fix(sys-apps/shadow): bump to latest version

Change-Id: I21cb208d98412277068788bd43ceadadc775c824

sdk_container/src/third_party/portage-stable/sys-apps/shadow/Manifest

@@ -0,0 +1,52 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+AUX default/useradd 96 SHA256 31aa2cbe4a34a9f7d4d134c1fecd007c9bbf4d40e19d0dcddbcd396f1853b490 SHA512 87b01ac88c2065392fa988871489d8403ef93341b4cfbadb4504f39a2a3396ddef756efc6378868d00627a58a1feb9612eb52a8135558a211a09c6a9ccf3404f WHIRLPOOL 9022a371e34e96a4c3193f24752979da27cdcd60aec1c8db1d2b427ab880b16917578ddcb4d8af02fd1d0eedc6b346cf43d7ae892e8580321e32e50f5498980b
+AUX login.defs 6254 SHA256 b7bfd7b1c34ce3d35865b572abc69d278dea4eef4f349c26b238735547c4ac22 SHA512 7d21d6f72693e5485bde8bbf18a66b3aefef58fae057825fa84beeb548b78d7e12c00149d9c63a5fbdc32daaf1ee5bfa57f63b523b391562d4d2e81a6c06cf27 WHIRLPOOL 756549cd21f0101c861ece9194405a13a1fc4e7c3b9bae080103a3e1bb94b5073d90904d63c7c25fd2f02ef1c4a0d43b9eac4879adc0e1ad4ade4d2ee4532ab9
+AUX login.pamd.3 190 SHA256 1009e196b630dae5d1f40b1cc6ee42a38ecdb7c2cd4bfa40fb7114ee74e0bfd0 SHA512 7181fcdf5dc798230f482cd52827680839f054f79d67498bbdbc20d9926752d34858af37d0b5afc28be9ef5247ad884e027d6ccf29ea0f69ba75a6cdd80918f1 WHIRLPOOL 63012c9e4899f644e2f91fa31348d76718811035e42e5a94425a1e9689b8a67f92e11228b629ce70b9114a44ce4bdf54770fb6805aaacbc4beba4ab302589b24
+AUX login_defs.awk 738 SHA256 6ceb9e03c2f7df817f3162de48886c9c66a596cb2af98fbf523c93e26840113b SHA512 06a19785c55dd7b389342535c3dd9f56114eba54e27c415d921b8598f9862bad4c8d1b251bd0eb036ecefdf4124c444f30c504d7921d93dab3a0eaea03625f72 WHIRLPOOL 047cc78b7faf93b4508efa3f6238d2c013af4cffc920a7ffc0f0197d69cb301189f32ae2d74a9dceafea4999a33e0656dfd43aa4f791b5855e12a553e770ccde
+AUX login_defs_pam.sed 479 SHA256 587239d5b1425c5766f10cea5352b325699fb35829d9375bda68bbfd74f1d839 SHA512 c4bda7776b5a0bdaa8e7e36c09fb005699cf8b1ef5b474021f7e95d98e62a39aebd354dcc8ad0c49316e8e5d0123429b893c3ff9e4024c18ac0e25b4ab4b45ed WHIRLPOOL a6c5ce16824dde56b4ae899cb9b8effc9b7d61133e88e262a22a5e0db080c85ead15d6d9a13c5583b6e55b368ffd890bf037a3957ce6071b370dd7fb50d63bf4
+AUX pam.d-include/login 245 SHA256 39bbe2ed696a22c7549a39a7cfd47c16e347e5af4fd71b8c01ec87fce59ba0a0 SHA512 87a503ed5df2c522cbf97dcb7f6c252fe9e6e4a4fd34e6641b5cbbaebd2ff4a4d861eeadb0196c7cb30717db8fa2194072500af2336f4b81d4bd87b106699c35 WHIRLPOOL 85a34f81ad9337d06c3162c4c897d8e20f26e9ad9eb399adf11e5eea4538d274ecd9498da37a4e374521d480eadcbcdf98b1991a79580af6e8bb1890f6e02f2f
+AUX pam.d-include/other 142 SHA256 5e05df2743ec0021364b05f4bbe2e5a3a670abb5af845c3fa760731e5b7272ca SHA512 639db65a3f573e5d800790931ddac0f378a2d678338ff45068b9f5dda8aa9ebd858fed86c0c1e4f45c2ce3d04e3d8d4ec4ced57837a54e3c18e209711cfe2522 WHIRLPOOL ea34f5db2897fc506c63d0e0a2efc20d5f8c7b1f7353d1ab98c5becf8d0e73c1299a357114412376f17b42f43e0f1685810afe5dc86f42a400b86d7f9a314936
+AUX pam.d-include/passwd 144 SHA256 8c54d2e3aab50b2a8d3d36aa37f7d7bb32c15d9a3af9a10b7ec5b5ffcff9a5fb SHA512 31611a08d97cd2c129f18d451a555ff6c781f91603c77fc0c66ff406b5fa4a97db19ae4ce104816a6324529d10e131de0d5329646bdab2abc8dc3ee5b82b057f WHIRLPOOL 879370adfb6a78c0acdeebf2c10a503d94925c34dceadb8677693f6c34e4e973f2584b221a9a81fdf23f084c430bbafa23a03440c1a95c798b58faedf4d412bd
+AUX pam.d-include/shadow 152 SHA256 7fc1ccca85d2b1ac4dad9909792453c8d26e9aeab48c620d861a92b9355ac69f SHA512 d07611c350d0d6f3386db5080c80a84e4135cf33e44fd3a390cb1092e034f9bd2a69495fadd4bda6ede9962e9658e77f2c8e12d3189cdcda6c7b3c607336f0c3 WHIRLPOOL 2b5282f983b5bf52c0311c2153dba2d12f6c07ae803d1723010bf4bbf4962d120aea026d32b1f3b062778da5222e7cb16dc39660e53b72173fba723a57b616de
+AUX pam.d-include/su 1059 SHA256 63a6a6fb6194f4dff8fdd16214a563242a4ea6cb682f49af337378dfddaf2962 SHA512 c9535434437221fad058b9fad878da13f3a3d4fc9290e4a7366e6d4dab7e320ac40de297bcc874fbe83e50b5ea29c5aac39d7d250632f045d964150604381550 WHIRLPOOL 33283dee1e71ae36112c72d36852680291bab919158e8faab478f7fd32035732b2cf62d83df373fa06869d3c84f05b34477598e776f8e65a39dbc0ef8a2c3724
+AUX pam.d-include/su-openpam 249 SHA256 8d26b735b1b5aa598fc29a88a2d52eeed587210dd1dbd3180ef9bb440a3375b7 SHA512 242328ac89744a5178fdf904b4068d358e07a3ab69035ed586de05ae31a59a4d9929ae6e5f3aa0c60b61b22d8df8584aca47e3f682416979e89d4c7dbc76bdcd WHIRLPOOL 3f7e52c38abc07d9d289edc0b6b31ea8d5d84520e737f4e289e75c5df965eda424f0a4706bb3e5fd6e556b274a6472dc5ca90ba23d17f609ae1311b013b0aef7
+AUX pam.d-include/system-auth 380 SHA256 704c07b9bab8201d55d80970e5a086ea35d93d62969aeb27ee9ebef85a029ed9 SHA512 4a359425064711a4194cff517175f708c829e6f1ca24a77ce38eb10482a8ca5a7ac1f9e25ce301d1f0278963768483344d6caf0548685eb33019f8d4a7d4f847 WHIRLPOOL 8607d4d2a12ac3252902c5a5c592b07903e843a8ada2ed87bf589ab9ab358eef9734a5294862baa5558eef1381c5a77c4fd3e62b1bb9898232aab78f60fbe5d3
+AUX pam.d-include/system-auth-1.1 365 SHA256 e073f573c88515cf38fb22faa26ccf87d55d34e6d460d28ad25682958de4c13e SHA512 3633aff2be598a108d75bd5c2b92b399f0b244327be54ff29d498ef8f95107d0c39a62ffe983e19198d54540c36c028316b628081abf5e8f85cb946db41055c2 WHIRLPOOL 1cb61620c3fbc8ada4676b04d9e38da345f300e1115a13f81790decaa57d56d6d8ada8d1fa12c1857b0ea3591583cb9fa6f195237ebfa1e0ba48e667defa2c5f
+AUX securetty 262 SHA256 9bc3c187d5535ebe83cf22129b7189a9d8e4c05520af187bff6cff4d8f083c67 SHA512 d841f00a4c83e9672ec3620cdff73f2cd02a1a9e883115b329720b5f6ffbf6faa0ff8ac975f1494f7ad07f0ffa91f6eb983a617e604af67dd46062069b09f7f2 WHIRLPOOL 4b7ee107532d1a2e528745c5e3dcb770fc54f7f2a7dcc0f706613e5623f9a5521ee808900a5ffeb68073d9787ebe08606e6eaf95cdb400c9490b0da3614deaa8
+AUX shadow-4.1.3-dots-in-usernames.patch 302 SHA256 2299ffaec204d20e00d791bf5b982571c9261a74c7a7b865a9f7cad1cdcb43ba SHA512 ad20fb3f4f0292f39b5da796e41df71e9e8b1b81dd11a99b2d988440c1b435b0061333a0a5a37a909598d5a840a75946e8c59c74426bae7452de88cf673a5f7d WHIRLPOOL f0258b24f7731ab7b15a1fca391593c8bbd6bdf2ddad57af1d7960d05af49bc5b706039caa576646cb3d817d2d4ad8e89526b12fe046301c63c1518d01dcf173
+AUX shadow-4.1.4.2-env-reset-keep-locale.patch 436 SHA256 5dd113c5cc0ea77dc8d8903b8c327b3b5e2cc9a529306ca85651631f06652e8f SHA512 aea56eae416d4f7d415486dd8c897130ff364fc6e227af7099998718d50e8d306862d17c1038fdce73ca4409bda6b269dc6592a3e74c4cff3fb623d82b0a35f9 WHIRLPOOL 4e306521cb13933da3eec1f93cbddeeede36c69eab680d7a2dd664552b6072f2784d00ac4920868f6e01d8ebbcf505ae2ea54283610afa307a2e6fd3a1429aad
+AUX shadow-4.1.4.2-fix-etc-gshadow-reading.patch 570 SHA256 091effa9c0336ffdc269d60a26af707b21ce849bdec7128baa21ce2bb5cba6b2 SHA512 6ac87a999188471413b124739228663712289aab929a883dc1e9153040886dc411fbf61080f84fea6ee0d56c8fc715a2a316bdc2260900856917c3b328a7b5e9 WHIRLPOOL c9f4210efdf8da9cf8bd92f58533a6575a12e5f6571e24888bd87ee11066c57ba6ae719f0471df5d3d659d6e78a05babc5345bb23506370054c4a0d6925266d2
+AUX shadow-4.1.4.2-groupmod-pam-check.patch 689 SHA256 ad60c0c26b70007750da034223eca38f1a98512fc80ce2fe40440e31a7585c52 SHA512 964bcc8ae71e66d121a270b204588446eaa87b21355e6c029818fe29b7b24b9dc1849ca6dfd9d4c1f661cb49b93df13c522ff3092b645d188849323f6c848c17 WHIRLPOOL 16cbf1e1dee1a4577867b71ec4c847d9005455cc562f047b20c7aa750b7cee1ea4a2e024a3369b64950455c03b600156bd865f64692953f2fb1c7f8ba12b77c7
+AUX shadow-4.1.4.2-su_no_sanitize_env.patch 315 SHA256 675098bb3dca4d8ac78e6c1c4ae7f513cb4017583b34b6b4d67611578bff8723 SHA512 91fb6a6ba77fb069e12785bd88394c737fc04d9cded50c3851e031506a9021384e975a95775ac1c381ab026b5e06aae9687dda5e163fa45e69221096519679f8 WHIRLPOOL 16831cc3e9f062e790cde8c78a919e64c6be15b5c28e060e5ea866c4a4f24329b53d2a20b577ec328ff4dd910c23c81cda1dfe71d7414ed925826d8415a1f73b
