diff options
Diffstat (limited to 'core')
| -rw-r--r-- | core/coreutils/PKGBUILD | 43 | ||||
| -rw-r--r-- | core/coreutils/coreutils.install | 14 | ||||
| -rw-r--r-- | core/mlocate/PKGBUILD | 60 | ||||
| -rwxr-xr-x | core/mlocate/updatedb.cron | 6 | ||||
| -rw-r--r-- | core/procps-ng/PKGBUILD | 17 | ||||
| -rw-r--r-- | core/procps-ng/sysctl.conf | 35 | ||||
| -rw-r--r-- | core/sysvinit/PKGBUILD | 13 | ||||
| -rw-r--r-- | core/util-linux/PKGBUILD | 76 | ||||
| -rw-r--r-- | core/util-linux/hwclock-systz.patch | 96 | ||||
| -rw-r--r-- | core/util-linux/pam-su | 9 | ||||
| -rw-r--r-- | core/util-linux/su.1 | 230 | ||||
| -rw-r--r-- | core/util-linux/util-linux.install | 29 | ||||
| -rw-r--r-- | core/util-linux/uuidd.tmpfiles | 1 |
13 files changed, 503 insertions, 126 deletions
diff --git a/core/coreutils/PKGBUILD b/core/coreutils/PKGBUILD index f83225f9f..58454c747 100644 --- a/core/coreutils/PKGBUILD +++ b/core/coreutils/PKGBUILD @@ -1,43 +1,25 @@ -# $Id: PKGBUILD 163714 2012-07-18 02:16:52Z dreisner $ +# $Id: PKGBUILD 166962 2012-09-23 12:22:15Z tomegun $ # Maintainer: Allan McRae <allan@archlinux.org> # Contributor: judd <jvinet@zeroflux.org> pkgname=coreutils -pkgver=8.17 -pkgrel=3 +pkgver=8.19 +pkgrel=1 pkgdesc="The basic file, shell and text manipulation utilities of the GNU operating system" arch=('i686' 'x86_64') license=('GPL3') url="http://www.gnu.org/software/coreutils" groups=('base') depends=('glibc' 'pam' 'acl' 'gmp' 'libcap') -replaces=('mktemp') -backup=('etc/pam.d/su') install=${pkgname}.install -options=('!emptydirs') -source=(ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz{,.sig} - coreutils-pam.patch - 0001-ls-color-each-symlink-to-relative-name-in-properly.patch - su.pam) -md5sums=('bbda656ce8ca2c6903948f9faa204ba3' - 'ebecd29b095aa21b0b2f833f1ec20d70' - 'aad79a2aa6d566c375d7bdd1b0767278' - 'd7c691898a695a6284a927e6a9426fe4' - 'fa85e5cce5d723275b14365ba71a8aad') +source=(ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz{,.sig}) +md5sums=('1a01231a2f3ed37c0efc073ccdda9375' + '7f564749d834397aa67f0f05bacb62d5') build() { cd ${srcdir}/${pkgname}-${pkgver} - # added su wheel group pam patch (from fedora git) - patch -Np1 -i ${srcdir}/coreutils-pam.patch - - # fix coloring for symlinks in / - # upstream commit 6124a3842dfa8484b52e067a8ab8105c3875a4f7 - patch -Np1 -i $srcdir/0001-ls-color-each-symlink-to-relative-name-in-properly.patch - - autoreconf -v - ./configure --prefix=/usr --libexecdir=/usr/lib/coreutils \ - --enable-install-program=su \ + ./configure --prefix=/usr --libexecdir=/usr/lib \ --enable-no-install-program=groups,hostname,kill,uptime \ --enable-pam make @@ -53,14 +35,13 @@ package() { make DESTDIR=${pkgdir} install cd ${pkgdir}/usr/bin - install -dm755 ${pkgdir}/{bin,usr/sbin} + install -dm755 ${pkgdir}/bin # binaries required by FHS _fhs=('cat' 'chgrp' 'chmod' 'chown' 'cp' 'date' 'dd' 'df' 'echo' 'false' - 'ln' 'ls' 'mkdir' 'mknod' 'mv' 'pwd' 'rm' 'rmdir' 'stty' 'su' 'sync' + 'ln' 'ls' 'mkdir' 'mknod' 'mv' 'pwd' 'rm' 'rmdir' 'stty' 'sync' 'true' 'uname') - mv ${_fhs[@]} ${pkgdir}/bin - - mv chroot ${pkgdir}/usr/sbin - install -Dm644 ${srcdir}/su.pam ${pkgdir}/etc/pam.d/su + for i in ${_fhs[@]}; do + ln -s ../usr/bin/$i ${pkgdir}/bin/$i + done } diff --git a/core/coreutils/coreutils.install b/core/coreutils/coreutils.install index 8caae6686..22cfcb2a1 100644 --- a/core/coreutils/coreutils.install +++ b/core/coreutils/coreutils.install @@ -1,11 +1,9 @@ infodir=usr/share/info -filelist=(coreutils.info) +file=coreutils.info post_install() { - [ -x usr/bin/install-info ] || return 0 - for file in ${filelist[@]}; do - usr/bin/install-info $infodir/$file.gz $infodir/dir 2> /dev/null - done + [[ -x usr/bin/install-info ]] || return 0 + install-info $infodir/$file.gz $infodir/dir 2> /dev/null } post_upgrade() { @@ -13,9 +11,7 @@ post_upgrade() { } pre_remove() { - [ -x usr/bin/install-info ] || return 0 - for file in ${filelist[@]}; do - usr/bin/install-info --delete $infodir/$file.gz $infodir/dir 2> /dev/null - done + [[ -x usr/bin/install-info ]] || return 0 + install-info --delete $infodir/$file.gz $infodir/dir 2> /dev/null } diff --git a/core/mlocate/PKGBUILD b/core/mlocate/PKGBUILD index 1e863a55a..c8d979f9a 100644 --- a/core/mlocate/PKGBUILD +++ b/core/mlocate/PKGBUILD @@ -1,51 +1,49 @@ -# $Id: PKGBUILD 162719 2012-06-29 02:14:10Z allan $ -# Maintainer: Allan McRae <allan@archlinux.org> +# $Id: PKGBUILD 166971 2012-09-23 22:22:21Z bisson $ +# Maintainer: Gaetan Bisson <bisson@archlinux.org> +# Contributor: Allan McRae <allan@archlinux.org> # Contributor: lydgate pkgname=mlocate -pkgver=0.25 -pkgrel=2 -pkgdesc="Faster merging drop-in for slocate" +pkgver=0.26 +pkgrel=1 +pkgdesc='Merging locate/updatedb implementation' +url='https://fedorahosted.org/mlocate/' arch=('i686' 'x86_64') -url="http://carolina.mff.cuni.cz/~trmac/blog/mlocate" license=('GPL') -depends=('glibc' 'coreutils' 'sh') backup=('etc/updatedb.conf' 'etc/cron.daily/updatedb') -source=(https://fedorahosted.org/releases/m/l/mlocate/mlocate-$pkgver.tar.xz - updatedb.conf - updatedb.cron.daily) -md5sums=('c6d043b170613b0e327a815b497f680a' - 'b56d81de17fe29b01b4b28861acb8fd4' - 'cde5da81bebad2de556ef2e43d895e13') +source=("https://fedorahosted.org/releases/m/l/mlocate/mlocate-${pkgver}.tar.xz" + 'updatedb.conf' + 'updatedb.cron') +sha1sums=('c6e6d81b25359c51c545f4b8ba0f3b469227fcbc' + '0150379149bf9d714bc81332d775fc273e7e3535' + '8301e6277d27db539af6cf4bc243e8e247bffc2e') build() { - cd $srcdir/$pkgname-$pkgver - - sed -i '/^groupname /s/mlocate/locate/' Makefile.in - ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var/lib - make + cd "${srcdir}/${pkgname}-${pkgver}" + sed -i '/^groupname /s/mlocate/locate/' Makefile.in + ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var/lib + make } check() { - cd $srcdir/$pkgname-$pkgver - make check + cd "${srcdir}/${pkgname}-${pkgver}" + make check } package() { - cd $srcdir/$pkgname-$pkgver + cd "${srcdir}/${pkgname}-${pkgver}" - make DESTDIR=$pkgdir install + make DESTDIR="${pkgdir}" install - ln -s locate $pkgdir/usr/bin/slocate - chgrp 21 $pkgdir/usr/bin/locate - chmod 2755 $pkgdir/usr/bin/locate + chgrp 21 "${pkgdir}/usr/bin/locate" + chmod 2755 "${pkgdir}/usr/bin/locate" + ln -s locate "${pkgdir}/usr/bin/slocate" - install -dm755 $pkgdir/var/lib - install -dm750 -g21 $pkgdir/var/lib/locate - - # Set up a default updatedb.conf