summaryrefslogtreecommitdiff
path: root/source/a
diff options
context:
space:
mode:
Diffstat (limited to 'source/a')
-rw-r--r--source/a/shadow/doinst.sh27
-rw-r--r--source/a/shadow/pam.d/chfn4
-rw-r--r--source/a/shadow/pam.d/chsh4
-rwxr-xr-xsource/a/shadow/shadow.SlackBuild2
-rw-r--r--source/a/util-linux/doinst.sh6
-rw-r--r--source/a/util-linux/pam.d/chfn6
-rw-r--r--source/a/util-linux/pam.d/chsh6
-rw-r--r--source/a/util-linux/pam.d/login (renamed from source/a/shadow/pam.d/login)0
-rw-r--r--source/a/util-linux/pam.d/runuser5
-rw-r--r--source/a/util-linux/pam.d/runuser-l4
-rw-r--r--source/a/util-linux/pam.d/su (renamed from source/a/shadow/pam.d/su)0
-rw-r--r--source/a/util-linux/pam.d/su-l (renamed from source/a/shadow/pam.d/su-l)0
-rwxr-xr-xsource/a/util-linux/util-linux.SlackBuild21
13 files changed, 63 insertions, 22 deletions
diff --git a/source/a/shadow/doinst.sh b/source/a/shadow/doinst.sh
index ce3e8116..98c8a92c 100644
--- a/source/a/shadow/doinst.sh
+++ b/source/a/shadow/doinst.sh
@@ -10,17 +10,20 @@ config() {
# Otherwise, we leave the .new copy for the admin to consider...
}
-# First, check for PAM:
-if [ -r etc/pam.d/login.new ]; then
- # If there's an existing /etc/login.defs that contains an obsolete option
- # intended for a non-pam system, rename it to back it up and allow the
- # pam-enabled login.defs to be installed automatically:
- if grep -q "^LASTLOG_ENAB" etc/login.defs 1> /dev/null 2> /dev/null ; then
- mv etc/login.defs etc/login.defs.non-pam.backup
- fi
-else # Same thing, but in reverse for a non-pam system:
- if ! grep -q "^LASTLOG_ENAB" etc/login.defs 1> /dev/null 2> /dev/null ; then
- mv etc/login.defs etc/login.defs.pam.backup
+# See if we need to backup an existing login.defs:
+if [ -r etc/login.defs ]; then
+ # First, check for PAM:
+ if [ -r etc/pam.d/login.new ]; then
+ # If there's an existing /etc/login.defs that contains an obsolete option
+ # intended for a non-pam system, rename it to back it up and allow the
+ # pam-enabled login.defs to be installed automatically:
+ if grep -q "^LASTLOG_ENAB" etc/login.defs 1> /dev/null 2> /dev/null ; then
+ mv etc/login.defs etc/login.defs.non-pam.backup
+ fi
+ else # Same thing, but in reverse for a non-pam system:
+ if ! grep -q "^LASTLOG_ENAB" etc/login.defs 1> /dev/null 2> /dev/null ; then
+ mv etc/login.defs etc/login.defs.pam.backup
+ fi
fi
fi
@@ -31,7 +34,7 @@ rm -f var/log/faillog.new
if [ -r etc/login.access.new ]; then
config etc/login.access.new
fi
-for configfile in chage.new chfn.new chgpasswd.new chpasswd.new chsh.new groupadd.new groupdel.new groupmems.new groupmod.new login.new newusers.new other.new passwd.new postlogin.new su-l.new su.new system-auth.new useradd.new userdel.new usermod.new ; do
+for configfile in chage.new chgpasswd.new chpasswd.new groupadd.new groupdel.new groupmems.new groupmod.new newusers.new other.new passwd.new postlogin.new system-auth.new useradd.new userdel.new usermod.new ; do
if [ -r etc/pam.d/$configfile ]; then
config etc/pam.d/$configfile
fi
diff --git a/source/a/shadow/pam.d/chfn b/source/a/shadow/pam.d/chfn
deleted file mode 100644
index 8f49f5cc..00000000
--- a/source/a/shadow/pam.d/chfn
+++ /dev/null
@@ -1,4 +0,0 @@
-#%PAM-1.0
-auth sufficient pam_rootok.so
-account required pam_permit.so
-password include system-auth
diff --git a/source/a/shadow/pam.d/chsh b/source/a/shadow/pam.d/chsh
deleted file mode 100644
index 8f49f5cc..00000000
--- a/source/a/shadow/pam.d/chsh
+++ /dev/null
@@ -1,4 +0,0 @@
-#%PAM-1.0
-auth sufficient pam_rootok.so
-account required pam_permit.so
-password include system-auth
diff --git a/source/a/shadow/shadow.SlackBuild b/source/a/shadow/shadow.SlackBuild
index bc22d5e8..1cd486be 100755
--- a/source/a/shadow/shadow.SlackBuild
+++ b/source/a/shadow/shadow.SlackBuild
@@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=shadow
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-3}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
