diff options
Diffstat (limited to 'meta/recipes-extended/shadow/shadow.inc')
-rw-r--r-- | meta/recipes-extended/shadow/shadow.inc | 129 |
1 files changed, 75 insertions, 54 deletions
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc index 4ae7a78c52..25930b64c1 100644 --- a/meta/recipes-extended/shadow/shadow.inc +++ b/meta/recipes-extended/shadow/shadow.inc | |||
@@ -1,36 +1,31 @@ | |||
1 | SUMMARY = "Tools to change and administer password and group data" | 1 | SUMMARY = "Tools to change and administer password and group data" |
2 | HOMEPAGE = "http://github.com/shadow-maint/shadow" | 2 | HOMEPAGE = "http://github.com/shadow-maint/shadow" |
3 | DESCRIPTION = "${SUMMARY}" | ||
3 | BUGTRACKER = "http://github.com/shadow-maint/shadow/issues" | 4 | BUGTRACKER = "http://github.com/shadow-maint/shadow/issues" |
4 | SECTION = "base/utils" | 5 | SECTION = "base/utils" |
5 | LICENSE = "BSD | Artistic-1.0" | 6 | LICENSE = "BSD-3-Clause" |
6 | LIC_FILES_CHKSUM = "file://COPYING;md5=ed80ff1c2b40843cf5768e5229cf16e5 \ | 7 | LIC_FILES_CHKSUM = "file://COPYING;md5=c9a450b7be84eac23e6353efecb60b5b \ |
7 | file://src/passwd.c;beginline=2;endline=30;md5=5720ff729a6ff39ecc9f64555d75f4af" | 8 | file://src/passwd.c;beginline=2;endline=7;md5=67bcf314687820b2f010d4863fce3fc5 \ |
9 | " | ||
8 | 10 | ||
9 | DEPENDS = "virtual/crypt" | 11 | DEPENDS = "virtual/crypt" |
10 | 12 | ||
11 | UPSTREAM_CHECK_URI = "https://github.com/shadow-maint/shadow/releases" | 13 | GITHUB_BASE_URI = "https://github.com/shadow-maint/shadow/releases" |
12 | SRC_URI = "https://github.com/shadow-maint/shadow/releases/download/${PV}/${BP}.tar.gz \ | 14 | SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.gz \ |
13 | file://shadow-4.1.3-dots-in-usernames.patch \ | 15 | file://0001-lib-copydir-copy_entry-use-temporary-stat-buffer.patch \ |
14 | ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \ | 16 | ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \ |
15 | file://shadow-relaxed-usernames.patch \ | 17 | file://useradd \ |
16 | " | 18 | " |
17 | 19 | ||
18 | SRC_URI_append_class-target = " \ | 20 | SRC_URI:append:class-target = " \ |
19 | file://login_defs_pam.sed \ | 21 | file://login_defs_pam.sed \ |
20 | file://shadow-update-pam-conf.patch \ | 22 | file://shadow-update-pam-conf.patch \ |
21 | " | 23 | " |
22 | 24 | ||
23 | SRC_URI_append_class-native = " \ | 25 | SRC_URI:append:class-native = " \ |
24 | file://0001-Disable-use-of-syslog-for-sysroot.patch \ | ||
25 | file://0002-Allow-for-setting-password-in-clear-text.patch \ | ||
26 | file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \ | 26 | file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \ |
27 | " | 27 | " |
28 | SRC_URI_append_class-nativesdk = " \ | 28 | SRC_URI[sha256sum] = "377fe0d7c1a0aa5e3514c08fdf5ddc70c9dcbb391678c2134445ed97326bcc26" |
29 | file://0001-Disable-use-of-syslog-for-sysroot.patch \ | ||