and a daily cronjob - install -Dm644 ${srcdir}/updatedb.conf $pkgdir/etc/updatedb.conf - install -Dm744 ${srcdir}/updatedb.cron.daily $pkgdir/etc/cron.daily/updatedb + install -dm755 "${pkgdir}/var/lib" + install -dm750 -g21 "${pkgdir}/var/lib/locate" + + install -Dm644 ../updatedb.conf "${pkgdir}/etc/updatedb.conf" + install -Dm744 ../updatedb.cron "${pkgdir}/etc/cron.daily/updatedb" } diff --git a/core/mlocate/updatedb.cron b/core/mlocate/updatedb.cron new file mode 100755 index 000000000..431cb533e --- /dev/null +++ b/core/mlocate/updatedb.cron @@ -0,0 +1,6 @@ +#!/bin/sh + +NICE='nice -n 19' +IONICE='ionice -c 2 -n 7' + +exec ${IONICE} ${NICE} updatedb -f proc diff --git a/core/procps-ng/PKGBUILD b/core/procps-ng/PKGBUILD index 60eea9e59..96a719025 100644 --- a/core/procps-ng/PKGBUILD +++ b/core/procps-ng/PKGBUILD @@ -1,10 +1,11 @@ -# $Id: PKGBUILD 163561 2012-07-15 23:10:42Z eric $ -# Maintainer: Eric Bélanger <eric@archlinux.org> +# $Id: PKGBUILD 166961 2012-09-23 12:22:10Z tomegun $ +# Maintainer: Gaetan Bisson <bisson@archlinux.org> +# Contributor: Eric Bélanger <eric@archlinux.org> pkgname=procps-ng pkgver=3.3.3 -pkgrel=3 -pkgdesc="Utilities for monitoring your system and processes on your system" +pkgrel=6 +pkgdesc='Utilities for monitoring your system and its processes' arch=('i686' 'x86_64') url="http://gitorious.org/procps" license=('GPL' 'LGPL') @@ -18,7 +19,7 @@ options=('!libtool') source=(procps-ng-${pkgver}.tar.gz::http://gitorious.org/procps/procps/archive-tarball/v${pkgver} sysctl.conf) sha1sums=('e78a098f1a3c06722155800cc5cfa0c865af03c0' - 'efb6cdc17ee39be8433ae9c8e9bb02d1f47eeefc') + '97ff07bab9aa5daa8d54a1346f73ba74f8e12a53') build() { cd "${srcdir}/procps-procps" @@ -31,5 +32,9 @@ build() { package() { cd "${srcdir}/procps-procps" make DESTDIR="${pkgdir}" install - install -D -m644 "${srcdir}/sysctl.conf" "${pkgdir}/etc/sysctl.conf" + install -D -m644 ../sysctl.conf "${pkgdir}/etc/sysctl.conf" + + # provided by util-linux + rm "${pkgdir}/bin/kill" + rm "${pkgdir}/usr/share/man/man1/kill.1" } diff --git a/core/procps-ng/sysctl.conf b/core/procps-ng/sysctl.conf index baddd90a6..4695cdd92 100644 --- a/core/procps-ng/sysctl.conf +++ b/core/procps-ng/sysctl.conf @@ -1,46 +1,41 @@ -# /etc/sysctl.conf - Configuration file for setting system variables -# See sysctl.conf (5) for information. +# Configuration file for runtime kernel parameters. +# See sysctl.conf(5) for more information. -# you can have the CD-ROM close when you use it, and open -# when you are done. -#dev.cdrom.autoeject = 1 +# Have the CD-ROM close when you use it, and open when you are done. #dev.cdrom.autoclose = 1 +#dev.cdrom.autoeject = 1 -# protection from the SYN flood attack +# Protection from the SYN flood attack. net.ipv4.tcp_syncookies = 1 -# see the evil packets in your log files +# See evil packets in your logs. #net.ipv4.conf.all.log_martians = 1 -# if not functioning as a router, there is no need to accept redirects or source routes +# Never accept redirects or source routes (these are only useful for routers). #net.ipv4.conf.all.accept_redirects = 0 #net.ipv4.conf.all.accept_source_route = 0 #net.ipv6.conf.all.accept_redirects = 0 #net.ipv6.conf.all.accept_source_route = 0 -# Disable packet forwarding +# Disable packet forwarding. net.ipv4.ip_forward = 0 net.ipv6.conf.all.forwarding = 0 -# Enable IPv6 Privacy Extensions -net.ipv6.conf.default.use_tempaddr = 2 -net.ipv6.conf.all.use_tempaddr = 2 - -# sets the port range used for outgoing connections -#net.ipv4.ip_local_port_range = 32768 61000 +# Tweak the port range used for outgoing connections. +#net.ipv4.ip_local_port_range = 32768 61000 -# Swapping too much or not enough? Disks spinning up when you'd -# rather they didn't? Tweak these. +# Tweak those values to alter disk syncing and swap behavior. #vm.vfs_cache_pressure = 100 #vm.laptop_mode = 0 #vm.swappiness = 60 +# Tweak how the flow of kernel messages is throttled. #kernel.printk_ratelimit_burst = 10 #kernel.printk_ratelimit = 5 -#kernel.panic_on_oops = 0 -# Reboot 600 seconds after a panic +# Reboot 600 seconds after kernel panic or oops. +#kernel.panic_on_oops = 1 #kernel.panic = 600 -# Disable SysRq key (note: console security issues) +# Disable SysRq key to avoid console security issues. kernel.sysrq = 0 diff --git a/core/sysvinit/PKGBUILD b/core/sysvinit/PKGBUILD index 5c81ef41d..8a9de3577 100644 --- a/core/sysvinit/PKGBUILD +++ b/core/sysvinit/PKGBUILD @@ -1,10 +1,10 @@ -# $Id: PKGBUILD 165862 2012-09-01 20:01:12Z tomegun $ +# $Id: PKGBUILD 166964 2012-09-23 12:22:41Z tomegun $ # Maintainer: Eric Belanger <eric@archlinux.org> pkgbase=sysvinit pkgname=('sysvinit-tools' 'sysvinit') pkgver=2.88 -pkgrel=7 +pkgrel=8 arch=('i686' 'x86_64') url="http://savannah.nongnu.org/projects/sysvinit" license=('GPL') @@ -37,11 +37,10 @@ package_sysvinit-tools() { cd "${pkgdir}" rm bin/mountpoint rm usr/share/man/man1/mountpoint.1 -# once u-l-2.22 is out -# rm usr/bin/{mesg,utmpdump,wall} -# rm usr/share/man/man1/{mesg,utmpdump,wall}.1 -# rm sbin/sulogin -# rm usr/share/man/man8/sulogin.8 + rm usr/bin/{mesg,utmpdump,wall} + rm usr/share/man/man1/{mesg,utmpdump,wall}.1 + rm sbin/sulogin + rm usr/share/man/man8/sulogin.8 ### split out sysvinit rm -rf ${srcdir}/_sysvinit diff --git a/core/util-linux/PKGBUILD b/core/util-linux/PKGBUILD index 1a2d85d4a..ae7784fe6 100644 --- a/core/util-linux/PKGBUILD +++ b/core/util-linux/PKGBUILD @@ -1,36 +1,59 @@ -# $Id: PKGBUILD 163535 2012-07-15 00:25:36Z tomegun $ +# $Id: PKGBUILD 166963 2012-09-23 12:22:32Z tomegun $ # Maintainer: Tom Gundersen <teg@jklm.no> # Contributor: judd <jvinet@zeroflux.org> pkgname=util-linux -pkgver=2.21.2 -pkgrel=5 +pkgver=2.22 +pkgrel=6 pkgdesc="Miscellaneous system utilities for Linux" url="http://www.kernel.org/pub/linux/utils/util-linux/" arch=('i686' 'x86_64') groups=('base') -depends=('pam') -conflicts=('util-linux-ng') -provides=("util-linux-ng=${pkgver}") +depends=('pam' 'shadow') +makedepends=('bc') # for check() only, change this to checkdepends for pacman 4.1 +conflicts=('util-linux-ng' 'eject') +provides=("util-linux-ng=${pkgver}" 'eject') license=('GPL2') options=('!libtool') -source=(ftp://ftp.kernel.org/pub/linux/utils/${pkgname}/v2.21/${pkgname}-${pkgver}.tar.xz +source=(ftp://ftp.kernel.org/pub/linux/utils/${pkgname}/v2.22/${pkgname}-${pkgver}.tar.xz + su.1 + uuidd.tmpfiles pam-login - pam-common) -backup=(etc/pam.d/chfn