From e167a8d75a1d90748e8e7bd1154970af28f41bba Mon Sep 17 00:00:00 2001 From: David Michael Date: Fri, 16 Jun 2017 13:12:23 -0700 Subject: [PATCH] sys-apps/shadow: bump to the upstream 4.5 ebuild --- .../coreos-overlay/sys-apps/shadow/Manifest | 2 +- .../sys-apps/shadow/files/login_defs_pam.sed | 24 ---- .../files/shadow-4.4-fix-root-defaults.patch | 39 ------- .../files/shadow-4.4-load_defaults.patch | 37 ------ .../shadow/files/shadow-4.4-prototypes.patch | 42 ------- .../shadow/files/shadow-4.4-su-snprintf.patch | 29 ----- .../sys-apps/shadow/metadata.xml | 23 ++-- ...shadow-4.4-r2.ebuild => shadow-4.5.ebuild} | 107 +++++++++--------- 8 files changed, 71 insertions(+), 232 deletions(-) delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-fix-root-defaults.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-load_defaults.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-prototypes.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-su-snprintf.patch rename sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/{shadow-4.4-r2.ebuild => shadow-4.5.ebuild} (63%) diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest index df4f7606de..0cc0147e82 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest @@ -1 +1 @@ -DIST shadow-4.4.tar.gz 3706812 SHA256 2398fe436e548786c17ec387b4c41f5339f72ec9ee2f3f7a6e0cc2cb240bb482 SHA512 c1e0f65a4fbd0f9d8de38e488b4a374cac5c476180e233269fc666988d9201c0dcc694605c5e54d54f81039c2e30c95b14c12f10adef749a45cc31f0b4b5d5a6 WHIRLPOOL a22fc0f90ec0623cbbcef253378a16ad605cf71345074880e3fd12fb5914058d3e721f378730c9684497cc597595b7defc7e710206268ae320a090c8c35fd41e +DIST shadow-4.5.tar.gz 3804933 SHA256 ed2d53bd0e80cf32261e82b8d93684334e8809266dba1ec7a42bfa747605989e SHA512 02d6482a1159689e404dd49a68b4e2db85e9ffdcdfbacc8efcbd9043f14a1ec3fc4d749700df915d375df67d589219b6b0f57a6cfd9fb5b197012888a608913b WHIRLPOOL 73552aff621cf34ef977095a05d9b679b7b6ffa78979d69eeb43089564aca5cc1d841dc9cbb6f0fba4c4f712f0e89f6cc683b733ea1041e4633b5d9fe58b5499 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed deleted file mode 100644 index ba308ba9ab..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed +++ /dev/null @@ -1,24 +0,0 @@ -/^FAILLOG_ENAB/b comment -/^LASTLOG_ENAB/b comment -/^MAIL_CHECK_ENAB/b comment -/^OBSCURE_CHECKS_ENAB/b comment -/^PORTTIME_CHECKS_ENAB/b comment -/^QUOTAS_ENAB/b comment -/^MOTD_FILE/b comment -/^FTMP_FILE/b comment -/^NOLOGINS_FILE/b comment -/^ENV_HZ/b comment -/^PASS_MIN_LEN/b comment -/^SU_WHEEL_ONLY/b comment -/^CRACKLIB_DICTPATH/b comment -/^PASS_CHANGE_TRIES/b comment -/^PASS_ALWAYS_WARN/b comment -/^CHFN_AUTH/b comment -/^ENVIRON_FILE/b comment - -b exit - -: comment - s:^:#: - -: exit diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-fix-root-defaults.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-fix-root-defaults.patch deleted file mode 100644 index af7b8f409f..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-fix-root-defaults.patch +++ /dev/null @@ -1,39 +0,0 @@ -From c6b0664f529673e83c24243edd985803b9791631 Mon Sep 17 00:00:00 2001 -From: David Michael -Date: Wed, 8 Feb 2017 15:48:36 -0800 -Subject: [PATCH] useradd: Read defaults after changing root directories - -This reverts the behavior of "useradd --root" to using the settings -from login.defs in the target root directory, not the root of the -executed useradd command. ---- - src/useradd.