summaryrefslogtreecommitdiff
path: root/core/shadow
diff options
context:
space:
mode:
Diffstat (limited to 'core/shadow')
-rw-r--r--core/shadow/PKGBUILD80
-rw-r--r--core/shadow/nscd-error-reporting.patch17
-rw-r--r--core/shadow/shadow-strncpy-usage.patch36
-rw-r--r--core/shadow/shadow.install2
4 files changed, 81 insertions, 54 deletions
diff --git a/core/shadow/PKGBUILD b/core/shadow/PKGBUILD
index 000ffcbc1..ed42c0916 100644
--- a/core/shadow/PKGBUILD
+++ b/core/shadow/PKGBUILD
@@ -1,10 +1,10 @@
-# $Id: PKGBUILD 144463 2011-12-06 10:57:36Z dreisner $
+# $Id: PKGBUILD 150333 2012-02-16 23:20:09Z dreisner $
# Maintainer: Dave Reisner <dreisner@archlinux.org>
# Maintainer: Aaron Griffin <aaron@archlinux.org>
pkgname=shadow
-pkgver=4.1.4.3
-pkgrel=5
+pkgver=4.1.5
+pkgrel=3
pkgdesc="Password and account management tool suite with support for shadow files and PAM"
arch=('i686' 'x86_64')
url='http://pkg-shadow.alioth.debian.org/'
@@ -17,15 +17,26 @@ backup=(etc/login.defs
etc/pam.d/{chfn,chgpasswd,groupmems,chsh}
etc/default/useradd)
options=('!libtool')
-install=shadow.install
-#http://pkg-shadow.alioth.debian.org/releases/shadow-$pkgver.tar.bz2
-# shadow 4.1.4.3 is just shadow 4.1.4.2 with shadow_CVE-2011-0721.patch applied
-source=(ftp://ftp.archlinux.org/other/shadow/shadow_4.1.4.2+svn3283.orig.tar.gz
- adduser chgpasswd chpasswd defaults.pam login login.defs newusers
- passwd shadow.cron.daily useradd.defaults LICENSE
- xstrdup.patch shadow_CVE-2011-0721.patch shadow-strncpy-usage.patch
+install='shadow.install'
+source=("http://pkg-shadow.alioth.debian.org/releases/$pkgname-$pkgver.tar.bz2"{,.sig}
+ LICENSE
+ adduser
+ chgpasswd
+ chpasswd
+ defaults.pam
+ login
+ login.defs
+ newusers
+ passwd
+ shadow.cron.daily
+ useradd.defaults
+ nscd-error-reporting.patch
+ xstrdup.patch
+ shadow-strncpy-usage.patch
shadow-add-missing-include.patch)
-sha1sums=('8b704b8f07718e329205f23d457c3121c0f3679e'
+sha1sums=('3ab1ae0e30af36d04445314fcb5a079bdf05de41'
+ '0a31aafceb948a91fe7370a6378cafd6fd883145'
+ '33a6cf1e44a1410e5c9726c89e5de68b78f5f922'
'78ec184a499f9708adcfcf0b7a3b22a60bf39f91'
'4ad0e059406a305c8640ed30d93c2a1f62c2f4ad'
'12427b1ca92a9b85ca8202239f0d9f50198b818f'
@@ -36,39 +47,42 @@ sha1sums=('8b704b8f07718e329205f23d457c3121c0f3679e'
'611be25d91c3f8f307c7fe2485d5f781e5dee75f'
'5d83ba7e11c765c951867cbe00b0ae7ff57148fa'
'9ae93de5987dd0ae428f0cc1a5a5a5cd53583f19'
- '33a6cf1e44a1410e5c9726c89e5de68b78f5f922'
+ 'ae6eebb842c433ac4022c493294a13ed68e06acc'
'6010fffeed1fc6673ad9875492e1193b1a847b53'
- '6bfe6528391eb38d338beacedd620407877b637d'
- '9db9e62ad173f31e1039121c0124cf60826ffd7e'
