1 files changed, 131 insertions, 8 deletions
diff --git a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb b/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
index c8aa223b65..930ef3d04d 100644
--- a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
+++ b/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
@@ -1,14 +1,137 @@
-require shadow.inc
+SUMMARY = "Tools to change and administer password and group data"
+DESCRIPTION = "Tools to change and administer password and group data"
+HOMEPAGE = "http://pkg-shadow.alioth.debian.org"
+BUGTRACKER = "https://alioth.debian.org/tracker/?group_id=30580"
+SECTION = "base utils"
+PRIORITY = "optional"
+LICENSE = "BSD | Artistic"
+LIC_FILES_CHKSUM = "file://COPYING;md5=08c553a87d4e51bbed50b20e0adcaede \
+                    file://src/passwd.c;firstline=8;endline=30;md5=2899a045e90511d0e043b85a7db7e2fe"
-PR = "r1"
+DEPENDS = "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
+RDEPENDS_${PN} = "${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_PLUGINS}', '', d)}"
+PR = "r2"
-SRC_URI += "file://shadow.automake-1.11.patch \
+SRC_URI = "ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz2 \
-            file://shadow-4.1.3-dots-in-usernames.patch \
+           file://login_defs_pam.sed \
-            file://shadow-4.1.4.2-env-reset-keep-locale.patch \
+           ${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
-            file://shadow-4.1.4.2-groupmod-pam-check.patch \
+           file://securetty \
-            file://shadow-4.1.4.2-su_no_sanitize_env.patch"
+           file://shadow.automake-1.11.patch \
+           file://shadow-4.1.3-dots-in-usernames.patch \
+           file://shadow-4.1.4.2-env-reset-keep-locale.patch \
+           file://shadow-4.1.4.2-groupmod-pam-check.patch \
+           file://shadow-4.1.4.2-su_no_sanitize_env.patch"
 SRC_URI[md5sum] = "b8608d8294ac88974f27b20f991c0e79"
 SRC_URI[sha256sum] = "633f5bb4ea0c88c55f3642c97f9d25cbef74f82e0b4cf8d54e7ad6f9f9caa778"
-EXTRA_OECONF_libc-uclibc += " --with-nscd=no "
+inherit autotools gettext
+# Since we deduce our arch from ${SERIAL_CONSOLE}
+PACKAGE_ARCH = "${MACHINE_ARCH}"
+EXTRA_OECONF += "--without-audit \
+                 --without-libcrack \
+                 ${@base_contains('DISTRO_FEATURES', 'pam', '--with-libpam', '--without-libpam', d)} \
+                 --without-selinux"
+EXTRA_OECONF_libc-uclibc += "--with-nscd=no"
+PAM_PLUGINS = "libpam-runtime \
+               pam-plugin-faildelay \
+               pam-plugin-securetty \
+               pam-plugin-nologin \
+               pam-plugin-env \
+               pam-plugin-group \
+               pam-plugin-limits \
+               pam-plugin-lastlog \
+               pam-plugin-motd \
+               pam-plugin-mail \
+               pam-plugin-shells \
+               pam-plugin-rootok"
+# Additional Policy files for PAM
+PAM_SRC_URI = "file://pam.d/chfn \
+               file://pam.d/chpasswd \
+               file://pam.d/chsh \
+               file://pam.d/login \
+               file://pam.d/newusers \
+               file://pam.d/passwd \
+               file://pam.d/su"
+do_install_append() {
+        # Ensure that the image has as a /var/spool/mail dir so shadow can
+        # put mailboxes there if the user reconfigures shadow to its
+        # defaults (see sed below).
+        install -d ${D}${localstatedir}/spool/mail
+        if [ -e ${WORKDIR}/pam.d ]; then
+                install -d ${D}${sysconfdir}/pam.d/
+                install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
+                # Remove defaults that are not used when supporting PAM.
+                sed -i -f ${WORKDIR}/login_defs_pam.sed ${D}${sysconfdir}/login.defs
+        fi
+        # Enable CREATE_HOME by default.