+AUX shadow-4.1.4.3-dup-install-targets.patch 695 SHA256 8d8cebd032acb9f20a1ff99d8db2b95952ebb8a3592a7b1088364ed88cf70d11 SHA512 4ec5a936b315c8d556ede610ed47be599ae34207f4360014a66d149d542966d23e2af5b1a8255c5c63529317e8428af5979a62d1a2a2261b14a6333159b53607 WHIRLPOOL 0ed0e3bd457c2538389cfb5b3d36d646ff11443a5c72c2db74dc212e4140aa414d35d62fc989155aaee69ffd3047f3850d7b2f29daccd43bbe5f53459d38cf9a
+AUX shadow-4.1.5-grremove.patch 1664 SHA256 626536837e0cdc6903200de0d63b23c5a0d4a88f8d9b668e830a7035ab5f7e01 SHA512 a9d5bb16307fe40f50ee2e921bcf833220382d108f68ca1f973955bd77820e4987b435420bb0dbf8d9da5f6d7f52a1973bd566bf1868e5dacaa6635f69b3b934 WHIRLPOOL 8c20548471577ed5e1b6fe894af4b7dc4fac15c0dcb3cc02972343556d5113e8d9e8d97d1a91701df352f2dbd48c8a2416e1c70221e7cc5f9d913e85d41bd57e
+AUX shadow-4.1.5-nscd-ignore-exit-1.patch 988 SHA256 b44d1706553f084b9949467c10be17661d8a01dda308f323ea14e406caf84347 SHA512 19c604b48c3a78086248f01307c425fc1265d3ed5ee13ac783ff885f6ea019d28918df6d570c927c5ce5a5f5e003ff089553db1964661f3fd0b70812f57bb324 WHIRLPOOL 2970ded35b1ceda3b103bb8b30b6bdff5741e325a935919c3178bf378e04f5e279b2c65b1096698843ca56320f80742c3713624abea19cb35b0232a089aa673e
+AUX shadow-4.1.5-nscd-newline-msg.patch 1332 SHA256 37142316d0c06584801d65e902798108995d59f52eda8c76d322479a31c9cff1 SHA512 d1e155fcb82b5ce5531fa76385576feced1c9d520cd18a62d9af418a4403c72a7e47155e5535d3182a8f68f960188eadc211d1017e1df6637f0217398d8b7774 WHIRLPOOL 36b1550b3b41597bf302236f1bc8bda675e51c11797d03210ff1c8a61d1b4a27486cfb614997688ffd8f384a1d76a746d50c50ed17a1f4348d040093b402e961
+AUX shadow-4.1.5-selinux-groupadd.patch 703 SHA256 62cce19aa1c702bc099948e694166f19d057849a6fdde99ffea52a4e3e2dab99 SHA512 a9c258b3b316abe57e85c556edcd37a1cea18f9125273ca7c79c136fb256f6847d0d4c5a78155882900ce280c83aac6ba1f428c9b3aaa020d7cf35a13409ffb0 WHIRLPOOL 1c301b32f6bb5927fac5626a724446ac1a865234dda5021dbdb908607b2887a534c2499246ef355888b5d0c6fcf8111faa2fa5bb6c5b33eebb3132c916e6120a
+AUX shadow-4.1.5-stdarg.patch 1137 SHA256 9280f8337651dc25f22f52acd8f4467b592d1f664bd35ce1f2f431335b1aef5b SHA512 aeda218afa859c9b121f54500be4bdf3676386448c04cffda3ec4aefc4b7fdd8b7e2b5e24545dad2d64fc7748cc68bdce337931d7313d608df0b153330f9912a WHIRLPOOL 42dd1686196f503950905d40728f8e74a75b64014e39cb5d3ed8aa379718a7c00893a1ef8834e8aa887807a4a08556464e0d2b65b79e2e7a0512d89e79e358db
+DIST shadow-4.1.4.2.tar.bz2 1790400 SHA256 97987f6a7967a85e6aa0dba2a1d52db8bd69af5a717391de5693db768fb78990 SHA512 d18f60b892e9a1e7599090e8b8f65537b03258b6124b3dc0333ad0a21c78e1e1331435e08b391d6ea559d04e45319a19d18da6837af9d1ba7f423ca08cc06d3f WHIRLPOOL 8faa9ccc438c86e734c1a8fefd89a27a043beebd87018fed0e1bf82181c52568a75c003c9aa9ea28fc2c0137f2130d101b1221be55aabe7cfaf3248e3ccd06b6
+DIST shadow-4.1.4.3.tar.bz2 1804034 SHA256 633f5bb4ea0c88c55f3642c97f9d25cbef74f82e0b4cf8d54e7ad6f9f9caa778 SHA512 b9707d8bd4a934461898a2474bda8e66a3ec92b450236f0f4a6a13a7337600e816e972de51beed7833f16ba056b90e56af9cd971f90172e440daabce2cc53859 WHIRLPOOL 723c22933d256556b84c91e72eaa6f2ed1caf66a85b53b224176e84389be0d89ba7e8c84c3d3a31157a339aa3a302604bd965af69ad3d675f281caf96d6b1e22
+DIST shadow-4.1.5.1.tar.bz2 2193325 SHA256 aa32333748d68b58ed3a83625f0165e0f6b9dc4639e6377c9300c6bf4fe978fb SHA512 c3bc605de1ca5b774b80d0d92cef5d4c0d5b4a206acadcf5a819f195453093bfe7990d7e32b98799180847ae4fadecfc7876c8ee7297f343acce2230d805d02c WHIRLPOOL 08751597b5b57057f0a3141be97204df49fada25adf0a9f43106a4099ce1b06fec6e90592e43ff1d789bf0a7e16a40b45f29830879ea5c71e9f5a1a81e7a7357
+DIST shadow-4.1.5.tar.bz2 2155227 SHA256 e3c1ac70fa08d932777639c861155dc61024c2d4961e76f0d07fd239ba10cd87 SHA512 c830958bf25f633ac41273acac62a62d755ab8fa4e9d01b9498fe4701890797bf81fef6a8bd5cabbd052ca33a9b8fb20072f40f97dcb9efbbf8ae0e1cccf8df8 WHIRLPOOL 2e0c3bdedd3c898f3b87ee10224d81e544636e2e5190685ce7e045f35cbf63e77b59f8d5657a923156ee927a4e705ec1b73bf6fc1bc556848bb0fbd0c0cfe916
+EBUILD shadow-4.1.4.2-r6.ebuild 5321 SHA256 4a77c13904a42a146ce4c6becb1d98c692491947b45e249cf615c2bed88278a6 SHA512 48d55fa1bd570adee8e0a79d6b68bf7126d36c6c7ca5758e1debf4a17c97fc300f5bf17e556353965c4c789ecdf7634b46c7396278d26002729657849b688b22 WHIRLPOOL b9dbf818cec4f2b897ae977f126a10d6e428233724afdba70730372e29e4e3692cbec245a7cd4524982c94afd2e1715a7bb537149aeb338d504cce1915406a97
+EBUILD shadow-4.1.4.3.ebuild 5444 SHA256 88ed1044474e017ec791096b5960b8d98874c3209261c5eae813c121a5601d84 SHA512 55fca2f5c627ce81bebc7f526f0027873ed961a89bbc79c458565d4d4e2d209e22db3aa0a3cc774d1730613468ddf7752ae7db4a1877dcb361d8c06eb1d5a594 WHIRLPOOL c6a439b7a96dd5797106ff7068ef2266b8966b2a478a51ea876b374116cd22a26b765d6fd068efb1219ff5f0cb0ef121bc9e904c39e1850036e45d987e694d40
+EBUILD shadow-4.1.5-r1.ebuild 5360 SHA256 ec2a2254e09045e849659033998c1a088a6461efd48d8ca3ad055a831684ccf5 SHA512 91c9c9c71d6d78e862ffde4536bbd9c35e88f409041fe35c817cf29f7276681d85be233789d918e053e89960a8c77e4c2a3327f7d8ab63c6958e9bd0c27c62bc WHIRLPOOL 60b1a0b8b9a1099f66d83eb275eeba01b72d5d205cf61592006886a248f7dcaf19eccec6023cbcba229425f8e784d3ae21bd10f936ed0fcfbdf27d7f48b034f6
+EBUILD shadow-4.1.5-r2.ebuild 5508 SHA256 8b2b1760a10f254493042805971e4e3a2933e2c56e04b00351b982a87bdd232d SHA512 1efcab09419e228ac0f10d292a54412535abe3ba05296fc11734c1e6f0b5264c71511bcceebc38c6f3c4198dc433b46db421575676aaec96cee1a464455c2e69 WHIRLPOOL 551e965d7e5552fa7cf6dcefb233a851afa5f66bed1e944ca915aa46bf51c2fba43694b33e1c58774c018a7124eec46d11c0a23650da0b0f89213962ced79883
+EBUILD shadow-4.1.5.1-r1.ebuild 5292 SHA256 d013ff5e638784185a2451484fdf07c396f87fd6a563b2a982ca125a686e25c1 SHA512 45e8e9b1fbc669b831a47ce9d8fb56ad1a32e232596e9f8d2f57deb732ef782c88584f8172f4f1edb490da649c85746211d2b964e27d12979fe3bc107fa52d37 WHIRLPOOL 2133aa74e9b6c9dcebd5e07cf491779badb853cb48f5db0667243c1abeea82865b9ab8a5e20efce77a398033238a24dc022a6957347526223b479aace4a6151e
+EBUILD shadow-4.1.5.1.ebuild 5286 SHA256 0da36c171e0162b095d0a878368c4f4653752800ae404372ace676c79013b4de SHA512 67279b2c87d3dc7d7058696b365e3fe499a6e56c461972a3b94fa0ca5989a30ef63e74946156408275af2fdf88ff75410e4cf0c62bd8b22b26d362bea01ecfd6 WHIRLPOOL 86663847683e2724247105537a496be93310aa8e58e09fc3cbcec718f63eff5a4c51f6d81f2906dfc3271a6a7cd6d9ef0f94ccf1e463e1cfcd94e7c88816e5b9
+EBUILD shadow-4.1.5.ebuild 5316 SHA256 3d721e963aebfde2d9c74be7eed0cae750eec4f2957e88c41920de7279bcc390 SHA512 646ceb6e2bb06925c9c87c4e94d7883c24138cfe2209c4e5967a6d9746b8b07b403315de3e5703052b41a73d4eb750f8a73aac0c98e54caee283ac5e30351a58 WHIRLPOOL a8471ffd7138b4feab5b0d6c7dc30425feee10b2c2ac5d5657f85061b089d432a988d4f3bdcaeb31e3f43e37d893ac24f9ab7bdbffd91c78a47dcb3c6edcd751
+MISC ChangeLog 46966 SHA256 3203527e52234c7e21c940969e34b5c85ccba3d22e3ede48b735272a46b7069c SHA512 73f2131ecf125d054443b0391f36995c3ffaa2a64313d58df05d771450e2f8c2cd83f2a90d9b87bce0669c06d4db4919cdf416720d6af586750e4e09beb45a9d WHIRLPOOL c182c4070f43ea9950e7f20e4a50e92bda4bc75acfa3aeeff814bc447697f3d0b1a11298706990a6ff2d7aca1f273fdfe403bb0957ab24fa83438b7508ca6452
+MISC metadata.xml 295 SHA256 70669ae3eafc9eb73e2f493b1286a85c11d3d11b6cd565413eaf929dacff57e7 SHA512 a949e632dbd07e1fe5c045b2bf8628a1423b1981d16b46546a8e024ee35137e02ccf82013c082bdfa59d57af8de45e64f6c90101d863345a6a93b73cf61b9c97 WHIRLPOOL c9856f6a219ae62fee0ac98aa0eaf13ce48e06f864dc0648bad3da640a52c3942e1787a0da9842ca4f1984ecd163e93d724cfb489d3059f8cb73701435cabb9f
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.19 (GNU/Linux)
+
+iQEcBAEBCAAGBQJQ2I2WAAoJEBzRPIrUMBNCVj8H/0BXoG6j9K3uVMemPOBD7d7L
+4bidToyY5BG5MDonkpJq0g4lYUijAta6vj6wNzKtXlBBWBTGYLlbM8uWIfYysG7D
+K8W221tjBDMCUhc3p7vJQ6GjbOcSwOAifb7k3Dy+piOlaihQxzQcfaRJ/kzIXOaI
+4kyfUVOCixeF3tlQq/lNVpTPgttPiT4L0rKoYxOlyYXz9yyXg3HvrVhMMpnwuqgi
+DtQBEBZ63cEP5so7xECnzT/ciKwN09s0EsdJq7HLRtKH9RFjX+tEI3N6w9vPs3E6
+8MhhGsuc+rEiD7capaaaFKKJo3KBgqiMvJzi6T9BHcMV8p4ypipHukLnZ/8f420=
+=zCcN
+-----END PGP SIGNATURE-----

