upg shadow

shadow/0001-Disable-replaced-tools-their-man-pages-and-PAM-integ.patch

@@ -0,0 +1,727 @@
+From 296e0848b775a9085d6ffe813a62369150620454 Mon Sep 17 00:00:00 2001
+From: David Runge <dvzrv@archlinux.org>
+Date: Sat, 5 Nov 2022 23:40:18 +0100
+Subject: [PATCH 1/3] Disable replaced tools, their man pages and PAM
+ integration
+
+etc/pam.d/Makefile.am:
+Disable installation of PAM integration for chfn, chsh and login tools
+as they are provided by util-linux.
+
+man/Makefile.am, man/*/Makefile.am:
+Disable man pages for chfn, chsh, login, logoutd, newgrp, nologin, vigr,
+vipw and su as they are either no longer used or replaced by util-linux.
+
+src/Makefile.am:
+Set usbindir to use bin instead of sbin, as Arch Linux is a /usr and bin
+merge distribution.
+Remove the use of login, nologin, chfn, chsh, logoutd, vipw and vigr, as
+they are either not used or replaced by util-linux.
+Move newgrp to replace sg (instead of it being a symlink).
+---
+ etc/pam.d/Makefile.am |  3 ---
+ man/Makefile.am       | 20 +++-----------------
+ man/cs/Makefile.am    |  8 ++------
+ man/da/Makefile.am    |  8 +-------
+ man/de/Makefile.am    | 11 +----------
+ man/fi/Makefile.am    |  5 +----
+ man/fr/Makefile.am    | 11 +----------
+ man/hu/Makefile.am    |  6 +-----
+ man/id/Makefile.am    |  2 --
+ man/it/Makefile.am    | 11 +----------
+ man/ja/Makefile.am    | 10 +---------
+ man/ko/Makefile.am    |  8 +-------
+ man/pl/Makefile.am    |  7 +------
+ man/ru/Makefile.am    | 11 +----------
+ man/sv/Makefile.am    |  8 +-------
+ man/tr/Makefile.am    |  3 ---
+ man/uk/Makefile.am    | 11 +----------
+ man/zh_CN/Makefile.am | 11 +----------
+ man/zh_TW/Makefile.am |  4 ----
+ src/Makefile.am       | 18 +++++++-----------
+ 20 files changed, 25 insertions(+), 151 deletions(-)
+
+diff --git a/etc/pam.d/Makefile.am b/etc/pam.d/Makefile.am
+index 38ff26ae..a19ad431 100644
+--- a/etc/pam.d/Makefile.am
++++ b/etc/pam.d/Makefile.am
+@@ -2,10 +2,7 @@
+ # and also cooperate to make a distribution for `make dist'
+ 
+ pamd_files = \
+-	chfn \
+-	chsh \
+ 	groupmems \
+-	login \
+ 	passwd
+ 
+ pamd_acct_tools_files = \
+diff --git a/man/Makefile.am b/man/Makefile.am
+index 89d97937..d2741036 100644
+--- a/man/Makefile.am
++++ b/man/Makefile.am
+@@ -8,10 +8,8 @@ endif
+ 
+ man_MANS = \
+ 	man1/chage.1 \
+-	man1/chfn.1 \
+ 	man8/chgpasswd.8 \
+ 	man8/chpasswd.8 \
+-	man1/chsh.1 \
+ 	man1/expiry.1 \
+ 	man5/faillog.5 \
+ 	man8/faillog.8 \
+@@ -26,12 +24,9 @@ man_MANS = \
+ 	man8/grpconv.8 \
+ 	man8/grpunconv.8 \
+ 	man5/gshadow.5 \
+-	man1/login.1 \
++	man8/lastlog.8 \
+ 	man5/login.defs.5 \
+-	man8/logoutd.8 \
+-	man1/newgrp.1 \
+ 	man8/newusers.8 \
+-	man8/nologin.8 \
+ 	man1/passwd.1 \
+ 	man5/passwd.5 \
+ 	man8/pwck.8 \
+@@ -43,9 +38,7 @@ man_MANS = \
+ 	man5/suauth.5 \
+ 	man8/useradd.8 \
+ 	man8/userdel.8 \
+-	man8/usermod.8 \
+-	man8/vigr.8 \
+-	man8/vipw.8
++	man8/usermod.8
+ 
+ if ENABLE_LASTLOG
+ man_MANS += man8/lastlog.8
+@@ -77,10 +70,8 @@ endif
+ 
+ man_XMANS = \
+ 	chage.1.xml \
+-	chfn.1.xml \
+ 	chgpasswd.8.xml \
+ 	chpasswd.8.xml \
+-	chsh.1.xml \
+ 	expiry.1.xml \
+ 	faillog.5.xml \
+ 	faillog.8.xml \
+@@ -94,12 +85,9 @@ man_XMANS = \
+ 	grpck.8.xml \
+ 	gshadow.5.xml \
+ 	limits.5.xml \
+-	login.1.xml \
+ 	login.access.5.xml \
+ 	login.defs.5.xml \
+-	logoutd.8.xml \
+ 	newgidmap.1.xml \
+-	newgrp.1.xml \
+ 	newuidmap.1.xml \
