2 # - review default login.defs
5 %bcond_without audit # don't build audit log plugin
6 %bcond_without ldap # build without LDAP support
7 %bcond_without selinux # build without SELinux support
8 %bcond_with gnutls # use GnuTLS instead of OpenSSL
10 Summary: Utilities to manage the passwd and shadow user information
11 Summary(pl): Narzêdzia do zarz±dzania informacjami o u¿ytkownikach z passwd i shadow
16 Group: Applications/System
17 Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2
18 # Source0-md5: f47515d9ac7bedf4adce72fbb056f9be
19 Source1: %{name}.useradd
20 Source2: %{name}.rpasswdd.init
21 Source3: %{name}.login.defs
28 Patch0: %{name}-f-option.patch
29 Patch1: %{name}-no_bash.patch
30 Patch2: %{name}-silent_crontab.patch
31 Patch3: %{name}-pl.po-update.patch
32 URL: http://www.thkukuk.de/pam/pwdutils/
33 %{?with_audit:BuildRequires: audit-libs-devel}
34 BuildRequires: autoconf
35 BuildRequires: automake >= 1:1.7
36 BuildRequires: gcc >= 5:3.2
37 BuildRequires: gettext-devel
38 %{?with_gnutls:BuildRequires: gnutls-devel >= 1.0.0}
39 BuildRequires: libnscd-devel
40 %{?with_selinux:BuildRequires: libselinux-devel}
41 BuildRequires: libtool
42 %{?with_ldap:BuildRequires: openldap-devel >= 2.3.0}
43 BuildRequires: openslp-devel
44 %{!?with_gnutls:BuildRequires: openssl-devel >= 0.9.7d}
45 BuildRequires: pam-devel
46 BuildRequires: rpmbuild(macros) >= 1.268
47 BuildRequires: sed >= 4.0
48 Provides: shadow = 2:%{version}-%{release}
49 Provides: shadow-extras = 2:%{version}-%{release}
51 Obsoletes: shadow-extras
52 Obsoletes: shadow-utils
53 Conflicts: util-linux < 2.12-10
54 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
56 # for pam module in /%{_lib}/security
57 %define _libdir /%{_lib}
60 pwdutils is a collection of utilities to manage the passwd and shadow
61 user information. The difference to the shadow suite is that these
62 utilities can also modify the information stored in NIS, NIS+, or
63 LDAP. PAM is used for user authentication and changing the pasword. It
64 contains passwd, chage, chfn, chsh, and a daemon for changing the
65 password on a remote machine over a secure SSL connection. The daemon
66 also uses PAM so that it can change passwords independent of where
70 pwdutils to zestaw narzêdzi do zarz±dzania informacjami o
71 u¿ytkownikach z passwd i shadow. Ró¿nica w stosunku do pakietu shadow
72 polega na tym, ¿e te narzêdzia mog± tak¿e modyfikowaæ informacje
73 zapisane w bazie NIS, NIS+ lub LDAP. PAM jest u¿ywany do
74 uwierzytelniania u¿ytkowników i zmiany hase³. Zestaw zawiera passwd,
75 chage, chfn, chsh oraz demona do zmiany has³a na zdalnej maszynie po
76 bezpiecznym po³±czeniu SSL. Demon tak¿e u¿ywa PAM, wiêc mo¿na zmieniaæ
77 has³a niezale¿nie od tego, gdzie s± przechowywane.
80 Summary: audit log plugin for pwdutils
81 Summary(pl): Wtyczka loguj±ca audit dla pwdutils
83 Requires: %{name} = %{version}-%{release}
85 %description log-audit
86 audit log plugin for pwdutils.
