]>
Commit | Line | Data |
---|---|---|
1 | # | |
2 | # Conditional build: | |
3 | %bcond_without audit # don't build audit log plugin | |
4 | %bcond_without ldap # build without LDAP support | |
5 | %bcond_without selinux # build without SELinux support | |
6 | %bcond_with bioapi # with BioAPI support in passwd | |
7 | %bcond_with gnutls # use GnuTLS instead of OpenSSL | |
8 | # | |
9 | Summary: Utilities to manage the passwd and shadow user information | |
10 | Summary(pl.UTF-8): Narzędzia do zarządzania informacjami o użytkownikach z passwd i shadow | |
11 | Name: pwdutils | |
12 | Version: 3.1.2 | |
13 | Release: 4 | |
14 | License: GPL v2 | |
15 | Group: Applications/System | |
16 | Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2 | |
17 | # Source0-md5: 554bfc1b91a02e93b9514fbe18682d9d | |
18 | Source1: %{name}.useradd | |
19 | Source2: %{name}.rpasswdd.init | |
20 | Source3: %{name}.login.defs | |
21 | Source4: chage.pamd | |
22 | Source5: chfn.pamd | |
23 | Source6: chsh.pamd | |
24 | Source7: passwd.pamd | |
25 | Source8: useradd.pamd | |
26 | Source9: userdb.pamd | |
27 | Patch0: %{name}-f-option.patch | |
28 | Patch1: %{name}-no_bash.patch | |
29 | Patch2: %{name}-silent_crontab.patch | |
30 | Patch3: %{name}-pl.po-update.patch | |
31 | URL: http://www.thkukuk.de/pam/pwdutils/ | |
32 | %{?with_audit:BuildRequires: audit-libs-devel} | |
33 | BuildRequires: autoconf | |
34 | BuildRequires: automake >= 1:1.7 | |
35 | %{?with_bioapi:BuildRequires: bioapi-devel} | |
36 | BuildRequires: gcc >= 5:3.2 | |
37 | BuildRequires: gettext-devel | |
38 | %{?with_gnutls:BuildRequires: gnutls-devel >= 1.0.0} | |
39 | BuildRequires: libnscd-devel | |
40 | %{?with_selinux:BuildRequires: libselinux-devel} | |
41 | BuildRequires: libtool | |
42 | %{?with_ldap:BuildRequires: openldap-devel >= 2.3.0} | |
43 | BuildRequires: openslp-devel | |
44 | %{!?with_gnutls:BuildRequires: openssl-devel >= 0.9.7d} | |
45 | BuildRequires: pam-devel | |
46 | BuildRequires: rpmbuild(macros) >= 1.268 | |
47 | BuildRequires: sed >= 4.0 | |
48 | Requires: filesystem >= 3.0-19 | |
49 | Provides: shadow = 2:%{version}-%{release} | |
50 | Provides: shadow-extras = 2:%{version}-%{release} | |
51 | Obsoletes: shadow | |
52 | Obsoletes: shadow-extras | |
53 | Obsoletes: shadow-utils | |
54 | Conflicts: util-linux < 2.12-10 | |
55 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) | |
56 | ||
57 | # for pam module in /%{_lib}/security | |
58 | %define _libdir /%{_lib} | |
59 | ||
60 | %description | |
61 | pwdutils is a collection of utilities to manage the passwd and shadow | |
62 | user information. The difference to the shadow suite is that these | |
63 | utilities can also modify the information stored in NIS, NIS+, or | |
64 | LDAP. PAM is used for user authentication and changing the pasword. It | |
65 | contains passwd, chage, chfn, chsh, and a daemon for changing the | |
66 | password on a remote machine over a secure SSL connection. The daemon | |
67 | also uses PAM so that it can change passwords independent of where | |
68 | they are stored. | |
69 | ||
70 | %description -l pl.UTF-8 | |
71 | pwdutils to zestaw narzędzi do zarządzania informacjami o | |
72 | użytkownikach z passwd i shadow. Różnica w stosunku do pakietu shadow | |
73 | polega na tym, że te narzędzia mogą także modyfikować informacje | |
74 | zapisane w bazie NIS, NIS+ lub LDAP. PAM jest używany do | |
75 | uwierzytelniania użytkowników i zmiany haseł. Zestaw zawiera passwd, | |
76 | chage, chfn, chsh oraz demona do zmiany hasła na zdalnej maszynie po | |