etc/pam.d/chsh etc/pam.d/login) + pam-common + pam-su + hwclock-systz.patch) +backup=(etc/pam.d/chfn + etc/pam.d/chsh + etc/pam.d/login + etc/pam.d/su + etc/pam.d/su-l) install=util-linux.install build() { cd "${srcdir}/${pkgname}-${pkgver}" + patch -p1 -i ../hwclock-systz.patch + + # unbreak --localstatedir + # TODO(dreisner): find out what sami had in mind with these heuristics + sed -i '71,75d' configure.ac + ./autogen.sh + ./configure --prefix=/usr \ --libdir=/usr/lib \ + --localstatedir=/run \ --enable-fs-paths-extra=/usr/bin:/usr/sbin \ - --enable-write \ --enable-raw \ - --disable-wall \ - --enable-new-mount \ - --enable-login-utils + --enable-vipw \ + --enable-newgrp \ + --enable-chfn-chsh \ + --enable-write \ + --enable-mesg \ + --enable-socket-activation + +# --enable-reset \ # part of ncurses +# --enable-last \ # not part of any package +# --enable-line \ # not compat make } @@ -46,20 +69,29 @@ package() { cd "${pkgdir}" - # broken tool, going away in next major release, so just remove it now - rm "${pkgdir}"/usr/{bin/chkdupexe,share/man/man1/chkdupexe.1} - - # delete stray empty dir, fixed upstream - rm -r usr/share/man/ru - # setuid chfn and chsh - chmod 4755 "$pkgdir"/usr/bin/ch{sh,fn} + chmod 4755 "$pkgdir"/usr/bin/{newgrp,ch{sh,fn}} # install PAM files for login-utils install -Dm644 "$srcdir/pam-common" "$pkgdir/etc/pam.d/chfn" install -m644 "$srcdir/pam-common" "$pkgdir/etc/pam.d/chsh" install -m644 "$srcdir/pam-login" "$pkgdir/etc/pam.d/login" + install -m644 "$srcdir/pam-su" "${pkgdir}/etc/pam.d/su" + install -m644 "$srcdir/pam-su" "${pkgdir}/etc/pam.d/su-l" + + # broken buildsys doesn't include su(1), which means it + # isn't even in the dist tarball + # TODO(dreisner): patched upstream + install -m644 "$srcdir/su.1" "$pkgdir/usr/share/man/man1/su.1" + + # include tmpfiles fragment for uuidd + # TODO(dreisner): offer this upstream? + install -Dm644 "$srcdir/uuidd.tmpfiles" "$pkgdir/usr/lib/tmpfiles.d/uuidd.conf" } -md5sums=('54ba880f1d66782c2287ee2c898520e9' +md5sums=('ba2d8cc12a937231c80a04f7f7149303' + '7f524538dcf57284a86f03a98e624f04' + 'a39554bfd65cccfd8254bb46922f4a67' '4368b3f98abd8a32662e094c54e7f9b1' - 'a31374fef2cba0ca34dfc7078e2969e4') + 'a31374fef2cba0ca34dfc7078e2969e4' + 'fa85e5cce5d723275b14365ba71a8aad' + '19eaa197a0cfb046661dede2e991120b') diff --git a/core/util-linux/hwclock-systz.patch b/core/util-linux/hwclock-systz.patch new file mode 100644 index 000000000..79ed1a5f3 --- /dev/null +++ b/core/util-linux/hwclock-systz.patch @@ -0,0 +1,96 @@ +From 46a8834c2eb9b0c37d92e30d1a262e41306cf36f Mon Sep 17 00:00:00 2001 +From: Tom Gundersen <teg@jklm.no> +Date: Wed, 19 Sep 2012 18:10:34 +0200 +Subject: [PATCH 1/2] hwclock: don't warp the systemtime if it is in UTC + +A sideeffect of 839be2ba6b44fa9dc927f081d547ebadec9de19c is that we now +warp the systemtime according to the timezone, on the first call of +--systz. This is not always the correct thing to do, and causes a +regression for us in Arch Linux. + +This is the correct thing to do if the RTC, and hence the systemtime is +set in localtime. However, if the systemtime is already in UTC we don't +want to touch it when we set the kernel timezone (which we still need to +do as e.g. FAT stores timestamps in localtime). + +An almost identical issue was also fixed in systemd commit +72edcff5db936e54cfc322d9392ec46e2428fd9b. + +Fixes: +Signed-off-by: Tom Gundersen <teg@jklm.no> +--- + sys-utils/hwclock.8 | 11 +++++++---- + sys-utils/hwclock.c | 17 +++++++++++++++-- + 2 files changed, 22 insertions(+), 6 deletions(-) + +diff --git a/sys-utils/hwclock.8 b/sys-utils/hwclock.8 +index 07d9fc0..5c599ad 100644 +--- a/sys-utils/hwclock.8 ++++ b/sys-utils/hwclock.8 +@@ -58,10 +58,12 @@ This is a good option to use in one of the system startup scripts. + Set the Hardware Clock to the current System Time. + .TP + .B \-\-systz +-Reset the System Time based on the current timezone. ++Set the kernel's timezone and reset the System Time based on the current timezone. + +-Also set the kernel's timezone value to the local timezone +-as indicated by the TZ environment variable and/or ++The system time is only reset on the first call after boot. ++ ++The local timezone is taken to be what is ++indicated by the TZ environment variable and/or + .IR /usr/share/zoneinfo , + as + .BR tzset (3) +@@ -74,7 +76,8 @@ This is an alternate option to + .B \-\-hctosys + that does not read the hardware clock, and may be used in system startup + scripts for recent 2.6 kernels where you know the System Time contains +-the Hardware Clock time. ++the Hardware Clock time. If the Hardware Clock is already in UTC, it is ++not reset. + .TP + .B \-\-adjust + Add or subtract time from the Hardware Clock to account for systematic +diff --git a/sys-utils/hwclock.c b/sys-utils/hwclock.c +index 5a4c87e..351ce1f 100644 +--- a/sys-utils/hwclock.c ++++ b/sys-utils/hwclock.c +@@ -772,7 +772,6 @@ static int set_system_clock_timezone(const bool universal, const bool testing) + struct timeval tv; + struct tm *broken; + int minuteswest; +- int rc; + + gettimeofday(&tv, NULL); + if (debug) { +@@ -818,10 +817,24 @@ static int set_system_clock_timezone(const bool universal, const bool testing) + ("Not setting system clock because running in test mode.\n")); + retcode = 0; + } else { ++ const struct timezone tz_utc = { 0, 0 }; + const struct timezone tz = { minuteswest, 0 }; + const struct timeval *tv_null = NULL; ++ int rc = 0; ++ ++ /* The first call to settimeofday after boot will assume the systemtime ++ * is in localtime, and adjust it according to the given timezone to ++ * compensate. If the systemtime is in fact in UTC, then this is wrong ++ * so we first do a dummy call to make sure the time is not shifted. ++ */ ++ if (universal) ++ rc = settimeofday(tv_null, &tz_utc); ++ ++ /* Now we set the real timezone. Due to the above dummy call, this will ++ * only warp the systemtime if the RTC is not in UTC. */ ++ if (!rc) ++ rc = settimeofday(tv_null, &tz); + +- rc = settimeofday(tv_null, &tz); + if (rc) { + if (errno == EPERM) { + warnx(_ +-- +1.7.12.1 + diff --git a/core/util-linux/pam-su b/core/util-linux/pam-su new file mode 100644 index 000000000..cf15f40f1 --- /dev/null +++ b/core/util-linux/pam-su @@ -0,0 +1,9 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +# Uncomment the following line to implicitly trust users in the "wheel" group. +#auth