+        sed -i 's/#CREATE_HOME/CREATE_HOME/g' ${D}${sysconfdir}/login.defs
+        # As we are on an embedded system, ensure the users mailbox is in
+        # ~/ not /var/spool/mail by default, as who knows where or how big
+        # /var is. The system MDA will set this later anyway.
+        sed -i 's/MAIL_DIR/#MAIL_DIR/g' ${D}${sysconfdir}/login.defs
+        sed -i 's/#MAIL_FILE/MAIL_FILE/g' ${D}${sysconfdir}/login.defs
+        # Disable checking emails.
+        sed -i 's/MAIL_CHECK_ENAB/#MAIL_CHECK_ENAB/g' ${D}${sysconfdir}/login.defs
+        # Now we don't have a mail system. Disable mail creation for now.
+        sed -i 's:/bin/bash:/bin/sh:g' ${D}${sysconfdir}/default/useradd
+        sed -i '/^CREATE_MAIL_SPOOL/ s:^:#:' ${D}${sysconfdir}/default/useradd
+        install -d ${D}${sbindir} ${D}${base_sbindir} ${D}${base_bindir} 
+        for i in passwd chfn newgrp chsh ; do
+                mv ${D}${bindir}/$i ${D}${bindir}/$i.${PN}
+        done
+        mv ${D}${sbindir}/chpasswd ${D}${sbindir}/chpasswd.${PN}
+        mv ${D}${sbindir}/vigr ${D}${base_sbindir}/vigr.${PN}
+        mv ${D}${sbindir}/vipw ${D}${base_sbindir}/vipw.${PN}
+        mv ${D}${bindir}/login ${D}${base_bindir}/login.${PN}
+        # Ensure we add a suitable securetty file to the package that has
+        # most common embedded TTYs defined.
+        if [ ! -z "${SERIAL_CONSOLE}" ]; then
+                # Our SERIAL_CONSOLE contains a baud rate and sometimes a -L
+                # option as well. The following pearl :) takes that and converts
+                # it into newline-separated tty's and appends them into
+                # securetty. So if a machine has a weird looking console device
+                # node (e.g. ttyAMA0) that securetty does not know, it will get
+                # appended to securetty and root logins will be allowed on that
+                # console.
+                echo "${SERIAL_CONSOLE}" | sed -e 's/[0-9][0-9]\|\-L//g'|tr "[ ]" "[\n]"  >> ${WORKDIR}/securetty
+        fi
+        install -m 0400 ${WORKDIR}/securetty ${D}${sysconfdir}/securetty 
+}
+pkg_postinst_${PN} () {
+        update-alternatives --install ${bindir}/passwd passwd passwd.${PN} 200
+        update-alternatives --install ${sbindir}/chpasswd chpasswd chpasswd.${PN} 200
+        update-alternatives --install ${bindir}/chfn chfn chfn.${PN} 200
+        update-alternatives --install ${bindir}/newgrp newgrp newgrp.${PN} 200
+        update-alternatives --install ${bindir}/chsh chsh chsh.${PN} 200
+        update-alternatives --install ${base_bindir}/login login login.${PN} 200
+        update-alternatives --install ${base_sbindir}/vipw vipw vipw.${PN} 200
+        update-alternatives --install ${base_sbindir}/vigr vigr vigr.${PN} 200
+        if [ "x$D" != "x" ]; then
+                exit 1
+        fi  
+        pwconv
+        grpconv
+}
+pkg_prerm_${PN} () {
+        for i in passwd chpasswd chfn newgrp chsh login vipw vigr ; do
+                update-alternatives --remove $i $i.${PN}
+        done
+}

diff --git a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb b/meta/recipes-extended/shadow/shadow_4.1.4.3.bb index c8aa223b65..930ef3d04d 100644 --- a/meta/recipes-extended/shadow/shadow_4.1.4.3.bb +++ b/meta/recipes-extended/shadow/shadow_4.1.4.3.bb
