# (cg) Certain binaries build in this package are no longer wanted or are now
# provided by other packages (e.g. coreutils, util-linux or passwd)
%define unwanted chfn chsh expiry groups login passwd porttime su suauth faillog logoutd nologin chgpasswd getspnam
# (cg) Some localised man pages are provided by the man-pages package rather
# than here so kill them off
# (Question: why?? See "urpmf share.*man.*/XXXX\\." where XXXX is one of the below)
%define unwanted_i18n_mans sg shadow
Name: shadow-utils
Version: 4.2.1
%define subrel 1
Release: %mkrel 6
Epoch: 2
Summary: Utilities for managing shadow password files and user/group accounts
License: BSD
Group: System/Base
URL: http://pkg-shadow.alioth.debian.org/
Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.xz
Source1: shadow-970616.login.defs
Source2: shadow-970616.useradd
Source3: adduser.8
Source4: pwunconv.8
Source5: grpconv.8
Source6: grpunconv.8
Source8: user-group-mod.pamd
Source9: chpasswd-newusers.pamd
Source10: chage-chfn-chsh.pamd
Patch2: shadow-4.1.5.1-rpmsave.patch
Patch4: shadow-4.1.4.2-dotinname.patch
Patch7: shadow-4.1.4.2-avx-owl-crypt_gensalt.patch
# (cg) This patch is disabled for now as newer shadow-utils seems or provide it's
# own tcb support....
Source1000: shadow-4.1.4.2-avx-owl-tcb.patch
Patch9: shadow-4.1.5.1-shadow_perms.patch
Patch10: shadow-4.1.5.1-tcb-build.patch
Patch11: shadow-4.2.1_suse_CVE-2016-6251_6252.patch
Patch14: shadow-4.4-CVE-2017-12424.patch
BuildRequires: gettext-devel
BuildRequires: automake
BuildRequires: pam-devel
BuildRequires: tcb-devel
BuildRequires: glibc-crypt_blowfish-devel
BuildRequires: pam_userpass-devel
Requires: tcb
Requires: setup >= 2.7.12-2
Requires: pam_userpass
Obsoletes: adduser, newgrp
Provides: adduser, newgrp
Provides: /usr/sbin/useradd
Provides: /usr/sbin/groupadd
Provides: /usr/sbin/userdel
Provides: /usr/sbin/groupdel
Conflicts: msec < 0.47
Conflicts: util-linux-ng < 2.13.1-6
%description
The shadow-utils package includes the necessary programs for
converting UNIX password files to the shadow password format, plus
programs for managing user and group accounts. The pwconv command
converts passwords to the shadow password format. The pwunconv command
unconverts shadow passwords and generates an npasswd file (a standard
UNIX password file). The pwck command checks the integrity of
password and shadow files. The lastlog command prints out the last
login times for all users. The useradd, userdel and usermod commands
are used for managing user accounts. The groupadd, groupdel and
groupmod commands are used for managing group accounts.
