2 # - review default login.defs
5 %bcond_without audit # don't build audit log plugin
6 %bcond_without ldap # build without LDAP support
7 %bcond_without selinux # build without SELinux support
8 %bcond_with gnutls # use GnuTLS instead of OpenSSL
10 Summary: Utilities to manage the passwd and shadow user information
11 Summary(pl): Narzêdzia do zarz±dzania informacjami o u¿ytkownikach z passwd i shadow
16 Group: Applications/System
17 Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2
18 # Source0-md5: f47515d9ac7bedf4adce72fbb056f9be
19 Source1: %{name}.useradd
20 Source2: %{name}.rpasswdd.init
21 Source3: %{name}.login.defs
28 Patch0: %{name}-f-option.patch
29 Patch1: %{name}-no_bash.patch
30 Patch2: %{name}-silent_crontab.patch
31 Patch3: %{name}-pl.po-update.patch
32 URL: http://www.thkukuk.de/pam/pwdutils/
33 %{?with_audit:BuildRequires: audit-libs-devel}
34 BuildRequires: autoconf
35 BuildRequires: automake >= 1:1.7
36 BuildRequires: gcc >= 5:3.2
37 BuildRequires: gettext-devel
38 %{?with_gnutls:BuildRequires: gnutls-devel >= 1.0.0}
39 BuildRequires: libnscd-devel
40 %{?with_selinux:BuildRequires: libselinux-devel}
41 BuildRequires: libtool
42 %{?with_ldap:BuildRequires: openldap-devel >= 2.3.0}
43 %{!?with_gnutls:BuildRequires: openssl-devel >= 0.9.7d}
44 BuildRequires: openslp-devel
45 BuildRequires: pam-devel
46 BuildRequires: sed >= 4.0
47 Provides: shadow = 2:%{version}-%{release}
48 Provides: shadow-extras = 2:%{version}-%{release}
50 Obsoletes: shadow-extras
51 Obsoletes: shadow-utils
52 Conflicts: util-linux < 2.12-10
53 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
55 # for pam module in /%{_lib}/security
56 %define _libdir /%{_lib}
59 pwdutils is a collection of utilities to manage the passwd and shadow
60 user information. The difference to the shadow suite is that these
61 utilities can also modify the information stored in NIS, NIS+, or
62 LDAP. PAM is used for user authentication and changing the pasword. It
63 contains passwd, chage, chfn, chsh, and a daemon for changing the
64 password on a remote machine over a secure SSL connection. The daemon
65 also uses PAM so that it can change passwords independent of where
69 pwdutils to zestaw narzêdzi do zarz±dzania informacjami o
70 u¿ytkownikach z passwd i shadow. Ró¿nica w stosunku do pakietu shadow
71 polega na tym, ¿e te narzêdzia mog± tak¿e modyfikowaæ informacje
72 zapisane w bazie NIS, NIS+ lub LDAP. PAM jest u¿ywany do
73 uwierzytelniania u¿ytkowników i zmiany hase³. Zestaw zawiera passwd,
74 chage, chfn, chsh oraz demona do zmiany has³a na zdalnej maszynie po
75 bezpiecznym po³±czeniu SSL. Demon tak¿e u¿ywa PAM, wiêc mo¿na zmieniaæ
76 has³a niezale¿nie od tego, gdzie s± przechowywane.
79 Summary: audit log plugin for pwdutils
80 Summary(pl): Wtyczka loguj±ca audit dla pwdutils
82 Requires: %{name} = %{version}-%{release}
84 %description log-audit
85 audit log plugin for pwdutils.