@@ -1,14 +1,137 @@
1	require shadow.inc	1	SUMMARY = "Tools to change and administer password and group data"
		2	DESCRIPTION = "Tools to change and administer password and group data"
		3	HOMEPAGE = "http://pkg-shadow.alioth.debian.org"
		4	BUGTRACKER = "https://alioth.debian.org/tracker/?group_id=30580"
		5	SECTION = "base utils"
		6	PRIORITY = "optional"
		7	LICENSE = "BSD \| Artistic"
		8	LIC_FILES_CHKSUM = "file://COPYING;md5=08c553a87d4e51bbed50b20e0adcaede \
		9	file://src/passwd.c;firstline=8;endline=30;md5=2899a045e90511d0e043b85a7db7e2fe"
2		10
3	PR = "r1"	11	DEPENDS = "${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
		12	RDEPENDS_${PN} = "${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_PLUGINS}', '', d)}"
		13	PR = "r2"
4		14
5	SRC_URI += "file://shadow.automake-1.11.patch \	15	SRC_URI = "ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz2 \
6	file://shadow-4.1.3-dots-in-usernames.patch \	16	file://login_defs_pam.sed \
7	file://shadow-4.1.4.2-env-reset-keep-locale.patch \	17	${@base_contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
8	file://shadow-4.1.4.2-groupmod-pam-check.patch \	18	file://securetty \
9	file://shadow-4.1.4.2-su_no_sanitize_env.patch"	19	file://shadow.automake-1.11.patch \
		20	file://shadow-4.1.3-dots-in-usernames.patch \
		21	file://shadow-4.1.4.2-env-reset-keep-locale.patch \
		22	file://shadow-4.1.4.2-groupmod-pam-check.patch \
		23	file://shadow-4.1.4.2-su_no_sanitize_env.patch"
10		24
11	SRC_URI[md5sum] = "b8608d8294ac88974f27b20f991c0e79"	25	SRC_URI[md5sum] = "b8608d8294ac88974f27b20f991c0e79"
12	SRC_URI[sha256sum] = "633f5bb4ea0c88c55f3642c97f9d25cbef74f82e0b4cf8d54e7ad6f9f9caa778"	26	SRC_URI[sha256sum] = "633f5bb4ea0c88c55f3642c97f9d25cbef74f82e0b4cf8d54e7ad6f9f9caa778"
13		27
14	EXTRA_OECONF_libc-uclibc += " --with-nscd=no "	28	inherit autotools gettext
		29
		30	# Since we deduce our arch from ${SERIAL_CONSOLE}
		31	PACKAGE_ARCH = "${MACHINE_ARCH}"
		32
		33	EXTRA_OECONF += "--without-audit \
		34	--without-libcrack \
		35	${@base_contains('DISTRO_FEATURES', 'pam', '--with-libpam', '--without-libpam', d)} \
		36	--without-selinux"
		37	EXTRA_OECONF_libc-uclibc += "--with-nscd=no"
		38
		39	PAM_PLUGINS = "libpam-runtime \
		40	pam-plugin-faildelay \
		41	pam-plugin-securetty \
		42	pam-plugin-nologin \
		43	pam-plugin-env \
		44	pam-plugin-group \
		45	pam-plugin-limits \
		46	pam-plugin-lastlog \
		47	pam-plugin-motd \
		48	pam-plugin-mail \
		49	pam-plugin-shells \
		50	pam-plugin-rootok"
		51
		52	# Additional Policy files for PAM
		53	PAM_SRC_URI = "file://pam.d/chfn \
		54	file://pam.d/chpasswd \
		55	file://pam.d/chsh \
		56	file://pam.d/login \
		57	file://pam.d/newusers \
		58	file://pam.d/passwd \
		59	file://pam.d/su"
		60
		61	do_install_append() {
		62	# Ensure that the image has as a /var/spool/mail dir so shadow can
		63	# put mailboxes there if the user reconfigures shadow to its
		64	# defaults (see sed below).
		65	install -d ${D}${localstatedir}/spool/mail
		66
		67	if [ -e ${WORKDIR}/pam.d ]; then
		68	install -d ${D}${sysconfdir}/pam.d/
		69	install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
		70	# Remove defaults that are not used when supporting PAM.