%prep
%setup -q -n shadow-%{version}
%autopatch -p1
%build
libtoolize --copy --force; aclocal; autoconf; automake --add-missing
%serverbuild
CFLAGS="%{optflags} -DSHADOWTCB -DEXTRA_CHECK_HOME_DIR" \
%configure \
--disable-shared \
--with-libpam \
--without-libcrack \
--with-group-name-max-length=32
%make_build
# because of the extra po file added manually
make -C po update-gmo
%install
%make_install gnulocaledir=%{buildroot}/%{_datadir}/locale MKINSTALLDIRS=`pwd`/mkinstalldirs
install -d -m 750 %{buildroot}%{_sysconfdir}/default
install -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/login.defs
install -m 0600 %{SOURCE2} %{buildroot}%{_sysconfdir}/default/useradd
ln -s useradd %{buildroot}%_sbindir/adduser
install -m644 %SOURCE3 %{buildroot}%_mandir/man8/
install -m644 %SOURCE4 %{buildroot}%_mandir/man8/
install -m644 %SOURCE5 %{buildroot}%_mandir/man8/
install -m644 %SOURCE6 %{buildroot}%_mandir/man8/
perl -pi -e "s/encrpted/encrypted/g" %{buildroot}%{_mandir}/man8/newusers.8
# add pam support files
rm -rf %{buildroot}/etc/pam.d/
mkdir -p %{buildroot}/etc/pam.d/
install -m 0600 %{SOURCE8} %{buildroot}/etc/pam.d/user-group-mod
install -m 0600 %{SOURCE9} %{buildroot}/etc/pam.d/chpasswd-newusers
install -m 0600 %{SOURCE10} %{buildroot}/etc/pam.d/chage-chfn-chsh
pushd %{buildroot}/etc/pam.d
for f in chpasswd newusers; do
ln -s chpasswd-newusers ${f}
done
for f in chage; do
# chfn and chsh are built without pam support in util-linux-ng
ln -s chage-chfn-chsh ${f}
done
for f in groupadd groupdel groupmod useradd userdel usermod; do
ln -s user-group-mod ${f}
done
popd
# (cg) Remove unwanted binaries (and their corresponding man pages)
for unwanted in %{unwanted}; do
rm -f %{buildroot}{%{_bindir},%{_sbindir}}/$unwanted
rm -f %{buildroot}%{_mandir}/{,{??,??_??}/}man*/$unwanted.[[:digit:]]*
done
# (cg) Remove man pages provided by the "man-pages" package...
for unwanted in %{unwanted_i18n_mans}; do
rm -f %{buildroot}%{_mandir}/{??,??_??}/man*/$unwanted.[[:digit:]]*
done
# (cg) Find all localised man pages
find %{buildroot}%{_mandir} -depth -type d -empty -delete
%find_lang shadow
for dir in $(ls -1d %{buildroot}%{_mandir}/{??,??_??}) ; do
dir=$(echo $dir | sed -e "s|^%{buildroot}||")
lang=$(basename $dir)
echo "%%lang($lang) $dir/man*/*" >> shadow.lang
done
%clean
rm -rf %{buildroot}
rm -rf build-$RPM_ARCH
%files -f shadow.lang
%doc doc/HOWTO NEWS
%doc doc/WISHLIST doc/README.platforms
%attr(0640,root,shadow) %config(noreplace) %{_sysconfdir}/login.defs
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/default/useradd
%{_bindir}/sg
%attr(2711,root,shadow) %{_bindir}/chage
%attr(4711,root,root) %{_bindir}/gpasswd
%attr(4711,root,root) %{_bindir}/newgidmap
%attr(4711,root,root) %{_bindir}/newgrp
%attr(4711,root,root) %{_bindir}/newuidmap
%{_bindir}/lastlog
%{_sbindir}/adduser
%{_sbindir}/user*
%{_sbindir}/group*
%{_sbindir}/grpck
%{_sbindir}/pwck
%{_sbindir}/*conv
%{_sbindir}/chpasswd
%{_sbindir}/newusers
%{_sbindir}/vipw
%{_sbindir}/vigr
%{_mandir}/man1/chage.1*
%{_mandir}/man1/newgidmap.1*
%{_mandir}/man1/newgrp.1*
%{_mandir}/man1/newuidmap.1*
%{_mandir}/man1/sg.1*
%{_mandir}/man1/gpasswd.1*