88 %description log-audit -l pl
89 Wtyczka loguj±ca audit dla pwdutils.
92 Summary: Remote password update client
93 Summary(pl): Klient do zdalnego uaktualniania hase³
94 Group: Applications/System
96 %description -n rpasswd
97 rpasswd changes passwords for user accounts on a remote server over a
98 secure SSL connection. A normal user may only change the password for
99 their own account, if the user knows the password of the administrator
100 account (in the moment this is the root password on the server), he may
101 change the password for any account if he calls rpasswd with the -a
104 %description -n rpasswd -l pl
105 rpasswd pozwala zmieniaæ has³a u¿ytkowników na zdalnym serwerze przy
106 u¿yciu bezpiecznego po³±czenia SSL. Zwyk³y u¿ytkownik mo¿e zmieniæ
107 jedynie swoje has³o, a je¶li zna has³o administratora (obecnie jest to
108 has³o roota na serwerze), mo¿e zmieniæ has³o dla dowolnego konta
109 wywo³uj±c rpasswd z opcj± -a.
112 Summary: Remote password update daemon
113 Summary(pl): Demon do zdalnego uaktualniania hase³
114 Group: Applications/System
115 Requires(post,preun): /sbin/chkconfig
118 %description -n rpasswdd
119 rpasswdd is a daemon that lets users change their passwords in the
120 presence of a directory service like NIS, NIS+ or LDAP over a secure
121 SSL connection. rpasswdd behaves like the normal passwd(1) program and
122 uses PAM for authentication and changing the password, so it can be
123 configured very flexible for the local requirements.
125 %description -n rpasswdd -l pl
126 rpasswdd to demon pozwalaj±cy u¿ytkownikom zmieniaæ has³a w obecno¶ci
127 us³ug katalogowych takich jak NIS, NIS+ czy LDAP po bezpiecznym
128 po³±czeniu SSL. rpasswdd zachowuje siê tak, jak normalny program
129 passwd(1) i u¿ywam PAM do uwierzytelniania i zmiany hase³, wiêc mo¿e
130 byæ bardzo elastycznie konfigurowany dla lokalnych wymagañ.
132 %package -n pam-pam_rpasswd
133 Summary: pam_rpasswd - PAM module to change remote password
134 Summary(pl): pam_rpasswd - modu³ PAM do zdalnej zmiany has³a
136 # rpasswd.conf is in rpasswd
137 Requires: rpasswd = %{version}-%{release}
139 %description -n pam-pam_rpasswd
140 The pam_rpasswd PAM module is for changing the password of user
141 accounts on a remote server over a secure SSL connection. It only
142 provides functionality for one PAM management group: password
145 %description -n pam-pam_rpasswd -l pl
146 Modu³ PAM pam_rpasswd s³u¿y do zmiany hase³ dla kont u¿ytkowników na
147 zdalnym serwerze po bezpiecznym po³±czeniu SSL. Udostêpnia
148 funkcjonalno¶æ tylko dla jednej grupy zarz±dzania PAM: zmiany hase³.
157 sed -i -e 's/-Werror //' configure.in
166 %{?with_audit:--enable-audit-plugin} \
167 %{!?with_gnutls:--disable-gnutls} \
168 --%{?with_ldap:en}%{!?with_ldap:dis}able-ldap \
170 --enable-pam_rpasswd \
171 --%{?with_selinux:en}%{!?with_selinux:dis}able-selinux \
177 rm -rf $RPM_BUILD_ROOT
178 install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel/tmp}
181 DESTDIR=$RPM_BUILD_ROOT
183 mv -f $RPM_BUILD_ROOT%{_sbindir}/*.local $RPM_BUILD_ROOT%{_sysconfdir}/pwdutils
184 install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/default/useradd
185 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/rpasswdd
186 install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/login.defs
188 install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/chage
189 install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/chfn
190 install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/chsh
191 install %{SOURCE7} $RPM_BUILD_ROOT/etc/pam.d/passwd
