# HG changeset patch # User David Demelier # Date 1554143100 -7200 # Node ID 81a30cce56efc334aa3d7bb785c697208338b63c # Parent 30c785bd1da0da166af99d51c48887426622d644 core/shadow: add PAM support Also while here, add missing ACL and ATTR options. diff -r 30c785bd1da0 -r 81a30cce56ef core/shadow/shadow.sh --- a/core/shadow/shadow.sh Mon Apr 01 20:20:00 2019 +0200 +++ b/core/shadow/shadow.sh Mon Apr 01 20:25:00 2019 +0200 @@ -21,7 +21,7 @@ PKGLICENSE="BSD" PKGSUMMARY="password and account management" PKGDOWNLOAD="https://github.com/shadow-maint/shadow/releases/download/$PKGVERSION/$PKGNAME-$PKGVERSION.tar.xz" -PKGOPTIONS="NLS" +PKGOPTIONS="ACL ATTR NLS PAM SELINUX" PKGPROTECT="etc/login.defs" : ${CHOST:=$(uname -m)-linux-musl} @@ -30,7 +30,25 @@ : ${CFLAGS:=-O2} : ${LDFLAGS:=} : ${LIBS:=} +: ${ACL:=yes} +: ${ATTR:=yes} : ${NLS:=yes} +: ${PAM:=yes} +: ${SELINUX:=no} + +if [ "$ACL" = "yes" ]; then + PKGDEPENDS="core/acl $PKGDEPENDS" + with_acl="--with-acl" +else + with_acl="--without-acl" +fi + +if [ "$ATTR" = "yes" ]; then + PKGDEPENDS="core/acl $PKGDEPENDS" + with_attr="--with-attr" +else + with_attr="--without-attr" +fi if [ "$NLS" = "yes" ]; then PKGDEPENDS="core/gettext $PKGDEPENDS" @@ -39,6 +57,19 @@ with_nls="--disable-nls" fi +if [ "$PAM" = "yes" ]; then + PKGDEPENDS="security/pam $PKGDEPENDS" + with_pam="--with-pam" +else + with_pam="--without-pam" +fi + +if [ "$SELINUX" = "yes" ]; then + with_selinux="--enable-selinux" +else + with_selinux="--disable-selinux" +fi + build() { rm -rf $PKGNAME-$PKGVERSION @@ -62,15 +93,27 @@ --bindir=/usr/bin \ --sbindir=/usr/sbin \ --sysconfdir=/etc \ + --without-audit \ + --without-tcb \ --without-libcrack \ --disable-static \ --enable-shared \ - --without-pam \ - --without-libpam \ - $with_nls + $with_acl \ + $with_attr \ + $with_nls \ + $with_pam \ + $with_selinux make make install DESTDIR=$DESTDIR + # --disable-selinux does not update pam.d files + if [ "$SELINUX" = "no" ]; then + sed -i -e "/pam_selinux.so/d" $DESTDIR/etc/pam.d/{login,su} + fi + + # pam_console.so isn't shipped with linux-pam. + sed -i -e "/pam_console.so/d" $DESTDIR/etc/pam.d/login + popd rm -rf $PKGNAME-$PKGVERSION }