%{_mandir}/man3/shadow.3*
%{_mandir}/man5/gshadow.5*
%{_mandir}/man5/login.defs.5*
%{_mandir}/man5/shadow.5*
%{_mandir}/man5/subgid.5*
%{_mandir}/man5/subuid.5*
%{_mandir}/man8/adduser.8*
%{_mandir}/man8/group*.8*
%{_mandir}/man8/user*.8*
%{_mandir}/man8/pwck.8*
%{_mandir}/man8/grpck.8*
%{_mandir}/man8/chpasswd.8*
%{_mandir}/man8/newusers.8*
%{_mandir}/man8/vipw.8*
%{_mandir}/man8/vigr.8*
%{_mandir}/man8/*conv.8*
%{_mandir}/man8/lastlog.8*
%attr(640,root,shadow) %config(noreplace) /etc/pam.d/chage-chfn-chsh
/etc/pam.d/chage
%attr(640,root,shadow) %config(noreplace) /etc/pam.d/chpasswd-newusers
/etc/pam.d/chpasswd
/etc/pam.d/newusers
%attr(640,root,shadow) %config(noreplace) /etc/pam.d/user-group-mod
/etc/pam.d/useradd
/etc/pam.d/userdel
/etc/pam.d/usermod
/etc/pam.d/groupadd
/etc/pam.d/groupdel
/etc/pam.d/groupmod
%changelog
* Thu Dec 21 2017 mrambo3501 <mrambo3501> 2:4.2.1-6.1.mga5
+ Revision: 1183661
- add upstream patch to fix CVE-2017-12424 mga#22010
- add suse patch to fix CVE-2016-6251 and CVE-2016-6252
- modify default umask per bugs 18984 and 618
* Wed Oct 15 2014 umeabot <umeabot> 2:4.2.1-5.mga5
+ Revision: 741584
- Second Mageia 5 Mass Rebuild
* Tue Sep 16 2014 umeabot <umeabot> 2:4.2.1-4.mga5
+ Revision: 689130
- Mageia 5 Mass Rebuild
* Tue Sep 02 2014 colin <colin> 2:4.2.1-3.mga5
+ Revision: 670860
- Increase the group name length check from 16->32 (matches fedora)
* Sun Jul 27 2014 colin <colin> 2:4.2.1-2.mga5
+ Revision: 657627
- Switch system uid boundary to 1000+
* Wed May 14 2014 luigiwalser <luigiwalser> 2:4.2.1-1.mga5
+ Revision: 622794
- 4.2.1
- fix source URL
- explicitly list (and tighten) gpasswd permissions due to SUID
- add newgidmap and newuidmap commands to files list
- add newgidmap, newuidmap, subgid, and subuid man pages to files list
* Wed May 14 2014 luigiwalser <luigiwalser> 2:4.1.5.1-7.mga5
+ Revision: 622783
- do not accidentally delete login.defs man page (mga#13377)
* Fri Oct 18 2013 umeabot <umeabot> 2:4.1.5.1-6.mga4
+ Revision: 518318
- Mageia 4 Mass Rebuild
* Mon Jan 14 2013 umeabot <umeabot> 2:4.1.5.1-5.mga3
+ Revision: 381957
- Mass Rebuild - https://wiki.mageia.org/en/Feature:Mageia3MassRebuild
* Thu Dec 06 2012 rtp <rtp> 2:4.1.5.1-4.mga3
+ Revision: 327373
- change chpasswd pam configuration to make it work again.
Main point is to remove the pam_userpass line which has no chance
to work since pam_userpass is not supported by chpasswd.
* Sat Dec 01 2012 lmenut <lmenut> 2:4.1.5.1-3.mga3
+ Revision: 324062
- Change and unify default paths:
- remove /(s)bin after UsrMove
- add /usr/local/(s)bin
* Tue Nov 20 2012 lmenut <lmenut> 2:4.1.5.1-2.mga3
+ Revision: 319884
- Change and unify default paths:
- remove /(s)bin after UsrMove
- add /usr/local/(s)bin
* Tue Jul 17 2012 colin <colin> 2:4.1.5.1-1.mga3
+ Revision: 271844
- Promote from testing to main repository
* Thu Jul 12 2012 colin <colin> 2:4.1.5.1-0.1.mga3
+ Revision: 270393
- New version: 4.1.5.1
- Drop outdated local Dutch translation
- Drop binaries we do not want that are shipped elsewhere
- Package manpages from all locales
- Rediff patches
- Drop TCB patch in favour of upstream TCB support now included
