project-lakitu/sys-apps/shadow/shadow-4.8.1.ebuild - cos/overlays/board-overlays - Git at Google

 # Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2

 EAPI=7

 inherit autotools libtool pam

 DESCRIPTION="Utilities to deal with user accounts"
 HOMEPAGE="https://github.com/shadow-maint/shadow"
 SRC_URI="https://github.com/shadow-maint/shadow/releases/download/${PV}/${P}.tar.xz"

 LICENSE="BSD GPL-2"
 SLOT="0"
 KEYWORDS="*"
 IUSE="acl audit bcrypt cracklib nls pam selinux skey split-usr +su xattr"
 # Taken from the man/Makefile.am file.
 LANGS=( cs da de es fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW )

 REQUIRED_USE="?? ( cracklib pam )"

 BDEPEND="
 	app-arch/xz-utils
 	sys-devel/gettext
 "
 COMMON_DEPEND="
 	virtual/libcrypt:=
 	acl? ( sys-apps/acl:0= )
 	audit? ( >=sys-process/audit-2.6:0= )
 	cracklib? ( >=sys-libs/cracklib-2.7-r3:0= )
 	nls? ( virtual/libintl )
 	pam? ( sys-libs/pam:0= )
 	skey? ( sys-auth/skey:0= )
 	selinux? (
 		>=sys-libs/libselinux-1.28:0=
 		sys-libs/libsemanage:0=
 	)
 	xattr? ( sys-apps/attr:0= )
 "
 DEPEND="${COMMON_DEPEND}
 	>=sys-kernel/linux-headers-4.14
 "
 RDEPEND="${COMMON_DEPEND}
 	pam? ( >=sys-auth/pambase-20150213 )
 	su? ( !sys-apps/util-linux[su(-)] )
 "

 PATCHES=(
 	# Lakitu: apply Fedora's patch on usernames, which entails the allowance of
 	# dots.
 	"${FILESDIR}"/${P}-goodname.patch
 )

 src_prepare() {
 	default
 	eautoreconf
 	#elibtoolize
 }

 src_configure() {
 	local myeconfargs=(
 		--disable-account-tools-setuid
 		--enable-shared=no
 		--enable-static=yes
 		--with-btrfs
 		--without-group-name-max-length
 		--without-tcb
 		$(use_enable nls)
 		$(use_with acl)
 		$(use_with audit)
 		$(use_with bcrypt)
 		$(use_with cracklib libcrack)
 		$(use_with elibc_glibc nscd)
 		$(use_with pam libpam)
 		$(use_with selinux)
 		$(use_with skey)
 		$(use_with su)
 		$(use_with xattr attr)
 	)
 	econf "${myeconfargs[@]}"

 	has_version 'sys-libs/uclibc[-rpc]' && sed -i '/RLOGIN/d' config.h #425052

 	if use nls ; then
 		local l langs="po" # These are the pot files.
 		for l in ${LANGS[*]} ; do
 			has ${l} ${LINGUAS-${l}} && langs+=" ${l}"
 		done
 		sed -i "/^SUBDIRS = /s:=.*:= ${langs}:" man/Makefile || die
 	fi
 }

 set_login_opt() {
 	local comment="" opt=$1 val=$2
 	if [[ -z ${val} ]]; then
 		comment="#"
 		sed -i \
 			-e "/^${opt}\>/s:^:#:" \
 			"${ED}"/etc/login.defs || die
 	else
 		sed -i -r \
 			-e "/^#?${opt}\>/s:.*:${opt} ${val}:" \
 			"${ED}"/etc/login.defs
 	fi
 	local res=$(grep "^${comment}${opt}\>" "${ED}"/etc/login.defs)
 	einfo "${res:-Unable to find ${opt} in /etc/login.defs}"
 }

 src_install() {
 	emake DESTDIR="${D}" suidperms=4711 install

 	# Remove libshadow and libmisc; see bug 37725 and the following
 	# comment from shadow's README.linux:
 	#   Currently, libshadow.a is for internal use only, so if you see
 	#   -lshadow in a Makefile of some other package, it is safe to
 	#   remove it.
 	rm -f "${ED}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}

 	insinto /etc
 	if ! use pam ; then
 		insopts -m0600
 		doins etc/login.access etc/limits
 	fi

 	# needed for 'useradd -D'
 	insinto /etc/default
 	insopts -m0600
 	doins "${FILESDIR}"/default/useradd

 	if use split-usr ; then
 		# move passwd to / to help recover broke systems #64441
 		# We cannot simply remove this or else net-misc/scponly
 		# and other tools will break because of hardcoded passwd
 		# location
 		dodir /bin
 		mv "${ED}"/usr/bin/passwd "${ED}"/bin/ || die
 		dosym ../../bin/passwd /usr/bin/passwd
 	fi

 	cd "${S}" || die
 	insinto /etc
 	insopts -m0644
 	newins etc/login.defs login.defs

 	set_login_opt CREATE_HOME yes
 	set_login_opt UMASK 027
 	if ! use pam ; then
 		set_login_opt MAIL_CHECK_ENAB no
 		set_login_opt SU_WHEEL_ONLY yes
 		set_login_opt CRACKLIB_DICTPATH /usr/lib/cracklib_dict
 		set_login_opt LOGIN_RETRIES 3
 		set_login_opt ENCRYPT_METHOD SHA512
 		set_login_opt CONSOLE
 	else
 		dopamd "${FILESDIR}"/pam.d-include/shadow

 		for x in chsh shfn ; do
 			newpamd "${FILESDIR}"/pam.d-include/passwd ${x}
 		done

 		for x in chpasswd newusers ; do
 			newpamd "${FILESDIR}"/pam.d-include/chpasswd ${x}
 		done

 		newpamd "${FILESDIR}"/pam.d-include/shadow-r1 groupmems

 		# comment out login.defs options that pam hates
 		local opt sed_args=()
 		for opt in \
 			CHFN_AUTH \
 			CONSOLE \
 			CRACKLIB_DICTPATH \
 			ENV_HZ \
 			ENVIRON_FILE \
 			FAILLOG_ENAB \
 			FTMP_FILE \
 			LASTLOG_ENAB \
 			MAIL_CHECK_ENAB \
 			MOTD_FILE \
 			NOLOGINS_FILE \
 			OBSCURE_CHECKS_ENAB \
 			PASS_ALWAYS_WARN \
 			PASS_CHANGE_TRIES \
 			PASS_MIN_LEN \
 			PORTTIME_CHECKS_ENAB \
 			QUOTAS_ENAB \
 			SU_WHEEL_ONLY
 		do
 			set_login_opt ${opt}
 			sed_args+=( -e "/^#${opt}\>/b pamnote" )
 		done
 		sed -i "${sed_args[@]}" \
 			-e 'b exit' \
 			-e ': pamnote; i# NOTE: This setting should be configured via /etc/pam.d/ and not in this file.' \
 			-e ': exit' \
 			"${ED}"/etc/login.defs || die

 		# remove manpages that pam will install for us
 		# and/or don't apply when using pam
 		find "${ED}"/usr/share/man -type f \
 			'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
 			-delete

 		# Remove pam.d files provided by pambase.
 		rm "${ED}"/etc/pam.d/{login,passwd} || die
 		if use su ; then
 			rm "${ED}"/etc/pam.d/su || die
 		fi
 	fi

 	# Remove manpages that are handled by other packages
 	find "${ED}"/usr/share/man \
 		'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
 		-delete

 	cd "${S}" || die
 	dodoc ChangeLog NEWS TODO
 	newdoc README README.download
 	cd doc || die
 	dodoc HOWTO README* WISHLIST *.txt
 }

 pkg_preinst() {
 	rm -f "${EROOT}"/etc/pam.d/system-auth.new \
 		"${EROOT}/etc/login.defs.new"
 }

 pkg_postinst() {
 	# Enable shadow groups.
 	if [ ! -f "${EROOT}"/etc/gshadow ] ; then
 		if grpck -r -R "${EROOT}" 2>/dev/null ; then
 			grpconv -R "${EROOT}"
 		else
 			ewarn "Running 'grpck' returned errors.  Please run it by hand, and then"
 			ewarn "run 'grpconv' afterwards!"
 		fi
 	fi

