#!/bin/bash ulimit -s unlimited shopt -s extglob # shadow.SlackBuild # # Copyright 2005-2025 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is # permitted provided that the following conditions are met: # # 1. Redistributions of this script must retain the above copyright # notice, this list of conditions and the following disclaimer. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO # EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, # PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; # OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # Record toolchain & other info for the build log: slackbuildinfo # Paths to skeleton port's source & real Slackware source tree: slackset_var_cwds # Temporary build locations: export TMPBUILD=$TMP/build-$PKGNAM export PKG=$TMP/package-$PKGNAM mkpkgdirs # Delete & re-create temporary directories then cd into $TMPBUILD # Extract source: tar xf $CWD/$PKGNAM-$VERSION.tar.!(*sign|*asc|*sig) cd $PKGNAM-$VERSION || failextract slackhousekeeping # Apply some patches taken from the svn trunk that # fix some of the more serious bugs in 4.1.4.3: for patch in $CWD/patches/*.diff.gz ; do zcat $patch | patch -p0 --verbose || exit 1 done # Relax the restrictions on "su -c" when it is used to become root. # It's not likely that root is going to try to inject commands back into # the user's shell to hack it, and the unnecessary restriction is causing # breakage: zcat $CWD/shadow.CVE-2005-4890.relax.diff.gz | patch -p1 --verbose || exit 1 # Even if gethostname() returns the FQDN (long hostname), just display the # short version up to the first '.' on the login prompt: zcat $CWD/shadow.login.display.short.hostname.diff.gz | patch -p1 --verbose || exit 1 # Add missing file: if [ ! -r man/login.defs.d/HOME_MODE.xml ]; then zcat $CWD/HOME_MODE.xml.gz > man/login.defs.d/HOME_MODE.xml fi # Choose correct options depending on whether PAM is installed: if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then PAM_OPTIONS="--with-libpam" unset SHADOW_OPTIONS # By default, use the shadow version of /bin/su: SHIP_SU=${SHIP_SU:-YES} else unset PAM_OPTIONS SHADOW_OPTIONS="--enable-shadowgrp --without-libcrack" # By default, use the shadow version of /bin/su: SHIP_SU=${SHIP_SU:-YES} fi # Configure: slack_autotoolsprep CFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ --sysconfdir=/etc \ --mandir=/usr/man \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --sbindir=/usr/sbin \ --bindir=/usr/bin \ --docdir=/usr/doc/shadow-$VERSION \ --enable-lastlog \ --enable-man \ --disable-shared \ --disable-logind \ --with-group-name-max-length=32 \ --with-libbsd=no \ --enable-subordinate-ids \ $SHADOW_OPTIONS \ $PAM_OPTIONS \ --build=${SLK_ARCH_BUILD} || failconfig # Build: make $NUMJOBS || make || failmake # Install into package framework: make install DESTDIR=$PKG || failinstall # Fix user group = 100: mkdir -vpm755 $PKG/etc/default zcat $CWD/useradd.gz > $PKG/etc/default/useradd mv -fv $PKG/etc/default/useradd $PKG/etc/default/useradd.new # Put some stuff back in "old" locations and make symlinks for compat mkdir -p $PKG/bin $PKG/sbin ( cd $PKG/usr/bin mv groups ../../bin mv login ../../bin mv su ../../bin mv faillog ../sbin mv lastlog ../sbin ln -s ../sbin/faillog ln -s ../sbin/lastlog ) mv -fv $PKG/usr/sbin/nologin $PKG/sbin/nologin if [ ! -z "$PAM_OPTIONS" ]; then # Don't ship the login utilities. We'll be using the ones from util-linux: for file in /bin/login /sbin/runuser /usr/bin/chfn /usr/bin/chsh ; do rm -fv $PKG${file} done # Also remove the man pages for the above utilities: for manpage in chfn.1 chsh.1 login.1 runuser.1 ; do find $PKG/usr/man -name $manpage -exec rm -f "{}" \; done # Install config files in /etc/pam.d/. We'll use our own copies... I'm not # sure that I trust upstream enough to let them handle this stuff. rm -rf $PKG/etc/pam.d mkdir -p $PKG/etc/pam.d for file in $CWD/pam.d/* ; do cp -fav ${file} $PKG/etc/pam.d/ done if [ "$SHIP_SU" = "YES" ]; then cp -fav $CWD/pam.d-su/* $PKG/etc/pam.d/ fi # Ensure correct perms/ownership on files in /etc/pam.d/: chown root:root $PKG/etc/pam.d/* chmod 644 $PKG/etc/pam.d/* # Don't clobber existing config files: find $PKG/etc/pam.d -type f -exec mv {} {}.new \; # Install a login.defs with unsurprising defaults: rm -f $PKG/etc/login.defs zcat $CWD/login.defs.pam.gz > $PKG/etc/login.defs.new else # not using PAM mv $PKG/etc/login.access $PKG/etc/login.access.new # Install a login.defs with unsurprising defaults: rm -f $PKG/etc/login.defs zcat $CWD/login.defs.shadow.gz > $PKG/etc/login.defs.new fi # If we aren't using this version of su, remove the files: if [ "$SHIP_SU" = "NO" ]; then rm -fv $PKG/bin/su find $PKG/usr/man -name su.1 | xargs rm find $PKG/usr/man -name suauth.5 | xargs rm fi # /bin/groups is provided by coreutils. rm -f $PKG/bin/groups find $PKG -name groups.1 -exec rm {} \; # /etc/suauth doesn't work with PAM, even if configure.ac is hacked to try # to turn the feature on, so remove the man pages if we're using PAM: if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then find $PKG/usr/man -name suauth.5 | xargs rm fi # I don't think this works well enough to recommend it. #mv $PKG/etc/limits $PKG/etc/limits.new rm -f $PKG/etc/limits # Add the friendly 'adduser' script: cat $CWD/adduser > $PKG/usr/sbin/adduser chmod 0755 $PKG/usr/sbin/adduser # Add sulogin to the package: cp -a src/sulogin $PKG/sbin ( cd $PKG/bin ; ln -s ../sbin/sulogin ) cp -a ./man/zh_CN/man8/sulogin.8 $PKG/usr/man/zh_CN/man8/sulogin.8 || exit 1 cp -a ./man/ru/man8/sulogin.8 $PKG/usr/man/ru/man8/sulogin.8 || exit 1 cp -a ./man/de/man8/sulogin.8 $PKG/usr/man/de/man8/sulogin.8 || exit 1 cp -a ./man/ja/man8/sulogin.8 $PKG/usr/man/ja/man8/sulogin.8 || exit 1 cp -a ./man/man8/sulogin.8 $PKG/usr/man/man8/sulogin.8 || exit 1 # Add the empty faillog log file: mkdir -p $PKG/var/log touch $PKG/var/log/faillog.new # Fixup a few permissions: # Use 4711 rather than 4755 permissions where setuid root is required: find $PKG -type f -perm 4755 -exec chmod 4711 "{}" \; # Copy docs: mkdir -p $PKG/usr/doc/shadow-$VERSION cp -a \ COPYING* NEWS README* TODO doc/{README*,HOWTO,WISHLIST,*.txt} \ $PKG/usr/doc/shadow-$VERSION changelogliposuction ChangeLog $PKGNAM $VERSION # Trim down a "ChangeLog" file # Apply generic Slackware packaging policies: cd $PKG slackstripall # strip all .a archives and all ELFs slack_delete_lafiles # delete usr/lib{,64}/*.la #slackstriprpaths # strip rpaths slackgzpages -i # compress man & info pages and delete usr/info/dir slack644docs # set doc file permissions to 644 # Don't do this because we set permissions above. #slackslack # chown -R root:root, chmod -R og-w, slackchown, slack644docs slackdesc # install slack-desc and doinst.sh slackmp # run makepkg -l y -c n # Perform any final checks on the package: cd $PKG slackhlinks # search for any hard links