summaryrefslogtreecommitdiff
path: root/system
diff options
context:
space:
mode:
Diffstat (limited to 'system')
-rw-r--r--system/shadow/APKBUILD64
-rw-r--r--system/shadow/support-m4-dirs.patch9
-rw-r--r--system/shadow/utmpx.patch206
3 files changed, 249 insertions, 30 deletions
diff --git a/system/shadow/APKBUILD b/system/shadow/APKBUILD
index 13dc98d7a..6b8723bf6 100644
--- a/system/shadow/APKBUILD
+++ b/system/shadow/APKBUILD
@@ -1,21 +1,24 @@
# Contributor: William Pitcock <nenolod@dereferenced.org>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
-# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
+# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=shadow
-pkgver=4.5
+pkgver=4.6
pkgrel=0
-pkgdesc="PAM-using login and passwd utilities (usermod, useradd, ...)"
-url="http://pkg-shadow.alioth.debian.org/"
+pkgdesc="Login and password management utilities"
+url="https://github.com/shadow-maint/shadow"
arch="all"
-license="GPL"
+options="suid"
+license="BSD-3-Clause OR Artistic-1.0-Perl"
depends=""
-makedepends="linux-pam-dev"
-subpackages="$pkgname-doc $pkgname-dbg $pkgname-uidmap"
+makedepends="linux-pam-dev autoconf automake"
+subpackages="$pkgname-doc $pkgname-dbg $pkgname-lang $pkgname-uidmap"
source="https://github.com/shadow-maint/shadow/releases/download/$pkgver/shadow-$pkgver.tar.xz
login.pamd
dots-in-usernames.patch
useradd-usergroups.patch
pam-useradd.patch
+ utmpx.patch
+ support-m4-dirs.patch
"
# secfixes:
# 4.5-r0:
@@ -25,13 +28,16 @@ source="https://github.com/shadow-maint/shadow/releases/download/$pkgver/shadow-
# 4.2.1-r7:
# - CVE-2016-6252
-options="suid"
-builddir="$srcdir/shadow-$pkgver"
+prepare() {
+ cd "$builddir"
+ default_prepare
+ autoreconf -v -f --install
+}
build() {
cd "$builddir"
- ./configure \
+ LIBS="-lutmps -lskarnet" ./configure \
--build=$CBUILD \
--host=$CHOST \
--target=$CTARGET \
@@ -40,7 +46,7 @@ build() {
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--localstatedir=/var \
- --disable-nls \
+ --enable-utmpx \
--with-libpam \
--without-audit \
--without-selinux \
@@ -48,9 +54,8 @@ build() {
--without-attr \
--without-tcb \
--without-nscd \
- --without-group-name-max-length \
- || return 1
- make || return 1
+ --without-group-name-max-length
+ make
}
check() {
@@ -61,23 +66,23 @@ check() {
package() {
cd "$builddir"
- make DESTDIR="$pkgdir" install || return 1
+ make DESTDIR="$pkgdir" install
# Do not install these pam.d files they are broken and outdated.
- rm "$pkgdir"/etc/pam.d/* || return 1
+ rm "$pkgdir"/etc/pam.d/*
# install some pam.d files based on a patched useradd
for pamf in groupadd groupdel groupmems groupmod \
useradd userdel usermod
do
install -m0644 etc/pam.d/useradd \
- "$pkgdir/etc/pam.d/$pamf" || return 1
+ "$pkgdir/etc/pam.d/$pamf"
