1 # Copyright 1999-2020 Gentoo Authors
2 # Distributed under the terms of the GNU General Public License v2
6 inherit autotools libtool pam
8 DESCRIPTION="Utilities to deal with user accounts"
9 HOMEPAGE="https://github.com/shadow-maint/shadow"
10 SRC_URI="https://github.com/shadow-maint/shadow/releases/download/${PV}/${P}.tar.xz"
14 KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
15 IUSE="acl audit bcrypt +cracklib nls pam selinux skey split-usr +su xattr"
16 # Taken from the man/Makefile.am file.
17 LANGS=( cs da de es fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW )
25 acl? ( sys-apps/acl:0= )
26 audit? ( >=sys-process/audit-2.6:0= )
27 cracklib? ( >=sys-libs/cracklib-2.7-r3:0= )
28 nls? ( virtual/libintl )
29 pam? ( sys-libs/pam:0= )
30 skey? ( sys-auth/skey:0= )
32 >=sys-libs/libselinux-1.28:0=
33 sys-libs/libsemanage:0=
35 xattr? ( sys-apps/attr:0= )
37 DEPEND="${COMMON_DEPEND}
38 >=sys-kernel/linux-headers-4.14
40 RDEPEND="${COMMON_DEPEND}
41 pam? ( >=sys-auth/pambase-20150213 )
42 su? ( !sys-apps/util-linux[su(-)] )
46 "${FILESDIR}/${PN}-4.1.3-dots-in-usernames.patch"
57 --disable-account-tools-setuid
61 --without-group-name-max-length
67 $(use_with cracklib libcrack)
68 $(use_with elibc_glibc nscd)
69 $(use_with pam libpam)
73 $(use_with xattr attr)
75 econf "${myeconfargs[@]}"
77 has_version 'sys-libs/uclibc[-rpc]' && sed -i '/RLOGIN/d' config.h #425052
80 local l langs="po" # These are the pot files.
81 for l in ${LANGS[*]} ; do
82 has ${l} ${LINGUAS-${l}} && langs+=" ${l}"
84 sed -i "/^SUBDIRS = /s:=.*:= ${langs}:" man/Makefile || die
89 local comment="" opt=$1 val=$2
90 if [[ -z ${val} ]]; then
93 -e "/^${opt}\>/s:^:#:" \
94 "${ED}"/etc/login.defs || die
97 -e "/^#?${opt}\>/s:.*:${opt} ${val}:" \
98 "${ED}"/etc/login.defs
100 local res=$(grep "^${comment}${opt}\>" "${ED}"/etc/login.defs)
101 einfo "${res:-Unable to find ${opt} in /etc/login.defs}"
105 emake DESTDIR="${D}" suidperms=4711 install
107 # Remove libshadow and libmisc; see bug 37725 and the following
108 # comment from shadow's README.linux:
109 # Currently, libshadow.a is for internal use only, so if you see
110 # -lshadow in a Makefile of some other package, it is safe to
112 rm -f "${ED}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}
117 doins etc/login.access etc/limits
120 # needed for 'useradd -D'
123 doins "${FILESDIR}"/default/useradd
125 if use split-usr ; then
126 # move passwd to / to help recover broke systems #64441
127 # We cannot simply remove this or else net-misc/scponly
128 # and other tools will break because of hardcoded passwd
131 mv "${ED}"/usr/bin/passwd "${ED}"/bin/ || die
132 dosym ../../bin/passwd /usr/bin/passwd
138 newins etc/login.defs login.defs
140 set_login_opt CREATE_HOME yes
142 set_login_opt MAIL_CHECK_ENAB no
143 set_login_opt SU_WHEEL_ONLY yes
144 set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict
145 set_login_opt LOGIN_RETRIES 3
146 set_login_opt ENCRYPT_METHOD SHA512
147 set_login_opt CONSOLE
149 dopamd "${FILESDIR}"/pam.d-include/shadow
151 for x in chsh shfn ; do
152 newpamd "${FILESDIR}"/pam.d-include/passwd ${x}
155 for x in chpasswd newusers ; do
156 newpamd "${FILESDIR}"/pam.d-include/chpasswd ${x}
159 newpamd "${FILESDIR}"/pam.d-include/shadow-r1 groupmems
161 # comment out login.defs options that pam hates
162 local opt sed_args=()
175 OBSCURE_CHECKS_ENAB \
179 PORTTIME_CHECKS_ENAB \
184 sed_args+=( -e "/^#${opt}\>/b pamnote" )
186 sed -i "${sed_args[@]}" \
188 -e ': pamnote; i# NOTE: This setting should be configured via /etc/pam.d/ and not in this file.' \
190 "${ED}"/etc/login.defs || die
192 # remove manpages that pam will install for us
193 # and/or don't apply when using pam
194 find "${ED}"/usr/share/man -type f \
195 '(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
198 # Remove pam.d files provided by pambase.
199 rm "${ED}"/etc/pam.d/{login,passwd} || die
201 rm "${ED}"/etc/pam.d/su || die
205 # Remove manpages that are handled by other packages
206 find "${ED}"/usr/share/man \
207 '(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
211 dodoc ChangeLog NEWS TODO
212 newdoc README README.download
214 dodoc HOWTO README* WISHLIST *.txt
218 rm -f "${EROOT}"/etc/pam.d/system-auth.new \
219 "${EROOT}/etc/login.defs.new"
223 # Enable shadow groups.
224 if [ ! -f "${EROOT}"/etc/gshadow ] ; then
225 if grpck -r -R "${EROOT}" 2>/dev/null ; then
226 grpconv -R "${EROOT}"
228 ewarn "Running 'grpck' returned errors. Please run it by hand, and then"
229 ewarn "run 'grpconv' afterwards!"
233 [[ ! -f "${EROOT}"/etc/subgid ]] &&
234 touch "${EROOT}"/etc/subgid
235 [[ ! -f "${EROOT}"/etc/subuid ]] &&
236 touch "${EROOT}"/etc/subuid
238 einfo "The 'adduser' symlink to 'useradd' has been dropped."