30 | " | ||
31 | |||
32 | SRC_URI[md5sum] = "3d97f11e66bfb0b14702b115fa8be480" | ||
33 | SRC_URI[sha256sum] = "3ee3081fbbcbcfea5c8916419e46bc724807bab271072104f23e7a29e9668f3a" | ||
34 | 29 | ||
35 | # Additional Policy files for PAM | 30 | # Additional Policy files for PAM |
36 | PAM_SRC_URI = "file://pam.d/chfn \ | 31 | PAM_SRC_URI = "file://pam.d/chfn \ |
@@ -41,22 +36,22 @@ PAM_SRC_URI = "file://pam.d/chfn \ | |||
41 | file://pam.d/passwd \ | 36 | file://pam.d/passwd \ |
42 | file://pam.d/su" | 37 | file://pam.d/su" |
43 | 38 | ||
44 | inherit autotools gettext | 39 | inherit autotools gettext github-releases pkgconfig |
45 | 40 | ||
46 | export CONFIG_SHELL="/bin/sh" | 41 | export CONFIG_SHELL="/bin/sh" |
47 | 42 | ||
48 | EXTRA_OECONF += "--without-audit \ | 43 | EXTRA_OECONF += " \ |
49 | --without-libcrack \ | ||
50 | --without-selinux \ | ||
51 | --with-group-name-max-length=24 \ | 44 | --with-group-name-max-length=24 \ |
52 | --enable-subordinate-ids=yes \ | 45 | --enable-subordinate-ids=yes \ |
53 | --without-sssd \ | 46 | --without-sssd \ |
54 | ${NSCDOPT}" | 47 | ${NSCDOPT}" |
55 | 48 | ||
49 | CFLAGS:append:libc-musl = " -DLIBBSD_OVERLAY" | ||
50 | |||
56 | NSCDOPT = "" | 51 | NSCDOPT = "" |
57 | NSCDOPT_class-native = "--without-nscd" | 52 | NSCDOPT:class-native = "--without-nscd" |
58 | NSCDOPT_class-nativesdk = "--without-nscd" | 53 | NSCDOPT:class-nativesdk = "--without-nscd" |
59 | NSCDOPT_libc-glibc = "--with-nscd" | 54 | NSCDOPT:libc-glibc = "--with-nscd" |
60 | 55 | ||
61 | PAM_PLUGINS = "libpam-runtime \ | 56 | PAM_PLUGINS = "libpam-runtime \ |
62 | pam-plugin-faildelay \ | 57 | pam-plugin-faildelay \ |
@@ -65,27 +60,28 @@ PAM_PLUGINS = "libpam-runtime \ | |||
65 | pam-plugin-env \ | 60 | pam-plugin-env \ |
66 | pam-plugin-group \ | 61 | pam-plugin-group \ |
67 | pam-plugin-limits \ | 62 | pam-plugin-limits \ |
68 | pam-plugin-lastlog \ | ||
69 | pam-plugin-motd \ | 63 | pam-plugin-motd \ |
70 | pam-plugin-mail \ | 64 | pam-plugin-mail \ |
71 | pam-plugin-shells \ | 65 | pam-plugin-shells \ |
72 | pam-plugin-rootok" | 66 | pam-plugin-rootok" |
73 | 67 | ||
74 | PAM_PLUGINS_remove_libc-musl = "pam-plugin-lastlog" | ||
75 | |||
76 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ | 68 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ |
77 | ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)}" | 69 | ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)}" |
78 | PACKAGECONFIG_class-native ??= "${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)}" | 70 | PACKAGECONFIG:class-native ??= "${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)} libbsd" |
79 | PACKAGECONFIG_class-nativesdk = "" | 71 | PACKAGECONFIG:class-nativesdk = "" |
80 | PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam,${PAM_PLUGINS}" | 72 | PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam,${PAM_PLUGINS}" |