+ 	newusers.8.xml \
+ 	nologin.8.xml \
+@@ -111,14 +99,12 @@ man_XMANS = \
+ 	shadow.3.xml \
+ 	shadow.5.xml \
+ 	sg.1.xml \
+-	su.1.xml \
+ 	suauth.5.xml \
+ 	subgid.5.xml \
+ 	subuid.5.xml \
+ 	useradd.8.xml \
+ 	userdel.8.xml \
+-	usermod.8.xml \
+-	vipw.8.xml
++	usermod.8.xml
+ 
+ if ENABLE_LASTLOG
+ man_XMANS += lastlog.8.xml
+diff --git a/man/cs/Makefile.am b/man/cs/Makefile.am
+index 84407d71..c5ef7cf5 100644
+--- a/man/cs/Makefile.am
++++ b/man/cs/Makefile.am
+@@ -12,11 +12,8 @@ man_MANS = \
+ 	man1/groups.1 \
+ 	man8/grpck.8 \
+ 	man5/gshadow.5 \
+-	man8/nologin.8 \
+ 	man5/passwd.5 \
+-	man5/shadow.5 \
+-	man1/su.1 \
+-	man8/vipw.8
++	man5/shadow.5
+ 
+ if ENABLE_LASTLOG
+ man_MANS += man8/lastlog.8
+@@ -24,6 +21,5 @@ endif
+ 
+ EXTRA_DIST = $(man_MANS) \
+ 	man1/id.1 \
+-	man8/groupmems.8 \
+-	man8/logoutd.8
++	man8/groupmems.8
+ 
+diff --git a/man/da/Makefile.am b/man/da/Makefile.am
+index a3b09224..e45bef66 100644
+--- a/man/da/Makefile.am
++++ b/man/da/Makefile.am
+@@ -3,16 +3,10 @@ mandir = @mandir@/da
+ 
+ # 2012.01.28 - activate manpages with more than 50% translated messages
+ man_MANS = \
+-	man1/chfn.1 \
+ 	man8/groupdel.8 \
+ 	man1/groups.1 \
+ 	man5/gshadow.5 \
+-	man8/logoutd.8 \
+-	man1/newgrp.1 \
+-	man8/nologin.8 \
+-	man1/sg.1 \
+-	man8/vigr.8 \
+-	man8/vipw.8
++	man1/sg.1
+ 
+ man_nopam = 
+ 
+diff --git a/man/de/Makefile.am b/man/de/Makefile.am
+index 671432d3..333d5524 100644
+--- a/man/de/Makefile.am
++++ b/man/de/Makefile.am
+@@ -3,10 +3,8 @@ mandir = @mandir@/de
+ 
+ man_MANS = \
+ 	man1/chage.1 \
+-	man1/chfn.1 \
+ 	man8/chgpasswd.8 \
+ 	man8/chpasswd.8 \
+-	man1/chsh.1 \
+ 	man1/expiry.1 \
+ 	man5/faillog.5 \
+ 	man8/faillog.8 \
+@@ -21,12 +19,8 @@ man_MANS = \
+ 	man8/grpconv.8 \
+ 	man8/grpunconv.8 \
+ 	man5/gshadow.5 \
+-	man1/login.1 \
+ 	man5/login.defs.5 \
+-	man8/logoutd.8 \
+-	man1/newgrp.1 \
+ 	man8/newusers.8 \
+-	man8/nologin.8 \
+ 	man1/passwd.1 \
+ 	man5/passwd.5 \
+ 	man8/pwck.8 \
+@@ -35,13 +29,10 @@ man_MANS = \
+ 	man1/sg.1 \
+ 	man3/shadow.3 \
+ 	man5/shadow.5 \
+-	man1/su.1 \
+ 	man5/suauth.5 \
+ 	man8/useradd.8 \
+ 	man8/userdel.8 \
+-	man8/usermod.8 \
+-	man8/vigr.8 \
+-	man8/vipw.8
++	man8/usermod.8
+ 
+ if ENABLE_LASTLOG
+ man_MANS += man8/lastlog.8
+diff --git a/man/fi/Makefile.am b/man/fi/Makefile.am
+index 26a1a848..f02b92f3 100644
+--- a/man/fi/Makefile.am
++++ b/man/fi/Makefile.am
+@@ -1,10 +1,7 @@
+ 
+ mandir = @mandir@/fi
+ 
+-man_MANS = \
+-	man1/chfn.1 \
+-	man1/chsh.1 \
+-	man1/su.1
++man_MANS =
+ 
+ # Outdated manpages
+ #	passwd.1 (https://bugs.launchpad.net/ubuntu/+bug/384024)
+diff --git a/man/fr/Makefile.am b/man/fr/Makefile.am
+index 335e0298..9962c038 100644
+--- a/man/fr/Makefile.am
++++ b/man/fr/Makefile.am
+@@ -3,10 +3,8 @@ mandir = @mandir@/fr
+ 
+ man_MANS = \
+ 	man1/chage.1 \
+-	man1/chfn.1 \
+ 	man8/chgpasswd.8 \
+ 	man8/chpasswd.8 \
+-	man1/chsh.1 \
+ 	man1/expiry.1 \
+ 	man5/faillog.5 \
+ 	man8/faillog.8 \
+@@ -21,12 +19,8 @@ man_MANS = \
+ 	man8/grpconv.8 \
+ 	man8/grpunconv.8 \
+ 	man5/gshadow.5 \
+-	man1/login.1 \
+ 	man5/login.defs.5 \
+-	man8/logoutd.8 \
+-	man1/newgrp.1 \
+ 	man8/newusers.8 \
+-	man8/nologin.8 \
+ 	man1/passwd.1 \
+ 	man5/passwd.5 \
+ 	man8/pwck.8 \
+@@ -35,13 +29,10 @@ man_MANS = \
+ 	man1/sg.1 \
+ 	man3/shadow.3 \
+ 	man5/shadow.5 \
+-	man1/su.1 \
+ 	man5/suauth.5 \
+ 	man8/useradd.8 \
+ 	man8/userdel.8 \