+ '21e12966a6befb25ec123b403cd9b5c492fe5b16'
'0697a21f7519de30821da7772677035652df4ad2')
build() {
- cd "$srcdir/$pkgname-4.1.4.2+svn3283"
+ cd "$pkgname-$pkgver"
+
+ # avoid transitive linking issues with binutils 2.22
+ sed -i '/^user\(mod\|add\)_LDADD/s|$| -lattr|' src/Makefile.am
- #Ugh, force this to build shared libraries, for god's sake
- sed -i "s/noinst_LTLIBRARIES/lib_LTLIBRARIES/g" lib/Makefile.am
- libtoolize
- autoreconf
- export LDFLAGS="$LDFLAGS -lcrypt"
+ # link to glibc's crypt(3)
+ LDFLAGS+=" -lcrypt"
- patch -p1 -i "$srcdir/xstrdup.patch"
- patch -p1 -i "$srcdir/shadow_CVE-2011-0721.patch"
- patch -p1 -i "$srcdir/shadow-strncpy-usage.patch"
- patch -p1 -i "$srcdir/shadow-add-missing-include.patch"
+ patch -Np1 <"$srcdir/xstrdup.patch"
+ patch -Np1 <"$srcdir/shadow-strncpy-usage.patch"
+ patch -Np1 <"$srcdir/shadow-add-missing-include.patch"
+ patch -Np1 <"$srcdir/nscd-error-reporting.patch"
# supress etc/pam.d/*, we provide our own
sed -i '/^SUBDIRS/s/pam.d//' etc/Makefile.in
./configure \
- --prefix=/usr --libdir=/lib \
- --mandir=/usr/share/man --sysconfdir=/etc \
- --enable-shared --disable-static \
- --with-libpam --without-selinux
+ --prefix=/usr \
+ --libdir=/lib \
+ --mandir=/usr/share/man \
+ --sysconfdir=/etc \
+ --with-libpam \
+ --without-selinux
+
make
}
package() {
- cd "$srcdir/$pkgname-4.1.4.2+svn3283"
+ cd "$pkgname-$pkgver"
+
make DESTDIR="$pkgdir" install
# license
@@ -87,11 +101,9 @@ package() {
install -Dm644 "$srcdir/login.defs" "$pkgdir/etc/login.defs"
# PAM config - custom
- install -Dm644 "$srcdir/login" "$pkgdir/etc/pam.d/login"
- install -Dm644 "$srcdir/passwd" "$pkgdir/etc/pam.d/passwd"
- install -Dm644 "$srcdir/chgpasswd" "$pkgdir/etc/pam.d/chgpasswd"
- install -Dm644 "$srcdir/chpasswd" "$pkgdir/etc/pam.d/chpasswd"
- install -Dm644 "$srcdir/newusers" "$pkgdir/etc/pam.d/newusers"
+ install -dm755 "$pkgdir/etc/pam.d"
+ install -t "$pkgdir/etc/pam.d" -m644 "$srcdir"/{login,passwd,chgpasswd,chpasswd,newusers}
+
# PAM config - from tarball
install -Dm644 etc/pam.d/groupmems "$pkgdir/etc/pam.d/groupmems"
diff --git a/core/shadow/nscd-error-reporting.patch b/core/shadow/nscd-error-reporting.patch
new file mode 100644
index 000000000..a4075756e
--- /dev/null
+++ b/core/shadow/nscd-error-reporting.patch
@@ -0,0 +1,17 @@
+diff --git a/upstream/trunk/lib/nscd.c b/upstream/trunk/lib/nscd.c
+index 227c205..7adb58f 100644
+--- a/lib/nscd.c
++++ b/lib/nscd.c
+@@ -39,8 +39,11 @@ int nscd_flush_cache (const char *service)
+ /* nscd is not installed, or it is installed but uses an
+ interpreter that is missing. Probably the former. */
+ return 0;
