a/source/a/shadow/pam.d-su/su b/source/a/shadow/pam.d-su/su new file mode 100644 index 000000000..c28a252ad --- /dev/null +++ b/source/a/shadow/pam.d-su/su @@ -0,0 +1,11 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +# Uncomment the following line to implicitly trust users in the "wheel" group. +#auth sufficient pam_wheel.so trust use_uid +# Uncomment the following line to require a user to be in the "wheel" group. +#auth required pam_wheel.so use_uid +auth include system-auth +account include system-auth +password include system-auth +session include system-auth +session optional pam_xauth.so diff --git a/source/a/shadow/pam.d-su/su-l b/source/a/shadow/pam.d-su/su-l new file mode 100644 index 000000000..654dc24ed --- /dev/null +++ b/source/a/shadow/pam.d-su/su-l @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth include su +account include su +password include su +session optional pam_keyinit.so force revoke +session include su diff --git a/source/a/shadow/shadow.SlackBuild b/source/a/shadow/shadow.SlackBuild index bf399b27a..c7c33a836 100755 --- a/source/a/shadow/shadow.SlackBuild +++ b/source/a/shadow/shadow.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=shadow VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-5} +BUILD=${BUILD:-6} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -74,9 +74,13 @@ cd shadow-$VERSION if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then PAM_OPTIONS="--with-libpam" unset SHADOW_OPTIONS + # By default, use the shadow version of /bin/su: + SHIP_SU=${SHIP_SU:-YES} else unset PAM_OPTIONS SHADOW_OPTIONS="--enable-shadowgrp --without-libcrack" + # By default, use the shadow version of /bin/su: + SHIP_SU=${SHIP_SU:-YES} fi # Apply some patches taken from the svn trunk that @@ -151,12 +155,9 @@ mv $PKG/usr/sbin/nologin $PKG/sbin/nologin if [ ! -z "$PAM_OPTIONS" ]; then # Don't ship the login utilities. We'll be using the ones from util-linux: - for file in /bin/login /bin/su /sbin/runuser /usr/bin/chfn /usr/bin/chsh \ + for file in /bin/login /sbin/runuser /usr/bin/chfn /usr/bin/chsh \ /usr/man/man1/chfn.1.gz /usr/man/man1/chsh.1.gz /usr/man/man1/login.1.gz \ - /usr/man/man1/runuser.1.gz /usr/man/man1/su.1.gz \ - /usr/share/bash-completion/completions/chfn \ - /usr/share/bash-completion/completions/chsh \ - /usr/share/bash-completion/completions/su ; do + /usr/man/man1/runuser.1.gz ; do rm -f $PKG${file} done # Install config files in /etc/pam.d/. We'll use our own copies... I'm not @@ -166,6 +167,9 @@ if [ ! -z "$PAM_OPTIONS" ]; then for file in $CWD/pam.d/* ; do cp -a ${file} $PKG/etc/pam.d/ done + if [ "$SHIP_SU" = "YES" ]; then + cp -a $CWD/pam.d-su/* $PKG/etc/pam.d/ + fi # Ensure correct perms/ownership on files in /etc/pam.d/: chown root:root $PKG/etc/pam.d/* chmod 644 $PKG/etc/pam.d/* @@ -181,6 +185,13 @@ else # not using PAM zcat $CWD/login.defs.shadow.gz > $PKG/etc/login.defs.new fi +# If we aren't using this version of su, remove the files: +if [ "$SHIP_SU" = "NO" ]; then + rm $PKG/bin/su + find $PKG/usr/man -name su.1 | xargs rm + find $PKG/usr/man -name suauth.5 | xargs rm +fi + # /bin/groups is provided by coreutils. rm -f $PKG/bin/groups find $PKG -name groups.1 -exec rm {} \+ @@ -196,6 +207,11 @@ chmod 0755 $PKG/usr/sbin/adduser # Add sulogin to the package: cp -a src/sulogin $PKG/sbin ( cd $PKG/bin ; ln -s ../sbin/sulogin ) +cp -a ./man/zh_CN/man8/sulogin.8 $PKG/usr/man/zh_CN/man8/sulogin.8 || exit 1 +cp -a ./man/ru/man8/sulogin.8 $PKG/usr/man/ru/man8/sulogin.8 || exit 1 +cp -a ./man/de/man8/sulogin.8 $PKG/usr/man/de/man8/sulogin.8 || exit 1 +cp -a ./man/ja/man8/sulogin.8 $PKG/usr/man/ja/man8/sulogin.8 || exit 1 +cp -a ./man/man8/sulogin.8 $PKG/usr/man/man8/sulogin.8 || exit 1 # Add the empty faillog log file: mkdir -p $PKG/var/log |