3 %bcond_without audit # don't build audit log plugin
4 %bcond_without ldap # build without LDAP support
5 %bcond_without selinux # build without SELinux support
6 %bcond_with bioapi # with BioAPI support in passwd
7 %bcond_with gnutls # use GnuTLS instead of OpenSSL
9 Summary: Utilities to manage the passwd and shadow user information
10 Summary(pl.UTF-8): Narzędzia do zarządzania informacjami o użytkownikach z passwd i shadow
16 #Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2
17 Source0: http://www.linux-nis.org/download/pwdutils/%{name}-%{version}.tar.bz2
18 # Source0-md5: 25a77a0ab376eacf24ad5eab7af4cdce
19 Source1: %{name}.useradd
20 Source2: %{name}.rpasswdd.init
21 Source3: %{name}.login.defs
28 Source10: rpasswd.pamd
29 Patch0: %{name}-f-option.patch
30 Patch1: %{name}-no_bash.patch
31 Patch2: %{name}-silent_crontab.patch
32 Patch3: %{name}-pl.po-update.patch
33 Patch4: %{name}-selinux.patch
34 URL: http://www.thkukuk.de/pam/pwdutils/
35 %{?with_audit:BuildRequires: audit-libs-devel}
36 BuildRequires: autoconf
37 BuildRequires: automake >= 1:1.9
38 %{?with_bioapi:BuildRequires: bioapi-devel}
39 BuildRequires: gcc >= 5:3.2
40 BuildRequires: gettext-devel
41 %{?with_gnutls:BuildRequires: gnutls-devel >= 1.0.0}
42 BuildRequires: libnscd-devel
43 %{?with_selinux:BuildRequires: libselinux-devel}
44 BuildRequires: libtool
45 BuildRequires: libxcrypt-devel
46 %{?with_ldap:BuildRequires: openldap-devel >= 2.4.6}
47 BuildRequires: openslp-devel
48 %{!?with_gnutls:BuildRequires: openssl-devel >= 0.9.7d}
49 BuildRequires: pam-devel
50 BuildRequires: rpmbuild(macros) >= 1.268
51 BuildRequires: sed >= 4.0
52 Requires: pam >= 0.99.7.1
53 Provides: shadow = 2:%{version}-%{release}
54 Provides: shadow-extras = 2:%{version}-%{release}
56 Obsoletes: shadow-extras
57 Obsoletes: shadow-utils
58 Conflicts: util-linux < 2.12-10
59 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
61 # for pam module in /%{_lib}/security
62 %define _libdir /%{_lib}
65 pwdutils is a collection of utilities to manage the passwd and shadow
66 user information. The difference to the shadow suite is that these
67 utilities can also modify the information stored in NIS, NIS+, or
68 LDAP. PAM is used for user authentication and changing the pasword. It
69 contains passwd, chage, chfn, chsh, and a daemon for changing the
70 password on a remote machine over a secure SSL connection. The daemon
71 also uses PAM so that it can change passwords independent of where
74 %description -l pl.UTF-8
75 pwdutils to zestaw narzędzi do zarządzania informacjami o
76 użytkownikach z passwd i shadow. Różnica w stosunku do pakietu shadow
77 polega na tym, że te narzędzia mogą także modyfikować informacje
78 zapisane w bazie NIS, NIS+ lub LDAP. PAM jest używany do
79 uwierzytelniania użytkowników i zmiany haseł. Zestaw zawiera passwd,
80 chage, chfn, chsh oraz demona do zmiany hasła na zdalnej maszynie po
81 bezpiecznym połączeniu SSL. Demon także używa PAM, więc można zmieniać
82 hasła niezależnie od tego, gdzie są przechowywane.
85 Summary: audit log plugin for pwdutils
86 Summary(pl.UTF-8): Wtyczka logująca audit dla pwdutils
88 Requires: %{name} = %{version}-%{release}
90 %description log-audit
91 audit log plugin for pwdutils.
93 %description log-audit -l pl.UTF-8
94 Wtyczka logująca audit dla pwdutils.
97 Summary: Remote password update client
98 Summary(pl.UTF-8): Klient do zdalnego uaktualniania haseł
99 Group: Applications/System
101 %description -n rpasswd
102 rpasswd changes passwords for user accounts on a remote server over a
103 secure SSL connection. A normal user may only change the password for
104 their own account, if the user knows the password of the administrator
105 account (in the moment this is the root password on the server), he
106 may change the password for any account if he calls rpasswd with the
109 %description -n rpasswd -l pl.UTF-8
110 rpasswd pozwala zmieniać hasła użytkowników na zdalnym serwerze przy
111 użyciu bezpiecznego połączenia SSL. Zwykły użytkownik może zmienić
112 jedynie swoje hasło, a jeśli zna hasło administratora (obecnie jest to
113 hasło roota na serwerze), może zmienić hasło dla dowolnego konta
114 wywołując rpasswd z opcją -a.