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/default/useradd

@@ -0,0 +1,7 @@
+# useradd defaults file
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SHELL=/bin/bash
+SKEL=/etc/skel

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/login.defs

@@ -0,0 +1,212 @@
+#
+# /etc/login.defs - Configuration control definitions for the login package.
+#
+#	$Id: login.defs,v 1.6 2006/03/12 23:47:08 flameeyes Exp $
+#
+# Three items must be defined:  MAIL_DIR, ENV_SUPATH, and ENV_PATH.
+# If unspecified, some arbitrary (and possibly incorrect) value will
+# be assumed.  All other items are optional - if not specified then
+# the described action or option will be inhibited.
+#
+# Comment lines (lines beginning with "#") and blank lines are ignored.
+#
+# Modified for Linux.  --marekm
+
+#
+# Delay in seconds before being allowed another attempt after a login failure
+#
+FAIL_DELAY		3
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+CONSOLE		/etc/securetty
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# *REQUIRED*
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define both, MAIL_DIR takes precedence.
+#
+MAIL_DIR	/var/spool/mail
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH	PATH=/sbin:/bin:/usr/sbin:/usr/bin
+ENV_PATH	PATH=/bin:/usr/bin
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+TTYGROUP	tty
+TTYPERM		0600
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	UMASK		Default "umask" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# The ULIMIT is used only if the system supports it.
+# (now it works with setrlimit too; ulimit is in 512-byte units)
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_WARN_AGE	7
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			  100
+GID_MAX			60000
+
+#
+# Max number of login retries if password is bad
+#
+LOGIN_RETRIES		3
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		rwh
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+#CONSOLE_GROUPS		floppy:audio:cdrom
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# When prompting for password without echo, getpass() can optionally
+# display a random number (in the range 1 to GETPASS_ASTERISKS) of '*'
+# characters for each character typed.  This feature is designed to
+# confuse people looking over your shoulder when you enter a password :-).
+# Also, the new getpass() accepts both Backspace (8) and Delete (127)
+# keys to delete previous character (to cope with different terminal
+# types), Control-U to delete all characters, and beeps when there are
+# no more characters to delete, or too many characters entered.
+#
+# Setting GETPASS_ASTERISKS to 1 results in more traditional behaviour -
+# exactly one '*' displayed for each character typed.
+#
+# Setting GETPASS_ASTERISKS to 0 disables the '*' characters (Backspace,
+# Delete, Control-U and beep continue to work as described above).
+#
+# Setting GETPASS_ASTERISKS to -1 reverts to the traditional getpass()
+# without any new features.  This is the default.
+#
+GETPASS_ASTERISKS 0
+
+#
+# Enable setting of the umask group bits to be the same as owner bits
+# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
+# the same as gid, and username is the same as the primary group name.
+#
+# This also enables userdel to remove user groups if no members exist.
+#
+USERGROUPS_ENAB yes
+

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/login.pamd.3

@@ -0,0 +1,6 @@
+auth       required	pam_securetty.so
+auth       include	system-local-login
+
+account    include	system-local-login
+password   include	system-local-login
+session    include	system-local-login

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/login_defs.awk

@@ -0,0 +1,32 @@
+# Fixes up login defs for PAM by commenting all non-PAM options and adding a
+# comment that it is not supported with PAM.
+#
+# Call with lib/getdef.c and etc/login.defs as args in the root source directory
+# of shadow, ie:
+#
+#   gawk -f login_defs.awk lib/getdef.c etc/login.defs > login.defs.new
+#
+
+(FILENAME == "lib/getdef.c") {
+	if ($2 == "USE_PAM")
+		start_printing = 1
+	else if ($1 == "#endif")
+		nextfile
+	else if (start_printing == 1)
+		VARS[count++] = substr($1, 3, length($1) - 4)
+}
+
+(FILENAME != "lib/getdef.c") {
+	print_line = 1
+	for (x in VARS) {
+		regex = "(^|#)" VARS[x]
+		if ($0 ~ regex) {
+			print_line = 0
+			printf("%s%s\t(NOT SUPPORTED WITH PAM)\n",
+				($0 ~ /^#/) ? "" : "#", $0)
+		}
+	}
+	if (print_line)
+		print $0
+}
+

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/login_defs_pam.sed

@@ -0,0 +1,24 @@
+/^FAILLOG_ENAB/b comment
+/^LASTLOG_ENAB/b comment
+/^MAIL_CHECK_ENAB/b comment
+/^OBSCURE_CHECKS_ENAB/b comment
+/^PORTTIME_CHECKS_ENAB/b comment
+/^QUOTAS_ENAB/b comment
+/^MOTD_FILE/b comment
+/^FTMP_FILE/b comment
+/^NOLOGINS_FILE/b comment
+/^ENV_HZ/b comment
+/^PASS_MIN_LEN/b comment
+/^SU_WHEEL_ONLY/b comment
+/^CRACKLIB_DICTPATH/b comment
+/^PASS_CHANGE_TRIES/b comment
+/^PASS_ALWAYS_WARN/b comment
+/^CHFN_AUTH/b comment
+/^ENVIRON_FILE/b comment
+
+b exit
+
+: comment
+  s:^:#:
+
+: exit

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/pam.d-include/login

@@ -0,0 +1,12 @@
+#%PAM-1.0
+
+auth       required	pam_securetty.so
+auth       include	system-auth
+auth       required	pam_nologin.so
+
+account    include	system-auth
+
+password   include	system-auth
+
+session    include	system-auth
+session    optional	pam_console.so

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/pam.d-include/other

@@ -0,0 +1,9 @@
+#%PAM-1.0
+
+auth       required	pam_deny.so
+
+account    required	pam_deny.so
+
+password   required	pam_deny.so
+
+session    required	pam_deny.so

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/pam.d-include/passwd

@@ -0,0 +1,8 @@
+#%PAM-1.0
+
+auth       sufficient   pam_rootok.so
+auth       include	system-auth
+
+account    include	system-auth
+
+password   include	system-auth

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/pam.d-include/shadow

@@ -0,0 +1,8 @@
+#%PAM-1.0 
+
+auth       sufficient	pam_rootok.so
+auth       required		pam_permit.so
+
+account    include		system-auth
+
+password   required		pam_permit.so

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/pam.d-include/su

@@ -0,0 +1,32 @@
+#%PAM-1.0
+
+auth       sufficient	pam_rootok.so
+
+# If you want to restrict users begin allowed to su even more,
+# create /etc/security/suauth.allow (or to that matter) that is only
+# writable by root, and add users that are allowed to su to that
+# file, one per line.
+#auth       required     pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow
+
+# Uncomment this to allow users in the wheel group to su without
+# entering a passwd.
+#auth       sufficient   pam_wheel.so use_uid trust
+
+# Alternatively to above, you can implement a list of users that do
+# not need to supply a passwd with a list.
+#auth       sufficient   pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass
+
+# Comment this to allow any user, even those not in the 'wheel'
+# group to su
+auth       required     pam_wheel.so use_uid
+
+auth       include		system-auth
+
+account    include		system-auth
+
+password   include		system-auth
+
+session    include		system-auth
+session    required     pam_env.so
+session    optional		pam_xauth.so
+

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/pam.d-include/su-openpam

@@ -0,0 +1,14 @@
+#%PAM-1.0
+
+auth       sufficient	pam_rootok.so
+
+auth       include		system-auth
+
+account    include		system-auth
+
+password   include		system-auth
+
+session    include		system-auth
+session    required     pam_env.so
+session    optional		pam_xauth.so
+

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/pam.d-include/system-auth

@@ -0,0 +1,14 @@
+#%PAM-1.0
+
+auth       required		pam_env.so
+auth       sufficient	pam_unix.so likeauth nullok nodelay
+auth       required		pam_deny.so
+
+account    required		pam_unix.so
+
+password   required		pam_cracklib.so retry=3
+password   sufficient	pam_unix.so nullok md5 shadow use_authtok
+password   required		pam_deny.so
+
+session    required		pam_limits.so
+session    required		pam_unix.so

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/pam.d-include/system-auth-1.1

@@ -0,0 +1,14 @@
+#%PAM-1.0
+
+auth       required	pam_env.so
+auth       sufficient	pam_unix.so likeauth nullok
+auth       required	pam_deny.so
+
+account    required	pam_unix.so
+
+password   required	pam_cracklib.so retry=3
+password   sufficient	pam_unix.so nullok md5 shadow use_authtok
+password   required	pam_deny.so
+
+session    required	pam_limits.so
+session    required	pam_unix.so

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/securetty

@@ -0,0 +1,33 @@
+# /etc/securetty: list of terminals on which root is allowed to login.
+# See securetty(5) and login(1).
+console
+
+vc/0
+vc/1
+vc/2
+vc/3
+vc/4
+vc/5
+vc/6
+vc/7
+vc/8
+vc/9
+vc/10
+vc/11
+vc/12
+tty0
+tty1
+tty2
+tty3
+tty4
+tty5
+tty6
+tty7
+tty8
+tty9
+tty10
+tty11
+tty12
+
+tts/0
+ttyS0

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/shadow-4.1.3-dots-in-usernames.patch

@@ -0,0 +1,10 @@
+--- shadow-4.1.3/libmisc/chkname.c
++++ shadow-4.1.3/libmisc/chkname.c
+@@ -66,6 +66,7 @@
+ 		      ( ('0' <= *name) && ('9' >= *name) ) ||
+ 		      ('_' == *name) ||
+ 		      ('-' == *name) ||
++		      ('.' == *name) ||
+ 		      ( ('$' == *name) && ('\0' == *(name + 1)) )
+ 		     )) {
+ 			return false;

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch

@@ -0,0 +1,14 @@
+http://bugs.gentoo.org/283725
+https://alioth.debian.org/tracker/index.php?func=detail&aid=311740&group_id=30580&atid=411480
+
+--- shadow-4.1.4.2/libmisc/env.c
++++ shadow-4.1.4.2/libmisc/env.c
+@@ -251,7 +251,7 @@
+ 			if (strncmp (*cur, *bad, strlen (*bad)) != 0) {
+ 				continue;
+ 			}
+-			if (strchr (*cur, '/') != NULL) {
++			if (strchr (*cur, '/') == NULL) {
+ 				continue;	/* OK */
+ 			}
+ 			for (move = cur; NULL != *move; move++) {

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/shadow-4.1.4.2-fix-etc-gshadow-reading.patch

@@ -0,0 +1,27 @@
+http://bugs.debian.org/569899
+http://bugs.gentoo.org/327605
+
+buf is not an array, it's a static pointer, so we have to use buflen
+
+--- lib/gshadow.c
++++ lib/gshadow.c
+@@ -222,6 +222,7 @@
+ 		if (NULL == buf) {
+ 			return NULL;
+ 		}
++		buflen = BUFSIZ;
+ 	}
+ 
+ 	if (NULL == fp) {
+@@ -229,9 +230,9 @@
+ 	}
+ 
+ #ifdef	USE_NIS
+-	while (fgetsx (buf, (int) sizeof buf, fp) == buf)
++	while (fgetsx (buf, buflen, fp) == buf)
+ #else
+-	if (fgetsx (buf, (int) sizeof buf, fp) == buf)
++	if (fgetsx (buf, buflen, fp) == buf)
+ #endif
+ 	{
+ 		while (   ((cp = strrchr (buf, '\n')) == NULL)

