blob: 0444a845f00bbef3f8a7316ac0fe61b871a0ee2d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
# Description: Utilitaire permettant de cacher les fichiers de mot de passe
# URL: http://shadow.pld.org.pl/
# Maintainer: NuTyX core team
# Packager: thierryn1 at hispeed dot ch
# Depends on:linux-pam
# Run on:linux-pam
name=shadow
version=4.1.4.3
release=2
source=( http://pkg-shadow.alioth.debian.org/releases/$name-$version.tar.bz2\
)
build() {
cd $name-$version
# Disable the installation of groups
sed -i 's/groups$(EXEEXT) //' src/Makefile.in
find man -name Makefile.in -exec sed -i 's/groups\.1 / /' {} \;
# Issue with russian man pages
sed -i 's/man_MANS = $(man_nopam) /man_MANS = /' man/ru/Makefile.in
# Disable the installation of the non french manual pages
# Instead of using the default crypt method, use the more secure SHA512 method of password encryption
sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@' \
-e 's@/var/spool/mail@/var/mail@' etc/login.defs
./configure --sysconfdir=/etc
make
make DESTDIR=$PKG install
for i in de cs fi id hu ja it ko pl ru sv tr pt_BR zh_CN zh_TW
do rm -r $PKG/usr/share/man/$i
done
# Remove the default as it is part of aaabasicfs
rm -rf $PKG/etc/default
mkdir $PKG/usr/lib
mv -v $PKG/usr/bin/passwd $PKG/bin
if (pkginfo -i |grep linux-pam > /dev/null) then
ln -sfv ../../lib/libshadow.so.0 $PKG/usr/lib/libshadow.so
cp $PKG/etc/{login.defs,login.defs.orig}
for FUNCTION in LASTLOG_ENAB MAIL_CHECK_ENAB \
PORTTIME_CHECKS_ENAB CONSOLE \
MOTD_FILE NOLOGINS_FILE PASS_MIN_LEN \
SU_WHEEL_ONLY MD5_CRYPT_ENAB \
CONSOLE_GROUPS ENVIRON_FILE \
ULIMIT ENV_TZ ENV_HZ ENV_SUPATH \
ENV_PATH QMAIL_DIR MAIL_DIR MAIL_FILE \
CHFN_AUTH FAILLOG_ENAB QUOTAS_ENAB FTMP_FILE \
OBSCURE_CHECKS_ENAB CRACKLIB_DICTPATH \
PASS_CHANGE_TRIES PASS_ALWAYS_WARN ISSUE_FILE
do
sed -i "s/^$FUNCTION/# &/" $PKG/etc/login.defs
done
cat > $PKG/etc/pam.d/login << "EOF"
# Begin /etc/pam.d/login
auth requisite pam_nologin.so
auth required pam_securetty.so
auth required pam_env.so
auth required pam_unix.so
account required pam_access.so
account required pam_unix.so
session required pam_motd.so
session required pam_limits.so
session optional pam_mail.so dir=/var/mail standard
session optional pam_lastlog.so
session required pam_unix.so
password required pam_unix.so md5 shadow
# End /etc/pam.d/login
EOF
cat > $PKG/etc/pam.d/passwd << "EOF"
# Begin /etc/pam.d/passwd
password required pam_unix.so md5 shadow
# End /etc/pam.d/passwd
EOF
cat > $PKG/etc/pam.d/su << "EOF"
# Begin /etc/pam.d/su
auth sufficient pam_rootok.so
auth required pam_unix.so
account required pam_unix.so
session optional pam_mail.so dir=/var/mail standard
session optional pam_xauth.so
session required pam_env.so
session required pam_unix.so
# End /etc/pam.d/su
EOF
cat > $PKG/etc/pam.d/chage << "EOF"
# Begin /etc/pam.d/chage
auth sufficient pam_rootok.so
auth required pam_unix.so
account required pam_unix.so
session required pam_unix.so
password required pam_permit.so
# End /etc/pam.d/chage
EOF
for PROGRAM in chpasswd chgpasswd groupadd groupdel groupmems \
groupmod newusers useradd userdel usermod
do
install -v -m644 $PKG/etc/pam.d/chage $PKG/etc/pam.d/$PROGRAM
sed -i "s/chage/$PROGRAM/" $PKG/etc/pam.d/$PROGRAM
done
fi
}
|