- Write patch to fix upstream TCB build problems
- Drop upstream applied patch (groupmod-username)
* Sun Jan 09 2011 tmb <tmb> 2:4.1.4.2-9.mga1
+ Revision: 3733
- imported package shadow-utils
* Sun Jan 9 2011 Thomas Backlund <tmb@mageia.org> 2:4.1.4.2-9.mga1
- initial mageia import
- drop rpm tags
* Mon Jan 03 2011 Oden Eriksson <oeriksson@mandriva.com> 2:4.1.4.2-8mdv2011.0
+ Revision: 627716
- don't force the usage of automake1.7
* Fri Dec 03 2010 Oden Eriksson <oeriksson@mandriva.com> 2:4.1.4.2-7mdv2011.0
+ Revision: 607535
- rebuild
* Thu Mar 25 2010 Pascal Terjan <pterjan@mandriva.org> 2:4.1.4.2-6mdv2010.1
+ Revision: 527508
- Fix group renaming (#57190, patch from gentoo)
* Mon Mar 15 2010 Oden Eriksson <oeriksson@mandriva.com> 2:4.1.4.2-5mdv2010.1
+ Revision: 519983
- rebuilt against audit-2 libs
* Sun Nov 29 2009 Pascal Terjan <pterjan@mandriva.org> 2:4.1.4.2-4mdv2010.1
+ Revision: 471566
- Fix login.defs
* Thu Nov 26 2009 Pascal Terjan <pterjan@mandriva.org> 2:4.1.4.2-3mdv2010.1
+ Revision: 470346
- Update login.defs
* Tue Nov 24 2009 Pascal Terjan <pterjan@mandriva.org> 2:4.1.4.2-2mdv2010.1
+ Revision: 469496
- Update to /release as nothing seems too obviously broken
* Tue Nov 24 2009 Pascal Terjan <pterjan@mandriva.org> 2:4.1.4.2-1mdv2010.1
+ Revision: 469403
- Update tcb patch
- Drop shadow-4.0.11.1-no-syslog-setlocale.patch as it is 9 years old
and there is no explanation on why we should disable this workaround
- Update to 4.1.4.2
o Drop patches that are now upstream:
* shadow-4.0.12-nscd.patch
* shadow-4.0.12-unlock.patch
* shadow-4.0.12-do-copy-skel-if-home-directory-exists-but-is-empty.patch
* shadow-4.0.12-avx-owl-crypt_gensalt.patch
o Update other patches
- Update URL, we are missing a lot of releases
* Thu Sep 03 2009 Christophe Fergeau <cfergeau@mandriva.com> 2:4.0.12-20mdv2010.0
+ Revision: 427122
- rebuild
* Mon Mar 09 2009 Oden Eriksson <oeriksson@mandriva.com> 2:4.0.12-19mdv2009.1
+ Revision: 353187
- P10: security fix for CVE-2008-5394
- rediffed one fuzzy patch (P2)
+ Antoine Ginies <aginies@mandriva.com>
- rebuild
* Wed Aug 27 2008 Vincent Danen <vdanen@mandriva.com> 2:4.0.12-17mdv2009.0
+ Revision: 276627
- add shadow_perms patch so pwconv creates /etc/shadow mode 0440 and owned root:shadow
* Thu Aug 07 2008 Thierry Vignaud <tv@mandriva.org> 2:4.0.12-16mdv2009.0
+ Revision: 265694
- rebuild early 2009.0 package (before pixel changes)
* Sat May 31 2008 Frederik Himpe <fhimpe@mandriva.org> 2:4.0.12-15mdv2009.0
+ Revision: 213823
- Add conflicts to fix upgrade from 2008.1 (files vipw and vigr were moved)
* Wed May 21 2008 Vincent Danen <vdanen@mandriva.com> 2:4.0.12-14mdv2009.0
+ Revision: 209785
- PASS_MIN_LEN seems no longer valid for some reason, so comment
it out to get rid of warning messages when creating new users
* Tue May 20 2008 Vincent Danen <vdanen@mandriva.com> 2:4.0.12-13mdv2009.0
+ Revision: 209280
- package the pam.d files
* Mon May 19 2008 Vincent Danen <vdanen@mandriva.com> 2:4.0.12-12mdv2009.0
+ Revision: 209190
- requires pam_userpass
* Mon May 19 2008 Vincent Danen <vdanen@mandriva.com> 2:4.0.12-11mdv2009.0
+ Revision: 209077