 	[[ ! -f "${EROOT}"/etc/subgid ]] &&
 		touch "${EROOT}"/etc/subgid
 	[[ ! -f "${EROOT}"/etc/subuid ]] &&
 		touch "${EROOT}"/etc/subuid

 	einfo "The 'adduser' symlink to 'useradd' has been dropped."
 }
	# Copyright 1999-2020 Gentoo Authors
	# Distributed under the terms of the GNU General Public License v2

	EAPI=7

	inherit autotools libtool pam

	DESCRIPTION="Utilities to deal with user accounts"
	HOMEPAGE="https://github.com/shadow-maint/shadow"
	SRC_URI="https://github.com/shadow-maint/shadow/releases/download/${PV}/${P}.tar.xz"

	LICENSE="BSD GPL-2"
	SLOT="0"
	KEYWORDS="*"
	IUSE="acl audit bcrypt cracklib nls pam selinux skey split-usr +su xattr"
	# Taken from the man/Makefile.am file.
	LANGS=( cs da de es fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW )

	REQUIRED_USE="?? ( cracklib pam )"

	BDEPEND="
	app-arch/xz-utils
	sys-devel/gettext
	"
	COMMON_DEPEND="
	virtual/libcrypt:=
	acl? ( sys-apps/acl:0= )
	audit? ( >=sys-process/audit-2.6:0= )
	cracklib? ( >=sys-libs/cracklib-2.7-r3:0= )
	nls? ( virtual/libintl )
	pam? ( sys-libs/pam:0= )
	skey? ( sys-auth/skey:0= )
	selinux? (
	>=sys-libs/libselinux-1.28:0=
	sys-libs/libsemanage:0=
	)
	xattr? ( sys-apps/attr:0= )
	"
	DEPEND="${COMMON_DEPEND}
	>=sys-kernel/linux-headers-4.14
	"
	RDEPEND="${COMMON_DEPEND}
	pam? ( >=sys-auth/pambase-20150213 )
	su? ( !sys-apps/util-linux[su(-)] )
	"

	PATCHES=(
	# Lakitu: apply Fedora's patch on usernames, which entails the allowance of
	# dots.
	"${FILESDIR}"/${P}-goodname.patch
	)

	src_prepare() {
	default
	eautoreconf
	#elibtoolize
	}

	src_configure() {
	local myeconfargs=(
	--disable-account-tools-setuid
	--enable-shared=no
	--enable-static=yes
	--with-btrfs
	--without-group-name-max-length
	--without-tcb
	$(use_enable nls)
	$(use_with acl)
	$(use_with audit)
	$(use_with bcrypt)
	$(use_with cracklib libcrack)
	$(use_with elibc_glibc nscd)
	$(use_with pam libpam)
	$(use_with selinux)
	$(use_with skey)
	$(use_with su)
	$(use_with xattr attr)
	)
	econf "${myeconfargs[@]}"

	has_version 'sys-libs/uclibc[-rpc]' && sed -i '/RLOGIN/d' config.h #425052

	if use nls ; then
	local l langs="po" # These are the pot files.
	for l in ${LANGS[*]} ; do
	has ${l} ${LINGUAS-${l}} && langs+=" ${l}"
	done
	sed -i "/^SUBDIRS = /s:=.*:= ${langs}:" man/Makefile \|\| die
	fi
	}

	set_login_opt() {
	local comment="" opt=$1 val=$2
	if [[ -z ${val} ]]; then
	comment="#"
	sed -i \
	-e "/^${opt}\>/s:^:#:" \
	"${ED}"/etc/login.defs \|\| die
	else
	sed -i -r \
	-e "/^#?${opt}\>/s:.*:${opt} ${val}:" \
	"${ED}"/etc/login.defs
	fi
	local res=$(grep "^${comment}${opt}\>" "${ED}"/etc/login.defs)
	einfo "${res:-Unable to find ${opt} in /etc/login.defs}"
	}

	src_install() {
	emake DESTDIR="${D}" suidperms=4711 install

	# Remove libshadow and libmisc; see bug 37725 and the following
	# comment from shadow's README.linux:
	# Currently, libshadow.a is for internal use only, so if you see
	# -lshadow in a Makefile of some other package, it is safe to
	# remove it.
	rm -f "${ED}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}

	insinto /etc
	if ! use pam ; then
	insopts -m0600
	doins etc/login.access etc/limits
	fi