77 | bezpiecznym połączeniu SSL. Demon także używa PAM, więc można zmieniać | |
78 | hasła niezależnie od tego, gdzie są przechowywane. | |
79 | ||
80 | %package log-audit | |
81 | Summary: audit log plugin for pwdutils | |
82 | Summary(pl.UTF-8): Wtyczka logująca audit dla pwdutils | |
83 | Group: Libraries | |
84 | Requires: %{name} = %{version}-%{release} | |
85 | ||
86 | %description log-audit | |
87 | audit log plugin for pwdutils. | |
88 | ||
89 | %description log-audit -l pl.UTF-8 | |
90 | Wtyczka logująca audit dla pwdutils. | |
91 | ||
92 | %package -n rpasswd | |
93 | Summary: Remote password update client | |
94 | Summary(pl.UTF-8): Klient do zdalnego uaktualniania haseł | |
95 | Group: Applications/System | |
96 | ||
97 | %description -n rpasswd | |
98 | rpasswd changes passwords for user accounts on a remote server over a | |
99 | secure SSL connection. A normal user may only change the password for | |
100 | their own account, if the user knows the password of the administrator | |
101 | account (in the moment this is the root password on the server), he | |
102 | may change the password for any account if he calls rpasswd with the | |
103 | -a option. | |
104 | ||
105 | %description -n rpasswd -l pl.UTF-8 | |
106 | rpasswd pozwala zmieniać hasła użytkowników na zdalnym serwerze przy | |
107 | użyciu bezpiecznego połączenia SSL. Zwykły użytkownik może zmienić | |
108 | jedynie swoje hasło, a jeśli zna hasło administratora (obecnie jest to | |
109 | hasło roota na serwerze), może zmienić hasło dla dowolnego konta | |
110 | wywołując rpasswd z opcją -a. | |
111 | ||
112 | %package -n rpasswdd | |
113 | Summary: Remote password update daemon | |
114 | Summary(pl.UTF-8): Demon do zdalnego uaktualniania haseł | |
115 | Group: Applications/System | |
116 | Requires(post,preun): /sbin/chkconfig | |
117 | Requires: rc-scripts | |
118 | ||
119 | %description -n rpasswdd | |
120 | rpasswdd is a daemon that lets users change their passwords in the | |
121 | presence of a directory service like NIS, NIS+ or LDAP over a secure | |
122 | SSL connection. rpasswdd behaves like the normal passwd(1) program and | |
123 | uses PAM for authentication and changing the password, so it can be | |
124 | configured very flexible for the local requirements. | |
125 | ||
126 | %description -n rpasswdd -l pl.UTF-8 | |
127 | rpasswdd to demon pozwalający użytkownikom zmieniać hasła w obecności | |
128 | usług katalogowych takich jak NIS, NIS+ czy LDAP po bezpiecznym | |
129 | połączeniu SSL. rpasswdd zachowuje się tak, jak normalny program | |
130 | passwd(1) i używam PAM do uwierzytelniania i zmiany haseł, więc może | |
131 | być bardzo elastycznie konfigurowany dla lokalnych wymagań. | |
132 | ||
133 | %package -n pam-pam_rpasswd | |
134 | Summary: pam_rpasswd - PAM module to change remote password | |
135 | Summary(pl.UTF-8): pam_rpasswd - moduł PAM do zdalnej zmiany hasła | |
136 | Group: Base | |
137 | # rpasswd.conf is in rpasswd | |
138 | Requires: rpasswd = %{version}-%{release} | |
139 | ||
140 | %description -n pam-pam_rpasswd | |
141 | The pam_rpasswd PAM module is for changing the password of user | |
142 | accounts on a remote server over a secure SSL connection. It only | |
143 | provides functionality for one PAM management group: password | |
144 | changing. | |
145 | ||
146 | %description -n pam-pam_rpasswd -l pl.UTF-8 | |
147 | Moduł PAM pam_rpasswd służy do zmiany haseł dla kont użytkowników na | |
148 | zdalnym serwerze po bezpiecznym połączeniu SSL. Udostępnia | |