sufficient pam_wheel.so trust use_uid +# Uncomment the following line to require a user to be in the "wheel" group. +#auth required pam_wheel.so use_uid +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so diff --git a/core/util-linux/su.1 b/core/util-linux/su.1 new file mode 100644 index 000000000..59e17314d --- /dev/null +++ b/core/util-linux/su.1 @@ -0,0 +1,230 @@ +.TH SU "1" "June 2012" "util-linux" "User Commands" +.SH NAME +su \- run a command with substitute user and group ID +.SH SYNOPSIS +.B su +[options...] [\-] [user [args...]] +.SH DESCRIPTION +.B su +allows to run commands with substitute user and group ID. +.PP +When called without arguments +.B su +defaults to running an interactive shell as +.IR root . +.PP +For backward compatibility +.B su +defaults to not change the current directory and to only set the +environment variables +.B HOME +and +.B SHELL +(plus +.B USER +and +.B LOGNAME +if the target +.I user +is not root). It is recommended to always use the +.B \-\-login +option (instead it's shortcut +.BR \- ) +to avoid side effects caused by mixing environments. +.PP +This version of +.B su +uses PAM for authentication, account and session management. Some +configuration options found in other +.B su +implementations such as e.g. support of a wheel group have to be +configured via PAM. +.SH OPTIONS +.TP +\fB\-c\fR \fIcommand\fR, \fB\-\-command\fR=\fIcommand\fR +Pass +.I command +to the shell with the +.B \-c +option. +.TP +\fB\-\-session\-command\fR=\fIcommand\fR +Same as +.B \-c +but do not create a new session (discouraged). +.TP +\fB\-f\fR, \fB\-\-fast\fR +Pass +.B \-f +to the shell which may or may not be useful depending on the +shell. +.TP +\fB\-g\fR, \fB\-\-group\fR=\fIgroup\fR\fR +specify the primary group, this option is allowed for root user only +.TP +\fB\-G\fR, \fB\-\-supp-group\fR=\fIgroup\fR\fR +specify a supplemental group, this option is allowed for root user only +.TP +\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR +Starts the shell as login shell with an environment similar to a real +login: +.RS 10 +.TP +o +clears all environment variables except for +.B TERM +.TP +o +initializes the environment variables +.BR HOME , +.BR SHELL , +.BR USER , +.BR LOGNAME , +.B PATH +.TP +o +changes to the target user's home directory +.TP +o +sets argv[0] of the shell to +.RB ' \- ' +in order to make the shell a login shell +.RE +.TP +\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve-environment\fR +Preserves the whole environment, ie does not set +.BR HOME , +.BR SHELL , +.B USER +nor +.BR LOGNAME . +.TP +\fB\-s\fR \fISHELL\fR, \fB\-\-shell\fR=\fISHELL\fR +Runs the specified shell instead of the default. The shell to run is +selected according to the following rules in order: +.RS 10 +.TP +o +the shell specified with +.B \-\-shell +.TP +o +The shell specified in the environment variable +.B SHELL +if the +.B \-\-preserve-environment +option is used. +.TP +o +the shell listed in the passwd entry of the target user +.TP +o +/bin/sh +.RE +.IP +If the target user has a restricted shell (i.e. not listed in +/etc/shells) the +.B \-\-shell +option and the +.B SHELL +environment variables are ignored