		71	sed -i -f ${WORKDIR}/login_defs_pam.sed ${D}${sysconfdir}/login.defs
		72	fi
		73
		74	# Enable CREATE_HOME by default.
		75	sed -i 's/#CREATE_HOME/CREATE_HOME/g' ${D}${sysconfdir}/login.defs
		76
		77	# As we are on an embedded system, ensure the users mailbox is in
		78	# ~/ not /var/spool/mail by default, as who knows where or how big
		79	# /var is. The system MDA will set this later anyway.
		80	sed -i 's/MAIL_DIR/#MAIL_DIR/g' ${D}${sysconfdir}/login.defs
		81	sed -i 's/#MAIL_FILE/MAIL_FILE/g' ${D}${sysconfdir}/login.defs
		82
		83	# Disable checking emails.
		84	sed -i 's/MAIL_CHECK_ENAB/#MAIL_CHECK_ENAB/g' ${D}${sysconfdir}/login.defs
		85
		86	# Now we don't have a mail system. Disable mail creation for now.
		87	sed -i 's:/bin/bash:/bin/sh:g' ${D}${sysconfdir}/default/useradd
		88	sed -i '/^CREATE_MAIL_SPOOL/ s:^:#:' ${D}${sysconfdir}/default/useradd
		89
		90	install -d ${D}${sbindir} ${D}${base_sbindir} ${D}${base_bindir}
		91	for i in passwd chfn newgrp chsh ; do
		92	mv ${D}${bindir}/$i ${D}${bindir}/$i.${PN}
		93	done
		94
		95	mv ${D}${sbindir}/chpasswd ${D}${sbindir}/chpasswd.${PN}
		96	mv ${D}${sbindir}/vigr ${D}${base_sbindir}/vigr.${PN}
		97	mv ${D}${sbindir}/vipw ${D}${base_sbindir}/vipw.${PN}
		98	mv ${D}${bindir}/login ${D}${base_bindir}/login.${PN}
		99
		100	# Ensure we add a suitable securetty file to the package that has
		101	# most common embedded TTYs defined.
		102	if [ ! -z "${SERIAL_CONSOLE}" ]; then
		103	# Our SERIAL_CONSOLE contains a baud rate and sometimes a -L
		104	# option as well. The following pearl :) takes that and converts
		105	# it into newline-separated tty's and appends them into
		106	# securetty. So if a machine has a weird looking console device
		107	# node (e.g. ttyAMA0) that securetty does not know, it will get
		108	# appended to securetty and root logins will be allowed on that
		109	# console.
		110	echo "${SERIAL_CONSOLE}" \| sed -e 's/[0-9][0-9]\\|\-L//g'\|tr "[ ]" "[\n]" >> ${WORKDIR}/securetty
		111	fi
		112	install -m 0400 ${WORKDIR}/securetty ${D}${sysconfdir}/securetty
		113	}
		114
		115	pkg_postinst_${PN} () {
		116	update-alternatives --install ${bindir}/passwd passwd passwd.${PN} 200
		117	update-alternatives --install ${sbindir}/chpasswd chpasswd chpasswd.${PN} 200
		118	update-alternatives --install ${bindir}/chfn chfn chfn.${PN} 200
		119	update-alternatives --install ${bindir}/newgrp newgrp newgrp.${PN} 200
		120	update-alternatives --install ${bindir}/chsh chsh chsh.${PN} 200
		121	update-alternatives --install ${base_bindir}/login login login.${PN} 200
		122	update-alternatives --install ${base_sbindir}/vipw vipw vipw.${PN} 200
		123	update-alternatives --install ${base_sbindir}/vigr vigr vigr.${PN} 200
		124
		125	if [ "x$D" != "x" ]; then
		126	exit 1
		127	fi
		128
		129	pwconv
		130	grpconv
		131	}
		132
		133	pkg_prerm_${PN} () {
		134	for i in passwd chpasswd chfn newgrp chsh login vipw vigr ; do
		135	update-alternatives --remove $i $i.${PN}
		136	done
		137	}