+-	man8/usermod.8 \
+-	man8/vigr.8 \
+-	man8/vipw.8
++	man8/usermod.8
+ 
+ if ENABLE_LASTLOG
+ man_MANS += man8/lastlog.8
+diff --git a/man/hu/Makefile.am b/man/hu/Makefile.am
+index 205bb0a8..3d813179 100644
+--- a/man/hu/Makefile.am
++++ b/man/hu/Makefile.am
+@@ -2,15 +2,11 @@
+ mandir = @mandir@/hu
+ 
+ man_MANS = \
+-	man1/chsh.1 \
+ 	man1/gpasswd.1 \
+ 	man1/groups.1 \
+-	man1/login.1 \
+-	man1/newgrp.1 \
+ 	man1/passwd.1 \
+ 	man5/passwd.5 \
+-	man1/sg.1 \
+-	man1/su.1
++	man1/sg.1
+ 
+ if ENABLE_LASTLOG
+ man_MANS += man8/lastlog.8
+diff --git a/man/id/Makefile.am b/man/id/Makefile.am
+index 21f3dbe9..6d10b930 100644
+--- a/man/id/Makefile.am
++++ b/man/id/Makefile.am
+@@ -2,8 +2,6 @@
+ mandir = @mandir@/id
+ 
+ man_MANS = \
+-	man1/chsh.1 \
+-	man1/login.1 \
+ 	man8/useradd.8
+ 
+ EXTRA_DIST = $(man_MANS)
+diff --git a/man/it/Makefile.am b/man/it/Makefile.am
+index b76187fa..1f62e20e 100644
+--- a/man/it/Makefile.am
++++ b/man/it/Makefile.am
+@@ -3,10 +3,8 @@ mandir = @mandir@/it
+ 
+ man_MANS = \
+ 	man1/chage.1 \
+-	man1/chfn.1 \
+ 	man8/chgpasswd.8 \
+ 	man8/chpasswd.8 \
+-	man1/chsh.1 \
+ 	man1/expiry.1 \
+ 	man5/faillog.5 \
+ 	man8/faillog.8 \
+@@ -21,12 +19,8 @@ man_MANS = \
+ 	man8/grpconv.8 \
+ 	man8/grpunconv.8 \
+ 	man5/gshadow.5 \
+-	man1/login.1 \
+ 	man5/login.defs.5 \
+-	man8/logoutd.8 \
+-	man1/newgrp.1 \
+ 	man8/newusers.8 \
+-	man8/nologin.8 \
+ 	man1/passwd.1 \
+ 	man5/passwd.5 \
+ 	man8/pwck.8 \
+@@ -35,13 +29,10 @@ man_MANS = \
+ 	man1/sg.1 \
+ 	man3/shadow.3 \
+ 	man5/shadow.5 \
+-	man1/su.1 \
+ 	man5/suauth.5 \
+ 	man8/useradd.8 \
+ 	man8/userdel.8 \
+-	man8/usermod.8 \
+-	man8/vigr.8 \
+-	man8/vipw.8
++	man8/usermod.8
+ 
+ if ENABLE_LASTLOG
+ man_MANS += man8/lastlog.8
+diff --git a/man/ja/Makefile.am b/man/ja/Makefile.am
+index 13f18da1..3401a085 100644
+--- a/man/ja/Makefile.am
++++ b/man/ja/Makefile.am
+@@ -3,9 +3,7 @@ mandir = @mandir@/ja
+ 
+ man_MANS = \
+ 	man1/chage.1 \
+-	man1/chfn.1 \
+ 	man8/chpasswd.8 \
+-	man1/chsh.1 \
+ 	man1/expiry.1 \
+ 	man5/faillog.5 \
+ 	man8/faillog.8 \
+@@ -17,10 +15,7 @@ man_MANS = \
+ 	man8/grpck.8 \
+ 	man8/grpconv.8 \
+ 	man8/grpunconv.8 \
+-	man1/login.1 \
+ 	man5/login.defs.5 \
+-	man8/logoutd.8 \
+-	man1/newgrp.1 \
+ 	man8/newusers.8 \
+ 	man1/passwd.1 \
+ 	man5/passwd.5 \
+@@ -29,13 +24,10 @@ man_MANS = \
+ 	man8/pwunconv.8 \
+ 	man1/sg.1 \
+ 	man5/shadow.5 \
+-	man1/su.1 \
+ 	man5/suauth.5 \
+ 	man8/useradd.8 \
+ 	man8/userdel.8 \
+-	man8/usermod.8 \
+-	man8/vigr.8 \
+-	man8/vipw.8
++	man8/usermod.8
+ 
+ if ENABLE_LASTLOG
+ man_MANS += man8/lastlog.8
+diff --git a/man/ko/Makefile.am b/man/ko/Makefile.am
+index c269f0bb..9616cb3e 100644
+--- a/man/ko/Makefile.am
++++ b/man/ko/Makefile.am
+@@ -2,14 +2,8 @@
+ mandir = @mandir@/ko
+ 
+ man_MANS = \
+-	man1/chfn.1 \
+-	man1/chsh.1 \
+ 	man1/groups.1 \
+-	man1/login.1 \
+-	man5/passwd.5 \
+-	man1/su.1 \
+-	man8/vigr.8 \
+-	man8/vipw.8
++	man5/passwd.5
+ # newgrp.1 must be updated
+ #	newgrp.1
+ 
+diff --git a/man/pl/Makefile.am b/man/pl/Makefile.am
+index b2f096f7..00817d37 100644
+--- a/man/pl/Makefile.am
++++ b/man/pl/Makefile.am
+@@ -4,7 +4,6 @@ mandir = @mandir@/pl
+ # 2012.01.28 - activate manpages with more than 50% translated messages
+ man_MANS = \
+ 	man1/chage.1 \
+-	man1/chsh.1 \
+ 	man1/expiry.1 \
+ 	man5/faillog.5 \
+ 	man8/faillog.8 \
+@@ -15,14 +14,10 @@ man_MANS = \
+ 	man8/groupmod.8 \
