diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2020-05-08 21:25:24 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2020-05-09 08:59:52 +0200 |
commit | 04ebdce888955069ae2288597a2e50339eda3f4b (patch) | |
tree | 271c1bb47037cabcc3139d95e17120058dd8c4fa /source/a | |
parent | 7f9672ea573b02b2665782f9760d8c38b83c46e9 (diff) | |
download | current-04ebdce888955069ae2288597a2e50339eda3f4b.tar.gz |
Fri May 8 21:25:24 UTC 202020200508212524
a/shadow-4.8.1-x86_64-6.txz: Rebuilt.
Include manpages for sulogin(8).
a/util-linux-2.35.1-x86_64-5.txz: Rebuilt.
ap/sysstat-12.3.3-x86_64-1.txz: Upgraded.
d/bison-3.6-x86_64-1.txz: Upgraded.
l/jansson-2.13.1-x86_64-1.txz: Upgraded.
n/NetworkManager-1.24.0-x86_64-1.txz: Upgraded.
n/fetchmail-6.4.5-x86_64-1.txz: Upgraded.
testing/packages/PAM/shadow-4.8.1-x86_64-6_pam.txz: Rebuilt.
Include manpages for sulogin(8).
Use this version of /bin/su.
testing/packages/PAM/util-linux-2.35.1-x86_64-5_pam.txz: Rebuilt.
Don't use this version of /bin/su.
Diffstat (limited to 'source/a')
-rw-r--r-- | source/a/shadow/doinst.sh | 2 | ||||
-rw-r--r-- | source/a/shadow/pam.d-su/su (renamed from source/a/util-linux/pam.d/su) | 0 | ||||
-rw-r--r-- | source/a/shadow/pam.d-su/su-l (renamed from source/a/util-linux/pam.d/su-l) | 0 | ||||
-rwxr-xr-x | source/a/shadow/shadow.SlackBuild | 28 | ||||
-rw-r--r-- | source/a/sysvinit-scripts/scripts/rc.M | 5 | ||||
-rwxr-xr-x | source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild | 2 | ||||
-rw-r--r-- | source/a/util-linux/pam.d-su/su | 11 | ||||
-rw-r--r-- | source/a/util-linux/pam.d-su/su-l | 6 | ||||
-rwxr-xr-x | source/a/util-linux/util-linux.SlackBuild | 28 |
9 files changed, 68 insertions, 14 deletions
diff --git a/source/a/shadow/doinst.sh b/source/a/shadow/doinst.sh index 98c8a92c..28d3a436 100644 --- a/source/a/shadow/doinst.sh +++ b/source/a/shadow/doinst.sh @@ -34,7 +34,7 @@ rm -f var/log/faillog.new if [ -r etc/login.access.new ]; then config etc/login.access.new fi -for configfile in chage.new chgpasswd.new chpasswd.new groupadd.new groupdel.new groupmems.new groupmod.new newusers.new other.new passwd.new postlogin.new system-auth.new useradd.new userdel.new usermod.new ; do +for configfile in chage.new chgpasswd.new chpasswd.new groupadd.new groupdel.new groupmems.new groupmod.new newusers.new other.new passwd.new postlogin.new su.new su-l.new system-auth.new useradd.new userdel.new usermod.new ; do if [ -r etc/pam.d/$configfile ]; then config etc/pam.d/$configfile fi diff --git a/source/a/util-linux/pam.d/su b/source/a/shadow/pam.d-su/su index c28a252a..c28a252a 100644 --- a/source/a/util-linux/pam.d/su +++ b/source/a/shadow/pam.d-su/su diff --git a/source/a/util-linux/pam.d/su-l b/source/a/shadow/pam.d-su/su-l index 654dc24e..654dc24e 100644 --- a/source/a/util-linux/pam.d/su-l +++ b/source/a/shadow/pam.d-su/su-l diff --git a/source/a/shadow/shadow.SlackBuild b/source/a/shadow/shadow.SlackBuild index bf399b27..c7c33a83 100755 --- a/source/a/shadow/shadow.SlackBuild +++ b/source/a/shadow/shadow.