done
# nologin is provided by util-linux.
- rm "$pkgdir"/sbin/nologin || return 1
+ rm "$pkgdir"/sbin/nologin
# However, install our own for login.
- cp "$srcdir"/login.pamd "$pkgdir"/etc/pam.d/login || return 1
+ cp "$srcdir"/login.pamd "$pkgdir"/etc/pam.d/login
# /etc/login.defs is not very useful - replace it with an *almost* blank file.
rm "$pkgdir"/etc/login.defs
@@ -85,26 +90,25 @@ package() {
# Avoid conflict with man-pages.
rm "$pkgdir"/usr/share/man/man3/getspnam.3* \
- "$pkgdir"/usr/share/man/man5/passwd.5* || return 1
+ "$pkgdir"/usr/share/man/man5/passwd.5*
}
uidmap() {
pkgdesc="Utilities for using subordinate UIDs and GIDs"
- mkdir -p "$subpkgdir"
- cd "$subpkgdir"
-
- mkdir -p usr/bin
- mv "$pkgdir"/usr/bin/new*idmap usr/bin/ || return 1
- chmod 4711 usr/bin/new*idmap || return 1
+ mkdir -p "$subpkgdir"/usr/bin
+ mv "$pkgdir"/usr/bin/new*idmap "$subpkgdir"/usr/bin/
+ chmod 4711 "$subpkgdir"/usr/bin/new*idmap
# Used e.g. for unprivileged LXC containers.
- mkdir etc
- touch etc/subuid etc/subgid
+ mkdir "$subpkgdir"/etc
+ touch "$subpkgdir"/etc/subuid "$subpkgdir"/etc/subgid
}
-sha512sums="e57f8db54df23301c229d4be30d4cbb67efa1d1809cffcff79adc480b6019fb2b5fd09e112e82a3f00ad5a6b2994592adac93f70a631cf666b6f4723b61c87b5 shadow-4.5.tar.xz
+sha512sums="e8eee52c649d9973f724bc2d5aeee71fa2e6a2e41ec3487cd6cf6d47af70c32e0cdf304df29b32eae2b6eb6f9066866b5f2c891add0ec87ba583bea3207b3631 shadow-4.6.tar.xz
46a6f83f3698e101b58b8682852da749619412f75dfa85cecad03d0847f6c3dc452d984510db7094220e4570a0565b83b0556e16198ad894a3ec84b3e513d58d login.pamd
745eea04c054226feba165b635dbb8570b8a04537d41e914400a4c54633c3a9cf350da0aabfec754fb8cf3e58fc1c8cf597b895506312f19469071760c11f31d dots-in-usernames.patch
49f1d5ded82d2d479805c77d7cc6274c30233596e375b28306b31a33f8fbfc3611dbc77d606081b8300247908c267297dbb6c5d1a30d56095dda53c6a636fb56 useradd-usergroups.patch
-0b4587e263cb6be12fa5ae6bc3b3fc4d3696dae355bc67d085dc58c52ff96edb4d163b95db2092b8c2f3310839430cac03c7af356641b42e24ee4aa6410f5cf1 pam-useradd.patch"
+0b4587e263cb6be12fa5ae6bc3b3fc4d3696dae355bc67d085dc58c52ff96edb4d163b95db2092b8c2f3310839430cac03c7af356641b42e24ee4aa6410f5cf1 pam-useradd.patch
+0ae5df1a287b8fa07fa9b9061dd3d5e6198527a6d9e9d4a9e2885f7a3884d1935e56856e25f1c092475aa31cee31b11d3bc7f9efe0347b0811ae53a805b2f26e utmpx.patch
+ec0ef7038b385954b7e47b0414839d30c99edcc96863a06a8e90f04bcc943c6c30274fc382f15ca74ceca57bef36c90feae6e7d363ed8c6408ae4f2bf938dacb support-m4-dirs.patch"
diff --git a/system/shadow/support-m4-dirs.patch b/system/shadow/support-m4-dirs.patch
new file mode 100644
index 000000000..6a2d34198
--- /dev/null
+++ b/system/shadow/support-m4-dirs.patch
@@ -0,0 +1,9 @@
+--- shadow-4.6/configure.ac.old 2018-06-23 22:09:31.067117872 -0500
++++ shadow-4.6/configure.ac 2018-06-23 22:13:44.496866959 -0500
+@@ -1,5 +1,6 @@
+ dnl Process this file with autoconf to produce a configure script.