diff --git a/source/a/util-linux/doinst.sh b/source/a/util-linux/doinst.sh
index da24e743..8277c0e6 100644
--- a/source/a/util-linux/doinst.sh
+++ b/source/a/util-linux/doinst.sh
@@ -22,6 +22,12 @@ config etc/rc.d/rc.serial.new
config etc/rc.d/rc.setterm.new
config etc/serial.conf.new
+for configfile in chfn.new chsh.new login.new runuser.new runuser-l.new su.new su-l.new ; do
+ if [ -r etc/pam.d/$configfile ]; then
+ config etc/pam.d/$configfile
+ fi
+done
+
if [ -r etc/default/su.new ]; then
config etc/default/su.new
fi
diff --git a/source/a/util-linux/pam.d/chfn b/source/a/util-linux/pam.d/chfn
new file mode 100644
index 00000000..2dbc0aaf
--- /dev/null
+++ b/source/a/util-linux/pam.d/chfn
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth include system-auth
+account include system-auth
+password include system-auth
+session include system-auth
diff --git a/source/a/util-linux/pam.d/chsh b/source/a/util-linux/pam.d/chsh
new file mode 100644
index 00000000..2dbc0aaf
--- /dev/null
+++ b/source/a/util-linux/pam.d/chsh
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth include system-auth
+account include system-auth
+password include system-auth
+session include system-auth
diff --git a/source/a/shadow/pam.d/login b/source/a/util-linux/pam.d/login
index eb312199..eb312199 100644
--- a/source/a/shadow/pam.d/login
+++ b/source/a/util-linux/pam.d/login
diff --git a/source/a/util-linux/pam.d/runuser b/source/a/util-linux/pam.d/runuser
new file mode 100644
index 00000000..37f0e84e
--- /dev/null
+++ b/source/a/util-linux/pam.d/runuser
@@ -0,0 +1,5 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+session optional pam_keyinit.so revoke
+session required pam_limits.so
+session required pam_unix.so
diff --git a/source/a/util-linux/pam.d/runuser-l b/source/a/util-linux/pam.d/runuser-l
new file mode 100644
index 00000000..fa1e4d83
--- /dev/null
+++ b/source/a/util-linux/pam.d/runuser-l
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth include runuser
+session optional pam_keyinit.so force revoke
+session include runuser
diff --git a/source/a/shadow/pam.d/su b/source/a/util-linux/pam.d/su
index c7c81487..c7c81487 100644
--- a/source/a/shadow/pam.d/su
+++ b/source/a/util-linux/pam.d/su
diff --git a/source/a/shadow/pam.d/su-l b/source/a/util-linux/pam.d/su-l
index 656a139a..656a139a 100644
--- a/source/a/shadow/pam.d/su-l
+++ b/source/a/util-linux/pam.d/su-l
diff --git a/source/a/util-linux/util-linux.SlackBuild b/source/a/util-linux/util-linux.SlackBuild
index 1d101d46..2f0688be 100755
--- a/source/a/util-linux/util-linux.SlackBuild
+++ b/source/a/util-linux/util-linux.SlackBuild
@@ -26,7 +26,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=util-linux
VERSION=${VERSION:-$(echo util-linux*.tar.xz | cut -d - -f 3 | rev | cut -f 3- -d . | rev)}
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-3}
ADJTIMEXVERS=1.29
SETSERIALVERS=2.17
@@ -90,6 +90,17 @@ if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then
cp -a $CWD/su.default $PKG/etc/default/su.new
chown root:root $PKG/etc/default/su.new
chmod 644 $PKG/etc/default/su.new
+ # Add /etc/pam.d config files:
+ rm -rf $PKG/etc/pam.d
+ mkdir -p $PKG/etc/pam.d
+ for file in $CWD/pam.d/* ; do
+ cp -a ${file} $PKG/etc/pam.d/
+ done
+ # Ensure correct perms/ownership on files in /etc/pam.d/:
+ chown root:root $PKG/etc/pam.d/*
+ chmod 644 $PKG/etc/pam.d/*
+ # Don't clobber existing config files:
+ find $PKG/etc/pam.d -type f -exec mv {} {}.new \;
else
LOGIN_OPTIONS="--disable-login"
fi
@@ -150,6 +161,14 @@ CFLAGS="$SLKCFLAGS" \
make $NUMJOBS || make || exit 1
make install $NUMJOBS DESTDIR=$PKG || exit 1
+# These need to be setuid root to work properly (only built for PAM):
+if [ -r $PKG/usr/bin/chfn ]; then
+ chmod 4711 $PKG/usr/bin/chfn
+fi
+if [ -r $PKG/usr/bin/chsh ]; then
+ chmod 4711 $PKG/usr/bin/chsh
+fi
+
# Build python3 bindings for libmount:
make clean
CFLAGS="$SLKCFLAGS" \