117 Summary: Remote password update daemon
118 Summary(pl.UTF-8): Demon do zdalnego uaktualniania haseł
119 Group: Applications/System
120 Requires(post,preun): /sbin/chkconfig
123 %description -n rpasswdd
124 rpasswdd is a daemon that lets users change their passwords in the
125 presence of a directory service like NIS, NIS+ or LDAP over a secure
126 SSL connection. rpasswdd behaves like the normal passwd(1) program and
127 uses PAM for authentication and changing the password, so it can be
128 configured very flexible for the local requirements.
130 %description -n rpasswdd -l pl.UTF-8
131 rpasswdd to demon pozwalający użytkownikom zmieniać hasła w obecności
132 usług katalogowych takich jak NIS, NIS+ czy LDAP po bezpiecznym
133 połączeniu SSL. rpasswdd zachowuje się tak, jak normalny program
134 passwd(1) i używam PAM do uwierzytelniania i zmiany haseł, więc może
135 być bardzo elastycznie konfigurowany dla lokalnych wymagań.
137 %package -n pam-pam_rpasswd
138 Summary: pam_rpasswd - PAM module to change remote password
139 Summary(pl.UTF-8): pam_rpasswd - moduł PAM do zdalnej zmiany hasła
141 # rpasswd.conf is in rpasswd
142 Requires: rpasswd = %{version}-%{release}
144 %description -n pam-pam_rpasswd
145 The pam_rpasswd PAM module is for changing the password of user
146 accounts on a remote server over a secure SSL connection. It only
147 provides functionality for one PAM management group: password
150 %description -n pam-pam_rpasswd -l pl.UTF-8
151 Moduł PAM pam_rpasswd służy do zmiany haseł dla kont użytkowników na
152 zdalnym serwerze po bezpiecznym połączeniu SSL. Udostępnia
153 funkcjonalność tylko dla jednej grupy zarządzania PAM: zmiany haseł.
173 %{?with_bioapi:CPPFLAGS="-I/usr/include/bioapi"} \
174 %{!?with_bioapi:ac_cv_header_bioapi_h=no ac_cv_lib_bioapi100_BioAPI_Init=no} \
175 %{?with_audit:--enable-audit-plugin} \
176 %{!?with_gnutls:--disable-gnutls} \
177 --%{?with_ldap:en}%{!?with_ldap:dis}able-ldap \
179 --enable-pam_rpasswd \
180 --%{?with_selinux:en}%{!?with_selinux:dis}able-selinux \
186 rm -rf $RPM_BUILD_ROOT
187 install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel/{etc,tmp}}
190 DESTDIR=$RPM_BUILD_ROOT
192 mv -f $RPM_BUILD_ROOT%{_sbindir}/*.local $RPM_BUILD_ROOT%{_sysconfdir}/pwdutils
193 install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/default/useradd
194 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/rpasswdd
195 install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/login.defs
197 install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/chage
198 install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/chfn
199 install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/chsh
200 install %{SOURCE7} $RPM_BUILD_ROOT/etc/pam.d/passwd
201 install %{SOURCE8} $RPM_BUILD_ROOT/etc/pam.d/useradd
202 install %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/shadow
203 install %{SOURCE10} $RPM_BUILD_ROOT/etc/pam.d/rpasswd
205 %{__rm} $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a}
206 %{__rm} $RPM_BUILD_ROOT/%{_lib}/security/pam_*.la
207 %{__rm} $RPM_BUILD_ROOT%{_sysconfdir}/init.d/rpasswdd
209 :> $RPM_BUILD_ROOT%{_sysconfdir}/shadow
210 :> $RPM_BUILD_ROOT/etc/security/chfn.allow
211 :> $RPM_BUILD_ROOT/etc/security/chsh.allow
216 rm -rf $RPM_BUILD_ROOT
219 if [ ! -f %{_sysconfdir}/shadow ]; then
224 /sbin/chkconfig --add rpasswdd
225 %service rpasswdd restart "rpasswdd daemon"
228 if [ "$1" = "0" ]; then
229 %service rpasswdd stop
230 /sbin/chkconfig --del rpasswdd
233 %files -f %{name}.lang
234 %defattr(644,root,root,755)