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=shadow VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-5} +BUILD=${BUILD:-6} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -74,9 +74,13 @@ cd shadow-$VERSION if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then PAM_OPTIONS="--with-libpam" unset SHADOW_OPTIONS + # By default, use the shadow version of /bin/su: + SHIP_SU=${SHIP_SU:-YES} else unset PAM_OPTIONS SHADOW_OPTIONS="--enable-shadowgrp --without-libcrack" + # By default, use the shadow version of /bin/su: + SHIP_SU=${SHIP_SU:-YES} fi # Apply some patches taken from the svn trunk that @@ -151,12 +155,9 @@ mv $PKG/usr/sbin/nologin $PKG/sbin/nologin if [ ! -z "$PAM_OPTIONS" ]; then # Don't ship the login utilities. We'll be using the ones from util-linux: - for file in /bin/login /bin/su /sbin/runuser /usr/bin/chfn /usr/bin/chsh \ + for file in /bin/login /sbin/runuser /usr/bin/chfn /usr/bin/chsh \ /usr/man/man1/chfn.1.gz /usr/man/man1/chsh.1.gz /usr/man/man1/login.1.gz \ - /usr/man/man1/runuser.1.gz /usr/man/man1/su.1.gz \ - /usr/share/bash-completion/completions/chfn \ - /usr/share/bash-completion/completions/chsh \ - /usr/share/bash-completion/completions/su ; do + /usr/man/man1/runuser.1.gz ; do rm -f $PKG${file} done # Install config files in /etc/pam.d/. We'll use our own copies... I'm not @@ -166,6 +167,9 @@ if [ ! -z "$PAM_OPTIONS" ]; then for file in $CWD/pam.d/* ; do cp -a ${file} $PKG/etc/pam.d/ done + if [ "$SHIP_SU" = "YES" ]; then + cp -a $CWD/pam.d-su/* $PKG/etc/pam.d/ + fi # Ensure correct perms/ownership on files in /etc/pam.d/: chown root:root $PKG/etc/pam.d/* chmod 644 $PKG/etc/pam.d/* @@ -181,6 +185,13 @@ else # not using PAM zcat $CWD/login.defs.shadow.gz > $PKG/etc/login.defs.new fi +# If we aren't using this version of su, remove the files: +if [ "$SHIP_SU" = "NO" ]; then + rm $PKG/bin/su + find $PKG/usr/man -name su.1 | xargs rm + find $PKG/usr/man -name suauth.5 | xargs rm +fi + # /bin/groups is provided by coreutils. rm -f $PKG/bin/groups find $PKG -name groups.1 -exec rm {} \+ @@ -196,6 +207,11 @@ chmod 0755 $PKG/usr/sbin/adduser # Add sulogin to the package: cp -a src/sulogin $PKG/sbin ( cd $PKG/bin ; ln -s ../sbin/sulogin ) +cp -a ./man/zh_CN/man8/sulogin.8 $PKG/usr/man/zh_CN/man8/sulogin.8 || exit 1 +cp -a ./man/ru/man8/sulogin.8 $PKG/usr/man/ru/man8/sulogin.8 || exit 1 +cp -a ./man/de/man8/sulogin.8 $PKG/usr/man/de/man8/sulogin.8 || exit 1 +cp -a ./man/ja/man8/sulogin.8 $PKG/usr/man/ja/man8/sulogin.8 || exit 1 +cp -a ./man/man8/sulogin.8 $PKG/usr/man/man8/sulogin.8 || exit 1 # Add the empty faillog log file: mkdir -p $PKG/var/log diff --git a/source/a/sysvinit-scripts/scripts/rc.M b/source/a/sysvinit-scripts/scripts/rc.M index c0424ebe..b3490eb5 100644 --- a/source/a/sysvinit-scripts/scripts/rc.M +++ b/source/a/sysvinit-scripts/scripts/rc.M @@ -366,6 +366,11 @@ if [ -x /etc/rc.d/rc.openldap ]; then /etc/rc.d/rc.openldap start fi +# Start local LDAP name service daemon (from nss-pam-ldapd): +if [ -x /etc/rc.d/rc.nslcd ]; then + /etc/rc.d/rc.nslcd start +fi + # Start Dovecot: if [ -x /etc/rc.d/rc.dovecot ]; then /etc/rc.d/rc.dovecot start diff --git a/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild b/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild index 3f69fb4b..07249e8e 100755 --- a/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild +++ b/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=sysvinit-scripts VERSION=${VERSION:-2.1} ARCH=noarch -BUILD=${BUILD:-30} +BUILD=${BUILD:-31} # If the variable PRINT_PACKAGE_NAME is set, then this script will report what # the name of the created