From: Michael Olbrich <m.olbrich@pengutronix.de>
To: ptxdist@pengutronix.de
Subject: Re: [ptxdist] [PATCH 4/4] shadow: new package
Date: Mon, 6 Jan 2020 12:15:17 +0100 [thread overview]
Message-ID: <20200106111517.GG5858@pengutronix.de> (raw)
In-Reply-To: <20191210201128.GD948325@lenoch>
On Tue, Dec 10, 2019 at 09:11:28PM +0100, Ladislav Michl wrote:
> Signed-off-by: Ladislav Michl <ladis@linux-mips.org>
> ---
> rules/shadow.in | 148 +++++++++++++++++++++++++++++++++++++++++++
> rules/shadow.make | 157 ++++++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 305 insertions(+)
> create mode 100644 rules/shadow.in
> create mode 100644 rules/shadow.make
>
> diff --git a/rules/shadow.in b/rules/shadow.in
> new file mode 100644
> index 000000000..d2fbbb478
> --- /dev/null
> +++ b/rules/shadow.in
> @@ -0,0 +1,148 @@
> +## SECTION=shell_and_console
> +
> +menuconfig SHADOW
> + tristate
> + depends on GLOBAL_PAM
> + select LIBC_CRYPT
> + select LIBSELINUX if GLOBAL_SELINUX
> + select PAM
> + prompt "shadow "
> + help
> + Password and account management tool suite with support
> + for shadow files and PAM.
> +
> +if SHADOW
> +
> +config SHADOW_CHGPASSWD
> + bool
> + prompt "chgpasswd"
> +
> +config SHADOW_CHPASSWD
> + bool
> + prompt "chpasswd"
> +
> +config SHADOW_GROUPADD
> + bool
> + prompt "groupadd"
> +
> +config SHADOW_GROUPDEL
> + bool
> + prompt "groupdel"
> +
> +config SHADOW_GROUPMEMS
> + bool
> + prompt "groupmems"
> +
> +config SHADOW_GROUPMOD
> + bool
> + prompt "groupmod"
> +
> +config SHADOW_GRPCK
> + bool
> + prompt "grpck"
> +
> +config SHADOW_GRPCONV
> + bool
> + prompt "grpconv"
> +
> +config SHADOW_GRPUNCONV
> + bool
> + prompt "grpunconv"
> +
> +config SHADOW_LOGOUTD
> + bool
> + prompt "logoutd"
> +
> +config SHADOW_NEWUSERS
> + bool
> + prompt "newusers"
> +
> +config SHADOW_NOLOGIN
> + bool
> + prompt "nologin"
> +
> +config SHADOW_PWCK
> + bool
> + prompt "pwck"
> +
> +config SHADOW_PWCONV
> + bool
> + prompt "pwconv"
> +
> +config SHADOW_PWUNCONV
> + bool
> + prompt "pwunconv"
> +
> +config SHADOW_USERADD
> + bool
> + prompt "useradd"
> +
> +config SHADOW_USERDEL
> + bool
> + prompt "userdel"
> +
> +config SHADOW_USERMOD
> + bool
> + prompt "usermod"
> +
> +config SHADOW_VIPW
> + bool
> + prompt "vipw"
> +
> +config SHADOW_CHAGE
> + bool
> + prompt "chage"
> +
> +config SHADOW_CHFN
> + bool
> + prompt "chfn"
> +
> +config SHADOW_CHSH
> + bool
> + prompt "chsh"
> +
> +config SHADOW_EXPIRY
> + bool
> + prompt "expiry"
> +
> +config SHADOW_FAILLOG
> + bool
> + prompt "faillog"
> +
> +config SHADOW_GPASSWD
> + bool
> + prompt "gpasswd"
> +
> +config SHADOW_GROUPS
> + bool
> + prompt "groups"
> +
> +config SHADOW_LASTLOG
> + bool
> + prompt "lastlog"
> +
> +config SHADOW_LOGIN
> + bool
> + prompt "login"
> +
> +config SHADOW_NEWGIDMAP
> + bool
> + prompt "newgidmap"
> +
> +config SHADOW_NEWGRP
> + bool
> + prompt "newgrp"
> +
> +config SHADOW_NEWUIDMAP
> + bool
> + prompt "newuidmap"
> +
> +config SHADOW_PASSWD
> + bool
> + prompt "passwd"
> +
> +config SHADOW_SU
> + bool
> + prompt "su"
Hmmm, I thinks this package is only used for 'bigger' systems, right? I
expect that these binaries are pretty small, so maybe just install them
unconditionally, or maybe two groups:
- tools that are used at runtime that don't modify things, such as
'login', 'su', etc.