192 install %{SOURCE8} $RPM_BUILD_ROOT/etc/pam.d/useradd
193 install %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/shadow
195 rm -f $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a}
196 rm -f $RPM_BUILD_ROOT/etc/init.d/rpasswdd
198 :> $RPM_BUILD_ROOT%{_sysconfdir}/shadow
199 :> $RPM_BUILD_ROOT/etc/security/chfn.allow
200 :> $RPM_BUILD_ROOT/etc/security/chsh.allow
205 rm -rf $RPM_BUILD_ROOT
208 if [ ! -f /etc/shadow ]; then
213 /sbin/chkconfig --add rpasswdd
214 %service rpasswdd restart "rpasswdd daemon"
217 if [ "$1" = "0" ]; then
218 %service rpasswdd stop
219 /sbin/chkconfig --del rpasswdd
222 %files -f %{name}.lang
223 %defattr(644,root,root,755)
224 %doc AUTHORS ChangeLog NEWS README THANKS TODO
225 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost %{_sysconfdir}/shadow
226 %attr(750,root,root) %dir %{_sysconfdir}/default
227 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/default/*
228 %attr(750,root,root) %dir %{_sysconfdir}/%{name}
229 %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/*.local
230 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/logging
231 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage
232 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn
233 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chsh
234 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/passwd
235 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/useradd
236 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/shadow
237 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs
238 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow
239 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow
242 %attr(755,root,root) %{_bindir}/chage
243 %attr(4755,root,root) %{_bindir}/chfn
244 %attr(4755,root,root) %{_bindir}/chsh
245 %attr(4755,root,root) %{_bindir}/expiry
246 %attr(4755,root,root) %{_bindir}/gpasswd
247 %attr(755,root,root) %{_bindir}/newgrp
248 %attr(4755,root,root) %{_bindir}/passwd
249 %attr(755,root,root) %{_bindir}/sg
250 %attr(755,root,root) %{_sbindir}/chpasswd
251 %attr(755,root,root) %{_sbindir}/groupadd
252 %attr(755,root,root) %{_sbindir}/groupdel
253 %attr(755,root,root) %{_sbindir}/groupmod
254 %attr(755,root,root) %{_sbindir}/grpconv
255 %attr(755,root,root) %{_sbindir}/grpck
256 %attr(755,root,root) %{_sbindir}/grpunconv
257 %attr(755,root,root) %{_sbindir}/pwconv
258 %attr(755,root,root) %{_sbindir}/pwck
259 %attr(755,root,root) %{_sbindir}/pwunconv
260 %attr(755,root,root) %{_sbindir}/useradd
261 %attr(755,root,root) %{_sbindir}/userdel
262 %attr(755,root,root) %{_sbindir}/usermod
263 %attr(755,root,root) %{_sbindir}/vigr
264 %attr(755,root,root) %{_sbindir}/vipw
265 %dir %{_libdir}/pwdutils
266 %attr(755,root,root) %{_libdir}/pwdutils/liblog_syslog.so*
268 %exclude %{_mandir}/man1/rpasswd.1*
269 %exclude %{_mandir}/man5/rpasswd.conf.5*
270 %exclude %{_mandir}/man8/rpasswdd.8*
271 %exclude %{_mandir}/man8/pam_rpasswd.8*
275 %defattr(644,root,root,755)
276 %attr(755,root,root) %{_libdir}/pwdutils/liblog_audit.so*
280 %defattr(644,root,root,755)
281 %attr(755,root,root) %{_bindir}/rpasswd
282 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/rpasswd.conf
283 %{_mandir}/man1/rpasswd.1*
284 %{_mandir}/man5/rpasswd.conf.5*
287 %defattr(644,root,root,755)
288 %attr(755,root,root) %{_sbindir}/rpasswdd
289 %attr(754,root,root) /etc/rc.d/init.d/rpasswdd
290 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/rpasswd
291 %{_mandir}/man8/rpasswdd.8*
293 %files -n pam-pam_rpasswd
294 %defattr(644,root,root,755)
295 %attr(755,root,root) /%{_lib}/security/pam_rpasswd.so
296 %{_mandir}/man8/pam_rpasswd.8*