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/shadow-4.1.4.2-groupmod-pam-check.patch

@@ -0,0 +1,21 @@
+http://bugs.gentoo.org/300790
+http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2009-November/007850.html
+
+2009-11-05  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/groupmod.c: Fixed groupmod when configured with
+	--enable-account-tools-setuid.
+
+diff --git a/src/groupmod.c b/src/groupmod.c
+index 4205df2..da6d77f 100644
+--- a/src/groupmod.c
++++ b/src/groupmod.c
+@@ -724,7 +724,7 @@ int main (int argc, char **argv)
+ 	{
+ 		struct passwd *pampw;
+ 		pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+-		if (NULL == pamh) {
++		if (NULL == pampw) {
+ 			fprintf (stderr,
+ 			         _("%s: Cannot determine your user name.\n"),
+ 			         Prog);

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch

@@ -0,0 +1,14 @@
+http://bugs.gentoo.org/show_bug.cgi?id=301957
+https://alioth.debian.org/scm/browser.php?group_id=30580
+
+--- a/src/su.c
++++ b/src/su.c
+@@ -342,7 +342,7 @@
+ #endif
+ #endif				/* !USE_PAM */
+ 
+-	sanitize_env ();
++	/* sanitize_env (); */
+ 
+ 	(void) setlocale (LC_ALL, "");
+ 	(void) bindtextdomain (PACKAGE, LOCALEDIR);

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/shadow-4.1.4.3-dup-install-targets.patch

@@ -0,0 +1,15 @@
+the Makefile.am manualy adds man_nopam to the install list, and then also
+optionally appends it which leads to the `install` error:
+	... will not overwrite just-created ...
+
+--- shadow-4.1.4.3/man/ru/Makefile.in
++++ shadow-4.1.4.3/man/ru/Makefile.in
+@@ -222,7 +222,7 @@
+ top_build_prefix = @top_build_prefix@
+ top_builddir = @top_builddir@
+ top_srcdir = @top_srcdir@
+-man_MANS = $(man_nopam) chage.1 chfn.1 chgpasswd.8 chpasswd.8 chsh.1 \
++man_MANS = chage.1 chfn.1 chgpasswd.8 chpasswd.8 chsh.1 \
+ 	expiry.1 faillog.5 faillog.8 getspnam.3 gpasswd.1 groupadd.8 \
+ 	groupdel.8 groupmems.8 groupmod.8 groups.1 grpck.8 grpconv.8 \
+ 	grpunconv.8 gshadow.5 lastlog.8 login.1 login.defs.5 logoutd.8 \

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/shadow-4.1.5-grremove.patch

@@ -0,0 +1,49 @@
+https://bugs.gentoo.org/405409
+
+http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2012-February/009159.html
+http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2012-March/009196.html
+
+--- shadow-4.1.5/src/userdel.c
++++ shadow-4.1.5/src/userdel.c
+@@ -333,22 +333,22 @@ static void remove_usergroup (void)
+ 		 * We can remove this group, it is not the primary
+ 		 * group of any remaining user.
+ 		 */
+-		if (gr_remove (grp->gr_name) == 0) {
++		if (gr_remove (user_name) == 0) {
+ 			fprintf (stderr,
+ 			         _("%s: cannot remove entry '%s' from %s\n"),
+-			         Prog, grp->gr_name, gr_dbname ());
++			         Prog, user_name, gr_dbname ());
+ 			fail_exit (E_GRP_UPDATE);
+ 		}
+ 
+ #ifdef WITH_AUDIT
+ 		audit_logger (AUDIT_DEL_GROUP, Prog,
+ 		              "deleting group",
+-		              grp->gr_name, AUDIT_NO_ID,
++		              user_name, AUDIT_NO_ID,
+ 		              SHADOW_AUDIT_SUCCESS);
+ #endif				/* WITH_AUDIT */
+ 		SYSLOG ((LOG_INFO,
+ 		         "removed group '%s' owned by '%s'\n",
+-		         grp->gr_name, user_name));
++		         user_name, user_name));
+ 
+ #ifdef	SHADOWGRP
+ 		if (sgr_locate (user_name) != NULL) {
+@@ -361,12 +361,12 @@ static void remove_usergroup (void)
+ #ifdef WITH_AUDIT
+ 			audit_logger (AUDIT_DEL_GROUP, Prog,
+ 			              "deleting shadow group",
+-			              grp->gr_name, AUDIT_NO_ID,
++			              user_name, AUDIT_NO_ID,
+ 			              SHADOW_AUDIT_SUCCESS);
+ #endif				/* WITH_AUDIT */
+ 			SYSLOG ((LOG_INFO,
+ 			         "removed shadow group '%s' owned by '%s'\n",
+-			         grp->gr_name, user_name));
++			         user_name, user_name));
+ 
+ 		}
+ #endif				/* SHADOWGRP */

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/shadow-4.1.5-nscd-ignore-exit-1.patch

@@ -0,0 +1,30 @@
+From 357ff92218a68f2ea74b9d08867c662571012bbe Mon Sep 17 00:00:00 2001
+From: Mike Frysinger <vapier@gentoo.org>
+Date: Sun, 12 Feb 2012 23:37:04 -0500
+Subject: [PATCH 3/3] nscd: ignore exit 1 code
+
+If nscd is installed but not in use, then running `nscd -i` will exit(1).
+We shouldn't warn in this case since this is not abnormal behavior.
+
+Signed-off-by: Mike Frysinger <vapier@gentoo.org>
+---
+ lib/nscd.c |    3 +++
+ 1 files changed, 3 insertions(+), 0 deletions(-)
+
+diff --git a/lib/nscd.c b/lib/nscd.c
+index ea1dc55..7adb58f 100644
+--- a/lib/nscd.c
++++ b/lib/nscd.c
+@@ -39,6 +39,9 @@ int nscd_flush_cache (const char *service)
+ 		/* nscd is not installed, or it is installed but uses an
+ 		   interpreter that is missing.  Probably the former. */
+ 		return 0;
++	} else if (code == 1) {
++		/* nscd is installed, but it isn't active. */
++		return 0;
+ 	} else if (code != 0) {
+ 		(void) fprintf (stderr, _("%s: nscd exited with status %d\n"),
+ 		                Prog, code);
+-- 
+1.7.8.4
+

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/shadow-4.1.5-nscd-newline-msg.patch

@@ -0,0 +1,38 @@
+From 360351b9b99bba0a278923c4237d158cbd726df5 Mon Sep 17 00:00:00 2001
+From: Mike Frysinger <vapier@gentoo.org>
+Date: Sun, 12 Feb 2012 23:08:42 -0500
+Subject: [PATCH 1/3] nscd: add missing newline to warning msg
+
+Trying to run `passwd` without nscd running shows the messages:
+...
+Re-enter new password:
+passwd: nscd exited with status 1passwd: Failed to flush the nscd cache.
+passwd: nscd exited with status 1passwd: Failed to flush the nscd cache.
+passwd: nscd exited with status 1passwd: Failed to flush the nscd cache.
+passwd: nscd exited with status 1passwd: Failed to flush the nscd cache.
+passwd: password changed.
+...
+
+You can see the status message missing a newline, so add it.
+
+Signed-off-by: Mike Frysinger <vapier@gentoo.org>
+---
+ lib/nscd.c |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/lib/nscd.c b/lib/nscd.c
+index 227c205..ea1dc55 100644
+--- a/lib/nscd.c
++++ b/lib/nscd.c
+@@ -40,7 +40,7 @@ int nscd_flush_cache (const char *service)
+ 		   interpreter that is missing.  Probably the former. */
+ 		return 0;
+ 	} else if (code != 0) {
+-		(void) fprintf (stderr, _("%s: nscd exited with status %d"),
++		(void) fprintf (stderr, _("%s: nscd exited with status %d\n"),
+ 		                Prog, code);
+ 		(void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
+ 		return -1;
+-- 
+1.7.8.4
+

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/shadow-4.1.5-selinux-groupadd.patch

@@ -0,0 +1,32 @@
+http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2012-March/009205.html
+
+https://bugs.gentoo.org/406819
+
+--- shadow-4.1.5/lib/commonio.c
++++ shadow-4.1.5/lib/commonio.c
+@@ -977,6 +977,12 @@ int commonio_close (struct commonio_db *
+ 
+ 	snprintf (buf, sizeof buf, "%s+", db->filename);
+ 
++#ifdef WITH_SELINUX
++	if (set_selinux_file_context (buf) != 0) {
++		errors++;
++	}
++#endif
++
+ 	db->fp = fopen_set_perms (buf, "w", &sb);
+ 	if (NULL == db->fp) {
+ 		goto fail;
+@@ -1011,6 +1017,12 @@ int commonio_close (struct commonio_db *
+ 		goto fail;
+ 	}
+ 
++#ifdef WITH_SELINUX
++	if (reset_selinux_file_context () != 0) {
++		goto fail;
++	}
++#endif
++
+ 	nscd_need_reload = true;
+ 	goto success;
+       fail:

sdk_container/src/third_party/portage-stable/sys-apps/shadow/files/shadow-4.1.5-stdarg.patch

@@ -0,0 +1,37 @@
+From 04d19a920ea0cf74f977006e3f8241bf77cbc16b Mon Sep 17 00:00:00 2001
+From: Mike Frysinger <vapier@gentoo.org>
+Date: Sun, 12 Feb 2012 22:41:05 -0500
+Subject: [PATCH] copydir: include stdarg.h for va_* funcs
+
+Building on newer systems fails due to using stdargs but not including
+the header file:
+
+copydir.c: In function 'error_acl':
+copydir.c:126:2: warning: implicit declaration of function 'va_start' [-Wimplicit-function-declaration]
+copydir.c:132:2: warning: implicit declaration of function 'va_end' [-Wimplicit-function-declaration]
+...
+libmisc/copydir.c:126: undefined reference to 'va_start'
+libmisc/copydir.c:132: undefined reference to 'va_end'
+...
+make[2]: *** [useradd] Error 1
+
+Signed-off-by: Mike Frysinger <vapier@gentoo.org>
+---
+ libmisc/copydir.c |    1 +
+ 1 files changed, 1 insertions(+), 0 deletions(-)
+
+diff --git a/libmisc/copydir.c b/libmisc/copydir.c
+index 7cb5f56..c6cbe6b 100644
+--- a/libmisc/copydir.c
++++ b/libmisc/copydir.c
+@@ -40,6 +40,7 @@
+ #include <sys/time.h>
+ #include <fcntl.h>
+ #include <stdio.h>
++#include <stdarg.h>
+ #include "prototypes.h"
+ #include "defines.h"
+ #ifdef WITH_SELINUX
+-- 
+1.7.8.4
+

sdk_container/src/third_party/portage-stable/sys-apps/shadow/metadata.xml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>base-system</herd>
+<herd>pam</herd> <!-- only for USE=pam -->
+<use>
+ <flag name='audit'>Enable support for <pkg>sys-process/audit</pkg></flag>
+</use>
+</pkgmetadata>

sdk_container/src/third_party/portage-stable/sys-apps/shadow/shadow-4.1.4.2-r6.ebuild

