#!/bin/sh # Copyright 2005-2014 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is # permitted provided that the following conditions are met: # # 1. Redistributions of this script must retain the above copyright # notice, this list of conditions and the following disclaimer. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO # EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, # PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; # OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PKGNAM=shadow VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in i?86) export ARCH=i486 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi NUMJOBS=${NUMJOBS:--j6} CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-shadow if [ "$ARCH" = "i486" ]; then SLKCFLAGS="-O2 -march=i486 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then SLKCFLAGS="-O2 -fPIC" else SLKCFLAGS="-O2" fi rm -rf $PKG mkdir -p $TMP $PKG cd $TMP rm -rf shadow-$VERSION tar xvf $CWD/shadow-$VERSION.tar.xz || exit 1 cd shadow-$VERSION # Apply some patches taken from the svn trunk that # fix some of the more serious bugs in 4.1.4.3: for patch in $CWD/patches/*.diff.gz ; do zcat $patch | patch -p0 --verbose || exit 1 done # Relax the restrictions on "su -c" when it is used to become root. # It's not likely that root is going to try to inject commands back into # the user's shell to hack it, and the unnecessary restriction is causing # breakage: zcat $CWD/shadow.CVE-2005-4890.relax.diff.gz | patch -p1 --verbose || exit 1 # Re-run automake because of r3299 patch to man/ru/Makefile.am: # (not used because it doesn't work... above patch does the intended fix) #automake -f chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ -exec chmod 755 {} \; -o \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; # Don't require users to be in the 'wheel' group in order to use "su" patch -p1 < $CWD/pam/no-require-wheel-to-su.diff CFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ --sysconfdir=/etc \ --mandir=/usr/man \ --docdir=/usr/doc/shadow-$VERSION \ --enable-subordinate-ids \ --disable-shared \ --enable-shadowgrp \ --with-libpam \ --without-libcrack \ --build=$ARCH-slackware-linux # --enable-utmpx # defaults to 'no' make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 # Fix user group = 100: zcat $CWD/useradd.gz > $PKG/etc/default/useradd.new # not to use the default landed rm -f "${PKG}/etc/default/useradd" # /bin/groups is provided by coreutils. rm -f $PKG/bin/groups find $PKG -name groups.1 -exec rm {} \; # Install a login.defs with unsurprising defaults: rm -f $PKG/etc/login.defs zcat $CWD/login.defs.gz > $PKG/etc/login.defs.new mkdir -p $PKG/etc/pam.d/ cp "${CWD}/pam/other" "${CWD}/pam/system-auth" $PKG/etc/pam.d/ sed -i -e '/pam_console/d' -e '/selinux/d' $PKG/etc/pam.d/login # I don't think this works well enough to recommend it. #mv $PKG/etc/limits $PKG/etc/limits.new rm -f $PKG/etc/limits # Add the friendly 'adduser' script: cat $CWD/adduser > $PKG/usr/sbin/adduser chmod 0755 $PKG/usr/sbin/adduser # Add sulogin to the package: cp -a src/sulogin $PKG/sbin ( cd $PKG/bin ; ln -s ../sbin/sulogin ) # Add the empty faillog log file: mkdir -p $PKG/var/log touch $PKG/var/log/faillog.new # Put some stuff back in "old" locations and make symlinks for compat ( cd $PKG/usr/bin mv faillog ../sbin mv lastlog ../sbin ln -s ../sbin/faillog ln -s ../sbin/lastlog ) # Use 4711 rather than 4755 permissions where setuid root is required: find $PKG -type f -perm 4755 -exec chmod 4711 "{}" \; # Compress and if needed symlink the man pages: if [ -d $PKG/usr/man ]; then ( cd $PKG/usr/man for manpagedir in $(find . -type d -name "man*") ; do ( cd $manpagedir for eachpage in $( find . -type l -maxdepth 1) ; do ln -s $( readlink $eachpage ).gz $eachpage.gz rm $eachpage done gzip -9 *.? ) done ) fi mkdir -p $PKG/usr/doc/shadow-$VERSION cp -a \ COPYING* NEWS README* TODO doc/{README*,HOWTO,WISHLIST,*.txt} \ $PKG/usr/doc/shadow-$VERSION # If there's a ChangeLog, installing at least part of the recent history # is useful, but don't let it get totally out of control: if [ -r ChangeLog ]; then DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog touch -r ChangeLog $DOCSDIR/ChangeLog fi mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh # Don't clobber existing config files find $PKG/etc/pam.d -type f -exec mv {} {}.new \; ( cd $PKG for i in $(find etc/pam.d -type f -name "*.new") ; do echo "config $i" >> $PKG/install/doinst.sh ; done ) cd $PKG /sbin/makepkg -l y -c n $TMP/shadow-$VERSION-$ARCH-$BUILD.txz