+ 	man1/groups.1 \
+ 	man8/grpck.8 \
+-	man8/logoutd.8 \
+-	man1/newgrp.1 \
+ 	man1/sg.1 \
+ 	man3/shadow.3 \
+ 	man8/userdel.8 \
+-	man8/usermod.8 \
+-	man8/vigr.8 \
+-	man8/vipw.8
++	man8/usermod.8
+ 
+ if ENABLE_LASTLOG
+ man_MANS += man8/lastlog.8
+diff --git a/man/ru/Makefile.am b/man/ru/Makefile.am
+index 84d55d9e..b65f4881 100644
+--- a/man/ru/Makefile.am
++++ b/man/ru/Makefile.am
+@@ -3,10 +3,8 @@ mandir = @mandir@/ru
+ 
+ man_MANS = \
+ 	man1/chage.1 \
+-	man1/chfn.1 \
+ 	man8/chgpasswd.8 \
+ 	man8/chpasswd.8 \
+-	man1/chsh.1 \
+ 	man1/expiry.1 \
+ 	man5/faillog.5 \
+ 	man8/faillog.8 \
+@@ -21,12 +19,8 @@ man_MANS = \
+ 	man8/grpconv.8 \
+ 	man8/grpunconv.8 \
+ 	man5/gshadow.5 \
+-	man1/login.1 \
+ 	man5/login.defs.5 \
+-	man8/logoutd.8 \
+-	man1/newgrp.1 \
+ 	man8/newusers.8 \
+-	man8/nologin.8 \
+ 	man1/passwd.1 \
+ 	man5/passwd.5 \
+ 	man8/pwck.8 \
+@@ -35,13 +29,10 @@ man_MANS = \
+ 	man1/sg.1 \
+ 	man3/shadow.3 \
+ 	man5/shadow.5 \
+-	man1/su.1 \
+ 	man5/suauth.5 \
+ 	man8/useradd.8 \
+ 	man8/userdel.8 \
+-	man8/usermod.8 \
+-	man8/vigr.8 \
+-	man8/vipw.8
++	man8/usermod.8
+ 
+ if ENABLE_LASTLOG
+ man_MANS += man8/lastlog.8
+diff --git a/man/sv/Makefile.am b/man/sv/Makefile.am
+index 70329edf..58fa80e5 100644
+--- a/man/sv/Makefile.am
++++ b/man/sv/Makefile.am
+@@ -3,7 +3,6 @@ mandir = @mandir@/sv
+ # 2012.01.28 - activate manpages with more than 50% translated messages
+ man_MANS = \
+ 	man1/chage.1 \
+-	man1/chsh.1 \
+ 	man1/expiry.1 \
+ 	man5/faillog.5 \
+ 	man8/faillog.8 \
+@@ -15,18 +14,13 @@ man_MANS = \
+ 	man1/groups.1 \
+ 	man8/grpck.8 \
+ 	man5/gshadow.5 \
+-	man8/logoutd.8 \
+-	man1/newgrp.1 \
+-	man8/nologin.8 \
+ 	man1/passwd.1 \
+ 	man5/passwd.5 \
+ 	man8/pwck.8 \
+ 	man1/sg.1 \
+ 	man3/shadow.3 \
+ 	man5/suauth.5 \
+-	man8/userdel.8 \
+-	man8/vigr.8 \
+-	man8/vipw.8
++	man8/userdel.8
+ 
+ if ENABLE_LASTLOG
+ man_MANS += man8/lastlog.8
+diff --git a/man/tr/Makefile.am b/man/tr/Makefile.am
+index 8d8b9166..4fe3632a 100644
+--- a/man/tr/Makefile.am
++++ b/man/tr/Makefile.am
+@@ -2,15 +2,12 @@ mandir = @mandir@/tr
+ 
+ man_MANS = \
+ 	man1/chage.1 \
+-	man1/chfn.1 \
+ 	man8/groupadd.8 \
+ 	man8/groupdel.8 \
+ 	man8/groupmod.8 \
+-	man1/login.1 \
+ 	man1/passwd.1 \
+ 	man5/passwd.5 \
+ 	man5/shadow.5 \
+-	man1/su.1 \
+ 	man8/useradd.8 \
+ 	man8/userdel.8 \
+ 	man8/usermod.8
+diff --git a/man/uk/Makefile.am b/man/uk/Makefile.am
+index 3fb5ffb3..e13c8fee 100644
+--- a/man/uk/Makefile.am
++++ b/man/uk/Makefile.am
+@@ -3,10 +3,8 @@ mandir = @mandir@/uk
+ 
+ man_MANS = \
+ 	man1/chage.1 \
+-	man1/chfn.1 \
+ 	man8/chgpasswd.8 \
+ 	man8/chpasswd.8 \
+-	man1/chsh.1 \
+ 	man1/expiry.1 \
+ 	man5/faillog.5 \
+ 	man8/faillog.8 \
+@@ -21,12 +19,8 @@ man_MANS = \
+ 	man8/grpconv.8 \
+ 	man8/grpunconv.8 \
+ 	man5/gshadow.5 \
+-	man1/login.1 \
+ 	man5/login.defs.5 \
+-	man8/logoutd.8 \
+-	man1/newgrp.1 \
+ 	man8/newusers.8 \
+-	man8/nologin.8 \
+ 	man1/passwd.1 \
+ 	man5/passwd.5 \
+ 	man8/pwck.8 \
+@@ -35,13 +29,10 @@ man_MANS = \
+ 	man1/sg.1 \
+ 	man3/shadow.3 \
+ 	man5/shadow.5 \
+-	man1/su.1 \
+ 	man5/suauth.5 \
+ 	man8/useradd.8 \
+ 	man8/userdel.8 \
+-	man8/usermod.8 \
+-	man8/vigr.8 \
+-	man8/vipw.8
++	man8/usermod.8
+ 
+ if ENABLE_LASTLOG
+ man_MANS += man8/lastlog.8
+diff --git a/man/zh_CN/Makefile.am b/man/zh_CN/Makefile.am
+index a8b93a56..42ad764d 100644
+--- a/man/zh_CN/Makefile.am
++++ b/man/zh_CN/Makefile.am