87 %description log-audit -l pl
88 Wtyczka loguj±ca audit dla pwdutils.
91 Summary: Remote password update client
92 Summary(pl): Klient do zdalnego uaktualniania hase³
93 Group: Applications/System
95 %description -n rpasswd
96 rpasswd changes passwords for user accounts on a remote server over a
97 secure SSL connection. A normal user may only change the password for
98 their own account, if the user knows the password of the administrator
99 account (in the moment this is the root password on the server), he may
100 change the password for any account if he calls rpasswd with the -a
103 %description -n rpasswd -l pl
104 rpasswd pozwala zmieniaæ has³a u¿ytkowników na zdalnym serwerze przy
105 u¿yciu bezpiecznego po³±czenia SSL. Zwyk³y u¿ytkownik mo¿e zmieniæ
106 jedynie swoje has³o, a je¶li zna has³o administratora (obecnie jest to
107 has³o roota na serwerze), mo¿e zmieniæ has³o dla dowolnego konta
108 wywo³uj±c rpasswd z opcj± -a.
111 Summary: Remote password update daemon
112 Summary(pl): Demon do zdalnego uaktualniania hase³
113 Group: Applications/System
115 Requires(post,preun): /sbin/chkconfig
117 %description -n rpasswdd
118 rpasswdd is a daemon that lets users change their passwords in the
119 presence of a directory service like NIS, NIS+ or LDAP over a secure
120 SSL connection. rpasswdd behaves like the normal passwd(1) program and
121 uses PAM for authentication and changing the password, so it can be
122 configured very flexible for the local requirements.
124 %description -n rpasswdd -l pl
125 rpasswdd to demon pozwalaj±cy u¿ytkownikom zmieniaæ has³a w obecno¶ci
126 us³ug katalogowych takich jak NIS, NIS+ czy LDAP po bezpiecznym
127 po³±czeniu SSL. rpasswdd zachowuje siê tak, jak normalny program
128 passwd(1) i u¿ywam PAM do uwierzytelniania i zmiany hase³, wiêc mo¿e
129 byæ bardzo elastycznie konfigurowany dla lokalnych wymagañ.
131 %package -n pam-pam_rpasswd
132 Summary: pam_rpasswd - PAM module to change remote password
133 Summary(pl): pam_rpasswd - modu³ PAM do zdalnej zmiany has³a
135 # rpasswd.conf is in rpasswd
136 Requires: rpasswd = %{version}-%{release}
138 %description -n pam-pam_rpasswd
139 The pam_rpasswd PAM module is for changing the password of user
140 accounts on a remote server over a secure SSL connection. It only
141 provides functionality for one PAM management group: password
144 %description -n pam-pam_rpasswd -l pl
145 Modu³ PAM pam_rpasswd s³u¿y do zmiany hase³ dla kont u¿ytkowników na
146 zdalnym serwerze po bezpiecznym po³±czeniu SSL. Udostêpnia
147 funkcjonalno¶æ tylko dla jednej grupy zarz±dzania PAM: zmiany hase³.
156 sed -i -e 's/-Werror //' configure.in
165 %{?with_audit:--enable-audit-plugin} \
166 %{!?with_gnutls:--disable-gnutls} \
167 --%{?with_ldap:en}%{!?with_ldap:dis}able-ldap \
169 --enable-pam_rpasswd \
170 --%{?with_selinux:en}%{!?with_selinux:dis}able-selinux \
176 rm -rf $RPM_BUILD_ROOT
177 install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel}
180 DESTDIR=$RPM_BUILD_ROOT
182 mv -f $RPM_BUILD_ROOT%{_sbindir}/*.local $RPM_BUILD_ROOT%{_sysconfdir}/pwdutils
183 install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/default/useradd
184 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/rpasswdd
185 install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/login.defs
187 install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/chage
188 install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/chfn
189 install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/chsh
190 install %{SOURCE7} $RPM_BUILD_ROOT/etc/pam.d/passwd
191 install %{SOURCE8} $RPM_BUILD_ROOT/etc/pam.d/useradd
192 install %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/shadow
194 rm -f $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a}
195 rm -f $RPM_BUILD_ROOT/etc/init.d/rpasswdd
197 :> $RPM_BUILD_ROOT%{_sysconfdir}/shadow
198 :> $RPM_BUILD_ROOT/etc/security/chfn.allow
199 :> $RPM_BUILD_ROOT/etc/security/chsh.allow
204 rm -rf $RPM_BUILD_ROOT
207 if [ ! -f /etc/shadow ]; then
212 /sbin/chkconfig --add rpasswdd
213 if [ -f /var/lock/subsys/rpasswdd ]; then
214 /etc/rc.d/init.d/rpasswdd restart 1>&2
216 echo "Run \"/etc/rc.d/init.d/rpasswdd start\" to start rpasswdd daemon."