81 | PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr" | 73 | PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr" |
82 | PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl" | 74 | PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl" |
75 | PACKAGECONFIG[audit] = "--with-audit,--without-audit,audit" | ||
76 | PACKAGECONFIG[selinux] = "--with-selinux,--without-selinux,libselinux libsemanage" | ||
77 | PACKAGECONFIG[libbsd] = "--with-libbsd,--without-libbsd,libbsd" | ||
78 | PACKAGECONFIG[logind] = "--enable-logind,--disable-logind,systemd" | ||
83 | 79 | ||
84 | RDEPENDS_${PN} = "shadow-securetty \ | 80 | RDEPENDS:${PN} = "shadow-securetty \ |
85 | base-passwd \ | 81 | base-passwd \ |
86 | util-linux-sulogin" | 82 | util-linux-sulogin" |
87 | RDEPENDS_${PN}_class-native = "" | 83 | RDEPENDS:${PN}:class-native = "" |
88 | RDEPENDS_${PN}_class-nativesdk = "" | 84 | RDEPENDS:${PN}:class-nativesdk = "" |
89 | 85 | ||
90 | do_install() { | 86 | do_install() { |
91 | oe_runmake DESTDIR="${D}" sbindir="${base_sbindir}" usbindir="${sbindir}" install | 87 | oe_runmake DESTDIR="${D}" sbindir="${base_sbindir}" usbindir="${sbindir}" install |
@@ -114,26 +110,22 @@ do_install() { | |||
114 | # Use proper encryption for passwords | 110 | # Use proper encryption for passwords |
115 | sed -i 's/^#ENCRYPT_METHOD.*$/ENCRYPT_METHOD SHA512/' ${D}${sysconfdir}/login.defs | 111 | sed -i 's/^#ENCRYPT_METHOD.*$/ENCRYPT_METHOD SHA512/' ${D}${sysconfdir}/login.defs |
116 | 112 | ||
117 | # Now we don't have a mail system. Disable mail creation for now. | 113 | install -d ${D}${sysconfdir}/default |
118 | sed -i 's:/bin/bash:/bin/sh:g' ${D}${sysconfdir}/default/useradd | 114 | install -m 0644 ${UNPACKDIR}/useradd ${D}${sysconfdir}/default |
119 | sed -i '/^CREATE_MAIL_SPOOL/ s:^:#:' ${D}${sysconfdir}/default/useradd | ||
120 | |||
121 | # Use users group by default | ||
122 | sed -i 's,^GROUP=1000,GROUP=100,g' ${D}${sysconfdir}/default/useradd | ||
123 | } | 115 | } |
124 | 116 | ||
125 | do_install_append() { | 117 | do_install:append() { |
126 | # Ensure that the image has as a /var/spool/mail dir so shadow can | 118 | # Ensure that the image has as a /var/spool/mail dir so shadow can |
127 | # put mailboxes there if the user reconfigures shadow to its | 119 | # put mailboxes there if the user reconfigures shadow to its |
128 | # defaults (see sed below). | 120 | # defaults (see sed below). |
129 | install -m 0775 -d ${D}${localstatedir}/spool/mail | 121 | install -m 0775 -d ${D}${localstatedir}/spool/mail |
130 | chown root:mail ${D}${localstatedir}/spool/mail | 122 | chown root:mail ${D}${localstatedir}/spool/mail |
131 | 123 | ||
132 | if [ -e ${WORKDIR}/pam.d ]; then | 124 | if [ -e ${UNPACKDIR}/pam.d ]; then |
133 | install -d ${D}${sysconfdir}/pam.d/ | 125 | install -d ${D}${sysconfdir}/pam.d/ |
134 | install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/ | 126 | install -m 0644 ${UNPACKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/ |
135 | # Remove defaults that are not used when supporting PAM. | 127 | # Remove defaults that are not used when supporting PAM. |
136 | sed -i -f ${WORKDIR}/login_defs_pam.sed ${D}${sysconfdir}/login.defs | 128 | sed -i -f ${UNPACKDIR}/login_defs_pam.sed ${D}${sysconfdir}/login.defs |
137 | fi | 129 | fi |
138 | 130 | ||
139 | install -d ${D}${sbindir} ${D}${base_sbindir} ${D}${base_bindir} | 131 | install -d ${D}${sbindir} ${D}${base_sbindir} ${D}${base_bindir} |
@@ -152,10 +144,40 @@ do_install_append() { | |||
152 | # Handle link properly after rename, otherwise missing files would | 144 | # Handle link properly after rename, otherwise missing files would |
153 | # lead rpm failed dependencies. | 145 | # lead rpm failed dependencies. |
154 | ln -sf newgrp.${BPN} ${D}${bindir}/sg | 146 | ln -sf newgrp.${BPN} ${D}${bindir}/sg |
147 | |||
148 | # usermod requires the subuid/subgid files to be in place before being | ||
149 | # able to use the -v/-V flags otherwise it fails: | ||
150 | # usermod: /etc/subuid does not exist, you cannot use the flags -v or -V | ||
151 | install -d ${D}${sysconfdir} | ||
152 | touch ${D}${sysconfdir}/subuid | ||
153 | touch ${D}${sysconfdir}/subgid | ||
154 | } | ||
155 | |||
156 | # Make executables look for dynamically linked libraries in a custom location, and install | ||
157 | # the needed libraries there. That way we can use them from sstate | ||
158 | # in setscene tasks without worrying about the dependency libraries being available. | ||
159 | do_install:append:class-native() { | ||
160 | binaries=$(find ${D}${base_bindir}/ ${D}${base_sbindir}/ ${D}${bindir}/ ${D}${sbindir}/ -executable -type f) | ||
161 | chrpath -k -r ${STAGING_DIR_NATIVE}/lib-shadow-deps $binaries | ||
162 | mkdir -p ${D}${STAGING_DIR_NATIVE}/lib-shadow-deps/ | ||
163 | libattr=${@bb.utils.contains('DISTRO_FEATURES', 'xattr', "${STAGING_LIBDIR_NATIVE}/libattr.so.*", '', d)} | ||
164 | install $libattr ${STAGING_LIBDIR_NATIVE}/libbsd.so.* ${STAGING_LIBDIR_NATIVE}/libmd.so.* ${D}${STAGING_DIR_NATIVE}/lib-shadow-deps/ | ||
165 | install ${D}${libdir}/*.so.* ${D}${STAGING_DIR_NATIVE}/lib-shadow-deps/ | ||
166 | } | ||
167 | |||
168 | SYSROOT_DIRS:append:class-native = " ${STAGING_DIR_NATIVE}/lib-shadow-deps/" | ||
169 | INSANE_SKIP:${PN}:class-native = "already-stripped" | ||
170 | |||
171 | do_install:append:class-nativesdk() { | ||
172 | oe_runmake -C ${B}/man DESTDIR="${D}" sbindir="${base_sbindir}" usbindir="${sbindir}" install-man | ||
173 | } | ||
174 | |||
175 | do_install:append:class-target() { | ||
176 | oe_runmake -C ${B}/man DESTDIR="${D}" sbindir="${base_sbindir}" usbindir="${sbindir}" install-man | ||
155 | } | 177 | } |
156 | 178 | ||
157 | PACKAGES =+ "${PN}-base" | 179 | PACKAGES =+ "${PN}-base" |