++ } else if (code == 1) {
++ /* nscd is installed, but it isn't active. */
++ return 0;
+ } else if (code != 0) {
+- (void) fprintf (stderr, _("%s: nscd exited with status %d"),
++ (void) fprintf (stderr, _("%s: nscd exited with status %d\n"),
+ Prog, code);
+ (void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
+ return -1;
diff --git a/core/shadow/shadow-strncpy-usage.patch b/core/shadow/shadow-strncpy-usage.patch
index 46df74ace..5aba8fa01 100644
--- a/core/shadow/shadow-strncpy-usage.patch
+++ b/core/shadow/shadow-strncpy-usage.patch
@@ -1,27 +1,25 @@
-diff -ur shadow-4.1.4.3.orig/src/login.c shadow-4.1.4.3/src/login.c
---- shadow-4.1.4.3.orig/src/login.c 2011-03-05 22:17:10.032524948 -0800
-+++ shadow-4.1.4.3/src/login.c 2011-03-05 22:17:59.154342059 -0800
-@@ -748,8 +748,9 @@
- sizeof (loginprompt),
+diff -u shadow-4.1.5/src/usermod.c.orig shadow-4.1.5/src/usermod.c
+--- shadow-4.1.5/src/usermod.c.orig 2012-02-13 08:19:43.792146449 -0500
++++ shadow-4.1.5/src/usermod.c 2012-02-13 08:21:19.375114500 -0500
+@@ -182,7 +182,7 @@
+ struct tm *tp;
+
+ if (date < 0) {
+- strncpy (buf, "never", maxsize);
++ strncpy (buf, "never", maxsize - 1);
+ } else {
+ time_t t = (time_t) date;
+ tp = gmtime (&t);
+diff -u shadow-4.1.5/src/login.c.orig shadow-4.1.5/src/login.c
+--- shadow-4.1.5/src/login.c.orig 2012-02-13 08:19:50.951994454 -0500
++++ shadow-4.1.5/src/login.c 2012-02-13 08:21:04.490430937 -0500
+@@ -752,7 +752,8 @@
_("%s login: "), hostn);
} else {
-+ loginprompt[sizeof (loginprompt) - 1] = '\0';
strncpy (loginprompt, _("login: "),
- sizeof (loginprompt));
+ sizeof (loginprompt) - 1);
++ loginprompt[sizeof (loginprompt) - 1] = '\0';
}
retcode = pam_set_item (pamh, PAM_USER_PROMPT, loginprompt);
-diff -ur shadow-4.1.4.3.orig/src/usermod.c shadow-4.1.4.3/src/usermod.c
---- shadow-4.1.4.3.orig/src/usermod.c 2011-03-05 22:17:10.029191265 -0800
-+++ shadow-4.1.4.3/src/usermod.c 2011-03-05 22:18:42.665576968 -0800
-@@ -182,7 +182,8 @@
- struct tm *tp;
-
- if ((negativ != NULL) && (date < 0)) {
-- strncpy (buf, negativ, maxsize);
-+ buf[maxsize - 1] = '\0';
-+ strncpy (buf, negativ, maxsize - 1);
- } else {
- time_t t = (time_t) date;
- tp = gmtime (&t);
diff --git a/core/shadow/shadow.install b/core/shadow/shadow.install
index e990bfe39..14384c333 100644
--- a/core/shadow/shadow.install
+++ b/core/shadow/shadow.install
@@ -2,7 +2,7 @@ post_upgrade() {
grpck -r >/dev/null 2>&1
if [ $? -eq 2 ]; then
printf '%s\n' \
- "==> Warning: /etc/group or /etc/gshadow are inconsistant." \
+ "==> Warning: /etc/group or /etc/gshadow are inconsistent." \
" Run 'grpck' to correct this."
fi
return 0