+ AC_PREREQ([2.64])
++AC_CONFIG_MACRO_DIR([m4])
+ AC_INIT([shadow], [4.6], [pkg-shadow-devel@lists.alioth.debian.org], [],
+ [https://github.com/shadow-maint/shadow])
+ AM_INIT_AUTOMAKE([1.11 foreign dist-xz])
diff --git a/system/shadow/utmpx.patch b/system/shadow/utmpx.patch
new file mode 100644
index 000000000..d2ba0d4ec
--- /dev/null
+++ b/system/shadow/utmpx.patch
@@ -0,0 +1,206 @@
+diff --git a/configure.ac b/configure.ac
+index 41068a5d..6bc88cfd 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -74,12 +74,6 @@ AC_CHECK_MEMBERS([struct utmp.ut_type,
+ struct utmp.ut_time,
+ struct utmp.ut_xtime,
+ struct utmp.ut_tv],,,[[#include <utmp.h>]])
+-dnl There are dependencies:
+-dnl If UTMPX has to be used, the utmp structure shall have a ut_id field.
+-if test "$ac_cv_header_utmpx_h" = "yes" &&
+- test "$ac_cv_member_struct_utmp_ut_id" != "yes"; then
+- AC_MSG_ERROR(Systems with UTMPX and no ut_id field in the utmp structure are not supported)
+-fi
+
+ AC_CHECK_MEMBERS([struct utmpx.ut_name,
+ struct utmpx.ut_host,
+diff --git a/lib/prototypes.h b/lib/prototypes.h
+index b7d48881..d9e7f6f4 100644
+--- a/lib/prototypes.h
++++ b/lib/prototypes.h
+@@ -416,17 +416,19 @@ extern int set_filesize_limit (int blocks);
+ extern int user_busy (const char *name, uid_t uid);
+
+ /* utmp.c */
++#ifndef USE_UTMPX
+ extern /*@null@*/struct utmp *get_current_utmp (void);
+ extern struct utmp *prepare_utmp (const char *name,
+ const char *line,
+ const char *host,
+ /*@null@*/const struct utmp *ut);
+ extern int setutmp (struct utmp *ut);
+-#ifdef USE_UTMPX
++#else
++extern /*@null@*/struct utmpx *get_current_utmp (void);
+ extern struct utmpx *prepare_utmpx (const char *name,
+ const char *line,
+ const char *host,
+- /*@null@*/const struct utmp *ut);
++ /*@null@*/const struct utmpx *ut);
+ extern int setutmpx (struct utmpx *utx);
+ #endif /* USE_UTMPX */
+
+diff --git a/libmisc/utmp.c b/libmisc/utmp.c
+index f5614a22..ba69cf61 100644
+--- a/libmisc/utmp.c
++++ b/libmisc/utmp.c
+@@ -35,10 +35,10 @@
+ #include "defines.h"
+ #include "prototypes.h"
+
+-#include <utmp.h>
+-
+ #ifdef USE_UTMPX
+ #include <utmpx.h>
++#else
++#include <utmp.h>
+ #endif
+
+ #include <assert.h>
+@@ -97,6 +97,7 @@ static bool is_my_tty (const char *tty)
+ *
+ * Return NULL if no entries exist in utmp for the current process.
+ */
++#ifndef USE_UTMPX
+ /*@null@*/ /*@only@*/struct utmp *get_current_utmp (void)
+ {
+ struct utmp *ut;
+@@ -130,6 +131,36 @@ static bool is_my_tty (const char *tty)
+
+ return ret;
+ }
++#else
++/*@null@*/ /*@only*/struct utmpx *get_current_utmp(void)
++{
++ struct utmpx *ut;
++ struct utmpx *ret = NULL;
++
++ setutxent ();
++
++ /* Find the utmpx entry for this PID. */
++ while ((ut = getutxent ()) != NULL) {
++ if ( (ut->ut_pid == getpid ())
++ && ('\0' != ut->ut_id[0])
++ && ( (LOGIN_PROCESS == ut->ut_type)
++ || (USER_PROCESS == ut->ut_type))
++ && is_my_tty (ut->ut_line)) {
++ break;
++ }
++ }
++
++ if (NULL != ut) {
++ ret = (struct utmpx *) xmalloc (sizeof (*ret));
++ memcpy (ret, ut, sizeof (*ret));
++ }
++
++ endutxent ();
++
++ return ret;
++}
++#endif
++
+
+ #ifndef USE_PAM
+ /*
+@@ -166,6 +197,7 @@ static void updwtmpx (const char *filename, const struct utmpx *utx)
+ #endif /* ! USE_PAM */
+
+
++#ifndef USE_UTMPX
+ /*
+ * prepare_utmp - prepare an utmp entry so that it can be logged in a
+ * utmp/wtmp file.