@@ -0,0 +1,193 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.4.2-r6.ebuild,v 1.9 2011/09/03 09:13:57 scarabeus Exp $
+
+inherit eutils libtool toolchain-funcs pam multilib
+
+DESCRIPTION="Utilities to deal with user accounts"
+HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/"
+SRC_URI="http://pkg-shadow.alioth.debian.org/releases/${P}.tar.bz2"
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86"
+IUSE="audit cracklib nls pam selinux skey"
+
+RDEPEND="audit? ( sys-process/audit )
+	cracklib? ( >=sys-libs/cracklib-2.7-r3 )
+	pam? ( virtual/pam )
+	skey? ( sys-auth/skey )
+	selinux? ( >=sys-libs/libselinux-1.28 )
+	nls? ( virtual/libintl )"
+DEPEND="${RDEPEND}
+	nls? ( sys-devel/gettext )"
+RDEPEND="${RDEPEND}
+	pam? ( >=sys-auth/pambase-20080219.1 )"
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	epatch "${FILESDIR}"/${PN}-4.1.4.2-env-reset-keep-locale.patch #283725
+	epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920
+	epatch "${FILESDIR}"/${PN}-4.1.4.2-groupmod-pam-check.patch #300790
+	epatch "${FILESDIR}"/${PN}-4.1.4.2-su_no_sanitize_env.patch #301957
+	epatch "${FILESDIR}"/${PN}-4.1.4.2-fix-etc-gshadow-reading.patch #327605
+	elibtoolize
+	epunt_cxx
+}
+
+src_compile() {
+	tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes
+	econf \
+		--without-group-name-max-length \
+		--enable-shared=no \
+		--enable-static=yes \
+		$(use_with audit) \
+		$(use_with cracklib libcrack) \
+		$(use_with pam libpam) \
+		$(use_with skey) \
+		$(use_with selinux) \
+		$(use_enable nls) \
+		$(use_with elibc_glibc nscd)
+	emake || die "compile problem"
+}
+
+set_login_opt() {
+	local comment="" opt=$1 val=$2
+	[[ -z ${val} ]] && comment="#"
+	sed -i -r \
+		-e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \
+		"${D}"/etc/login.defs
+	local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs)
+	einfo ${res:-Unable to find ${opt} in /etc/login.defs}
+}
+
+src_install() {
+	emake DESTDIR="${D}" suidperms=4711 install || die "install problem"
+
+	# Remove libshadow and libmisc; see bug 37725 and the following
+	# comment from shadow's README.linux:
+	#   Currently, libshadow.a is for internal use only, so if you see
+	#   -lshadow in a Makefile of some other package, it is safe to
+	#   remove it.
+	rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}
+
+	insinto /etc
+	# Using a securetty with devfs device names added
+	# (compat names kept for non-devfs compatibility)
+	insopts -m0600 ; doins "${FILESDIR}"/securetty
+	if ! use pam ; then
+		insopts -m0600
+		doins etc/login.access etc/limits
+	fi
+	# Output arch-specific cruft
+	local devs
+	case $(tc-arch) in
+		ppc*)  devs="hvc0 hvsi0 ttyPSC0";;
+		hppa)  devs="ttyB0";;
+		arm)   devs="ttyFB0";;
+		sh)    devs="ttySC0 ttySC1";;
+	esac
+	[[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty
+
+	# needed for 'useradd -D'
+	insinto /etc/default
+	insopts -m0600
+	doins "${FILESDIR}"/default/useradd
+
+	# move passwd to / to help recover broke systems #64441
+	mv "${D}"/usr/bin/passwd "${D}"/bin/
+	dosym /bin/passwd /usr/bin/passwd
+
+	cd "${S}"
+	insinto /etc
+	insopts -m0644
+	newins etc/login.defs login.defs
+
+	if ! use pam ; then
+		set_login_opt MAIL_CHECK_ENAB no
+		set_login_opt SU_WHEEL_ONLY yes
+		set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict
+		set_login_opt LOGIN_RETRIES 3
+		set_login_opt ENCRYPT_METHOD SHA512
+	else
+		dopamd "${FILESDIR}/pam.d-include/"{su,shadow}
+
+		newpamd "${FILESDIR}/login.pamd.3" login
+
+		for x in passwd chpasswd chgpasswd; do
+			newpamd "${FILESDIR}"/pam.d-include/passwd ${x} || die
+		done
+
+		for x in chage chsh chfn newusers \
+				 user{add,del,mod} group{add,del,mod} ; do
+			newpamd "${FILESDIR}"/pam.d-include/shadow ${x} || die
+		done
+
+		# comment out login.defs options that pam hates
+		local opt
+		for opt in \
+			CHFN_AUTH \
+			CRACKLIB_DICTPATH \
+			ENV_HZ \
+			ENVIRON_FILE \
+			FAILLOG_ENAB \
+			FTMP_FILE \
+			LASTLOG_ENAB \
+			MAIL_CHECK_ENAB \
+			MOTD_FILE \
+			NOLOGINS_FILE \
+			OBSCURE_CHECKS_ENAB \
+			PASS_ALWAYS_WARN \
+			PASS_CHANGE_TRIES \
+			PASS_MIN_LEN \
+			PORTTIME_CHECKS_ENAB \
+			QUOTAS_ENAB \
+			SU_WHEEL_ONLY
+		do
+			set_login_opt ${opt}
+		done
+
+		sed -i -f "${FILESDIR}"/login_defs_pam.sed \
+			"${D}"/etc/login.defs
+
+		# remove manpages that pam will install for us
+		# and/or don't apply when using pam
+		find "${D}"/usr/share/man \
+			'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
+			-exec rm {} +
+	fi
+
+	# Remove manpages that are handled by other packages
+	find "${D}"/usr/share/man \
+		'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
+		-exec rm {} +
+
+	cd "${S}"
+	dodoc ChangeLog NEWS TODO
+	newdoc README README.download
+	cd doc
+	dodoc HOWTO README* WISHLIST *.txt
+}
+
+pkg_preinst() {
+	rm -f "${ROOT}"/etc/pam.d/system-auth.new \
+		"${ROOT}/etc/login.defs.new"
+
+	use pam && pam_epam_expand "${D}"/etc/pam.d/login
+}
+
+pkg_postinst() {
+	# Enable shadow groups (we need ROOT=/ here, as grpconv only
+	# operate on / ...).
+	if [[ ${ROOT} == / && ! -f /etc/gshadow ]] ; then
+		if grpck -r 2>/dev/null ; then
+			grpconv
+		else
+			ewarn "Running 'grpck' returned errors.  Please run it by hand, and then"
+			ewarn "run 'grpconv' afterwards!"
+		fi
+	fi
+
+	einfo "The 'adduser' symlink to 'useradd' has been dropped."
+}

sdk_container/src/third_party/portage-stable/sys-apps/shadow/shadow-4.1.4.3.ebuild

@@ -0,0 +1,194 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.4.3.ebuild,v 1.14 2012/08/18 21:28:14 vapier Exp $
+
+inherit eutils libtool toolchain-funcs pam multilib
+
+DESCRIPTION="Utilities to deal with user accounts"
+HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/"
+SRC_URI="http://pkg-shadow.alioth.debian.org/releases/${P}.tar.bz2"
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86"
+IUSE="audit cracklib nls pam selinux skey"
+
+RDEPEND="audit? ( sys-process/audit )
+	cracklib? ( >=sys-libs/cracklib-2.7-r3 )
+	pam? ( virtual/pam )
+	skey? ( sys-auth/skey )
+	selinux? ( >=sys-libs/libselinux-1.28 )
+	nls? ( virtual/libintl )"
+DEPEND="${RDEPEND}
+	nls? ( sys-devel/gettext )"
+RDEPEND="${RDEPEND}
+	pam? ( >=sys-auth/pambase-20080219.1 )"
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	epatch "${FILESDIR}"/${PN}-4.1.4.3-dup-install-targets.patch
+	epatch "${FILESDIR}"/${PN}-4.1.4.2-env-reset-keep-locale.patch #283725
+	epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920
+	epatch "${FILESDIR}"/${PN}-4.1.4.2-groupmod-pam-check.patch #300790
+	epatch "${FILESDIR}"/${PN}-4.1.4.2-su_no_sanitize_env.patch #301957
+	epatch "${FILESDIR}"/${PN}-4.1.4.2-fix-etc-gshadow-reading.patch #327605
+	elibtoolize
+	epunt_cxx
+}
+
+src_compile() {
+	tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes
+	econf \
+		--without-group-name-max-length \
+		--enable-shared=no \
+		--enable-static=yes \
+		$(use_with audit) \
+		$(use_with cracklib libcrack) \
+		$(use_with pam libpam) \
+		$(use_with skey) \
+		$(use_with selinux) \
+		$(use_enable nls) \
+		$(use_with elibc_glibc nscd)
+	emake || die "compile problem"
+}
+
+set_login_opt() {
+	local comment="" opt=$1 val=$2
+	[[ -z ${val} ]] && comment="#"
+	sed -i -r \
+		-e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \
+		"${D}"/etc/login.defs
+	local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs)
+	einfo ${res:-Unable to find ${opt} in /etc/login.defs}
+}
+
+src_install() {
+	emake DESTDIR="${D}" suidperms=4711 install || die "install problem"
+
+	# Remove libshadow and libmisc; see bug 37725 and the following
+	# comment from shadow's README.linux:
+	#   Currently, libshadow.a is for internal use only, so if you see
+	#   -lshadow in a Makefile of some other package, it is safe to
+	#   remove it.
+	rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}
+
+	insinto /etc
+	# Using a securetty with devfs device names added
+	# (compat names kept for non-devfs compatibility)
+	insopts -m0600 ; doins "${FILESDIR}"/securetty
+	if ! use pam ; then
+		insopts -m0600
+		doins etc/login.access etc/limits
+	fi
+	# Output arch-specific cruft
+	local devs
+	case $(tc-arch) in
+		ppc*)  devs="hvc0 hvsi0 ttyPSC0";;
+		hppa)  devs="ttyB0";;
+		arm)   devs="ttyFB0 ttySAC0 ttySAC1 ttySAC2 ttySAC3 ttymxc0 ttymxc1 ttyO0 ttyO1 ttyO2";;
+		sh)    devs="ttySC0 ttySC1";;
+	esac
+	[[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty
+
+	# needed for 'useradd -D'
+	insinto /etc/default
+	insopts -m0600
+	doins "${FILESDIR}"/default/useradd
+
+	# move passwd to / to help recover broke systems #64441
+	mv "${D}"/usr/bin/passwd "${D}"/bin/
+	dosym /bin/passwd /usr/bin/passwd
+
+	cd "${S}"
+	insinto /etc
+	insopts -m0644
+	newins etc/login.defs login.defs
+
+	if ! use pam ; then
+		set_login_opt MAIL_CHECK_ENAB no
+		set_login_opt SU_WHEEL_ONLY yes
+		set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict
+		set_login_opt LOGIN_RETRIES 3
+		set_login_opt ENCRYPT_METHOD SHA512
+	else
+		dopamd "${FILESDIR}/pam.d-include/"{su,shadow}
+
+		newpamd "${FILESDIR}/login.pamd.3" login
+
+		for x in passwd chpasswd chgpasswd; do
+			newpamd "${FILESDIR}"/pam.d-include/passwd ${x} || die
+		done
+
+		for x in chage chsh chfn newusers \
+				 user{add,del,mod} group{add,del,mod} ; do
+			newpamd "${FILESDIR}"/pam.d-include/shadow ${x} || die
+		done
+
+		# comment out login.defs options that pam hates
+		local opt
+		for opt in \
+			CHFN_AUTH \
+			CRACKLIB_DICTPATH \
+			ENV_HZ \
+			ENVIRON_FILE \
+			FAILLOG_ENAB \
+			FTMP_FILE \
+			LASTLOG_ENAB \
+			MAIL_CHECK_ENAB \
+			MOTD_FILE \
+			NOLOGINS_FILE \
+			OBSCURE_CHECKS_ENAB \
+			PASS_ALWAYS_WARN \
+			PASS_CHANGE_TRIES \
+			PASS_MIN_LEN \
+			PORTTIME_CHECKS_ENAB \
+			QUOTAS_ENAB \
+			SU_WHEEL_ONLY
+		do
+			set_login_opt ${opt}
+		done
+
+		sed -i -f "${FILESDIR}"/login_defs_pam.sed \
+			"${D}"/etc/login.defs
+
+		# remove manpages that pam will install for us
+		# and/or don't apply when using pam
+		find "${D}"/usr/share/man \
+			'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
+			-exec rm {} +
+	fi
+
+	# Remove manpages that are handled by other packages
+	find "${D}"/usr/share/man \
+		'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
+		-exec rm {} +
+
+	cd "${S}"
+	dodoc ChangeLog NEWS TODO
+	newdoc README README.download
+	cd doc
+	dodoc HOWTO README* WISHLIST *.txt
+}
+
+pkg_preinst() {
+	rm -f "${ROOT}"/etc/pam.d/system-auth.new \
+		"${ROOT}/etc/login.defs.new"
+
+	use pam && pam_epam_expand "${D}"/etc/pam.d/login
+}
+
+pkg_postinst() {
+	# Enable shadow groups (we need ROOT=/ here, as grpconv only
+	# operate on / ...).
+	if [[ ${ROOT} == / && ! -f /etc/gshadow ]] ; then
+		if grpck -r 2>/dev/null ; then
+			grpconv
+		else
+			ewarn "Running 'grpck' returned errors.  Please run it by hand, and then"
+			ewarn "run 'grpconv' afterwards!"
+		fi
+	fi
+
+	einfo "The 'adduser' symlink to 'useradd' has been dropped."
+}

sdk_container/src/third_party/portage-stable/sys-apps/shadow/shadow-4.1.5-r1.ebuild