- tools that change the configuration, such as 'groupadd' etc.
> +
> +endif
> diff --git a/rules/shadow.make b/rules/shadow.make
> new file mode 100644
> index 000000000..d969adcd0
> --- /dev/null
> +++ b/rules/shadow.make
> @@ -0,0 +1,157 @@
> +# -*-makefile-*-
> +#
> +# Copyright (C) 2019 by Ladislav Michl <ladis@linux-mips.org>
> +#
> +# For further information about the PTXdist project and license conditions
> +# see the README file.
> +#
> +
> +#
> +# We provide this package
> +#
> +PACKAGES-$(PTXCONF_SHADOW) += shadow
> +
> +#
> +# Paths and names
> +#
> +SHADOW_VERSION := 4.6
> +SHADOW_MD5 := b491fecbf1232632c32ff8f1437fd60e
> +SHADOW := shadow-$(SHADOW_VERSION)
> +SHADOW_SUFFIX := tar.xz
> +SHADOW_URL := https://github.com/shadow-maint/shadow/releases/download/$(SHADOW_VERSION)/$(SHADOW).$(SHADOW_SUFFIX)
> +SHADOW_SOURCE := $(SRCDIR)/$(SHADOW).$(SHADOW_SUFFIX)
> +SHADOW_DIR := $(BUILDDIR)/$(SHADOW)
> +SHADOW_LICENSE := BSD-3-Clause
> +
> +# ----------------------------------------------------------------------------
> +# Prepare
> +# ----------------------------------------------------------------------------
> +
> +#
> +# autoconf
> +#
> +SHADOW_CONF_TOOL := autoconf
> +SHADOW_CONF_OPT := \
> + $(CROSS_AUTOCONF_USR) \
> + --bindir=/usr/bin \
> + --sbindir=/usr/sbin \
> + $(GLOBAL_LARGE_FILE_OPTION) \
> + --enable-shadowgrp \
> + --disable-man \
> + --$(call ptx/endis, PTXCONF_GLOBAL_PAM)-account-tools-setuid \
> + --disable-utmpx \
> + --enable-subordinate-ids \
> + --disable-nls \
> + --disable-rpath \
> + --without-audit \
> + --$(call ptx/wwo, PTXCONF_GLOBAL_PAM)-libpam \
> + --$(call ptx/wwo, PTXCONF_GLOBAL_SELINUX)-selinux \
> + --without-acl \
> + --without-attr \
> + --without-skey \
> + --without-tcb \
> + --without-libcrack \
> + --with-sha-crypt \
> + --without-nscd
> +
> +# ----------------------------------------------------------------------------
> +# Target-Install
> +# ----------------------------------------------------------------------------
> +
> +SHADOW_PROGS_TARGET_y :=
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_CHGPASSWD) += chgpasswd
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_CHPASSWD) += chpasswd
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_GROUPADD) += groupadd
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_GROUPDEL) += groupdel
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_GROUPMEMS) += groupmems
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_GROUPMOD) += groupmod
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_GRPCK) += grpck
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_GRPCONV) += grpconv
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_GRPUNCONV) += grpunconv
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_LOGOUTD) += logoutd
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_NEWUSERS) += newusers
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_NOLOGIN) += nologin
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_PWCK) += pwck
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_PWCONV) += pwconv
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_PWUNCONV) += pwunconv
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_USERADD) += useradd
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_USERDEL) += userdel
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_USERMOD) += usermod
> +SHADOW_PROGS_TARGET_$(PTXCONF_SHADOW_VIPW) += vipw
> +
> +SHADOW_PERMS := $(if $(strip $(GPSD_PROGS-y)),4755,0755)
> +
> +$(STATEDIR)/shadow.targetinstall:
> + @$(call targetinfo)
> +
> + @$(call install_init, shadow)
