shadow 4.15.1-1

PKGBUILD

@@ -0,0 +1,136 @@
+# This is an example PKGBUILD file. Use this as a start to creating your own,
+# and remove these comments. For more information, see 'man PKGBUILD'.
+# NOTE: Please fill out the license field for your package! If it is unknown,
+# then please put 'unknown'.
+
+# Maintainer: Future Linux Team <future_linux@163.com>
+pkgname=shadow
+pkgver=4.15.1
+pkgrel=1
+pkgdesc="Password and account management tool suite with support for shadow files and PAM"
+arch=('x86_64')
+url="https://github.com/shadow-maint/shadow/"
+license=('BSD-3-Clause')
+groups=('base')
+depends=('glibc' 'attr' 'acl' 'libxcrypt'  'linux-pam'
+	'cracklib' 'libpwquality' 'libcap')
+backup=(etc/default/useradd
+	etc/pam.d/login
+	etc/pam.d/passwd
+	etc/pam.d/su
+	etc/pam.d/chpasswd
+	etc/pam.d/newusers
+	etc/pam.d/chage)
+options=('!emptydirs')
+install=${pkgname}.install
+source=(https://github.com/shadow-maint/shadow/releases/download/${pkgver}/${pkgname}-${pkgver}.tar.xz
+	chage
+	chpasswd
+	login
+	passwd
+	su)
+sha256sums=(bb5f70639a0581f9d626f227ce45b31ac137daa7c451c0f672ce14f2731a96ee
+	656fc19e0e36740399f9d10773ac30254b48d5327aaddd89f47127acf99ccfb5
+	fbaed8b9d2bad9278da32f6747491ef291b332d0f977009aadb993436b2084c9
+	216eb2abc095566afa0ed5394f5b32765d3e3b63295c0e972ecd8ebda1a734d2
+	586820a13a54e92023ad3aa5dbf2ee4e2cfe470996ebb9ee5433e60abd5d8c01
+	f0182f4cf929c6adb5e13e8691787a8778828f5ea18911b7b7febb3e1b138c54)
+
+prepare() {
+	cd ${pkgname}-${pkgver}
+
+	sed -i 's@DICTPATH.*@DICTPATH\t/lib/cracklib/pw_dict@' etc/login.defs
+
+	sed -i 's/groups$(EXEEXT) //' src/Makefile.in
+	find man -name Makefile.in -exec sed -i 's/groups\.1 / /'   {} \;
+	find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \;
+	find man -name Makefile.in -exec sed -i 's/passwd\.5 / /'   {} \;
+
+	sed -e 's:#ENCRYPT_METHOD DES:ENCRYPT_METHOD YESCRYPT:' \
+	    -e 's:/var/spool/mail:/var/mail:'                   \
+	    -e '/PATH=/{s@/sbin:@@;s@/bin:@@}'                  \
+	    -i etc/login.defs
+}
+
+build() {
+	cd ${pkgname}-${pkgver}
+
+	export CFLAGS="${CFLAGS} -DEXTRA_CHECK_HOME_DIR"
+
+	${CONFIGURE}                 \
+		--sysconfdir=/etc    \
+		--bindir=/usr/bin    \
+		--sbindir=/usr/sbin  \
+		--disable-static     \
+		--without-libbsd     \
+		--with-libpam        \
+		--with-libcrack      \
+		--with-{b,yes}crypt  \
+		--with-group-name-max-length=32
+
+	sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool
+	make
+}
+
+package() {
+	cd ${pkgname}-${pkgver}
+
+	make DESTDIR=${pkgdir} pamddir= install
+	make -C man DESTDIR=${pkgdir} install-man
+
+	install -vdm755 ${pkgdir}/etc/default
+	cat > ${pkgdir}/etc/default/useradd << EOF
+# useradd defaults file
+GROUP=999
+GROUPS=
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SHELL=/bin/bash
+SKEL=/etc/skel
+USRSKEL=/usr/etc/skel
+CREATE_MAIL_SPOOL=yes
+LOG_INIT=yes
+EOF
+
+	install -v -m644 ${pkgdir}/etc/login.defs ${pkgdir}/etc/login.defs.orig
+	for FUNCTION in FAIL_DELAY       \
+		FAILLOG_ENAB             \
+		LASTLOG_ENAB             \
+		MAIL_CHECK_ENAB          \
+		LASTLOG_ENAB             \
+		MAIL_CHECK_ENAB          \
+		OBSCURE_CHECKS_ENAB      \
+		PORTTIME_CHECKS_ENAB     \
+		QUOTAS_ENAB              \
+		OBSCURE_CHECKS_ENAB      \
+		PORTTIME_CHECKS_ENAB     \
+		QUOTAS_ENAB              \
+		CONSOLE MOTD_FILE        \
+		FTMP_FILE NOLOGINS_FILE  \
+		ENV_HZ PASS_MIN_LEN      \
+		SU_WHEEL_ONLY            \
+		CRACKLIB_DICTPATH        \
+		PASS_CHANGE_TRIES        \
+		PASS_ALWAYS_WARN         \
+		CHFN_AUTH ENCRYPT_METHOD \
+		ENVIRON_FILE
+	do
+		sed -i "s/^${FUNCTION}/# &/" ${pkgdir}/etc/login.defs
+	done
+
+	install -vdm755 ${pkgdir}/etc/pam.d
+	for F in chage chpasswd login passwd su
+	do
+		install -vm644 ${srcdir}/${F} ${pkgdir}/etc/pam.d/
+	done
+
+	sed -e s/chpasswd/newusers/ ${pkgdir}/etc/pam.d/chpasswd >${pkgdir}/etc/pam.d/newusers
+
+	for PROGRAM in chfn chgpasswd chsh groupadd groupdel \
+		groupmems groupmod useradd userdel usermod
+	do
+		install -v -m644 ${pkgdir}/etc/pam.d/chage ${pkgdir}/etc/pam.d/${PROGRAM}
+		sed -i "s/chage/$PROGRAM/" ${pkgdir}/etc/pam.d/${PROGRAM}
+	done
+}

chage

@@ -0,0 +1,10 @@
+# Begin /etc/pam.d/chage
+
+# always allow root
+auth      sufficient  pam_rootok.so
+
+# include system auth and account settings
+auth      include     system-auth
+account   include     system-account
+
+# End /etc/pam.d/chage

chpasswd

@@ -0,0 +1,11 @@
+# Begin /etc/pam.d/chpasswd
+
+# always allow root
+auth      sufficient  pam_rootok.so
+
+# include system auth and account settings
+auth      include     system-auth
+account   include     system-account
+password  include     system-password
+
+# End /etc/pam.d/chpasswd

login

@@ -0,0 +1,42 @@
+# Begin /etc/pam.d/login
+
+# Set failure delay before next prompt to 3 seconds
+auth      optional    pam_faildelay.so  delay=3000000
+
+# Check to make sure that the user is allowed to login
+auth      requisite   pam_nologin.so
+
+# Check to make sure that root is allowed to login
+# Disabled by default. You will need to create /etc/securetty
+# file for this module to function. See man 5 securetty.
+#auth      required    pam_securetty.so
+
+# Additional group memberships - disabled by default
+#auth      optional    pam_group.so
+
+# include system auth settings
+auth      include     system-auth
+
+# check access for the user
+account   required    pam_access.so
+
+# include system account settings
+account   include     system-account
+
+# Set default environment variables for the user
+session   required    pam_env.so
+
+# Set resource limits for the user
+session   required    pam_limits.so
+
+# Display the message of the day - Disabled by default
+#session   optional    pam_motd.so
+
+# Check user's mail - Disabled by default
+#session   optional    pam_mail.so      standard quiet
+
+# include system session and password settings
+session   include     system-session
+password  include     system-password
+
+# End /etc/pam.d/login

passwd

@@ -0,0 +1,5 @@
+# Begin /etc/pam.d/passwd
+
+password  include     system-password
+
+# End /etc/pam.d/passwd

shadow.install

@@ -0,0 +1,16 @@
+# This is a default template for a post-install scriptlet.
+# Uncomment only required functions and remove any functions
+# you don't need (and this header).
+
+post_install() {
+	if [ ! -e etc/gshadow ]; then
+		usr/sbin/grpconv
+	fi
+	if [ ! -e etc/shadow ]; then
+		usr/sbin/pwconv
+	fi
+}
+
+post_upgrade() {
+	post_install
+}

su

@@ -0,0 +1,26 @@
+# Begin /etc/pam.d/su
+
+# always allow root
+auth      sufficient  pam_rootok.so
+
+# Allow users in the wheel group to execute su without a password
+# disabled by default
+#auth      sufficient  pam_wheel.so trust use_uid
+
+# include system auth settings
+auth      include     system-auth
+
+# limit su to users in the wheel group
+# disabled by default
+#auth      required    pam_wheel.so use_uid
+
+# include system account settings
+account   include     system-account
+
+# Set default environment variables for the service user
+session   required    pam_env.so
+
+# include system session settings
+session   include     system-session
+
+# End /etc/pam.d/su