From 9aa67f974b72ff85515fedaf5f6b18dcbdc55bc1 Mon Sep 17 00:00:00 2001
From: Jakub Jirutka <jakub@jirutka.cz>
Date: Sun, 19 Dec 2021 22:22:21 +0100
Subject: [PATCH] community/shadow: upgrade to 4.10

---
 community/shadow/APKBUILD                     | 47 +++++++++++--------
 ...h => chkname-allow-dots-in-username.patch} |  7 ++-
 community/shadow/defaults.patch               | 12 -----
 community/shadow/pam-useradd.patch            |  9 ----
 community/shadow/useradd-defaults.patch       | 22 +++++++++
 community/shadow/useradd.pamd                 |  4 ++
 6 files changed, 56 insertions(+), 45 deletions(-)
 rename community/shadow/{dots-in-usernames.patch => chkname-allow-dots-in-username.patch} (70%)
 delete mode 100644 community/shadow/defaults.patch
 delete mode 100644 community/shadow/pam-useradd.patch
 create mode 100644 community/shadow/useradd-defaults.patch
 create mode 100644 community/shadow/useradd.pamd

diff --git a/community/shadow/APKBUILD b/community/shadow/APKBUILD
index 80b101e8035..6eb0810b68f 100644
--- a/community/shadow/APKBUILD
+++ b/community/shadow/APKBUILD
@@ -1,21 +1,27 @@
 # Contributor: Jakub Jirutka <jakub@jirutka.cz>
 # Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
 pkgname=shadow
-pkgver=4.8.1
-pkgrel=1
+pkgver=4.10
+pkgrel=0
 pkgdesc="PAM-using login and passwd utilities (usermod, useradd, ...)"
-url="http://pkg-shadow.alioth.debian.org/"
+url="https://github.com/shadow-maint/shadow"
 arch="all"
 license="BSD-3-Clause"
 options="suid"
 makedepends="linux-pam-dev libcap-dev"
-subpackages="$pkgname-doc $pkgname-dbg $pkgname-uidmap"
-source="https://github.com/shadow-maint/shadow/releases/download/$pkgver/shadow-$pkgver.tar.xz
+subpackages="
+	$pkgname-dbg
+	$pkgname-dev
+	$pkgname-libs
+	$pkgname-doc
+	$pkgname-uidmap
+	"
+source="https://github.com/shadow-maint/shadow/releases/download/v$pkgver/shadow-$pkgver.tar.xz
+	useradd-defaults.patch
+	chkname-allow-dots-in-username.patch
 	chpasswd.pamd
 	login.pamd
-	defaults.patch
-	dots-in-usernames.patch
-	pam-useradd.patch
+	useradd.pamd
 	"
 # secfixes:
 #   4.5-r0:
@@ -26,6 +32,7 @@ source="https://github.com/shadow-maint/shadow/releases/download/$pkgver/shadow-
 #     - CVE-2016-6252
 
 build() {
+	# --without-su - su(1) is deprecated since 4.10 in favour of su(1) from util-linux
 	./configure \
 		--build=$CBUILD \
 		--host=$CHOST \
@@ -33,7 +40,6 @@ build() {
 		--prefix=/usr \
 		--sysconfdir=/etc \
 		--mandir=/usr/share/man \
-		--infodir=/usr/share/info \
 		--localstatedir=/var \
 		--disable-nls \
 		--without-audit \
@@ -53,17 +59,11 @@ check() {
 
 package() {
 	make DESTDIR="$pkgdir" install
+	make -C man DESTDIR="$pkgdir" install-man
 
 	# Do not install these pam.d files they are broken and outdated.
 	rm "$pkgdir"/etc/pam.d/*
 
-	# Install some pam.d files based on a patched useradd.
-	local f; for f in groupadd groupdel groupmems groupmod \
-		useradd userdel usermod newusers
-	do
-		install -m0644 etc/pam.d/useradd "$pkgdir"/etc/pam.d/$f
-	done
-
 	cd "$pkgdir"
 
 	# nologin is provided by util-linux.
@@ -77,6 +77,12 @@ package() {
 	rm usr/share/man/man3/getspnam.3*
 	rm usr/share/man/man5/passwd.5*
 
+	local f; for f in groupadd groupdel groupmems groupmod \
+		useradd userdel usermod newusers
+	do
+		install -m0644 "$srcdir"/useradd.pamd etc/pam.d/$f
+	done
+
 	# Install our own for login.
 	install -m644 "$srcdir"/login.pamd etc/pam.d/login
 
@@ -98,16 +104,17 @@ package() {
 uidmap() {
 	pkgdesc="Utilities for using subordinate UIDs and GIDs"
 
+	amove bin/getsubids
 	amove usr/bin/new*idmap
 	amove etc/subuid
 	amove etc/subgid
 }
 
 sha512sums="
-780a983483d847ed3c91c82064a0fa902b6f4185225978241bc3bc03fcc3aa143975b46aee43151c6ba43efcfdb1819516b76ba7ad3d1d3c34fcc38ea42e917b  shadow-4.8.1.tar.xz
+39ffc1863d1f84aa39a2983c08e5adb93642b09e3e5e65c1c4e8a342207a79201b199e518e3701726014c7cb736977ef275d2dc1c659b5776183ae73978357da  shadow-4.10.tar.xz
+fa2e639b558b504f664dfb55c9081ae51d5adfd512263a392ea0b21b5d4c7efe5456e9a13f8c4c27d32f3bbf68339f8a77ba6ad09f22e16681c144e1f6bb3034  useradd-defaults.patch
+ed9174e102594a74ab4399ae68a68a89393bfde6244f04852d382ad5a57d50f2b1a532ca3a51e6e0ce10499b29433811b6d79cdb46404e6d5f6cca7c663e1f11  chkname-allow-dots-in-username.patch
 38e78aade316350dc26000b35335a778f12f5deb0f54ea23f84000ad92a683c519c7814165b5ed7e63187d11677993082d35dc6c21f7f66c6aee8e3fd4b3694b  chpasswd.pamd
 46a6f83f3698e101b58b8682852da749619412f75dfa85cecad03d0847f6c3dc452d984510db7094220e4570a0565b83b0556e16198ad894a3ec84b3e513d58d  login.pamd
-999eb67be2c1d6bcf752ce217ddbed868e4415d3e60676872db1b3da79b1c7d7da6b5d03335297d6358c41e7d21c32ba2df1bd6834ac4ba364b999ed7170f846  defaults.patch
-745eea04c054226feba165b635dbb8570b8a04537d41e914400a4c54633c3a9cf350da0aabfec754fb8cf3e58fc1c8cf597b895506312f19469071760c11f31d  dots-in-usernames.patch
-0b4587e263cb6be12fa5ae6bc3b3fc4d3696dae355bc67d085dc58c52ff96edb4d163b95db2092b8c2f3310839430cac03c7af356641b42e24ee4aa6410f5cf1  pam-useradd.patch
+1c4f7d9057855a187d5f3cac6cb6486e7da5ef374f7b8a3058e2d385304b02fb7bd7127c9fecb7c2e3bdb179c210b4c2c31eba3d3d4559928c55a9e63e52f70f  useradd.pamd
 "
diff --git a/community/shadow/dots-in-usernames.patch b/community/shadow/chkname-allow-dots-in-username.patch
similarity index 70%
rename from community/shadow/dots-in-usernames.patch
rename to community/shadow/chkname-allow-dots-in-username.patch
index b684c9d02fc..e01b68564df 100644
--- a/community/shadow/dots-in-usernames.patch
+++ b/community/shadow/chkname-allow-dots-in-username.patch
@@ -1,6 +1,6 @@
---- shadow-4.1.3/libmisc/chkname.c
-+++ shadow-4.1.3/libmisc/chkname.c
-@@ -66,6 +66,7 @@
+--- a/libmisc/chkname.c
++++ b/libmisc/chkname.c
+@@ -68,6 +68,7 @@
  		      ( ('0' <= *name) && ('9' >= *name) ) ||
  		      ('_' == *name) ||
  		      ('-' == *name) ||
@@ -8,4 +8,3 @@
  		      ( ('$' == *name) && ('\0' == *(name + 1)) )
  		     )) {
  			return false;
-
diff --git a/community/shadow/defaults.patch b/community/shadow/defaults.patch
deleted file mode 100644
index 5e6a868bb14..00000000000
--- a/community/shadow/defaults.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- shadow-4.6-orig/etc/useradd
-+++ shadow-4.6/etc/useradd
-@@ -1,8 +1,7 @@
- # useradd defaults file
--GROUP=1000
- HOME=/home
- INACTIVE=-1
- EXPIRE=
--SHELL=/bin/bash
-+SHELL=/bin/ash
- SKEL=/etc/skel
- CREATE_MAIL_SPOOL=yes
diff --git a/community/shadow/pam-useradd.patch b/community/shadow/pam-useradd.patch
deleted file mode 100644
index 71a1bcd25ee..00000000000
--- a/community/shadow/pam-useradd.patch
+++ /dev/null
@@ -1,9 +0,0 @@
---- a/etc/pam.d/useradd
-+++ b/etc/pam.d/useradd
-@@ -1,4 +1,4 @@
- #%PAM-1.0
- auth		sufficient	pam_rootok.so
--account		required	pam_permit.so
--password	include		system-auth
-+account		include		base-account
-+password	include		base-password
diff --git a/community/shadow/useradd-defaults.patch b/community/shadow/useradd-defaults.patch
new file mode 100644
index 00000000000..d81d09dbbed
--- /dev/null
+++ b/community/shadow/useradd-defaults.patch
@@ -0,0 +1,22 @@
+From: Jakub Jirutka <jakub@jirutka.cz>
+Date: Sun, 19 Dec 2021 21:50:00 +0100
+Subject: [PATCH] Change some useradd defaults
+
+--- a/src/useradd.c
++++ b/src/useradd.c
+@@ -101,12 +101,12 @@
+ /*
+  * These defaults are used if there is no defaults file.
+  */
+-static gid_t def_group = 1000;
++static gid_t def_group = 100;
+ static const char *def_gname = "other";
+ static const char *def_home = "/home";
+-static const char *def_shell = "/bin/bash";
++static const char *def_shell = "/bin/ash";
+ static const char *def_template = SKEL_DIR;
+-static const char *def_create_mail_spool = "yes";
++static const char *def_create_mail_spool = "no";
+ static const char *def_log_init = "yes";
+ 
+ static long def_inactive = -1;
diff --git a/community/shadow/useradd.pamd b/community/shadow/useradd.pamd
new file mode 100644
index 00000000000..1713c368233
--- /dev/null
+++ b/community/shadow/useradd.pamd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+account		include		base-account
+password	include		base-password