+@@ -3,10 +3,8 @@ mandir = @mandir@/zh_CN
+ 
+ man_MANS = \
+ 	man1/chage.1 \
+-	man1/chfn.1 \
+ 	man8/chgpasswd.8 \
+ 	man8/chpasswd.8 \
+-	man1/chsh.1 \
+ 	man1/expiry.1 \
+ 	man5/faillog.5 \
+ 	man8/faillog.8 \
+@@ -21,12 +19,8 @@ man_MANS = \
+ 	man8/grpconv.8 \
+ 	man8/grpunconv.8 \
+ 	man5/gshadow.5 \
+-	man1/login.1 \
+ 	man5/login.defs.5 \
+-	man8/logoutd.8 \
+-	man1/newgrp.1 \
+ 	man8/newusers.8 \
+-	man8/nologin.8 \
+ 	man1/passwd.1 \
+ 	man5/passwd.5 \
+ 	man8/pwck.8 \
+@@ -35,13 +29,10 @@ man_MANS = \
+ 	man1/sg.1 \
+ 	man3/shadow.3 \
+ 	man5/shadow.5 \
+-	man1/su.1 \
+ 	man5/suauth.5 \
+ 	man8/useradd.8 \
+ 	man8/userdel.8 \
+-	man8/usermod.8 \
+-	man8/vigr.8 \
+-	man8/vipw.8
++	man8/usermod.8
+ 
+ if ENABLE_LASTLOG
+ man_MANS += man8/lastlog.8
+diff --git a/man/zh_TW/Makefile.am b/man/zh_TW/Makefile.am
+index c36ed2c7..26696b67 100644
+--- a/man/zh_TW/Makefile.am
++++ b/man/zh_TW/Makefile.am
+@@ -2,15 +2,11 @@
+ mandir = @mandir@/zh_TW
+ 
+ man_MANS = \
+-	man1/chfn.1 \
+-	man1/chsh.1 \
+ 	man8/chpasswd.8 \
+-	man1/newgrp.1 \
+ 	man8/groupadd.8 \
+ 	man8/groupdel.8 \
+ 	man8/groupmod.8 \
+ 	man5/passwd.5 \
+-	man1/su.1 \
+ 	man8/useradd.8 \
+ 	man8/userdel.8 \
+ 	man8/usermod.8
+diff --git a/src/Makefile.am b/src/Makefile.am
+index fcfee9d2..0bab08a8 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -3,7 +3,7 @@ EXTRA_DIST = \
+ 	.indent.pro
+ 
+ ubindir = ${prefix}/bin
+-usbindir = ${prefix}/sbin
++usbindir = ${prefix}/bin
+ suidperms = 4755
+ sgidperms = 2755
+ 
+@@ -26,9 +26,9 @@ AM_CFLAGS = $(LIBBSD_CFLAGS)
+ # and installation would be much simpler (just two directories,
+ # $prefix/bin and $prefix/sbin, no install-data hacks...)
+ 
+-bin_PROGRAMS   = groups login
+-sbin_PROGRAMS  = nologin
+-ubin_PROGRAMS  = faillog chage chfn chsh expiry gpasswd newgrp passwd
++bin_PROGRAMS   = groups
++sbin_PROGRAMS  =
++ubin_PROGRAMS  = faillog lastlog chage expiry gpasswd newgrp passwd
+ if ENABLE_SUBIDS
+ ubin_PROGRAMS += newgidmap newuidmap
+ endif
+@@ -48,22 +48,20 @@ usbin_PROGRAMS = \
+ 	grpck \
+ 	grpconv \
+ 	grpunconv \
+-	logoutd \
+ 	newusers \
+ 	pwck \
+ 	pwconv \
+ 	pwunconv \
+ 	useradd \
+ 	userdel \
+-	usermod \
+-	vipw
++	usermod
+ 
+ # id and groups are from gnu, sulogin from sysvinit
+ noinst_PROGRAMS = id sulogin
+ 
+ suidusbins     =
+ suidbins       =
+-suidubins      = chage chfn chsh expiry gpasswd newgrp
++suidubins      = chage expiry gpasswd newgrp
+ if WITH_SU
+ suidbins      += su
+ endif
+@@ -135,18 +133,16 @@ sulogin_LDADD  = $(LDADD) $(LIBCRYPT) $(LIBECONF)
+ useradd_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) -ldl
+ userdel_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBECONF) -ldl
+ usermod_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) -ldl
+-vipw_LDADD     = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
+ 
+ install-am: all-am
+ 	$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+-	ln -sf newgrp	$(DESTDIR)$(ubindir)/sg
+-	ln -sf vipw	$(DESTDIR)$(usbindir)/vigr
+ 	set -e; for i in $(suidbins); do \
+ 		chmod $(suidperms) $(DESTDIR)$(bindir)/$$i; \
+ 	done
+ 	set -e; for i in $(suidubins); do \
+ 		chmod $(suidperms) $(DESTDIR)$(ubindir)/$$i; \
+ 	done
++	mv -v $(DESTDIR)$(ubindir)/newgrp	$(DESTDIR)$(ubindir)/sg
+ 	set -e; for i in $(suidusbins); do \
+ 		chmod $(suidperms) $(DESTDIR)$(usbindir)/$$i; \
+ 	done
+-- 
+2.42.0
+

shadow/0002-Adapt-login.defs-for-PAM-and-util-linux.patch

@@ -1,7 +1,7 @@
-From db62b53ff601451e900548dceb72f5165f362fa6 Mon Sep 17 00:00:00 2001
+From 2369841c0c287c947fa5cc685f209589c03e67c5 Mon Sep 17 00:00:00 2001
 From: David Runge <dvzrv@archlinux.org>
 Date: Mon, 31 Oct 2022 09:45:13 +0100
-Subject: [PATCH 2/4] Adapt login.defs for PAM and util-linux
+Subject: [PATCH 2/3] Adapt login.defs for PAM and util-linux
 
 etc/login.defs:
 Remove unused login.defs options, that are either irrelevant due to the
@@ -36,11 +36,18 @@ options silently ignored by shadow when built with PAM enabled):
 * ULIMIT
 
 Removed options because they are not availablbe with PAM enabled:
+* BCRYPT_MIN_ROUNDS
+* BCRYPT_MAX_ROUNDS
 * CONSOLE_GROUPS
 * CONSOLE
 * MD5_CRYPT_ENAB
 * PREVENT_NO_AUTH
 
+Removed encryption methods (`ENCRYPT_METHOD`), because they are unsafe
+or not available with PAM:
+* BCRYPT
+* MD5
+
 Removed options because they are not supported by login from util-linux:
 * ERASECHAR
 * KILLCHAR
@@ -58,12 +65,12 @@ from util-linux:
 man/login.defs.5.xml:
 Remove unavailable options from man 5 login.defs.
 ---
- etc/login.defs       | 212 +------------------------------------------
- man/login.defs.5.xml | 150 +-----------------------------
- 2 files changed, 8 insertions(+), 354 deletions(-)
+ etc/login.defs       | 228 +------------------------------------------
+ man/login.defs.5.xml | 150 +---------------------------
+ 2 files changed, 8 insertions(+), 370 deletions(-)
 
 diff --git a/etc/login.defs b/etc/login.defs
-index 114dbcd9..7c633a57 100644
+index 114dbcd9..797ca6b3 100644
 --- a/etc/login.defs
 +++ b/etc/login.defs
 @@ -3,6 +3,8 @@
@@ -295,7 +302,7 @@ index 114dbcd9..7c633a57 100644
  #
  # Which fields may be changed by regular users using chfn(1) - use
  # any combination of letters "frwh" (full name, room number, work
-@@ -298,38 +141,14 @@ CHFN_AUTH		yes
+@@ -298,38 +141,13 @@ CHFN_AUTH		yes
  #
  CHFN_RESTRICT		rwh
  
@@ -326,7 +333,7 @@ index 114dbcd9..7c633a57 100644
 -# If set to MD5, MD5-based algorithm will be used for encrypting password
  # If set to SHA256, SHA256-based algorithm will be used for encrypting password
  # If set to SHA512, SHA512-based algorithm will be used for encrypting password
- # If set to BCRYPT, BCRYPT-based algorithm will be used for encrypting password
+-# If set to BCRYPT, BCRYPT-based algorithm will be used for encrypting password
  # If set to YESCRYPT, YESCRYPT-based algorithm will be used for encrypting password
  # If set to DES, DES-based algorithm will be used for encrypting password (default)
  # MD5 and DES should not be used for new hashes, see crypt(5) for recommendations.
@@ -334,7 +341,29 @@ index 114dbcd9..7c633a57 100644
  #
  # Note: If you use PAM, it is recommended to use a value consistent with
  # the PAM modules configuration.
-@@ -381,17 +200,6 @@ CHFN_RESTRICT		rwh
+@@ -353,21 +171,6 @@ CHFN_RESTRICT		rwh
+ #SHA_CRYPT_MIN_ROUNDS 5000
+ #SHA_CRYPT_MAX_ROUNDS 5000
+ 
+-#
+-# Only works if ENCRYPT_METHOD is set to BCRYPT.
+-#
+-# Define the number of BCRYPT rounds.
+-# With a lot of rounds, it is more difficult to brute-force the password.
+-# However, more CPU resources will be needed to authenticate users if
+-# this value is increased.
+-#
+-# If not specified, 13 rounds will be attempted.
+-# If only one of the MIN or MAX values is set, then this value will be used.
+-# If MIN > MAX, the highest value will be used.
+-#
+-#BCRYPT_MIN_ROUNDS 13
+-#BCRYPT_MAX_ROUNDS 13
+-
+ #
+ # Only works if ENCRYPT_METHOD is set to YESCRYPT.
+ #
+@@ -381,17 +184,6 @@ CHFN_RESTRICT		rwh
  #
  #YESCRYPT_COST_FACTOR 5
  
@@ -352,7 +381,7 @@ index 114dbcd9..7c633a57 100644
  #
  # Should login be allowed if we can't cd to the home directory?
  # Default is no.
-@@ -406,12 +214,6 @@ DEFAULT_HOME	yes
+@@ -406,12 +198,6 @@ DEFAULT_HOME	yes
  #
  NONEXISTENT	/nonexistent
  
@@ -365,7 +394,7 @@ index 114dbcd9..7c633a57 100644
  #
  # If defined, this command is run when removing a user.
  # It should remove any at/cron/print jobs etc. owned by
-@@ -459,14 +261,6 @@ USERGROUPS_ENAB yes
+@@ -459,14 +245,6 @@ USERGROUPS_ENAB yes
  #
  #GRANT_AUX_GROUP_SUBIDS yes
  
@@ -688,5 +717,5 @@ index ab62fa86..d82c47f1 100644
    </refsect1>
  
 -- 
-2.38.1
+2.42.0
 

shadow/0003-Add-Arch-Linux-defaults-for-login.defs.patch

@@ -1,4 +1,4 @@
-From 2642dcf11171a701f1997dcd19a769bb5baec410 Mon Sep 17 00:00:00 2001
+From ac3724b1d7b8addbf33388566c506ded719fcf88 Mon Sep 17 00:00:00 2001
 From: David Runge <dvzrv@archlinux.org>
 Date: Mon, 31 Oct 2022 10:10:22 +0100
 Subject: [PATCH 3/3] Add Arch Linux defaults for login.defs

shadow/PKGBUILD

@@ -6,8 +6,8 @@
 #-----------------------------------------| DESCRIPTION |---------------------------------------
 
 pkgname=shadow
-pkgver=4.14.0
-pkgrel=04
+pkgver=4.14.1
+pkgrel=01
 pkgdesc="Password and account management tool suite with support for shadow files and PAM w/o systemd"
 url='https://github.com/shadow-maint/shadow'
 depends=(
@@ -31,10 +31,10 @@ backup=(
 )
 #options=(debug !emptydirs)
 options=('!emptydirs')
-# NOTE: distribution patches are taken from https://gitlab.archlinux.org/archlinux/packaging/upstream/shadow/-/commits/v4.13.0.arch1
+# NOTE: distribution patches are taken from https://gitlab.archlinux.org/archlinux/packaging/upstream/shadow/-/commits/v4.14.1.arch1
 source=(
   https://github.com/shadow-maint/shadow/releases/download/$pkgver/shadow-$pkgver.tar.xz{,.asc}
-  0001-Disable-replaced-tools-and-their-man-pages-and-PAM-i.patch
+  0001-Disable-replaced-tools-their-man-pages-and-PAM-integ.patch
   0002-Adapt-login.defs-for-PAM-and-util-linux.patch
   0003-Add-Arch-Linux-defaults-for-login.defs.patch
 #  0004-Add-Arch-Linux-defaults-for-etc-pam.d.patch
@@ -76,6 +76,7 @@ build() {
     --with-audit
     --with-fcaps  # use capabilities instead of setuid for setuidmap and setgidmap
     --with-group-name-max-length=32
+    --with-yescrypt
     --with-libpam  # PAM integration for chpasswd, groupmems, newusers, passwd
     --without-libbsd  # shadow can use internal implementation for getting passphrase
     --without-nscd  # we do not ship nscd anymore
@@ -122,15 +123,18 @@ arch=(x86_64)
 
 license=(BSD-3-Clause)
 
-validpgpkeys=(66D0387DB85D320F8408166DB175CFA98F192AF2)  # Serge Hallyn <sergeh@kernel.org>
+validpgpkeys=(66D0387DB85D320F8408166DB175CFA98F192AF2  # Serge Hallyn <sergeh@kernel.org>
+	  A9348594CE31283A826FBDD8D57633D441E25BB5) # Alejandro Colomar <alx@kernel.org>
 
-sha256sums=(87e1c5cc10109536132f1b4e29b6df6edc99b70f36f71ff042c2783f2fa01d4f  # shadow-4.14.0.tar.xz
-	2c5c21deaa2852ade2f96703779ba2980e45d08948899644b24e6fc986519aa6  # shadow-4.14.0.tar.xz.asc
-	7598d70f8fc71ff2a07a78b501fcc94d371b273f0cf47123a82807cca11be245  # 0001-Disable-replaced-tools-and-their-man-pages-and-PAM-i.patch
-	986562e197f1efef60b4ebab5316c388d630d171fdca74237bff864db0bf4970  # 0002-Adapt-login.defs-for-PAM-and-util-linux.patch
-	5cf3e9c0313f6b0c9f1d56e69ec51522f64f002fc0843fc6172fbfa97b8495e2  # 0003-Add-Arch-Linux-defaults-for-login.defs.patch
+sha256sums=(0141b283da9a0cd70128e9c083f1c64062686385ddaf5e64ca28de802e37e5d1  # shadow-4.14.1.tar.xz
+	d5163b318622f2eeb16aec55027ae19c3bef1c5588efa990762db787a030c949  # shadow-4.14.1.tar.xz.asc
+	ea9ea0e6e054af4d10dfa2ded18eb642de8cb73aae8890367781897b323b8f23  # 0001-Disable-replaced-tools-their-man-pages-and-PAM-integ.patch
+	a3b7d83e0a597c44268d63bb55a29ee0ab6ad4888ff19d1a8abf27e45ef07386  # 0002-Adapt-login.defs-for-PAM-and-util-linux.patch
+	65808a61c68231fbbdb8ad500402da4aca974bcdb1a2610f803b327b756dc208  # 0003-Add-Arch-Linux-defaults-for-login.defs.patch
 	29448220f2ecfeab0a1a7aae296f07ca522d0a75a5b20df30f83950f9d54531f  # shadow.sysusers
 	c2faa81b894de452e6cd23660ad7e30a4e03d6a4eacb94ff209c6e578df05e61  # shadow.tmpfiles
 	2d4b7b85ea1d5cddf93c2d636a11b0e76c1f484474449bdb018e3af0fcbd93c3) # useradd.defaults
 
-##  4ba54cd13c99736d4651ba0a12680e0037c6abad95940511b80c6491a6f586e6  shadow-4.14.0-04-x86_64.pkg.tar.lz
+##  6e0ddf45da6e8e55d05154f31522358c9250fea3f00d071b5723b0414e69cfd5  shadow-4.14.1-01-x86_64.pkg.tar.lz
+
+

shadow/PKGBUILD-arch

@@ -3,8 +3,8 @@
 # Contributor: Aaron Griffin <aaron@archlinux.org>
 
 pkgname=shadow
-pkgver=4.14.0
-pkgrel=4
+pkgver=4.14.1
+pkgrel=1
 pkgdesc="Password and account management tool suite with support for shadow files and PAM"
 arch=(x86_64)
 url="https://github.com/shadow-maint/shadow"
@@ -32,37 +32,40 @@ backup=(
   etc/pam.d/passwd
 )
 options=(!emptydirs)
-# NOTE: distribution patches are taken from https://gitlab.archlinux.org/archlinux/packaging/upstream/shadow/-/commits/v4.14.0.arch2
+# NOTE: distribution patches are taken from https://gitlab.archlinux.org/archlinux/packaging/upstream/shadow/-/commits/v4.14.1.arch1
 source=(
   $url/releases/download/$pkgver/$pkgname-$pkgver.tar.xz{,.asc}
-  0001-Disable-replaced-tools-and-their-man-pages-and-PAM-i.patch
+  0001-Disable-replaced-tools-their-man-pages-and-PAM-integ.patch
   0002-Adapt-login.defs-for-PAM-and-util-linux.patch
   0003-Add-Arch-Linux-defaults-for-login.defs.patch
   shadow.{timer,service}
   shadow.{sysusers,tmpfiles}
   useradd.defaults
 )
-sha512sums=('ff960481d576f9db5a9f10becc4e1a74c03de484ecfdcd7f1ea735fded683d7ba0f9cd895dc6a431b77e5a633752273178b1bcda4cefaa5adbf0f143c9a0c86f'
+sha512sums=('b8f16118fc2fbcf13a5a188dfe33655e8e2561f727c3f104244a219fe1f18b80424a038f224b9afc9abf6739bf65bafc1f8e5d8d4372c96231ab361d9b0184f6'
             'SKIP'
-            'ac119fd4a7867021923c54d54612499313686bb2faa957133f63c77700b8777dd87628fd4f36d4e4c1160700624a776510bc5d450ef5be1adc128552edfcb062'
-            '57166e14262df3ddcf03008a34ef603a624a31b6d40b18b9fc4d8be50fb857540dea2ffc9dab81c91bcd87bbb3b0dee381219ebd3e68f71864c64a33d5ec7b15'
-            '16c00e8ae1e4f86c9075e08b420ddd5e948345db5611390167ce08d7e3e4ec469954b255b3384d855484803ce3fa5d78c88ff8ae722c0215b692b9dece2ed6f6'
+            '2e83c7a4aad4e180ae430a6aa564307f4b740cb5a3d981b3351dd75482037b405e4f79b4eff71e68ea7413d306f2bf10904f5191d544d7cd39f3f1d71fe3723c'
+            'baaa77d63d3c954497febdc85585c17a2249c114c8b13e2162b2a99c4319eee5e1b496a25993ff036db8c520ae43d3320ec7dc97989ccc67ed832159670e3bcc'
+            '6eb7a7343a2ca0352a0787e94ca4f3a3ff1d7604969d7bd3b7367bab0a5d09e7bdeeaddb122689c5e7bf3fec0e8c19013cfad05023c4b90390023d8ed84ffe0f'
             'e4edf705dd04e088c6b561713eaa1afeb92f42ac13722bff037aede6ac5ad7d4d00828cfb677f7b1ff048db8b6788238c1ab6a71dfcfd3e02ef6cb78ae09a621'
             '2c8689b52029f6aa27d75b8b05b0b36e2fc322cab40fdfbb50cdbe331f61bc84e8db20f012cf9af3de8c4e7fdb10c2d5a4925ca1ba3b70eb5627772b94da84b3'
             '5afac4a96b599b0b8ed7be751e7160037c3beb191629928c6520bfd3f2adcd1c55c31029c92c2ff8543e6cd9e37e2cd515ba4e1789c6d66f9c93b4e7f209ee7a'
             '97a6a57c07502e02669dc1a91bffc447dba7d98d208b798d80e07de0d2fdf9d23264453978d2d3d1ba6652ca1f2e22cdadc4309c7b311e83fa71b00ad144f877'
             '706ba6e7fa8298475f2605a28daffef421c9fa8d269cbd5cbcf7f7cb795b40a24d52c20e8d0b73e29e6cd35cd7226b3e9738dc513703e87dde04c1d24087a69c')
-b2sums=('6e9a6108f856953ec91c597e46ad4f912101a829c7b3ff3389510be43f56f0a70425bd562119282d73df269df45af354e626741ad748f9c1e6f27b74a462a62c'
+b2sums=('c5f1bf09ea24e53bd96c63fde3ac04fa8360f59db5131e4a5b694eb3ddc48fb5567f50f9da3089396f9a99b8c6900e6cf4fce6b01a6e95d0fd2e2489493badb8'
         'SKIP'
-        '77b6e4bc6dc070b992728440fc29a8ed04e8f51cc7e58628f294c68bec7f102c8a80af6a41cf9a3c37d33e7a40ead4f4729f2e68412ab5606e6ecbd3008f5048'
-        'e6359de24e563564979fd0b7915a3227239a84f175cb188392097394d4d41c782100655cbd0a779b6dfde7eddcf8b314ab15eb15ca891287a820547551d54c04'
-        'fe88e173ea5531c083c1f3fb640cad1de463ce5446cb097bd30bc54e9082ba0540a57a9effd11c0779196583cf58bfc7066ab10ef4088f78c7d74928a73889b2'
+        '8d470fb197c87fba3fbf4185747e885e95bdfeb3ab23252d1afa5f07d06cd131e92ac194f569b1dada6bb775892acb39fbdf0cd79ad5dde5d6019601e909e71c'
+        'f0fd41d1776310b88ed0cc67294df5ddc2c869f967f9965d4405c978397f922db3044043a06848100f8a5676ec6b1be7c9d5a59d1ae22813367452cef9eddd9d'
+        '48a06f83cf58a2c2b8b702d1b6a5354fcb60a3acb9c9a7011d37e2c8be90cf217091a14490a9510dba3f35661964a0e398cc49e7abb0b2446acc99e86c45bbad'
         '5cfc936555aa2b2e15f8830ff83764dad6e11a80e2a102c5f2bd3b7c83db22a5457a3afdd182e3648c9d7d5bca90fa550f59576d0ac47a11a31dfb636cb18f2b'
         'a69191ab966f146c35e7e911e7e57c29fffd54436ea014aa8ffe0dd46aaf57c635d0a652b35916745c75d82b3fca7234366ea5f810b622e94730b45ec86f122c'
         '511c4ad9f3be530dc17dd68f2a3387d748dcdb84192d35f296b88f82442224477e2a74b1841ec3f107b39a5c41c2d961480e396a48d0578f8fd5f65dbe8d9f04'
         'd727923dc6ed02e90ef31f10b3427df50afbfe416bd03c6de0c341857d1bb33ab6168312bd4ba18d19d0653020fb332cbcfeeb24e668ae3916add9d01b89ccb4'
         'f743922062494fe342036b3acb8b747429eb33b1a13aa150daa4bb71a84e9c570cfcc8527a5f846e3ea7020e6f23c0b10d78cf2ba8363eea0224e4c34ea10161')
-validpgpkeys=(66D0387DB85D320F8408166DB175CFA98F192AF2)  # Serge Hallyn <sergeh@kernel.org>
+validpgpkeys=(
+  66D0387DB85D320F8408166DB175CFA98F192AF2  # Serge Hallyn <sergeh@kernel.org>
+  A9348594CE31283A826FBDD8D57633D441E25BB5  # Alejandro Colomar <alx@kernel.org>
+)
 
 prepare() {
   local filename
@@ -92,6 +95,7 @@ build() {
     --with-fcaps  # use capabilities instead of setuid for setuidmap and setgidmap
     --with-group-name-max-length=32
     --with-libpam  # PAM integration for chpasswd, groupmems, newusers, passwd
+    --with-yescrypt
     --without-libbsd  # shadow can use internal implementation for getting passphrase
     --without-nscd  # we do not ship nscd anymore
     --without-selinux