235 %doc AUTHORS ChangeLog NEWS README THANKS TODO
236 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost %{_sysconfdir}/shadow
237 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/default/*
238 %attr(750,root,root) %dir %{_sysconfdir}/%{name}
239 %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/*.local
240 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/logging
241 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage
242 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn
243 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chsh
244 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/passwd
245 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/useradd
246 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/shadow
247 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs
248 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow
249 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow
251 %dir %config(missingok) %attr(750,root,root) /etc/skel/etc
252 %dir %config(missingok) %attr(700,root,root) /etc/skel/tmp
253 %attr(755,root,root) %{_bindir}/chage
254 %attr(4755,root,root) %{_bindir}/chfn
255 %attr(4755,root,root) %{_bindir}/chsh
256 %attr(4755,root,root) %{_bindir}/expiry
257 %attr(4755,root,root) %{_bindir}/gpasswd
258 %attr(4755,root,root) %{_bindir}/newgrp
259 %attr(4755,root,root) %{_bindir}/passwd
260 %attr(4755,root,root) %{_bindir}/sg
261 %attr(755,root,root) %{_sbindir}/chpasswd
262 %attr(755,root,root) %{_sbindir}/groupadd
263 %attr(755,root,root) %{_sbindir}/groupdel
264 %attr(755,root,root) %{_sbindir}/groupmod
265 %attr(755,root,root) %{_sbindir}/grpconv
266 %attr(755,root,root) %{_sbindir}/grpck
267 %attr(755,root,root) %{_sbindir}/grpunconv
268 %attr(755,root,root) %{_sbindir}/pwconv
269 %attr(755,root,root) %{_sbindir}/pwck
270 %attr(755,root,root) %{_sbindir}/pwunconv
271 %attr(755,root,root) %{_sbindir}/useradd
272 %attr(755,root,root) %{_sbindir}/userdel
273 %attr(755,root,root) %{_sbindir}/usermod
274 %attr(755,root,root) %{_sbindir}/vigr
275 %attr(755,root,root) %{_sbindir}/vipw
276 %dir %{_libdir}/pwdutils
277 %attr(755,root,root) %{_libdir}/pwdutils/liblog_syslog.so*
278 %{_mandir}/man1/chage.1*
279 %{_mandir}/man1/chfn.1*
280 %{_mandir}/man1/chsh.1*
281 %{_mandir}/man1/expiry.1*
282 %{_mandir}/man1/gpasswd.1*
283 %{_mandir}/man1/newgrp.1*
284 %{_mandir}/man1/passwd.1*
285 %{_mandir}/man1/sg.1*
286 %{_mandir}/man5/login.defs.5*
287 %{_mandir}/man8/chpasswd.8*
288 %{_mandir}/man8/groupadd.8*
289 %{_mandir}/man8/groupdel.8*
290 %{_mandir}/man8/groupmod.8*
291 %{_mandir}/man8/grpck.8*
292 %{_mandir}/man8/grpconv.8*
293 %{_mandir}/man8/grpunconv.8*
294 %{_mandir}/man8/pwck.8*
295 %{_mandir}/man8/pwconv.8*
296 %{_mandir}/man8/pwunconv.8*
297 %{_mandir}/man8/useradd.8*
298 %{_mandir}/man8/userdel.8*
299 %{_mandir}/man8/usermod.8*
300 %{_mandir}/man8/vigr.8*
301 %{_mandir}/man8/vipw.8*
305 %defattr(644,root,root,755)
306 %attr(755,root,root) %{_libdir}/pwdutils/liblog_audit.so*
310 %defattr(644,root,root,755)
311 %attr(755,root,root) %{_bindir}/rpasswd
312 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/rpasswd.conf
313 %{_mandir}/man1/rpasswd.1*
314 %{_mandir}/man5/rpasswd.conf.5*
317 %defattr(644,root,root,755)
318 %attr(755,root,root) %{_sbindir}/rpasswdd
319 %attr(754,root,root) /etc/rc.d/init.d/rpasswdd
320 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/rpasswd
321 %{_mandir}/man8/rpasswdd.8*
323 %files -n pam-pam_rpasswd
324 %defattr(644,root,root,755)
325 %attr(755,root,root) /%{_lib}/security/pam_rpasswd.so
326 %{_mandir}/man8/pam_rpasswd.8*