- add pam support files now that we build with pam support
* Sun May 18 2008 Vincent Danen <vdanen@mandriva.com> 2:4.0.12-10mdv2009.0
+ Revision: 208800
- add crypt_gensalt.patch from Annvix to allow setting which crypt method to use for passwords via login.defs
- add tcb.patch to provide support for TCB
- buildrequires pam-devel, tcb-devel, glibc-crypt_blowfish-devel, pam_userpass-devel
- requires tcb
- update login.defs to add CRYPT_PREFIX, CRYPT_ROUNDS, USE_TCB, TCB_AUTH_GROUP, and TCB_SYMLINKS
- vipw and vigr belong here now, not util-linux-ng
- require setup 2.7.12-2mdv or newer as it supplies the auth, chkpwd, and shadow groups
* Wed Mar 05 2008 Oden Eriksson <oeriksson@mandriva.com> 2:4.0.12-9mdv2008.1
+ Revision: 179504
- rebuild
+ Olivier Blin <oblin@mandriva.com>
- restore BuildRoot
+ Thierry Vignaud <tv@mandriva.org>
- kill re-definition of %%buildroot on Pixel's request
* Mon Sep 17 2007 Andreas Hasenack <andreas@mandriva.com> 2:4.0.12-8mdv2008.0
+ Revision: 89134
- fixed groupadd manpage synopsis (#33533)
* Mon Jul 02 2007 Andreas Hasenack <andreas@mandriva.com> 2:4.0.12-7mdv2008.0
+ Revision: 47132
- updated nl po file (#27082)
* Wed Jun 27 2007 Andreas Hasenack <andreas@mandriva.com> 2:4.0.12-6mdv2008.0
+ Revision: 45099
- using serverbuild macro (-fstack-protector-all)
* Tue Jun 12 2007 Pixel <pixel@mandriva.com> 2:4.0.12-5mdv2008.0
+ Revision: 38108
- allow adduser to copy skel directory if the home directory exists but is empty (#29009)
* Mon Mar 19 2007 Andreas Hasenack <andreas@mandriva.com> 4.0.12-4mdv2007.1
+ Revision: 146707
- don't leave lock files lying around (#29221)
+ Pixel <pixel@mandriva.com>
- Import shadow-utils
* Thu Jun 15 2006 Guillaume Rousse <guillomovitch@mandriva.org> 2:4.0.12-3mdv2007.0
- /etc/default doesn't belong to this package
- some spec cleanup
* Sat Jun 10 2006 Rafael Garcia-Suarez <rgarciasuarez@mandriva.com> 2:4.0.12-2mdv2007.0
- Add patch 4: allow dots and capitals in usernames (Rawhide)
- Remove provide itself with larger version; increased epoch instead
- Uncompressed patches
* Wed Sep 14 2005 Warly <warly@mandriva.com> 1:4.0.12-mdk
- new version, fix a bug which overwrite user config in conectiva upgrade
* Mon Aug 15 2005 Thierry Vignaud <tvignaud@mandriva.com> 4.0.11.1-4mdk
- NEWS is more usefull than ChangeLog
* Sat Aug 13 2005 Frederic Lepied <flepied@mandriva.com> 4.0.11.1-3mdk
- Conflicts with msec < 0.47
* Fri Aug 12 2005 Nicolas Lécureuil <neoclust@mandriva.org> 4.0.11.1-2mdk
- Remove packager tag
- mkrel
* Sat Aug 06 2005 Cris <cris@mandrive.com> 1:4.0.11.1-1mdk
- New version
- Drop all unused patches
- Clean up spec file
- Respin some patches based on fedora core 4 4.0.7 versions
* Tue Mar 22 2005 Warly <warly@mandrakesoft.com> 1:4.0.3-8mdk
- Fix the nscd patch to refer to the right pid file (bug 14840)
* Tue Jun 15 2004 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 4.0.3-8mdk
- fix gcc-3.4 build (P501)
- use %%make and %%makeinstall_std macro
- work around problem with mkinstalldirs
- drop prefix tag
distrib
>
Mageia
>
5
>
i586
>
media
>
core-updates-src
>
by-pkgid
>
142607d0abaf9468861f35b55ff368d6
>
files
>
18