@@ -0,0 +1,197 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.5-r1.ebuild,v 1.4 2012/08/18 21:28:14 vapier Exp $
+
+inherit eutils libtool toolchain-funcs pam multilib
+
+DESCRIPTION="Utilities to deal with user accounts"
+HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/"
+SRC_URI="http://pkg-shadow.alioth.debian.org/releases/${P}.tar.bz2"
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="acl audit cracklib nls pam selinux skey xattr"
+
+RDEPEND="acl? ( sys-apps/acl )
+	audit? ( sys-process/audit )
+	cracklib? ( >=sys-libs/cracklib-2.7-r3 )
+	pam? ( virtual/pam )
+	skey? ( sys-auth/skey )
+	selinux? ( >=sys-libs/libselinux-1.28 )
+	nls? ( virtual/libintl )
+	xattr? ( sys-apps/attr )"
+DEPEND="${RDEPEND}
+	nls? ( sys-devel/gettext )"
+RDEPEND="${RDEPEND}
+	pam? ( >=sys-auth/pambase-20120417 )"
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920
+	epatch "${FILESDIR}"/${PN}-4.1.5-stdarg.patch
+	epatch "${FILESDIR}"/${PN}-4.1.5-nscd-newline-msg.patch
+	epatch "${FILESDIR}"/${PN}-4.1.5-nscd-ignore-exit-1.patch
+	elibtoolize
+	epunt_cxx
+}
+
+src_compile() {
+	tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes
+	econf \
+		--without-group-name-max-length \
+		--without-tcb \
+		--enable-shared=no \
+		--enable-static=yes \
+		$(use_with acl) \
+		$(use_with audit) \
+		$(use_with cracklib libcrack) \
+		$(use_with pam libpam) \
+		$(use_with skey) \
+		$(use_with selinux) \
+		$(use_enable nls) \
+		$(use_with elibc_glibc nscd) \
+		$(use_with xattr attr)
+	emake || die
+}
+
+set_login_opt() {
+	local comment="" opt=$1 val=$2
+	[[ -z ${val} ]] && comment="#"
+	sed -i -r \
+		-e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \
+		"${D}"/etc/login.defs
+	local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs)
+	einfo ${res:-Unable to find ${opt} in /etc/login.defs}
+}
+
+src_install() {
+	emake DESTDIR="${D}" suidperms=4711 install || die
+
+	# Remove libshadow and libmisc; see bug 37725 and the following
+	# comment from shadow's README.linux:
+	#   Currently, libshadow.a is for internal use only, so if you see
+	#   -lshadow in a Makefile of some other package, it is safe to
+	#   remove it.
+	rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}
+
+	insinto /etc
+	# Using a securetty with devfs device names added
+	# (compat names kept for non-devfs compatibility)
+	insopts -m0600 ; doins "${FILESDIR}"/securetty
+	if ! use pam ; then
+		insopts -m0600
+		doins etc/login.access etc/limits
+	fi
+	# Output arch-specific cruft
+	local devs
+	case $(tc-arch) in
+		ppc*)  devs="hvc0 hvsi0 ttyPSC0";;
+		hppa)  devs="ttyB0";;
+		arm)   devs="ttyFB0 ttySAC0 ttySAC1 ttySAC2 ttySAC3 ttymxc0 ttymxc1 ttyO0 ttyO1 ttyO2";;
+		sh)    devs="ttySC0 ttySC1";;
+	esac
+	[[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty
+
+	# needed for 'useradd -D'
+	insinto /etc/default
+	insopts -m0600
+	doins "${FILESDIR}"/default/useradd
+
+	# move passwd to / to help recover broke systems #64441
+	mv "${D}"/usr/bin/passwd "${D}"/bin/
+	dosym /bin/passwd /usr/bin/passwd
+
+	cd "${S}"
+	insinto /etc
+	insopts -m0644
+	newins etc/login.defs login.defs
+
+	if ! use pam ; then
+		set_login_opt MAIL_CHECK_ENAB no
+		set_login_opt SU_WHEEL_ONLY yes
+		set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict
+		set_login_opt LOGIN_RETRIES 3
+		set_login_opt ENCRYPT_METHOD SHA512
+	else
+		dopamd "${FILESDIR}"/pam.d-include/shadow || die
+
+		for x in chpasswd chgpasswd; do
+			newpamd "${FILESDIR}"/pam.d-include/passwd ${x} || die
+		done
+
+		for x in chage chsh chfn newusers \
+				 user{add,del,mod} group{add,del,mod} ; do
+			newpamd "${FILESDIR}"/pam.d-include/shadow ${x} || die
+		done
+
+		# comment out login.defs options that pam hates
+		local opt
+		for opt in \
+			CHFN_AUTH \
+			CRACKLIB_DICTPATH \
+			ENV_HZ \
+			ENVIRON_FILE \
+			FAILLOG_ENAB \
+			FTMP_FILE \
+			LASTLOG_ENAB \
+			MAIL_CHECK_ENAB \
+			MOTD_FILE \
+			NOLOGINS_FILE \
+			OBSCURE_CHECKS_ENAB \
+			PASS_ALWAYS_WARN \
+			PASS_CHANGE_TRIES \
+			PASS_MIN_LEN \
+			PORTTIME_CHECKS_ENAB \
+			QUOTAS_ENAB \
+			SU_WHEEL_ONLY
+		do
+			set_login_opt ${opt}
+		done
+
+		sed -i -f "${FILESDIR}"/login_defs_pam.sed \
+			"${D}"/etc/login.defs
+
+		# remove manpages that pam will install for us
+		# and/or don't apply when using pam
+		find "${D}"/usr/share/man \
+			'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
+			-exec rm {} +
+
+		# Remove pam.d files provided by pambase.
+		rm "${D}"/etc/pam.d/{login,passwd,su} || die
+	fi
+
+	# Remove manpages that are handled by other packages
+	find "${D}"/usr/share/man \
+		'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
+		-exec rm {} +
+
+	cd "${S}"
+	dodoc ChangeLog NEWS TODO
+	newdoc README README.download
+	cd doc
+	dodoc HOWTO README* WISHLIST *.txt
+}
+
+pkg_preinst() {
+	rm -f "${ROOT}"/etc/pam.d/system-auth.new \
+		"${ROOT}/etc/login.defs.new"
+
+	use pam && pam_epam_expand "${D}"/etc/pam.d/login
+}
+
+pkg_postinst() {
+	# Enable shadow groups.
+	if [ ! -f "${ROOT}"/etc/gshadow ] ; then
+		if grpck -r -R "${ROOT}" 2>/dev/null ; then
+			grpconv -R "${ROOT}"
+		else
+			ewarn "Running 'grpck' returned errors.  Please run it by hand, and then"
+			ewarn "run 'grpconv' afterwards!"
+		fi
+	fi
+
+	einfo "The 'adduser' symlink to 'useradd' has been dropped."
+}

sdk_container/src/third_party/portage-stable/sys-apps/shadow/shadow-4.1.5-r2.ebuild

@@ -0,0 +1,202 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.5-r2.ebuild,v 1.4 2012/08/18 21:28:14 vapier Exp $
+
+inherit eutils libtool toolchain-funcs pam multilib
+
+DESCRIPTION="Utilities to deal with user accounts"
+HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/"
+SRC_URI="http://pkg-shadow.alioth.debian.org/releases/${P}.tar.bz2"
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="acl audit cracklib nls pam selinux skey xattr"
+
+RDEPEND="acl? ( sys-apps/acl )
+	audit? ( sys-process/audit )
+	cracklib? ( >=sys-libs/cracklib-2.7-r3 )
+	pam? ( virtual/pam )
+	skey? ( sys-auth/skey )
+	selinux? (
+		>=sys-libs/libselinux-1.28
+		sys-libs/libsemanage
+	)
+	nls? ( virtual/libintl )
+	xattr? ( sys-apps/attr )"
+DEPEND="${RDEPEND}
+	nls? ( sys-devel/gettext )"
+RDEPEND="${RDEPEND}
+	pam? ( >=sys-auth/pambase-20120417 )"
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920
+	epatch "${FILESDIR}"/${PN}-4.1.5-stdarg.patch
+	epatch "${FILESDIR}"/${PN}-4.1.5-nscd-newline-msg.patch
+	epatch "${FILESDIR}"/${PN}-4.1.5-nscd-ignore-exit-1.patch
+	epatch "${FILESDIR}"/${PN}-4.1.5-grremove.patch #405409
+	epatch "${FILESDIR}"/${PN}-4.1.5-selinux-groupadd.patch #406819
+	elibtoolize
+	epunt_cxx
+}
+
+src_compile() {
+	tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes
+	econf \
+		--without-group-name-max-length \
+		--without-tcb \
+		--enable-shared=no \
+		--enable-static=yes \
+		$(use_with acl) \
+		$(use_with audit) \
+		$(use_with cracklib libcrack) \
+		$(use_with pam libpam) \
+		$(use_with skey) \
+		$(use_with selinux) \
+		$(use_enable nls) \
+		$(use_with elibc_glibc nscd) \
+		$(use_with xattr attr)
+	emake || die
+}
+
+set_login_opt() {
+	local comment="" opt=$1 val=$2
+	[[ -z ${val} ]] && comment="#"
+	sed -i -r \
+		-e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \
+		"${D}"/etc/login.defs
+	local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs)
+	einfo ${res:-Unable to find ${opt} in /etc/login.defs}
+}
+
+src_install() {
+	emake DESTDIR="${D}" suidperms=4711 install || die
+
+	# Remove libshadow and libmisc; see bug 37725 and the following
+	# comment from shadow's README.linux:
+	#   Currently, libshadow.a is for internal use only, so if you see
+	#   -lshadow in a Makefile of some other package, it is safe to
+	#   remove it.
+	rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}
+
+	insinto /etc
+	# Using a securetty with devfs device names added
+	# (compat names kept for non-devfs compatibility)
+	insopts -m0600 ; doins "${FILESDIR}"/securetty
+	if ! use pam ; then
+		insopts -m0600
+		doins etc/login.access etc/limits
+	fi
+	# Output arch-specific cruft
+	local devs
+	case $(tc-arch) in
+		ppc*)  devs="hvc0 hvsi0 ttyPSC0";;
+		hppa)  devs="ttyB0";;
+		arm)   devs="ttyFB0 ttySAC0 ttySAC1 ttySAC2 ttySAC3 ttymxc0 ttymxc1 ttyO0 ttyO1 ttyO2";;
+		sh)    devs="ttySC0 ttySC1";;
+	esac
+	[[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty
+
+	# needed for 'useradd -D'
+	insinto /etc/default
+	insopts -m0600
+	doins "${FILESDIR}"/default/useradd
+
+	# move passwd to / to help recover broke systems #64441
+	mv "${D}"/usr/bin/passwd "${D}"/bin/
+	dosym /bin/passwd /usr/bin/passwd
+
+	cd "${S}"
+	insinto /etc
+	insopts -m0644
+	newins etc/login.defs login.defs
+
+	if ! use pam ; then
+		set_login_opt MAIL_CHECK_ENAB no
+		set_login_opt SU_WHEEL_ONLY yes
+		set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict
+		set_login_opt LOGIN_RETRIES 3
+		set_login_opt ENCRYPT_METHOD SHA512
+	else
+		dopamd "${FILESDIR}"/pam.d-include/shadow || die
+
+		for x in chpasswd chgpasswd; do
+			newpamd "${FILESDIR}"/pam.d-include/passwd ${x} || die
+		done
+
+		for x in chage chsh chfn newusers \
+				 user{add,del,mod} group{add,del,mod} ; do
+			newpamd "${FILESDIR}"/pam.d-include/shadow ${x} || die
+		done
+
+		# comment out login.defs options that pam hates
+		local opt
+		for opt in \
+			CHFN_AUTH \
+			CRACKLIB_DICTPATH \
+			ENV_HZ \
+			ENVIRON_FILE \
+			FAILLOG_ENAB \
+			FTMP_FILE \
+			LASTLOG_ENAB \
+			MAIL_CHECK_ENAB \
+			MOTD_FILE \
+			NOLOGINS_FILE \
+			OBSCURE_CHECKS_ENAB \
+			PASS_ALWAYS_WARN \
+			PASS_CHANGE_TRIES \
+			PASS_MIN_LEN \
+			PORTTIME_CHECKS_ENAB \
+			QUOTAS_ENAB \
+			SU_WHEEL_ONLY
+		do
+			set_login_opt ${opt}
+		done
+
+		sed -i -f "${FILESDIR}"/login_defs_pam.sed \
+			"${D}"/etc/login.defs
+
+		# remove manpages that pam will install for us
+		# and/or don't apply when using pam
+		find "${D}"/usr/share/man \
+			'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
+			-exec rm {} +
+
+		# Remove pam.d files provided by pambase.
+		rm "${D}"/etc/pam.d/{login,passwd,su} || die
+	fi
+
+	# Remove manpages that are handled by other packages
+	find "${D}"/usr/share/man \
+		'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
+		-exec rm {} +
+
+	cd "${S}"
+	dodoc ChangeLog NEWS TODO
+	newdoc README README.download
+	cd doc
+	dodoc HOWTO README* WISHLIST *.txt
+}
+
+pkg_preinst() {
+	rm -f "${ROOT}"/etc/pam.d/system-auth.new \
+		"${ROOT}/etc/login.defs.new"
+
+	use pam && pam_epam_expand "${D}"/etc/pam.d/login
+}
+
+pkg_postinst() {
+	# Enable shadow groups.
+	if [ ! -f "${ROOT}"/etc/gshadow ] ; then
+		if grpck -r -R "${ROOT}" 2>/dev/null ; then
+			grpconv -R "${ROOT}"
+		else
+			ewarn "Running 'grpck' returned errors.  Please run it by hand, and then"
+			ewarn "run 'grpconv' afterwards!"
+		fi
+	fi
+
+	einfo "The 'adduser' symlink to 'useradd' has been dropped."
+}

sdk_container/src/third_party/portage-stable/sys-apps/shadow/shadow-4.1.5.1-r1.ebuild

@@ -0,0 +1,198 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.5.1-r1.ebuild,v 1.1 2012/12/24 17:14:14 flameeyes Exp $
+
+EAPI="2"
+
+inherit eutils libtool toolchain-funcs pam multilib
+
+DESCRIPTION="Utilities to deal with user accounts"
+HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/"
+SRC_URI="http://pkg-shadow.alioth.debian.org/releases/${P}.tar.bz2"
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="acl audit cracklib nls pam selinux skey xattr"
+
+RDEPEND="acl? ( sys-apps/acl )
+	audit? ( sys-process/audit )
+	cracklib? ( >=sys-libs/cracklib-2.7-r3 )
+	pam? ( virtual/pam )
+	skey? ( sys-auth/skey )
+	selinux? (
+		>=sys-libs/libselinux-1.28
+		sys-libs/libsemanage
+	)
+	nls? ( virtual/libintl )
+	xattr? ( sys-apps/attr )"
+DEPEND="${RDEPEND}
+	nls? ( sys-devel/gettext )"
+RDEPEND="${RDEPEND}
+	pam? ( >=sys-auth/pambase-20120417 )"
+
+src_prepare() {
+	epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920
+	epatch_user
+	elibtoolize
+	epunt_cxx
+}
+
+src_configure() {
+	tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes
+	econf \
+		--without-group-name-max-length \
+		--without-tcb \
+		--enable-shared=no \
+		--enable-static=yes \
+		$(use_with acl) \
+		$(use_with audit) \
+		$(use_with cracklib libcrack) \
+		$(use_with pam libpam) \
+		$(use_with skey) \
+		$(use_with selinux) \
+		$(use_enable nls) \
+		$(use_with elibc_glibc nscd) \
+		$(use_with xattr attr)
+	has_version 'sys-libs/uclibc[-rpc]' && sed -i '/RLOGIN/d' config.h #425052
+}
+
+set_login_opt() {
+	local comment="" opt=$1 val=$2
+	[[ -z ${val} ]] && comment="#"
+	sed -i -r \
+		-e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \
+		"${D}"/etc/login.defs
+	local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs)
+	einfo ${res:-Unable to find ${opt} in /etc/login.defs}
+}
+
+src_install() {
+	emake DESTDIR="${D}" suidperms=4711 install || die
+
+	# Remove libshadow and libmisc; see bug 37725 and the following
+	# comment from shadow's README.linux:
+	#   Currently, libshadow.a is for internal use only, so if you see
+	#   -lshadow in a Makefile of some other package, it is safe to
+	#   remove it.
+	rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}
+
+	insinto /etc
+	# Using a securetty with devfs device names added
+	# (compat names kept for non-devfs compatibility)
+	insopts -m0600 ; doins "${FILESDIR}"/securetty
+	if ! use pam ; then
+		insopts -m0600
+		doins etc/login.access etc/limits
+	fi
+	# Output arch-specific cruft
+	local devs
+	case $(tc-arch) in
+		ppc*)  devs="hvc0 hvsi0 ttyPSC0";;
+		hppa)  devs="ttyB0";;
+		arm)   devs="ttyFB0 ttySAC0 ttySAC1 ttySAC2 ttySAC3 ttymxc0 ttymxc1 ttyO0 ttyO1 ttyO2";;
+		sh)    devs="ttySC0 ttySC1";;
+	esac
+	[[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty
+
+	# needed for 'useradd -D'
+	insinto /etc/default
+	insopts -m0600
+	doins "${FILESDIR}"/default/useradd
+
+	# move passwd to / to help recover broke systems #64441
+	mv "${D}"/usr/bin/passwd "${D}"/bin/
+	dosym /bin/passwd /usr/bin/passwd
+
+	cd "${S}"
+	insinto /etc
+	insopts -m0644
+	newins etc/login.defs login.defs
+
+	if ! use pam ; then
+		set_login_opt MAIL_CHECK_ENAB no
+		set_login_opt SU_WHEEL_ONLY yes
+		set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict
+		set_login_opt LOGIN_RETRIES 3
+		set_login_opt ENCRYPT_METHOD SHA512
+	else
+		dopamd "${FILESDIR}"/pam.d-include/shadow || die
+
+		for x in chpasswd chgpasswd newusers; do
+			newpamd "${FILESDIR}"/pam.d-include/passwd ${x} || die
+		done
+
+		for x in chage chsh chfn \
+				 user{add,del,mod} group{add,del,mod} ; do
+			newpamd "${FILESDIR}"/pam.d-include/shadow ${x} || die
+		done
+
+		# comment out login.defs options that pam hates
+		local opt
+		for opt in \
+			CHFN_AUTH \
+			CRACKLIB_DICTPATH \
+			ENV_HZ \
+			ENVIRON_FILE \
+			FAILLOG_ENAB \
+			FTMP_FILE \
+			LASTLOG_ENAB \
+			MAIL_CHECK_ENAB \
+			MOTD_FILE \
+			NOLOGINS_FILE \
+			OBSCURE_CHECKS_ENAB \
+			PASS_ALWAYS_WARN \
+			PASS_CHANGE_TRIES \
+			PASS_MIN_LEN \
+			PORTTIME_CHECKS_ENAB \
+			QUOTAS_ENAB \
+			SU_WHEEL_ONLY
+		do
+			set_login_opt ${opt}
+		done
+
+		sed -i -f "${FILESDIR}"/login_defs_pam.sed \
+			"${D}"/etc/login.defs
+
+		# remove manpages that pam will install for us
+		# and/or don't apply when using pam
+		find "${D}"/usr/share/man \
+			'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
+			-exec rm {} +
+
+		# Remove pam.d files provided by pambase.
+		rm "${D}"/etc/pam.d/{login,passwd,su} || die
+	fi
+
+	# Remove manpages that are handled by other packages
+	find "${D}"/usr/share/man \
+		'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
+		-exec rm {} +
+
+	cd "${S}"
+	dodoc ChangeLog NEWS TODO
+	newdoc README README.download
+	cd doc
+	dodoc HOWTO README* WISHLIST *.txt
+}
+
+pkg_preinst() {
+	rm -f "${ROOT}"/etc/pam.d/system-auth.new \
+		"${ROOT}/etc/login.defs.new"
+
+	use pam && pam_epam_expand "${D}"/etc/pam.d/login
+}
+
+pkg_postinst() {
+	# Enable shadow groups.
+	if [ ! -f "${ROOT}"/etc/gshadow ] ; then
+		if grpck -r -R "${ROOT}" 2>/dev/null ; then
+			grpconv -R "${ROOT}"
+		else
+			ewarn "Running 'grpck' returned errors.  Please run it by hand, and then"
+			ewarn "run 'grpconv' afterwards!"
+		fi
+	fi
+
+	einfo "The 'adduser' symlink to 'useradd' has been dropped."
+}

sdk_container/src/third_party/portage-stable/sys-apps/shadow/shadow-4.1.5.1.ebuild

@@ -0,0 +1,198 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.5.1.ebuild,v 1.3 2012/08/18 21:28:14 vapier Exp $
+
+EAPI="2"
+
+inherit eutils libtool toolchain-funcs pam multilib
+
+DESCRIPTION="Utilities to deal with user accounts"
+HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/"
+SRC_URI="http://pkg-shadow.alioth.debian.org/releases/${P}.tar.bz2"
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="acl audit cracklib nls pam selinux skey xattr"
+
+RDEPEND="acl? ( sys-apps/acl )
+	audit? ( sys-process/audit )
+	cracklib? ( >=sys-libs/cracklib-2.7-r3 )
+	pam? ( virtual/pam )
+	skey? ( sys-auth/skey )
+	selinux? (
+		>=sys-libs/libselinux-1.28
+		sys-libs/libsemanage
+	)
+	nls? ( virtual/libintl )
+	xattr? ( sys-apps/attr )"
+DEPEND="${RDEPEND}
+	nls? ( sys-devel/gettext )"
+RDEPEND="${RDEPEND}
+	pam? ( >=sys-auth/pambase-20120417 )"
+
+src_prepare() {
+	epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920
+	epatch_user
+	elibtoolize
+	epunt_cxx
+}
+
+src_configure() {
+	tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes
+	econf \
+		--without-group-name-max-length \
+		--without-tcb \
+		--enable-shared=no \
+		--enable-static=yes \
+		$(use_with acl) \
+		$(use_with audit) \
+		$(use_with cracklib libcrack) \
+		$(use_with pam libpam) \
+		$(use_with skey) \
+		$(use_with selinux) \
+		$(use_enable nls) \
+		$(use_with elibc_glibc nscd) \
+		$(use_with xattr attr)
+	has_version 'sys-libs/uclibc[-rpc]' && sed -i '/RLOGIN/d' config.h #425052
+}
+
+set_login_opt() {
+	local comment="" opt=$1 val=$2
+	[[ -z ${val} ]] && comment="#"
+	sed -i -r \
+		-e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \
+		"${D}"/etc/login.defs
+	local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs)
+	einfo ${res:-Unable to find ${opt} in /etc/login.defs}
+}
+
+src_install() {
+	emake DESTDIR="${D}" suidperms=4711 install || die
+
+	# Remove libshadow and libmisc; see bug 37725 and the following
+	# comment from shadow's README.linux:
+	#   Currently, libshadow.a is for internal use only, so if you see
+	#   -lshadow in a Makefile of some other package, it is safe to
+	#   remove it.
+	rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}
+
+	insinto /etc
+	# Using a securetty with devfs device names added
+	# (compat names kept for non-devfs compatibility)
+	insopts -m0600 ; doins "${FILESDIR}"/securetty
+	if ! use pam ; then
+		insopts -m0600
+		doins etc/login.access etc/limits
+	fi
+	# Output arch-specific cruft
+	local devs
+	case $(tc-arch) in
+		ppc*)  devs="hvc0 hvsi0 ttyPSC0";;
+		hppa)  devs="ttyB0";;
+		arm)   devs="ttyFB0 ttySAC0 ttySAC1 ttySAC2 ttySAC3 ttymxc0 ttymxc1 ttyO0 ttyO1 ttyO2";;
+		sh)    devs="ttySC0 ttySC1";;
+	esac
+	[[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty
+
+	# needed for 'useradd -D'
+	insinto /etc/default
+	insopts -m0600
+	doins "${FILESDIR}"/default/useradd
+
+	# move passwd to / to help recover broke systems #64441
+	mv "${D}"/usr/bin/passwd "${D}"/bin/
+	dosym /bin/passwd /usr/bin/passwd
+
+	cd "${S}"
+	insinto /etc
+	insopts -m0644
+	newins etc/login.defs login.defs
+
+	if ! use pam ; then
+		set_login_opt MAIL_CHECK_ENAB no
+		set_login_opt SU_WHEEL_ONLY yes
+		set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict
+		set_login_opt LOGIN_RETRIES 3
+		set_login_opt ENCRYPT_METHOD SHA512
+	else
+		dopamd "${FILESDIR}"/pam.d-include/shadow || die
+
+		for x in chpasswd chgpasswd; do
+			newpamd "${FILESDIR}"/pam.d-include/passwd ${x} || die
+		done
+
+		for x in chage chsh chfn newusers \
+				 user{add,del,mod} group{add,del,mod} ; do
+			newpamd "${FILESDIR}"/pam.d-include/shadow ${x} || die
+		done
+
+		# comment out login.defs options that pam hates
+		local opt
+		for opt in \
+			CHFN_AUTH \
+			CRACKLIB_DICTPATH \
+			ENV_HZ \
+			ENVIRON_FILE \
+			FAILLOG_ENAB \
+			FTMP_FILE \
+			LASTLOG_ENAB \
+			MAIL_CHECK_ENAB \
+			MOTD_FILE \
+			NOLOGINS_FILE \
+			OBSCURE_CHECKS_ENAB \
+			PASS_ALWAYS_WARN \
+			PASS_CHANGE_TRIES \
+			PASS_MIN_LEN \
+			PORTTIME_CHECKS_ENAB \
+			QUOTAS_ENAB \
+			SU_WHEEL_ONLY
+		do
+			set_login_opt ${opt}
+		done
+
+		sed -i -f "${FILESDIR}"/login_defs_pam.sed \
+			"${D}"/etc/login.defs
+
+		# remove manpages that pam will install for us
+		# and/or don't apply when using pam
+		find "${D}"/usr/share/man \
+			'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
+			-exec rm {} +
+
+		# Remove pam.d files provided by pambase.
+		rm "${D}"/etc/pam.d/{login,passwd,su} || die
+	fi
+
+	# Remove manpages that are handled by other packages
+	find "${D}"/usr/share/man \
+		'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
+		-exec rm {} +
+
+	cd "${S}"
+	dodoc ChangeLog NEWS TODO
+	newdoc README README.download
+	cd doc
+	dodoc HOWTO README* WISHLIST *.txt
+}
+
+pkg_preinst() {
+	rm -f "${ROOT}"/etc/pam.d/system-auth.new \
+		"${ROOT}/etc/login.defs.new"
+
+	use pam && pam_epam_expand "${D}"/etc/pam.d/login
+}
+
+pkg_postinst() {
+	# Enable shadow groups.
+	if [ ! -f "${ROOT}"/etc/gshadow ] ; then
+		if grpck -r -R "${ROOT}" 2>/dev/null ; then
+			grpconv -R "${ROOT}"
+		else
+			ewarn "Running 'grpck' returned errors.  Please run it by hand, and then"
+			ewarn "run 'grpconv' afterwards!"
+		fi
+	fi
+
+	einfo "The 'adduser' symlink to 'useradd' has been dropped."
+}

sdk_container/src/third_party/portage-stable/sys-apps/shadow/shadow-4.1.5.ebuild

@@ -0,0 +1,196 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.5.ebuild,v 1.6 2012/08/18 21:28:14 vapier Exp $
+
+inherit eutils libtool toolchain-funcs pam multilib
+
+DESCRIPTION="Utilities to deal with user accounts"
+HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/"
+SRC_URI="http://pkg-shadow.alioth.debian.org/releases/${P}.tar.bz2"
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="acl audit cracklib nls pam selinux skey xattr"
+
+RDEPEND="acl? ( sys-apps/acl )
+	audit? ( sys-process/audit )
+	cracklib? ( >=sys-libs/cracklib-2.7-r3 )
+	pam? ( virtual/pam )
+	skey? ( sys-auth/skey )
+	selinux? ( >=sys-libs/libselinux-1.28 )
+	nls? ( virtual/libintl )
+	xattr? ( sys-apps/attr )"
+DEPEND="${RDEPEND}
+	nls? ( sys-devel/gettext )"
+RDEPEND="${RDEPEND}
+	pam? ( >=sys-auth/pambase-20080219.1 )"
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920
+	epatch "${FILESDIR}"/${PN}-4.1.5-stdarg.patch
+	epatch "${FILESDIR}"/${PN}-4.1.5-nscd-newline-msg.patch
+	epatch "${FILESDIR}"/${PN}-4.1.5-nscd-ignore-exit-1.patch
+	elibtoolize
+	epunt_cxx
+}
+
+src_compile() {
+	tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes
+	econf \
+		--without-group-name-max-length \
+		--without-tcb \
+		--enable-shared=no \
+		--enable-static=yes \
+		$(use_with acl) \
+		$(use_with audit) \
+		$(use_with cracklib libcrack) \
+		$(use_with pam libpam) \
+		$(use_with skey) \
+		$(use_with selinux) \
+		$(use_enable nls) \
+		$(use_with elibc_glibc nscd) \
+		$(use_with xattr attr)
+	emake || die
+}
+
+set_login_opt() {
+	local comment="" opt=$1 val=$2
+	[[ -z ${val} ]] && comment="#"
+	sed -i -r \
+		-e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \
+		"${D}"/etc/login.defs
+	local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs)
+	einfo ${res:-Unable to find ${opt} in /etc/login.defs}
+}
+
+src_install() {
+	emake DESTDIR="${D}" suidperms=4711 install || die
+
+	# Remove libshadow and libmisc; see bug 37725 and the following
+	# comment from shadow's README.linux:
+	#   Currently, libshadow.a is for internal use only, so if you see
+	#   -lshadow in a Makefile of some other package, it is safe to
+	#   remove it.
+	rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}
+
+	insinto /etc
+	# Using a securetty with devfs device names added
+	# (compat names kept for non-devfs compatibility)
+	insopts -m0600 ; doins "${FILESDIR}"/securetty
+	if ! use pam ; then
+		insopts -m0600
+		doins etc/login.access etc/limits
+	fi
+	# Output arch-specific cruft
+	local devs
+	case $(tc-arch) in
+		ppc*)  devs="hvc0 hvsi0 ttyPSC0";;
+		hppa)  devs="ttyB0";;
+		arm)   devs="ttyFB0 ttySAC0 ttySAC1 ttySAC2 ttySAC3 ttymxc0 ttymxc1 ttyO0 ttyO1 ttyO2";;
+		sh)    devs="ttySC0 ttySC1";;
+	esac
+	[[ -n ${devs} ]] && printf '%s\n' ${devs} >> "${D}"/etc/securetty
+
+	# needed for 'useradd -D'
+	insinto /etc/default
+	insopts -m0600
+	doins "${FILESDIR}"/default/useradd
+
+	# move passwd to / to help recover broke systems #64441
+	mv "${D}"/usr/bin/passwd "${D}"/bin/
+	dosym /bin/passwd /usr/bin/passwd
+
+	cd "${S}"
+	insinto /etc
+	insopts -m0644
+	newins etc/login.defs login.defs
+
+	if ! use pam ; then
+		set_login_opt MAIL_CHECK_ENAB no
+		set_login_opt SU_WHEEL_ONLY yes
+		set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict
+		set_login_opt LOGIN_RETRIES 3
+		set_login_opt ENCRYPT_METHOD SHA512
+	else
+		dopamd "${FILESDIR}/pam.d-include/"{su,shadow}
+
+		newpamd "${FILESDIR}/login.pamd.3" login
+
+		for x in passwd chpasswd chgpasswd; do
+			newpamd "${FILESDIR}"/pam.d-include/passwd ${x} || die
+		done
+
+		for x in chage chsh chfn newusers \
+				 user{add,del,mod} group{add,del,mod} ; do
+			newpamd "${FILESDIR}"/pam.d-include/shadow ${x} || die
+		done
+
+		# comment out login.defs options that pam hates
+		local opt
+		for opt in \
+			CHFN_AUTH \
+			CRACKLIB_DICTPATH \
+			ENV_HZ \
+			ENVIRON_FILE \
+			FAILLOG_ENAB \
+			FTMP_FILE \
+			LASTLOG_ENAB \
+			MAIL_CHECK_ENAB \
+			MOTD_FILE \
+			NOLOGINS_FILE \
+			OBSCURE_CHECKS_ENAB \
+			PASS_ALWAYS_WARN \
+			PASS_CHANGE_TRIES \
+			PASS_MIN_LEN \
+			PORTTIME_CHECKS_ENAB \
+			QUOTAS_ENAB \
+			SU_WHEEL_ONLY
+		do
+			set_login_opt ${opt}
+		done
+
+		sed -i -f "${FILESDIR}"/login_defs_pam.sed \
+			"${D}"/etc/login.defs
+
+		# remove manpages that pam will install for us
+		# and/or don't apply when using pam
+		find "${D}"/usr/share/man \
+			'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
+			-exec rm {} +
+	fi
+
+	# Remove manpages that are handled by other packages
+	find "${D}"/usr/share/man \
+		'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
+		-exec rm {} +
+
+	cd "${S}"
+	dodoc ChangeLog NEWS TODO
+	newdoc README README.download
+	cd doc
+	dodoc HOWTO README* WISHLIST *.txt
+}
+
+pkg_preinst() {
+	rm -f "${ROOT}"/etc/pam.d/system-auth.new \
+		"${ROOT}/etc/login.defs.new"
+
+	use pam && pam_epam_expand "${D}"/etc/pam.d/login
+}
+
+pkg_postinst() {
+	# Enable shadow groups.
+	if [ ! -f "${ROOT}"/etc/gshadow ] ; then
+		if grpck -r -R "${ROOT}" 2>/dev/null ; then
+			grpconv -R "${ROOT}"
+		else
+			ewarn "Running 'grpck' returned errors.  Please run it by hand, and then"
+			ewarn "run 'grpconv' afterwards!"
+		fi
+	fi
+
+	einfo "The 'adduser' symlink to 'useradd' has been dropped."
+}