220 if [ "$1" = "0" ]; then
221 if [ -f /var/lock/subsys/rpasswdd ]; then
222 /etc/rc.d/init.d/rpasswdd stop 1>&2
224 /sbin/chkconfig --del rpasswdd
227 %files -f %{name}.lang
228 %defattr(644,root,root,755)
229 %doc AUTHORS ChangeLog NEWS README THANKS TODO
230 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost %{_sysconfdir}/shadow
231 %attr(750,root,root) %dir %{_sysconfdir}/default
232 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/default/*
233 %attr(750,root,root) %dir %{_sysconfdir}/%{name}
234 %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/*.local
235 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/logging
236 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage
237 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn
238 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chsh
239 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/passwd
240 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/useradd
241 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/shadow
242 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs
243 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow
244 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow
246 %attr(755,root,root) %{_bindir}/chage
247 %attr(4755,root,root) %{_bindir}/chfn
248 %attr(4755,root,root) %{_bindir}/chsh
249 %attr(4755,root,root) %{_bindir}/expiry
250 %attr(4755,root,root) %{_bindir}/gpasswd
251 %attr(755,root,root) %{_bindir}/newgrp
252 %attr(4755,root,root) %{_bindir}/passwd
253 %attr(755,root,root) %{_bindir}/sg
254 %attr(755,root,root) %{_sbindir}/chpasswd
255 %attr(755,root,root) %{_sbindir}/groupadd
256 %attr(755,root,root) %{_sbindir}/groupdel
257 %attr(755,root,root) %{_sbindir}/groupmod
258 %attr(755,root,root) %{_sbindir}/grpconv
259 %attr(755,root,root) %{_sbindir}/grpck
260 %attr(755,root,root) %{_sbindir}/grpunconv
261 %attr(755,root,root) %{_sbindir}/pwconv
262 %attr(755,root,root) %{_sbindir}/pwck
263 %attr(755,root,root) %{_sbindir}/pwunconv
264 %attr(755,root,root) %{_sbindir}/useradd
265 %attr(755,root,root) %{_sbindir}/userdel
266 %attr(755,root,root) %{_sbindir}/usermod
267 %attr(755,root,root) %{_sbindir}/vigr
268 %attr(755,root,root) %{_sbindir}/vipw
269 %dir %{_libdir}/pwdutils
270 %attr(755,root,root) %{_libdir}/pwdutils/liblog_syslog.so*
272 %exclude %{_mandir}/man1/rpasswd.1*
273 %exclude %{_mandir}/man5/rpasswd.conf.5*
274 %exclude %{_mandir}/man8/rpasswdd.8*
275 %exclude %{_mandir}/man8/pam_rpasswd.8*
279 %defattr(644,root,root,755)
280 %attr(755,root,root) %{_libdir}/pwdutils/liblog_audit.so*
284 %defattr(644,root,root,755)
285 %attr(755,root,root) %{_bindir}/rpasswd
286 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/rpasswd.conf
287 %{_mandir}/man1/rpasswd.1*
288 %{_mandir}/man5/rpasswd.conf.5*
291 %defattr(644,root,root,755)
292 %attr(755,root,root) %{_sbindir}/rpasswdd
293 %attr(754,root,root) /etc/rc.d/init.d/rpasswdd
294 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/rpasswd
295 %{_mandir}/man8/rpasswdd.8*
297 %files -n pam-pam_rpasswd
298 %defattr(644,root,root,755)
299 %attr(755,root,root) /%{_lib}/security/pam_rpasswd.so
300 %{_mandir}/man8/pam_rpasswd.8*