149 | funkcjonalność tylko dla jednej grupy zarządzania PAM: zmiany haseł. | |
150 | ||
151 | %prep | |
152 | %setup -q | |
153 | %patch0 -p1 | |
154 | %patch1 -p1 | |
155 | %patch2 -p1 | |
156 | %patch3 -p1 | |
157 | ||
158 | sed -i -e 's/-Werror //' configure.in | |
159 | ||
160 | rm -f po/stamp-po | |
161 | ||
162 | %build | |
163 | %{__gettextize} | |
164 | %{__aclocal} | |
165 | %{__autoconf} | |
166 | %{__autoheader} | |
167 | %{__automake} | |
168 | %configure \ | |
169 | %{?with_bioapi:CPPFLAGS="-I/usr/include/bioapi"} \ | |
170 | %{!?with_bioapi:ac_cv_header_bioapi_h=no ac_cv_lib_bioapi100_BioAPI_Init=no} \ | |
171 | %{?with_audit:--enable-audit-plugin} \ | |
172 | %{!?with_gnutls:--disable-gnutls} \ | |
173 | --%{?with_ldap:en}%{!?with_ldap:dis}able-ldap \ | |
174 | --enable-nls \ | |
175 | --enable-pam_rpasswd \ | |
176 | --%{?with_selinux:en}%{!?with_selinux:dis}able-selinux \ | |
177 | --enable-slp \ | |
178 | --disable-rpath | |
179 | %{__make} | |
180 | ||
181 | %install | |
182 | rm -rf $RPM_BUILD_ROOT | |
183 | install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel/{etc,tmp}} | |
184 | ||
185 | %{__make} install \ | |
186 | DESTDIR=$RPM_BUILD_ROOT | |
187 | ||
188 | mv -f $RPM_BUILD_ROOT%{_sbindir}/*.local $RPM_BUILD_ROOT%{_sysconfdir}/pwdutils | |
189 | install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/default/useradd | |
190 | install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/rpasswdd | |
191 | install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/login.defs | |
192 | ||
193 | install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/chage | |
194 | install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/chfn | |
195 | install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/chsh | |
196 | install %{SOURCE7} $RPM_BUILD_ROOT/etc/pam.d/passwd | |
197 | install %{SOURCE8} $RPM_BUILD_ROOT/etc/pam.d/useradd | |
198 | install %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/shadow | |
199 | ||
200 | rm -f $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a} | |
201 | rm -f $RPM_BUILD_ROOT/%{_lib}/security/pam_*.la | |
202 | rm -f $RPM_BUILD_ROOT/etc/init.d/rpasswdd | |
203 | ||
204 | :> $RPM_BUILD_ROOT%{_sysconfdir}/shadow | |
205 | :> $RPM_BUILD_ROOT/etc/security/chfn.allow | |
206 | :> $RPM_BUILD_ROOT/etc/security/chsh.allow | |
207 | ||
208 | %find_lang %{name} | |
209 | ||
210 | %clean | |
211 | rm -rf $RPM_BUILD_ROOT | |
212 | ||
213 | %post | |
214 | if [ ! -f /etc/shadow ]; then | |
215 | %{_sbindir}/pwconv | |
216 | fi | |
217 | ||
218 | %post -n rpasswdd | |
219 | /sbin/chkconfig --add rpasswdd | |
220 | %service rpasswdd restart "rpasswdd daemon" | |
221 | ||
222 | %preun -n rpasswdd | |
223 | if [ "$1" = "0" ]; then | |
224 | %service rpasswdd stop | |
225 | /sbin/chkconfig --del rpasswdd | |
226 | fi | |
227 | ||
228 | %files -f %{name}.lang | |
229 | %defattr(644,root,root,755) | |
230 | %doc AUTHORS ChangeLog NEWS README THANKS TODO | |
231 | %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost %{_sysconfdir}/shadow | |
232 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/default/* | |
233 | %attr(750,root,root) %dir %{_sysconfdir}/%{name} | |
234 | %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/*.local | |
235 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/logging | |
236 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage | |
237 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn | |
238 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chsh | |
239 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/passwd | |
