diff options
| author |   Jared H.Hudson <jhhudso@gentoo.org> | 2002-04-04 05:32:40 +0000 |
|---|---|---|
| committer | Jared H.Hudson <jhhudso@gentoo.org> | 2002-04-04 05:32:40 +0000 |
| commit | b0ff05140727f1ca5c9530fcb764a119b5ca735a (patch) | |
| tree | 6a5b03cd27ac0156de582ff5f4b36b49645d53e6 /sys-apps | |
| parent | DESCRIPTION fix (diff) | |
| download | gentoo-2-b0ff05140727f1ca5c9530fcb764a119b5ca735a.tar.gz gentoo-2-b0ff05140727f1ca5c9530fcb764a119b5ca735a.tar.bz2 gentoo-2-b0ff05140727f1ca5c9530fcb764a119b5ca735a.zip | |
Updated my previous security fix to include support for multiple ROOT's,
binary packages and already existing proper system-auth's.
Diffstat (limited to 'sys-apps')
| -rw-r--r-- | sys-apps/shadow/ChangeLog | 10 | ||||
| -rw-r--r-- | sys-apps/shadow/files/digest-shadow-4.0.2-r3 | 1 | ||||
| -rw-r--r-- | sys-apps/shadow/shadow-4.0.2-r3.ebuild | 113 |
3 files changed, 123 insertions, 1 deletions
diff --git a/sys-apps/shadow/ChangeLog b/sys-apps/shadow/ChangeLog index cb4796aee008..689a5342ac82 100644 --- a/sys-apps/shadow/ChangeLog +++ b/sys-apps/shadow/ChangeLog @@ -1,7 +1,15 @@ # ChangeLog for sys-apps/shadow # Copyright 2002 Gentoo Technologies, Inc.; Distributed under the GPL -# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.7 2002/04/03 22:25:21 jhhudso Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.8 2002/04/04 05:32:40 jhhudso Exp $ +*shadow-4.0.2-r3 (3 Apr 2002) + + 3 Apr 2002; Jared H. Hudson <jhhudso@gentoo.org> + + Cleaned up earlier fix to account for all possibilities, such as + binary packages, different ROOT's, and an already existing good + system-auth file. + *shadow-4.0.2-r2 (3 Apr 2002) 3 Apr 2002; Jared H. Hudson <jhhudso@gentoo.org> diff --git a/sys-apps/shadow/files/digest-shadow-4.0.2-r3 b/sys-apps/shadow/files/digest-shadow-4.0.2-r3 new file mode 100644 index 000000000000..cd747a96a934 --- /dev/null +++ b/sys-apps/shadow/files/digest-shadow-4.0.2-r3 @@ -0,0 +1 @@ +MD5 5a98215dd9ee6511cbc2c898898d3c14 shadow-4.0.2.tar.gz 966765 diff --git a/sys-apps/shadow/shadow-4.0.2-r3.ebuild b/sys-apps/shadow/shadow-4.0.2-r3.ebuild new file mode 100644 index 000000000000..b41cfacf9e62 --- /dev/null +++ b/sys-apps/shadow/shadow-4.0.2-r3.ebuild @@ -0,0 +1,113 @@ +# Copyright 1999-2002 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License, v2 or later +# Maintainer: Daniel Robbins <drobbins@gentoo.org> +# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.0.2-r3.ebuild,v 1.1 2002/04/04 05:32:40 jhhudso Exp $ + +S=${WORKDIR}/${P} +DESCRIPTION="Utilities to deal with user accounts" +SRC_URI="ftp://ftp.pld.org.pl/software/shadow/${P}.tar.gz" + +DEPEND=">=sys-libs/pam-0.75-r4 + >=sys-libs/cracklib-2.7-r3 + sys-devel/gettext" + +RDEPEND=">=sys-libs/pam-0.75-r4 + >=sys-libs/cracklib-2.7-r3" + +pkg_preinst() { + rm -f ${ROOT}/etc/pam.d/system-auth.new +} + +src_compile() { + local myconf="" + use nls || myconf="${myconf} --disable-nls" + + ./configure --disable-desrpc \ + --with-libcrypt \ + --with-libcrack \ + --with-libpam \ + --enable-shared=no \ + --enable-static=yes \ + --host=${CHOST} \ + ${myconf} || die "bad configure" + + # Parallel make fails sometimes + make LDFLAGS="" || die "compile problem" +} + +src_install() { + dodir /etc/default /etc/skel + + make prefix=${D}/usr \ + exec_prefix=${D} \ + mandir=${D}/usr/share/man \ + install || die "install problem" + + mv ${D}/lib ${D}/usr + dosed "s:/lib':/usr/lib':g" /usr/lib/libshadow.la + dosed "s:/lib/:/usr/lib/:g" /usr/lib/libshadow.la + dosed "s:/lib':/usr/lib':g" /usr/lib/libmisc.la + dosed "s:/lib/:/usr/lib/:g" /usr/lib/libmisc.la + dosym /usr/bin/newgrp /usr/bin/sg + dosym /usr/sbin/useradd /usr/sbin/adduser + dosym /usr/sbin/vipw /usr/sbin/vigr + # remove dead links + rm -f ${D}/bin/{sg,vipw} + + insinto /etc + # Using a securetty with devfs device names added + # (compat names kept for non-devfs compatibility) + insopts -m0600 ; doins ${FILESDIR}/securetty + insopts -m0600 ; doins ${S}/etc/login.access + insopts -m0644 ; doins ${S}/etc/limits + insopts -m0644 ; doins ${FILESDIR}/login.defs + insinto /etc/pam.d ; insopts -m0644 + cd ${FILESDIR}/pam.d + doins * + newins system-auth system-auth.new + newins shadow chage + newins shadow chsh + newins shadow chfn + newins shadow useradd + newins shadow groupadd + cd ${S} + + # the manpage install is beyond my comprehension, and also broken. + # just do it over. + rm -rf ${D}/usr/share/man/* + for q in man/*.[0-9] + do + local dir="${D}/usr/share/man/man${q##*.}" + mkdir -p $dir + cp $q $dir + done + + cd ${S}/doc + dodoc ANNOUNCE INSTALL LICENSE README WISHLIST + docinto txt + dodoc HOWTO LSM README.* *.txt +} + +pkg_postinst() { + echo + echo "****************************************************" + echo " Due to a security issue, ${ROOT}etc/pam.d/system-auth " + echo " is being updated automatically. Your old " + echo " system-auth will be backed up as:" + echo " ${ROOT}etc/pam.d/system-auth.bak" + echo "****************************************************" + echo + local CHECK1=`md5sum ${ROOT}/etc/pam.d/system-auth | cut -d ' ' -f 1` + local CHECK2=`md5sum ${ROOT}/etc/pam.d/system-auth.new | cut -d ' ' -f 1` + + if [ "$CHECK1" != "$CHECK2" ]; + then + cp -a ${ROOT}/etc/pam.d/system-auth \ + ${ROOT}/etc/pam.d/system-auth.bak; + mv -f ${ROOT}/etc/pam.d/system-auth.new \ + ${ROOT}/etc/pam.d/system-auth + else + rm -f ${ROOT}/etc/pam.d/system-auth.new + fi +} + |