package would be, and then exit. This information diff --git a/source/a/util-linux/pam.d-su/su b/source/a/util-linux/pam.d-su/su new file mode 100644 index 00000000..c28a252a --- /dev/null +++ b/source/a/util-linux/pam.d-su/su @@ -0,0 +1,11 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +# Uncomment the following line to implicitly trust users in the "wheel" group. +#auth sufficient pam_wheel.so trust use_uid +# Uncomment the following line to require a user to be in the "wheel" group. +#auth required pam_wheel.so use_uid +auth include system-auth +account include system-auth +password include system-auth +session include system-auth +session optional pam_xauth.so diff --git a/source/a/util-linux/pam.d-su/su-l b/source/a/util-linux/pam.d-su/su-l new file mode 100644 index 00000000..654dc24e --- /dev/null +++ b/source/a/util-linux/pam.d-su/su-l @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth include su +account include su +password include su +session optional pam_keyinit.so force revoke +session include su diff --git a/source/a/util-linux/util-linux.SlackBuild b/source/a/util-linux/util-linux.SlackBuild index 294a657c..381c89d1 100755 --- a/source/a/util-linux/util-linux.SlackBuild +++ b/source/a/util-linux/util-linux.SlackBuild @@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=util-linux VERSION=${VERSION:-$(echo util-linux*.tar.xz | cut -d - -f 3 | rev | cut -f 3- -d . | rev)} -BUILD=${BUILD:-4} +BUILD=${BUILD:-5} ADJTIMEXVERS=1.29 SETSERIALVERS=2.17 @@ -85,23 +85,32 @@ find . \ # Choose correct options depending on whether PAM is installed: if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then LOGIN_OPTIONS="" - # Add su default file to ensure using ENV_SUPATH with 'su': - mkdir -p $PKG/etc/default - cp -a $CWD/su.default $PKG/etc/default/su.new - chown root:root $PKG/etc/default/su.new - chmod 644 $PKG/etc/default/su.new + # By default, don't use the util-linux version of /bin/su: + SHIP_SU=${SHIP_SU:-NO} # Add /etc/pam.d config files: rm -rf $PKG/etc/pam.d mkdir -p $PKG/etc/pam.d for file in $CWD/pam.d/* ; do cp -a ${file} $PKG/etc/pam.d/ done + if [ "$SHIP_SU" = "YES" ]; then + # Add su default file to ensure using ENV_SUPATH with 'su': + mkdir -p $PKG/etc/default + cp -a $CWD/su.default $PKG/etc/default/su.new + chown root:root $PKG/etc/default/su.new + chmod 644 $PKG/etc/default/su.new + # Add su /etc/pam.d files: + cp -a $CWD/pam.d-su/* $PKG/etc/pam.d/ + fi # Ensure correct perms/ownership on files in /etc/pam.d/: chown root:root $PKG/etc/pam.d/* chmod 644 $PKG/etc/pam.d/* # Don't clobber existing config files: find $PKG/etc/pam.d -type f -exec mv {} {}.new \; else + # Don't use the util-linux version of /bin/su. + # It can't be built without PAM anyway. + SHIP_SU=NO LOGIN_OPTIONS="--disable-login" fi @@ -181,6 +190,13 @@ make $NUMJOBS \ # Remove all overlap with the shadow package, since --disable-login doesn't quite do that: rm $PKG/sbin/nologin $PKG/usr/man/man8/nologin.8 $PKG/sbin/sulogin $PKG/usr/man/man8/sulogin.8 +# If we aren't shipping su, remove the files: +if [ "$SHIP_SU" = "NO" ]; then + rm -f $PKG/bin/su + rm -f $PKG/usr/man/man1/su.1 + rm -f $PKG/usr/share/bash-completion/completions/su +fi + # Move the libblkid, libfdisk, libmount, libsmartcols, and # libuuid libraries to /lib${LIBSUFFIX}: mkdir -p $PKG/lib${LIBDIRSUFFIX} |