Mercurial > vanilla
diff security/shadow/shadow.sh @ 822:a73b34fe66ec
security/shadow: add custom PAM files recommended per LFS
author | David Demelier <markand@malikania.fr> |
---|---|
date | Wed, 21 Aug 2019 20:50:00 +0200 |
parents | 59a2fa6992bc |
children | ae55d9077f70 |
line wrap: on
line diff
--- a/security/shadow/shadow.sh Wed Aug 21 20:45:00 2019 +0200 +++ b/security/shadow/shadow.sh Wed Aug 21 20:50:00 2019 +0200 @@ -22,7 +22,23 @@ PKGSUMMARY="password and account management" PKGDOWNLOAD="https://github.com/shadow-maint/shadow/releases/download/$PKGVERSION/$PKGNAME-$PKGVERSION.tar.xz" PKGOPTIONS="ACL ATTR NLS PAM SELINUX" -PKGPROTECT="etc/login.defs" +PKGPROTECT="etc/login.defs + etc/pam.d/chage + etc/pam.d/chfn + etc/pam.d/chgpasswd + etc/pam.d/chpasswd + etc/pam.d/chsh + etc/pam.d/groupadd + etc/pam.d/groupdel + etc/pam.d/groupmems + etc/pam.d/groupmod + etc/pam.d/login + etc/pam.d/newusers + etc/pam.d/passwd + etc/pam.d/su + etc/pam.d/useradd + etc/pam.d/userdel + etc/pam.d/usermod" : ${CHOST:=$(uname -m)-linux-musl} : ${CBUILD:=$(uname -m)-linux-musl} @@ -77,7 +93,7 @@ cd $PKGNAME-$PKGVERSION # - # disable groups, it's provided by busybox/coreutils and documentation + # Disable groups, it's provided by busybox/coreutils and documentation # by man-pages. # sed -i 's/groups$(EXEEXT) //' src/Makefile.in @@ -105,15 +121,12 @@ make DESTDIR=$DESTDIR ubindir=/bin usbindir=/bin install if [ "$PAM" = "yes" ]; then - # --disable-selinux does not update pam.d files - if [ "$SELINUX" = "no" ]; then - sed -i -e "/pam_selinux.so/d" \ - $DESTDIR/etc/pam.d/login \ - $DESTDIR/etc/pam.d/su - fi - - # pam_console.so isn't shipped with linux-pam. - sed -i -e "/pam_console.so/d" $DESTDIR/etc/pam.d/login + for i in \ + chage chfn chgpasswd chpasswd chsh groupadd groupdel \ + groupmems groupmod login newusers passwd su useradd \ + userdel usermod; do + install -Dm0600 ../$i $DESTDIR/etc/pam.d/$i + done fi cd ..