240 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/useradd | |
241 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/shadow | |
242 | %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs | |
243 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow | |
244 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow | |
245 | %dir /etc/skel | |
246 | %dir %attr(750,root,root) /etc/skel/etc | |
247 | %dir %attr(700,root,root) /etc/skel/tmp | |
248 | %attr(755,root,root) %{_bindir}/chage | |
249 | %attr(4755,root,root) %{_bindir}/chfn | |
250 | %attr(4755,root,root) %{_bindir}/chsh | |
251 | %attr(4755,root,root) %{_bindir}/expiry | |
252 | %attr(4755,root,root) %{_bindir}/gpasswd | |
253 | %attr(755,root,root) %{_bindir}/newgrp | |
254 | %attr(4755,root,root) %{_bindir}/passwd | |
255 | %attr(755,root,root) %{_bindir}/sg | |
256 | %attr(755,root,root) %{_sbindir}/chpasswd | |
257 | %attr(755,root,root) %{_sbindir}/groupadd | |
258 | %attr(755,root,root) %{_sbindir}/groupdel | |
259 | %attr(755,root,root) %{_sbindir}/groupmod | |
260 | %attr(755,root,root) %{_sbindir}/grpconv | |
261 | %attr(755,root,root) %{_sbindir}/grpck | |
262 | %attr(755,root,root) %{_sbindir}/grpunconv | |
263 | %attr(755,root,root) %{_sbindir}/pwconv | |
264 | %attr(755,root,root) %{_sbindir}/pwck | |
265 | %attr(755,root,root) %{_sbindir}/pwunconv | |
266 | %attr(755,root,root) %{_sbindir}/useradd | |
267 | %attr(755,root,root) %{_sbindir}/userdel | |
268 | %attr(755,root,root) %{_sbindir}/usermod | |
269 | %attr(755,root,root) %{_sbindir}/vigr | |
270 | %attr(755,root,root) %{_sbindir}/vipw | |
271 | %dir %{_libdir}/pwdutils | |
272 | %attr(755,root,root) %{_libdir}/pwdutils/liblog_syslog.so* | |
273 | %{_mandir}/man1/chage.1* | |
274 | %{_mandir}/man1/chfn.1* | |
275 | %{_mandir}/man1/chsh.1* | |
276 | %{_mandir}/man1/expiry.1* | |
277 | %{_mandir}/man1/gpasswd.1* | |
278 | %{_mandir}/man1/newgrp.1* | |
279 | %{_mandir}/man1/passwd.1* | |
280 | %{_mandir}/man1/sg.1* | |
281 | %{_mandir}/man5/login.defs.5* | |
282 | %{_mandir}/man8/chpasswd.8* | |
283 | %{_mandir}/man8/groupadd.8* | |
284 | %{_mandir}/man8/groupdel.8* | |
285 | %{_mandir}/man8/groupmod.8* | |
286 | %{_mandir}/man8/grpck.8* | |
287 | %{_mandir}/man8/grpconv.8* | |
288 | %{_mandir}/man8/grpunconv.8* | |
289 | %{_mandir}/man8/pwck.8* | |
290 | %{_mandir}/man8/pwconv.8* | |
291 | %{_mandir}/man8/pwunconv.8* | |
292 | %{_mandir}/man8/useradd.8* | |
293 | %{_mandir}/man8/userdel.8* | |
294 | %{_mandir}/man8/usermod.8* | |
295 | %{_mandir}/man8/vigr.8* | |
296 | %{_mandir}/man8/vipw.8* | |
297 | ||
298 | %if %{with audit} | |
299 | %files log-audit | |
300 | %defattr(644,root,root,755) | |
301 | %attr(755,root,root) %{_libdir}/pwdutils/liblog_audit.so* | |
302 | %endif | |
303 | ||
304 | %files -n rpasswd | |
305 | %defattr(644,root,root,755) | |
306 | %attr(755,root,root) %{_bindir}/rpasswd | |
307 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/rpasswd.conf | |
308 | %{_mandir}/man1/rpasswd.1* | |
309 | %{_mandir}/man5/rpasswd.conf.5* | |
310 | ||
311 | %files -n rpasswdd | |
312 | %defattr(644,root,root,755) | |
313 | %attr(755,root,root) %{_sbindir}/rpasswdd | |
314 | %attr(754,root,root) /etc/rc.d/init.d/rpasswdd | |
315 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/rpasswd | |
316 | %{_mandir}/man8/rpasswdd.8* | |
317 | ||
318 | %files -n pam-pam_rpasswd | |
319 | %defattr(644,root,root,755) | |
320 | %attr(755,root,root) /%{_lib}/security/pam_rpasswd.so | |
321 | %{_mandir}/man8/pam_rpasswd.8* |