jobcore/shadow/PKGBUILD

129 lines
4.7 KiB
Bash

#!/usr/bin/bash
# JOBoRun : Jwm OpenBox Obarun RUNit
# Maintainer : Joe Bo Run <joborun@disroot.org>
# PkgSource : url="https://gittea.disroot.org/joborun-pkg/jobcore/$pkgname"
# Website : https://pozol.eu
#-----------------------------------------| DESCRIPTION |---------------------------------------
pkgname=shadow
pkgver=4.15.0
pkgrel=01
pkgdesc="Password and account management tool suite with support for shadow files and PAM w/o systemd"
url="https://github.com/shadow-maint/shadow"
depends=( glibc )
makedepends=(acl attr audit docbook-xsl itstool libcap libxcrypt libxslt pam)
backup=(
etc/default/useradd
etc/login.defs
etc/pam.d/chpasswd
etc/pam.d/groupmems
etc/pam.d/newusers
etc/pam.d/passwd
# {chage,{,ch,chg}passwd,group{add,del,mems,mod},newusers,shadow,user{add,del,mod}}
)
#options=(debug !emptydirs)
options=('!emptydirs')
# NOTE: distribution patches are taken from https://gitlab.archlinux.org/archlinux/packaging/upstream/shadow/-/commits/4.14.6.arch1
source=(
$url/releases/download/$pkgver/$pkgname-$pkgver.tar.xz{,.asc}
0001-Disable-replaced-tools-their-man-pages-and-PAM-integ.patch
0002-Adapt-login.defs-for-PAM-and-util-linux.patch
0003-Add-Arch-Linux-defaults-for-login.defs.patch
shadow.{sysusers,tmpfiles}
useradd.defaults
)
# install=shadow.install
prepare() {
local filename
cd $pkgname-$pkgver
for filename in "${source[@]}"; do
if [[ "$filename" =~ \.patch$ ]]; then
printf "Applying patch %s\n" "${filename##*/}"
patch -Np1 -i "$srcdir/${filename##*/}"
fi
done
autoreconf -fiv
}
build() {
local configure_options=(
--prefix=/usr
--bindir=/usr/bin
--sbindir=/usr/bin
--disable-account-tools-setuid # no setuid for chgpasswd, chpasswd, groupadd, groupdel, groupmod, newusers, useradd, userdel, usermod
--enable-man
--libdir=/usr/lib
--mandir=/usr/share/man
--sysconfdir=/etc
--with-audit
--with-fcaps # use capabilities instead of setuid for setuidmap and setgidmap
--with-group-name-max-length=32
--with-yescrypt
--without-bcrypt
--with-libpam # PAM integration for chpasswd, groupmems, newusers, passwd
--without-libbsd # shadow can use internal implementation for getting passphrase
--without-nscd # we do not ship nscd anymore
--without-selinux
--without-su
--without-systemd
)
cd $pkgname-$pkgver
# add extra check, preventing accidental deletion of other user's home dirs when using `userdel -r <user with home in />`
export CFLAGS="$CFLAGS -DEXTRA_CHECK_HOME_DIR"
./configure "${configure_options[@]}"
# prevent excessive overlinking due to libtool
sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool
make
}
package() {
cd $pkgname-$pkgver
depends=(acl libacl.so attr libattr.so audit libaudit.so libxcrypt libcrypt.so
pam libpam.so libpam_misc.so)
make DESTDIR="$pkgdir" install
make DESTDIR="$pkgdir" -C man install
# license
install -vDm 644 COPYING -t "$pkgdir/usr/share/licenses/$pkgname/"
# custom useradd(8) defaults (not provided by upstream)
install -vDm 600 ../useradd.defaults "$pkgdir/etc/default/useradd"
install -vDm 644 ../$pkgname.sysusers "$pkgdir/usr/lib/sysusers.d/$pkgname.conf"
install -vDm 644 ../$pkgname.tmpfiles "$pkgdir/usr/lib/tmpfiles.d/$pkgname.conf"
# adapt executables to match the modes used by tmpfiles.d, so that pacman does not complain:
chmod 750 "$pkgdir/usr/bin/groupmems"
# manually add PAM config for chpasswd and newusers: https://github.com/shadow-maint/shadow/issues/810
# install -vDm 644 etc/pam.d/{chpasswd,newusers} -t "$pkgdir/etc/pam.d/"
}
#---- arch license gpg-key & sha256sums ----
arch=(x86_64)
license=(BSD-3-Clause)
validpgpkeys=(66D0387DB85D320F8408166DB175CFA98F192AF2 # Serge Hallyn <sergeh@kernel.org>
A9348594CE31283A826FBDD8D57633D441E25BB5) # Alejandro Colomar <alx@kernel.org>
sha256sums=(e2e22c1b2a6241c9ed828387f1065b7eaa2e87c3d221550d1575cf6a35247c0d # shadow-4.15.0.tar.xz
b4135ed20a19596263668d0e5bf45c8e54ed26d6556ee231fdfba499e8114e47 # shadow-4.15.0.tar.xz.asc
22192c082687e81aacae4c89c1cd6762715c883dcbfe231796d2834195176ea3 # 0001-Disable-replaced-tools-their-man-pages-and-PAM-integ.patch
b572f6dae60b5aec57fbaa8c2448daebe9aea6750119b6799d7c1daa253f11f3 # 0002-Adapt-login.defs-for-PAM-and-util-linux.patch
50ac294e96dfed938fb4711c8cfc1ac00559eaf4c29b3b2c1c2d46255440077b # 0003-Add-Arch-Linux-defaults-for-login.defs.patch
29448220f2ecfeab0a1a7aae296f07ca522d0a75a5b20df30f83950f9d54531f # shadow.sysusers
c2faa81b894de452e6cd23660ad7e30a4e03d6a4eacb94ff209c6e578df05e61 # shadow.tmpfiles
2d4b7b85ea1d5cddf93c2d636a11b0e76c1f484474449bdb018e3af0fcbd93c3) # useradd.defaults
## 4820ee284eb933c4684f02bcab3dabb83faf4a3e4ed0128231595ed7ec3b712e shadow-4.15.0-01-x86_64.pkg.tar.lz