From 90e596693d896c229ccc0eaf51f8640c42e406ac Mon Sep 17 00:00:00 2001 From: Rosen Penev Date: Thu, 30 Jan 2020 19:07:26 -0800 Subject: [PATCH] shadow: update to 4.8.1 Fixed license information. Removed patch requiring autoreconf and replaced with a configure variable. Removed faulty patch that broke systems without a disabled crypt size hack. Replaced with using a SED command as well as bcrypt, which works in musl. Removed su patch and converted it to a SED command in the Makefile. Added new shadow utilities. Signed-off-by: Rosen Penev (cherry picked from commit 87e5ded04cf65fbaa398568efe41830c4b60397a) --- utils/shadow/Makefile | 37 +++++++++++++------ utils/shadow/patches/001-busybox_ash.patch | 11 ------ .../patches/002-disable-ruser-lookup.patch | 10 ----- .../patches/004-fix-su-controoling-term.patch | 2 +- .../005-set-encrypt-method-sha512.patch | 11 ------ 5 files changed, 27 insertions(+), 44 deletions(-) delete mode 100644 utils/shadow/patches/001-busybox_ash.patch delete mode 100644 utils/shadow/patches/002-disable-ruser-lookup.patch delete mode 100644 utils/shadow/patches/005-set-encrypt-method-sha512.patch diff --git a/utils/shadow/Makefile b/utils/shadow/Makefile index 6795fbc2bb..52fbf59bf5 100644 --- a/utils/shadow/Makefile +++ b/utils/shadow/Makefile @@ -8,28 +8,29 @@ include $(TOPDIR)/rules.mk PKG_NAME:=shadow -PKG_VERSION:=4.6 -PKG_RELEASE:=2 +PKG_VERSION:=4.8.1 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://github.com/shadow-maint/shadow/releases/download/$(PKG_VERSION) -PKG_HASH:=0998c8d84242a231ab0acb7f8613927ff5bcff095f8aa6b79478893a03f05583 -PKG_MAINTAINER:=Steven Barth +PKG_HASH:=a3ad4630bdc41372f02a647278a8c3514844295d36eefe68ece6c3a641c1ae62 + +PKG_MAINTAINER:= PKG_LICENSE:=BSD-3-Clause +PKG_LICENSE_FILES:=COPYING PKG_CPE_ID:=cpe:/a:debian:shadow -PKG_FIXUP:=autoreconf -PKG_BUILD_PARALLEL:=1 PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/nls.mk SHADOW_APPLETS := \ - chage chpasswd chfn chsh expiry faillog gpasswd \ - groupadd groupdel groupmems groupmod groups \ - lastlog login newgidmap newgrp newuidmap nologin \ - passwd su \ + chage chfn chgpasswd chpasswd chsh expiry faillog gpasswd \ + groupadd groupdel groupmems groupmod groups grpck grpconv grpunconv \ + lastlog login logoutd newgidmap newgrp newuidmap newusers nologin \ + passwd pwck pwconv pwunconv su \ useradd userdel usermod vipw CONFIGURE_ARGS += \ @@ -39,7 +40,11 @@ CONFIGURE_ARGS += \ --without-acl \ --without-attr \ --without-tcb \ - --without-nscd + --without-nscd \ + --with-bcrypt + +CONFIGURE_VARS += \ + ac_cv_func_ruserok=no define Package/shadow/Default SECTION:=utils @@ -122,6 +127,16 @@ endef define Package/shadow-common/install $(INSTALL_DIR) $(1)/etc $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/login.defs $(1)/etc/ + $(SED) 's,SU_NAME,#SU_NAME,g' $(1)/etc/login.defs +ifeq ($(CONFIG_USE_MUSL),y) +ifeq ($(CONFIG_MUSL_DISABLE_CRYPT_SIZE_HACK),y) + $(SED) 's,#ENCRYPT_METHOD DES,ENCRYPT_METHOD BCRYPT,g' $(1)/etc/login.defs +else + $(SED) 's,#ENCRYPT_METHOD DES,ENCRYPT_METHOD MD5,g' $(1)/etc/login.defs +endif # CONFIG_MUSL_DISABLE_CRYPT_SIZE_HACK +else + $(SED) 's,#ENCRYPT_METHOD DES,ENCRYPT_METHOD SHA512,g' $(1)/etc/login.defs +endif # CONFIG_USE_MUSL endef define Package/shadow-utils/install diff --git a/utils/shadow/patches/001-busybox_ash.patch b/utils/shadow/patches/001-busybox_ash.patch deleted file mode 100644 index a16dad26ad..0000000000 --- a/utils/shadow/patches/001-busybox_ash.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/etc/login.defs -+++ b/etc/login.defs -@@ -111,7 +111,7 @@ NOLOGINS_FILE /etc/nologin - # command as "-su". If not defined, then ps(1) will display the - # name of the shell actually being run, e.g. something like "-sh". - # --SU_NAME su -+#SU_NAME su - - # - # *REQUIRED* diff --git a/utils/shadow/patches/002-disable-ruser-lookup.patch b/utils/shadow/patches/002-disable-ruser-lookup.patch deleted file mode 100644 index da82bff067..0000000000 --- a/utils/shadow/patches/002-disable-ruser-lookup.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/configure.ac -+++ b/configure.ac -@@ -200,7 +200,6 @@ dnl XXX - quick hack, should disappear b - AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().]) - if test "$ac_cv_func_ruserok" = "yes"; then - AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.]) -- AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).]) - fi - - AC_ARG_ENABLE(shadowgrp, diff --git a/utils/shadow/patches/004-fix-su-controoling-term.patch b/utils/shadow/patches/004-fix-su-controoling-term.patch index e1dca65869..9644cf0aef 100644 --- a/utils/shadow/patches/004-fix-su-controoling-term.patch +++ b/utils/shadow/patches/004-fix-su-controoling-term.patch @@ -1,6 +1,6 @@ --- a/src/su.c +++ b/src/su.c -@@ -1127,8 +1127,12 @@ int main (int argc, char **argv) +@@ -1122,8 +1122,12 @@ int main (int argc, char **argv) if (fd >= 0) { err = ioctl (fd, TIOCNOTTY, (char *) 0); diff --git a/utils/shadow/patches/005-set-encrypt-method-sha512.patch b/utils/shadow/patches/005-set-encrypt-method-sha512.patch deleted file mode 100644 index 46bcd3fe1f..0000000000 --- a/utils/shadow/patches/005-set-encrypt-method-sha512.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/etc/login.defs -+++ b/etc/login.defs -@@ -317,7 +317,7 @@ CHFN_RESTRICT rwh - # Note: If you use PAM, it is recommended to use a value consistent with - # the PAM modules configuration. - # --#ENCRYPT_METHOD DES -+ENCRYPT_METHOD SHA512 - - # - # Only works if ENCRYPT_METHOD is set to SHA256 or SHA512. -- 2.30.2