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/src/useradd.c b/src/useradd.c -index 1797229..d973ca3 100644 ---- a/src/useradd.c -+++ b/src/useradd.c -@@ -2047,8 +2047,8 @@ int main (int argc, char **argv) - #endif /* ACCT_TOOLS_SETUID */ - - #ifdef ENABLE_SUBIDS -- uid_t uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL); -- uid_t uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL); -+ uid_t uid_min; -+ uid_t uid_max; - #endif - - /* -@@ -2085,6 +2085,8 @@ int main (int argc, char **argv) - process_flags (argc, argv); - - #ifdef ENABLE_SUBIDS -+ uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL); -+ uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL); - is_sub_uid = sub_uid_file_present () && !rflg && - (!user_id || (user_id <= uid_max && user_id >= uid_min)); - is_sub_gid = sub_gid_file_present () && !rflg && --- -2.7.4 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-load_defaults.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-load_defaults.patch deleted file mode 100644 index 4c0b84f680..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-load_defaults.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 507f96cdeb54079fb636c7ce21e371f7a16a520e Mon Sep 17 00:00:00 2001 -From: Tomas Mraz -Date: Thu, 25 Aug 2016 11:20:34 +0200 -Subject: [PATCH] Fix regression in useradd not loading defaults properly. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The get_defaults() has to be called before processing the flags. - -Signed-off-by: Tomáš Mráz ---- - src/useradd.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/useradd.c b/src/useradd.c -index fefa234..6c43e7e 100644 ---- a/src/useradd.c -+++ b/src/useradd.c -@@ -2027,6 +2027,8 @@ int main (int argc, char **argv) - is_shadow_grp = sgr_file_present (); - #endif - -+ get_defaults (); -+ - process_flags (argc, argv); - - #ifdef ENABLE_SUBIDS -@@ -2036,8 +2038,6 @@ int main (int argc, char **argv) - (!user_id || (user_id <= uid_max && user_id >= uid_min)); - #endif /* ENABLE_SUBIDS */ - -- get_defaults (); -- - #ifdef ACCT_TOOLS_SETUID - #ifdef USE_PAM - { diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-prototypes.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-prototypes.patch deleted file mode 100644 index 5209a2988f..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-prototypes.patch +++ /dev/null @@ -1,42 +0,0 @@ -https://github.com/shadow-maint/shadow/pull/53 - -From 32c0b283ef5d68b63e4ec05fb22ed0db938fea67 Mon Sep 17 00:00:00 2001 -From: Mike Frysinger -Date: Mon, 5 Dec 2016 17:15:29 -0500 -Subject: [PATCH] include getdef.h for getdef_bool prototype - -Otherwise we get build warnings like: -sgroupio.c:255:6: warning: implicit declaration of function 'getdef_bool' [-Wimplicit-function-declaration] -shadowio.c:131:6: warning: implicit declaration of function 'getdef_bool' [-Wimplicit-function-declaration] ---- - lib/sgroupio.c | 1 + - lib/shadowio.c | 1 + - 2 files changed, 2 insertions(+) - -diff --git a/lib/sgroupio.c b/lib/sgroupio.c -index f2685779a12b..5423626a01da 100644 ---- a/lib/sgroupio.c -+++ b/lib/sgroupio.c -@@ -40,6 +40,7 @@ - #include "prototypes.h" - #include "defines.h" - #include "commonio.h" -+#include "getdef.h" - #include "sgroupio.h" - - /*@null@*/ /*@only@*/struct sgrp *__sgr_dup (const struct sgrp *sgent) -diff --git a/lib/shadowio.c b/lib/shadowio.c -index 6e44ab24d69c..5fa3d312bbf9 100644 ---- a/lib/shadowio.c -+++ b/lib/shadowio.c -@@ -40,6 +40,7 @@ - #include - #include - #include "commonio.h" -+#include "getdef.h" - #include "shadowio.h" - #ifdef WITH_TCB - #include --- -2.11.0.rc2 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-su-snprintf.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-su-snprintf.patch deleted file mode 100644 index 45667c8e4b..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.4-su-snprintf.patch +++ /dev/null @@ -1,29 +0,0 @@ -fix from upstream - -From 67d2bb6e0a5ac124ce1f026dd5723217b1493194 Mon Sep 17 00:00:00 2001 -From: Serge Hallyn -Date: Sun, 18 Sep 2016 21:31:18 -0500 -Subject: [PATCH] su.c: fix missing length argument to snprintf - ---- - src/su.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/su.c b/src/su.c -index 0c50a9456afd..93ffd2fbe2b4 100644 ---- a/src/su.c -+++ b/src/su.c -@@ -373,8 +373,8 @@ static void prepare_pam_close_session (void) - stderr); - (void) kill (-pid_child, caught); - -- snprintf (kill_msg, _(" ...killed.\n")); -- snprintf (wait_msg, _(" ...waiting for child to terminate.\n")); -+ snprintf (kill_msg, 256, _(" ...killed.\n")); -+ snprintf (wait_msg, 256, _(" ...waiting for child to terminate.\n")); - - (void) signal (SIGALRM, kill_child); - (void) alarm (2); --- -2.11.0.rc2 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml index 59792273c6..2cabe8fe4f 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml @@ -1,12 +1,17 @@ - + -base-system -pam - - Enable support for sys-process/audit - - - cpe:/a:debian:shadow - + + base-system@gentoo.org + Gentoo Base System + + + pam-bugs@gentoo.org + Pluggable Authentication Method maintenance + + + + cpe:/a:debian:shadow + shadow-maint/shadow + diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.4-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.5.ebuild similarity index 63% rename from sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.4-r2.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.5.ebuild index bda02f49e4..8bda863b17 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.4-r2.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.5.ebuild @@ -1,10 +1,9 @@ -# Copyright 1999-2016 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Id$ EAPI="5" -inherit eutils libtool pam multilib systemd +inherit eutils libtool pam multilib DESCRIPTION="Utilities to deal with user accounts" HOMEPAGE="https://github.com/shadow-maint/shadow http://pkg-shadow.alioth.debian.org/" @@ -12,20 +11,23 @@ SRC_URI="https://github.com/shadow-maint/shadow/releases/download/${PV}/${P}.tar LICENSE="BSD GPL-2" SLOT="0" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" IUSE="acl audit cracklib nls pam selinux skey xattr" +# Taken from the man/Makefile.am file. +LANGS=( cs da de es fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW ) +IUSE+=" $(printf 'linguas_%s ' ${LANGS[*]})" -RDEPEND="acl? ( sys-apps/acl ) - audit? ( sys-process/audit ) - cracklib? ( >=sys-libs/cracklib-2.7-r3 ) - pam? ( virtual/pam ) - skey? ( sys-auth/skey ) +RDEPEND="acl? ( sys-apps/acl:0= ) + audit? ( >=sys-process/audit-2.6:0= ) + cracklib? ( >=sys-libs/cracklib-2.7-r3:0= ) + pam? ( virtual/pam:0= ) + skey? ( sys-auth/skey:0= ) selinux? ( - >=sys-libs/libselinux-1.28 - sys-libs/libsemanage + >=sys-libs/libselinux-1.28:0= + sys-libs/libsemanage:0= ) nls? ( virtual/libintl ) - xattr? ( sys-apps/attr )" + xattr? ( sys-apps/attr:0= )" DEPEND="${RDEPEND} app-arch/xz-utils nls? ( sys-devel/gettext )" @@ -34,20 +36,16 @@ RDEPEND="${RDEPEND} PATCHES=( "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch - "${FILESDIR}"/${P}-su-snprintf.patch - "${FILESDIR}"/${P}-prototypes.patch - "${FILESDIR}"/${P}-load_defaults.patch - "${FILESDIR}"/${P}-fix-root-defaults.patch ) src_prepare() { epatch "${PATCHES[@]}" epatch_user + #eautoreconf elibtoolize } src_configure() { - tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes econf \ --without-group-name-max-length \ --without-tcb \ @@ -63,6 +61,14 @@ src_configure() { $(use_with elibc_glibc nscd) \ $(use_with xattr attr) has_version 'sys-libs/uclibc[-rpc]' && sed -i '/RLOGIN/d' config.h #425052 + + if use nls ; then + local l langs="po" # These are the pot files. + for l in ${LANGS[*]} ; do + use linguas_${l} && langs+=" ${l}" + done + sed -i "/^SUBDIRS = /s:=.*:= ${langs}:" man/Makefile || die + fi } set_login_opt() { @@ -71,14 +77,14 @@ set_login_opt() { comment="#" sed -i \ -e "/^${opt}\>/s:^:#:" \ - "${ED}"/usr/share/shadow/login.defs || die + "${ED}"/etc/login.defs || die else sed -i -r \ -e "/^#?${opt}\>/s:.*:${opt} ${val}:" \ - "${ED}"/usr/share/shadow/login.defs || die + "${ED}"/etc/login.defs fi - local res=$(grep "^${comment}${opt}\>" "${ED}"/usr/share/shadow/login.defs) - einfo ${res:-Unable to find ${opt} in /usr/share/shadow/login.defs} + local res=$(grep "^${comment}${opt}\>" "${ED}"/etc/login.defs) + einfo "${res:-Unable to find ${opt} in /etc/login.defs}" } src_install() { @@ -91,46 +97,25 @@ src_install() { # remove it. rm -f "${ED}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la} - # Remove files from /etc, they will be symlinks to /usr instead. - rm -f "${ED}"/etc/{limits,login.access,login.defs,securetty,default/useradd} - - # CoreOS: break shadow.conf into two files so that we only have to apply - # etc-shadow.conf in the initrd. - systemd_dotmpfilesd "${FILESDIR}"/tmpfiles.d/etc-shadow.conf - systemd_dotmpfilesd "${FILESDIR}"/tmpfiles.d/var-shadow.conf - - insinto /usr/share/shadow - # Using a securetty with devfs device names added - # (compat names kept for non-devfs compatibility) - insopts -m0600 ; doins "${FILESDIR}"/securetty - dosym ../usr/share/shadow/securetty /etc/securetty + insinto /etc if ! use pam ; then insopts -m0600 doins etc/login.access etc/limits - dosym ../usr/share/shadow/login.access /etc/login.access - dosym ../usr/share/shadow/limits /etc/limits - fi - # Output arch-specific cruft - local devs - case $(tc-arch) in - ppc*) devs="hvc0 hvsi0 ttyPSC0";; - hppa) devs="ttyB0";; - arm) devs="ttyFB0 ttySAC0 ttySAC1 ttySAC2 ttySAC3 ttymxc0 ttymxc1 ttymxc2 ttymxc3 ttyO0 ttyO1 ttyO2";; - sh) devs="ttySC0 ttySC1";; - amd64|x86) devs="hvc0";; - esac - if [[ -n ${devs} ]]; then - printf '%s\n' ${devs} >> "${ED}"/usr/share/shadow/securetty fi # needed for 'useradd -D' + insinto /etc/default insopts -m0600 doins "${FILESDIR}"/default/useradd - dosym ../../usr/share/shadow/useradd /etc/default/useradd + # move passwd to / to help recover broke systems #64441 + mv "${ED}"/usr/bin/passwd "${ED}"/bin/ || die + dosym /bin/passwd /usr/bin/passwd + + cd "${S}" + insinto /etc insopts -m0644 newins etc/login.defs login.defs - dosym ../usr/share/shadow/login.defs /etc/login.defs set_login_opt CREATE_HOME yes if ! use pam ; then @@ -181,7 +166,7 @@ src_install() { -e 'b exit' \ -e ': pamnote; i# NOTE: This setting should be configured via /etc/pam.d/ and not in this file.' \ -e ': exit' \ - "${ED}"/usr/share/shadow/login.defs || die + "${ED}"/etc/login.defs || die # remove manpages that pam will install for us # and/or don't apply when using pam @@ -198,8 +183,28 @@ src_install() { '(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \ -delete + cd "${S}" dodoc ChangeLog NEWS TODO newdoc README README.download cd doc dodoc HOWTO README* WISHLIST *.txt } + +pkg_preinst() { + rm -f "${EROOT}"/etc/pam.d/system-auth.new \ + "${EROOT}/etc/login.defs.new" +} + +pkg_postinst() { + # Enable shadow groups. + if [ ! -f "${EROOT}"/etc/gshadow ] ; then + if grpck -r -R "${EROOT}" 2>/dev/null ; then + grpconv -R "${EROOT}" + else + ewarn "Running 'grpck' returned errors. Please run it by hand, and then" + ewarn "run 'grpconv' afterwards!" + fi + fi + + einfo "The 'adduser' symlink to 'useradd' has been dropped." +}