+@@ -325,14 +357,14 @@ int setutmp (struct utmp *ut)
+ return err;
+ }
+
+-#ifdef USE_UTMPX
++#else
+ /*
+ * prepare_utmpx - the UTMPX version for prepare_utmp
+ */
+ /*@only@*/struct utmpx *prepare_utmpx (const char *name,
+ const char *line,
+ const char *host,
+- /*@null@*/const struct utmp *ut)
++ /*@null@*/const struct utmpx *ut)
+ {
+ struct timeval tv;
+ char *hostname = NULL;
+@@ -398,7 +430,7 @@ int setutmp (struct utmp *ut)
+ struct sockaddr_in *sa =
+ (struct sockaddr_in *) info->ai_addr;
+ #ifdef HAVE_STRUCT_UTMPX_UT_ADDR
+- memcpy (utxent->ut_addr,
++ memcpy (&utxent->ut_addr,
+ &(sa->sin_addr),
+ MIN (sizeof (utxent->ut_addr),
+ sizeof (sa->sin_addr)));
+diff --git a/src/login.c b/src/login.c
+index e287cb0b..7677adf1 100644
+--- a/src/login.c
++++ b/src/login.c
+@@ -129,7 +129,12 @@ static /*@observer@*/const char *get_failent_user (/*@returned@*/const char *use
+ static void update_utmp (const char *user,
+ const char *tty,
+ const char *host,
+- /*@null@*/const struct utmp *utent);
++#ifdef USE_UTMPX
++ /*@null@*/const struct utmpx *utent
++#else
++ /*@null@*/const struct utmp *utent
++#endif
++ );
+
+ #ifndef USE_PAM
+ static struct faillog faillog;
+@@ -481,17 +486,23 @@ static /*@observer@*/const char *get_failent_user (/*@returned@*/const char *use
+ static void update_utmp (const char *user,
+ const char *tty,
+ const char *host,
+- /*@null@*/const struct utmp *utent)
++#ifdef USE_UTMPX
++ /*@null@*/const struct utmpx *utent
++#else
++ /*@null@*/const struct utmp *utent
++#endif
++ )
+ {
+- struct utmp *ut = prepare_utmp (user, tty, host, utent);
+ #ifdef USE_UTMPX
+ struct utmpx *utx = prepare_utmpx (user, tty, host, utent);
++#else
++ struct utmp *ut = prepare_utmp (user, tty, host, utent);
+ #endif /* USE_UTMPX */
+
++#ifndef USE_UTMPX
+ (void) setutmp (ut); /* make entry in the utmp & wtmp files */
+ free (ut);
+-
+-#ifdef USE_UTMPX
++#else
+ (void) setutmpx (utx); /* make entry in the utmpx & wtmpx files */
+ free (utx);
+ #endif /* USE_UTMPX */
+@@ -539,7 +550,11 @@ int main (int argc, char **argv)
+ struct passwd *pwd = NULL;
+ char **envp = environ;
+ const char *failent_user;
++#ifdef USE_UTMPX
++ /*@null@*/struct utmpx *utent;
++#else
+ /*@null@*/struct utmp *utent;
++#endif
+
+ #ifdef USE_PAM
+ int retcode;
+@@ -681,7 +696,7 @@ int main (int argc, char **argv)
+
+ if (rflg || hflg) {
+ cp = hostname;
+-#ifdef HAVE_STRUCT_UTMP_UT_HOST
++#if defined(HAVE_STRUCT_UTMP_UT_HOST) || defined(USE_UTMPX)
+ } else if ((NULL != utent) && ('\0' != utent->ut_host[0])) {
+ cp = utent->ut_host;
+ #endif /* HAVE_STRUCT_UTMP_UT_HOST */