158 | FILES_${PN}-base = "\ | 180 | FILES:${PN}-base = "\ |
159 | ${base_bindir}/login.shadow \ | 181 | ${base_bindir}/login.shadow \ |
160 | ${base_bindir}/su.shadow \ | 182 | ${base_bindir}/su.shadow \ |
161 | ${bindir}/sg \ | 183 | ${bindir}/sg \ |
@@ -165,31 +187,30 @@ FILES_${PN}-base = "\ | |||
165 | ${sysconfdir}/pam.d/su \ | 187 | ${sysconfdir}/pam.d/su \ |
166 | ${sysconfdir}/login.defs \ | 188 | ${sysconfdir}/login.defs \ |
167 | " | 189 | " |
168 | RDEPENDS_${PN} += "${PN}-base" | 190 | RDEPENDS:${PN} += "${PN}-base" |
169 | 191 | ||
170 | inherit update-alternatives | 192 | inherit update-alternatives |
171 | 193 | ||
172 | ALTERNATIVE_PRIORITY = "200" | 194 | ALTERNATIVE_PRIORITY = "200" |
173 | 195 | ||
174 | ALTERNATIVE_${PN} = "passwd chfn chsh chpasswd vipw vigr nologin" | 196 | ALTERNATIVE:${PN} = "passwd chfn chsh chpasswd vipw vigr nologin" |
197 | ALTERNATIVE_LINK_NAME[chfn] = "${bindir}/chfn" | ||
198 | ALTERNATIVE_LINK_NAME[chsh] = "${bindir}/chsh" | ||
175 | ALTERNATIVE_LINK_NAME[chpasswd] = "${sbindir}/chpasswd" | 199 | ALTERNATIVE_LINK_NAME[chpasswd] = "${sbindir}/chpasswd" |
176 | ALTERNATIVE_LINK_NAME[vipw] = "${base_sbindir}/vipw" | 200 | ALTERNATIVE_LINK_NAME[vipw] = "${base_sbindir}/vipw" |
177 | ALTERNATIVE_LINK_NAME[vigr] = "${base_sbindir}/vigr" | 201 | ALTERNATIVE_LINK_NAME[vigr] = "${base_sbindir}/vigr" |
178 | ALTERNATIVE_LINK_NAME[nologin] = "${base_sbindir}/nologin" | 202 | ALTERNATIVE_LINK_NAME[nologin] = "${base_sbindir}/nologin" |
179 | 203 | ||
180 | ALTERNATIVE_${PN}-base = "newgrp groups login su" | 204 | ALTERNATIVE:${PN}-doc = "chfn.1 chsh.1" |
205 | ALTERNATIVE_LINK_NAME[chfn.1] = "${mandir}/man1/chfn.1" | ||
206 | ALTERNATIVE_LINK_NAME[chsh.1] = "${mandir}/man1/chsh.1" | ||
207 | |||
208 | ALTERNATIVE:${PN}-base = "newgrp groups login su" | ||
181 | ALTERNATIVE_LINK_NAME[login] = "${base_bindir}/login" | 209 | ALTERNATIVE_LINK_NAME[login] = "${base_bindir}/login" |
182 | ALTERNATIVE_LINK_NAME[su] = "${base_bindir}/su" | 210 | ALTERNATIVE_LINK_NAME[su] = "${base_bindir}/su" |
183 | 211 | ||
184 | ALTERNATIVE_${PN}-doc = "passwd.5 getspnam.3 groups.1 su.1 nologin.8" | ||
185 | ALTERNATIVE_LINK_NAME[passwd.5] = "${mandir}/man5/passwd.5" | ||
186 | ALTERNATIVE_LINK_NAME[getspnam.3] = "${mandir}/man3/getspnam.3" | ||
187 | ALTERNATIVE_LINK_NAME[groups.1] = "${mandir}/man1/groups.1" | ||
188 | ALTERNATIVE_LINK_NAME[su.1] = "${mandir}/man1/su.1" | ||
189 | ALTERNATIVE_LINK_NAME[nologin.8] = "${mandir}/man8/nologin.8" | ||
190 | |||
191 | PACKAGE_WRITE_DEPS += "shadow-native" | 212 | PACKAGE_WRITE_DEPS += "shadow-native" |
192 | pkg_postinst_${PN}_class-target () { | 213 | pkg_postinst:${PN}:class-target () { |
193 | if [ "x$D" != "x" ]; then | 214 | if [ "x$D" != "x" ]; then |
194 | rootarg="--root $D" | 215 | rootarg="--root $D" |
195 | else | 216 | else |