unless the calling user is root. +.TP +\fB\-\-help\fR +Display help text and exit. +.TP +\fB\-\-version\fR +Display version information and exit. +.SH CONFIG FILES +.B su +reads the +.I /etc/default/su +and +.I /etc/login.defs +configuration files. The following configuration items are relevant +for +.BR su (1): +.PP +.B FAIL_DELAY +(number) +.RS 4 +Delay in seconds in case of authentication failure. Number must be +a non-negative integer. +.RE +.PP +.B ENV_PATH +(string) +.RS 4 +Defines the PATH environment variable for a regular user. The +default value is +.IR /usr/local/bin:\:/bin:\:/usr/bin . +.RE +.PP +.B ENV_ROOTPATH +(string) +.br +.B ENV_SUPATH +(string) +.RS 4 +Defines the PATH environment variable for root. The default value is +.IR /usr/local/sbin:\:/usr/local/bin:\:/sbin:\:/bin:\:/usr/sbin:\:/usr/bin . +.RE +.PP +.B ALWAYS_SET_PATH +(boolean) +.RS 4 +If set to +.I yes +and \-\-login and \-\-preserve\-environment were not specified +.B su +initializes +.BR PATH . +.RE +.SH EXIT STATUS +.B su +normally returns the exit status of the command it executed. If the +command was killed by a signal, +.B su +returns the number of the signal plus 128. +.PP +Exit status generated by +.B su +itself: +.RS 10 +.TP +1 +Generic error before executing the requested command +.TP +126 +The requested command could not be executed +.TP +127 +The requested command could was not found +.RE +.SH FILES +.PD 0 +.TP 17 +/etc/pam.d/su +default PAM configuration file +.TP +/etc/pam.d/su-l +PAM configuration file if \-\-login is specified +.TP +/etc/default/su +command specific logindef config file +.TP +/etc/login.defs +global logindef config file +.PD 1 +.SH "SEE ALSO" +.BR pam (8), +.BR shells (5), +.BR login.defs (5) +.SH AUTHOR +Derived from coreutils' su which was based on an implementation from +David MacKenzie. +.SH AVAILABILITY +The su command is part of the util-linux package and is +available from +.UR ftp://\:ftp.kernel.org\:/pub\:/linux\:/utils\:/util-linux/ +Linux Kernel Archive +.UE . diff --git a/core/util-linux/util-linux.install b/core/util-linux/util-linux.install index 90ce5bd73..35f80e2a2 100644 --- a/core/util-linux/util-linux.install +++ b/core/util-linux/util-linux.install @@ -1,3 +1,20 @@ +post_install() { + # create user for uuidd + if ! getent group uuidd >/dev/null; then + groupadd -r uuidd + fi + + if ! getent passwd uuidd >/dev/null; then + useradd -r -s /sbin/nologin -d / -g uuidd uuidd + fi + + # we don't want use systemd-tmpfiles here because + # the package dependency would create a circular dep. + if [ ! -d run/uuidd ]; then + install -o uuidd -g uuidd -dm755 run/uuidd + fi +} + post_upgrade() { if [ "$(vercmp $2 2.21.2-4)" -lt 0 ]; then if [ -f /var/lib/hwclock/adjtime ]; then @@ -7,4 +24,16 @@ post_upgrade() { rmdir /var/lib/hwclock fi fi + + post_install +} + +post_remove() { + if getent passwd uuidd >/dev/null; then + userdel uuidd + fi + + if getent group uuidd >/dev/null; then + userdel uuidd + fi } diff --git a/core/util-linux/uuidd.tmpfiles b/core/util-linux/uuidd.tmpfiles new file mode 100644 index 000000000..b059cfe65 --- /dev/null +++ b/core/util-linux/uuidd.tmpfiles @@ -0,0 +1 @@ +d /run/uuidd 0755 uuidd uuidd |