	# needed for 'useradd -D'
	insinto /etc/default
	insopts -m0600
	doins "${FILESDIR}"/default/useradd

	if use split-usr ; then
	# move passwd to / to help recover broke systems #64441
	# We cannot simply remove this or else net-misc/scponly
	# and other tools will break because of hardcoded passwd
	# location
	dodir /bin
	mv "${ED}"/usr/bin/passwd "${ED}"/bin/ \|\| die
	dosym ../../bin/passwd /usr/bin/passwd
	fi

	cd "${S}" \|\| die
	insinto /etc
	insopts -m0644
	newins etc/login.defs login.defs

	set_login_opt CREATE_HOME yes
	set_login_opt UMASK 027
	if ! use pam ; then
	set_login_opt MAIL_CHECK_ENAB no
	set_login_opt SU_WHEEL_ONLY yes
	set_login_opt CRACKLIB_DICTPATH /usr/lib/cracklib_dict
	set_login_opt LOGIN_RETRIES 3
	set_login_opt ENCRYPT_METHOD SHA512
	set_login_opt CONSOLE
	else
	dopamd "${FILESDIR}"/pam.d-include/shadow

	for x in chsh shfn ; do
	newpamd "${FILESDIR}"/pam.d-include/passwd ${x}
	done

	for x in chpasswd newusers ; do
	newpamd "${FILESDIR}"/pam.d-include/chpasswd ${x}
	done

	newpamd "${FILESDIR}"/pam.d-include/shadow-r1 groupmems

	# comment out login.defs options that pam hates
	local opt sed_args=()
	for opt in \
	CHFN_AUTH \
	CONSOLE \
	CRACKLIB_DICTPATH \
	ENV_HZ \
	ENVIRON_FILE \
	FAILLOG_ENAB \
	FTMP_FILE \
	LASTLOG_ENAB \
	MAIL_CHECK_ENAB \
	MOTD_FILE \
	NOLOGINS_FILE \
	OBSCURE_CHECKS_ENAB \
	PASS_ALWAYS_WARN \
	PASS_CHANGE_TRIES \
	PASS_MIN_LEN \
	PORTTIME_CHECKS_ENAB \
	QUOTAS_ENAB \
	SU_WHEEL_ONLY
	do
	set_login_opt ${opt}
	sed_args+=( -e "/^#${opt}\>/b pamnote" )
	done
	sed -i "${sed_args[@]}" \
	-e 'b exit' \
	-e ': pamnote; i# NOTE: This setting should be configured via /etc/pam.d/ and not in this file.' \
	-e ': exit' \
	"${ED}"/etc/login.defs \|\| die

	# remove manpages that pam will install for us
	# and/or don't apply when using pam
	find "${ED}"/usr/share/man -type f \
	'(' -name 'limits.5' -o -name 'suauth.5' ')' \
	-delete

	# Remove pam.d files provided by pambase.
	rm "${ED}"/etc/pam.d/{login,passwd} \|\| die
	if use su ; then
	rm "${ED}"/etc/pam.d/su \|\| die
	fi
	fi

	# Remove manpages that are handled by other packages
	find "${ED}"/usr/share/man \
	'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
	-delete

	cd "${S}" \|\| die
	dodoc ChangeLog NEWS TODO
	newdoc README README.download
	cd doc \|\| die
	dodoc HOWTO README* WISHLIST *.txt
	}

	pkg_preinst() {
	rm -f "${EROOT}"/etc/pam.d/system-auth.new \
	"${EROOT}/etc/login.defs.new"
	}

	pkg_postinst() {
	# Enable shadow groups.
	if [ ! -f "${EROOT}"/etc/gshadow ] ; then
	if grpck -r -R "${EROOT}" 2>/dev/null ; then
	grpconv -R "${EROOT}"
	else
	ewarn "Running 'grpck' returned errors. Please run it by hand, and then"
	ewarn "run 'grpconv' afterwards!"
	fi
	fi

	[[ ! -f "${EROOT}"/etc/subgid ]] &&
	touch "${EROOT}"/etc/subgid
	[[ ! -f "${EROOT}"/etc/subuid ]] &&
	touch "${EROOT}"/etc/subuid

	einfo "The 'adduser' symlink to 'useradd' has been dropped."
	}