> + @$(call install_fixup, shadow,PRIORITY,optional)
> + @$(call install_fixup, shadow,SECTION,base)
> + @$(call install_fixup, shadow,AUTHOR,"Ladislav Michl <ladis@linux-mips.org>")
> + @$(call install_fixup, shadow,DESCRIPTION,missing)
> +ifdef PTXCONF_SHADOW_CHAGE
> + @$(call install_copy, shadow, 0, 0, 4755, -, /usr/bin/chage)
> +endif
> +ifdef PTXCONF_SHADOW_CHFN
> + @$(call install_alternative, shadow, 0, 0, 0644, /etc/pam.d/chfn)
> + @$(call install_copy, shadow, 0, 0, 4755, -, /usr/bin/chfn)
> +endif
> +ifdef PTXCONF_SHADOW_CHSH
> + @$(call install_alternative, shadow, 0, 0, 0644, /etc/pam.d/chsh)
> + @$(call install_copy, shadow, 0, 0, 4755, -, /usr/bin/chsh)
> +endif
> +ifdef PTXCONF_SHADOW_EXPIRY
> + @$(call install_copy, shadow, 0, 0, 4755, -, /usr/bin/expiry)
> +endif
> +ifdef PTXCONF_SHADOW_FAILLOG
> + @$(call install_copy, shadow, 0, 0, 0755, -, /usr/bin/faillog)
> +endif
> +ifdef PTXCONF_SHADOW_GPASSWD
> + @$(call install_copy, shadow, 0, 0, 4755, -, /usr/bin/gpasswd)
> +endif
> +ifdef PTXCONF_SHADOW_GROUPS
> + @$(call install_copy, shadow, 0, 0, 0755, -, /usr/bin/groups)
> +endif
> +ifdef PTXCONF_SHADOW_LASTLOG
> + @$(call install_copy, shadow, 0, 0, 0755, -, /usr/bin/lastlog)
> +endif
> +ifdef PTXCONF_SHADOW_LOGIN
> + @$(call install_alternative, shadow, 0, 0, 0644, /etc/login.defs)
> + @$(call install_alternative, shadow, 0, 0, 0644, /etc/pam.d/login)
> + @$(call install_copy, shadow, 0, 0, 0755, -, /usr/bin/login)
> +endif
> +ifdef PTXCONF_SHADOW_NEWGIDMAP
> + @$(call install_copy, shadow, 0, 0, 4755, -, /usr/bin/newgidmap)
> +endif
> +ifdef PTXCONF_SHADOW_NEWGRP
> + @$(call install_copy, shadow, 0, 0, 4755, -, /usr/bin/newgrp)
> + @$(call install_link, shadow, newgrp, /usr/bin/sg)
> +endif
> +ifdef PTXCONF_SHADOW_NEWUIDMAP
> + @$(call install_copy, shadow, 0, 0, 4755, -, /usr/bin/newuidmap)
> +endif
> +ifdef PTXCONF_SHADOW_PASSWD
> + @$(call install_alternative, shadow, 0, 0, 0644, /etc/pam.d/passwd)
> + @$(call install_copy, shadow, 0, 0, 4755, -, /usr/bin/passwd)
> +endif
> +ifdef PTXCONF_SHADOW_SU
> + @$(call install_alternative, shadow, 0, 0, 0644, /etc/pam.d/su)
> + @$(call install_copy, shadow, 0, 0, 4755, -, /usr/bin/su)
> +endif
> + @$(foreach prog, $(SHADOW_PROGS_TARGET_y), \
> + $(call install_copy, shadow, 0, 0, 0755, -, \
> + /usr/sbin/$(prog));)
> +ifdef PTXCONF_SHADOW_VIPW
> + @$(call install_link, shadow, vipw, /usr/sbin/wigr)
> +endif
Maybe use a foreach loop for the binaries?
Michael
> +ifdef PTXCONF_SHADOW_USERADD
> + @$(call install_alternative, shadow, 0, 0, 0644, /etc/default/useradd)
> +endif
> +ifdef PTXCONF_SHADOW_GROUPMEMS
> + @$(call install_alternative, shadow, 0, 0, 0644, /etc/pam.d/groupmems)
> +endif
> + @$(call install_finish, shadow)
> +
> + @$(call touch)
> +
> +# vim: syntax=make
> --
> 2.24.0
>
>
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
prev parent reply other threads:[~2020-01-06 11:15 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-10 20:08 [ptxdist] [PATCH 0/4] PAM Ladislav Michl
2019-12-10 20:09 ` [ptxdist] [PATCH 1/4] pam: new package Ladislav Michl
2020-01-06 11:10 ` Michael Olbrich
2019-12-10 20:09 ` [ptxdist] [PATCH 2/4] Introduce global PAM option Ladislav Michl
2019-12-10 20:10 ` [ptxdist] [PATCH 3/4] util-linux: optionally build login program Ladislav Michl
2019-12-10 20:11 ` [ptxdist] [PATCH 4/4] shadow: new package Ladislav Michl
2020-01-06 11:15 ` Michael Olbrich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200106111517.GG5858@pengutronix.de \
--to=m.olbrich@pengutronix.de \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox