2 # - review default login.defs
5 %bcond_without audit # don't build audit log plugin
6 %bcond_without ldap # build without LDAP support
7 %bcond_without selinux # build without SELinux support
8 %bcond_with bioapi # with BioAPI support in passwd
9 %bcond_with gnutls # use GnuTLS instead of OpenSSL
11 Summary: Utilities to manage the passwd and shadow user information
12 Summary(pl): Narzêdzia do zarz±dzania informacjami o u¿ytkownikach z passwd i shadow
17 Group: Applications/System
18 Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2
19 # Source0-md5: 4cc765352ee0be0fa329a1d0ed347d79
20 Source1: %{name}.useradd
21 Source2: %{name}.rpasswdd.init
22 Source3: %{name}.login.defs
29 Patch0: %{name}-f-option.patch
30 Patch1: %{name}-no_bash.patch
31 Patch2: %{name}-silent_crontab.patch
32 Patch3: %{name}-pl.po-update.patch
33 URL: http://www.thkukuk.de/pam/pwdutils/
34 %{?with_audit:BuildRequires: audit-libs-devel}
35 BuildRequires: autoconf
36 BuildRequires: automake >= 1:1.7
37 %{?with_bioapi:BuildRequires: bioapi-devel}
38 BuildRequires: gcc >= 5:3.2
39 BuildRequires: gettext-devel
40 %{?with_gnutls:BuildRequires: gnutls-devel >= 1.0.0}
41 BuildRequires: libnscd-devel
42 %{?with_selinux:BuildRequires: libselinux-devel}
43 BuildRequires: libtool
44 %{?with_ldap:BuildRequires: openldap-devel >= 2.3.0}
45 BuildRequires: openslp-devel
46 %{!?with_gnutls:BuildRequires: openssl-devel >= 0.9.7d}
47 BuildRequires: pam-devel
48 BuildRequires: rpmbuild(macros) >= 1.268
49 BuildRequires: sed >= 4.0
50 Provides: shadow = 2:%{version}-%{release}
51 Provides: shadow-extras = 2:%{version}-%{release}
53 Obsoletes: shadow-extras
54 Obsoletes: shadow-utils
55 Conflicts: util-linux < 2.12-10
56 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
58 # for pam module in /%{_lib}/security
59 %define _libdir /%{_lib}
62 pwdutils is a collection of utilities to manage the passwd and shadow
63 user information. The difference to the shadow suite is that these
64 utilities can also modify the information stored in NIS, NIS+, or
65 LDAP. PAM is used for user authentication and changing the pasword. It
66 contains passwd, chage, chfn, chsh, and a daemon for changing the
67 password on a remote machine over a secure SSL connection. The daemon
68 also uses PAM so that it can change passwords independent of where
72 pwdutils to zestaw narzêdzi do zarz±dzania informacjami o
73 u¿ytkownikach z passwd i shadow. Ró¿nica w stosunku do pakietu shadow
74 polega na tym, ¿e te narzêdzia mog± tak¿e modyfikowaæ informacje
75 zapisane w bazie NIS, NIS+ lub LDAP. PAM jest u¿ywany do
76 uwierzytelniania u¿ytkowników i zmiany hase³. Zestaw zawiera passwd,
77 chage, chfn, chsh oraz demona do zmiany has³a na zdalnej maszynie po
78 bezpiecznym po³±czeniu SSL. Demon tak¿e u¿ywa PAM, wiêc mo¿na zmieniaæ
79 has³a niezale¿nie od tego, gdzie s± przechowywane.
82 Summary: audit log plugin for pwdutils
83 Summary(pl): Wtyczka loguj±ca audit dla pwdutils
85 Requires: %{name} = %{version}-%{release}
87 %description log-audit
88 audit log plugin for pwdutils.
90 %description log-audit -l pl
91 Wtyczka loguj±ca audit dla pwdutils.
94 Summary: Remote password update client
95 Summary(pl): Klient do zdalnego uaktualniania hase³
96 Group: Applications/System
98 %description -n rpasswd
99 rpasswd changes passwords for user accounts on a remote server over a
100 secure SSL connection. A normal user may only change the password for
101 their own account, if the user knows the password of the administrator
102 account (in the moment this is the root password on the server), he may
103 change the password for any account if he calls rpasswd with the -a
106 %description -n rpasswd -l pl
107 rpasswd pozwala zmieniaæ has³a u¿ytkowników na zdalnym serwerze przy
108 u¿yciu bezpiecznego po³±czenia SSL. Zwyk³y u¿ytkownik mo¿e zmieniæ
109 jedynie swoje has³o, a je¶li zna has³o administratora (obecnie jest to
110 has³o roota na serwerze), mo¿e zmieniæ has³o dla dowolnego konta
111 wywo³uj±c rpasswd z opcj± -a.
114 Summary: Remote password update daemon
115 Summary(pl): Demon do zdalnego uaktualniania hase³
116 Group: Applications/System
117 Requires(post,preun): /sbin/chkconfig
120 %description -n rpasswdd
121 rpasswdd is a daemon that lets users change their passwords in the
122 presence of a directory service like NIS, NIS+ or LDAP over a secure
123 SSL connection. rpasswdd behaves like the normal passwd(1) program and
124 uses PAM for authentication and changing the password, so it can be
125 configured very flexible for the local requirements.
127 %description -n rpasswdd -l pl
128 rpasswdd to demon pozwalaj±cy u¿ytkownikom zmieniaæ has³a w obecno¶ci
129 us³ug katalogowych takich jak NIS, NIS+ czy LDAP po bezpiecznym
130 po³±czeniu SSL. rpasswdd zachowuje siê tak, jak normalny program
131 passwd(1) i u¿ywam PAM do uwierzytelniania i zmiany hase³, wiêc mo¿e
132 byæ bardzo elastycznie konfigurowany dla lokalnych wymagañ.
134 %package -n pam-pam_rpasswd
135 Summary: pam_rpasswd - PAM module to change remote password
136 Summary(pl): pam_rpasswd - modu³ PAM do zdalnej zmiany has³a
138 # rpasswd.conf is in rpasswd
139 Requires: rpasswd = %{version}-%{release}
141 %description -n pam-pam_rpasswd
142 The pam_rpasswd PAM module is for changing the password of user
143 accounts on a remote server over a secure SSL connection. It only
144 provides functionality for one PAM management group: password
147 %description -n pam-pam_rpasswd -l pl
148 Modu³ PAM pam_rpasswd s³u¿y do zmiany hase³ dla kont u¿ytkowników na
149 zdalnym serwerze po bezpiecznym po³±czeniu SSL. Udostêpnia
150 funkcjonalno¶æ tylko dla jednej grupy zarz±dzania PAM: zmiany hase³.
159 sed -i -e 's/-Werror //' configure.in
170 %{?with_bioapi:CPPFLAGS="-I/usr/include/bioapi"} \
171 %{!?with_bioapi:ac_cv_header_bioapi_h=no ac_cv_lib_bioapi100_BioAPI_Init=no} \
172 %{?with_audit:--enable-audit-plugin} \
173 %{!?with_gnutls:--disable-gnutls} \
174 --%{?with_ldap:en}%{!?with_ldap:dis}able-ldap \
176 --enable-pam_rpasswd \
177 --%{?with_selinux:en}%{!?with_selinux:dis}able-selinux \
183 rm -rf $RPM_BUILD_ROOT
184 install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel/tmp}
187 DESTDIR=$RPM_BUILD_ROOT
189 mv -f $RPM_BUILD_ROOT%{_sbindir}/*.local $RPM_BUILD_ROOT%{_sysconfdir}/pwdutils
190 install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/default/useradd
191 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/rpasswdd
192 install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/login.defs
194 install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/chage
195 install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/chfn
196 install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/chsh
197 install %{SOURCE7} $RPM_BUILD_ROOT/etc/pam.d/passwd
198 install %{SOURCE8} $RPM_BUILD_ROOT/etc/pam.d/useradd
199 install %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/shadow
201 rm -f $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a}
202 rm -f $RPM_BUILD_ROOT/etc/init.d/rpasswdd
204 :> $RPM_BUILD_ROOT%{_sysconfdir}/shadow
205 :> $RPM_BUILD_ROOT/etc/security/chfn.allow
206 :> $RPM_BUILD_ROOT/etc/security/chsh.allow
211 rm -rf $RPM_BUILD_ROOT
214 if [ ! -f /etc/shadow ]; then
219 /sbin/chkconfig --add rpasswdd
220 %service rpasswdd restart "rpasswdd daemon"
223 if [ "$1" = "0" ]; then
224 %service rpasswdd stop
225 /sbin/chkconfig --del rpasswdd
228 %files -f %{name}.lang
229 %defattr(644,root,root,755)
230 %doc AUTHORS ChangeLog NEWS README THANKS TODO
231 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost %{_sysconfdir}/shadow
232 %attr(750,root,root) %dir %{_sysconfdir}/default
233 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/default/*
234 %attr(750,root,root) %dir %{_sysconfdir}/%{name}
235 %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/*.local
236 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/logging
237 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage
238 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn
239 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chsh
240 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/passwd
241 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/useradd
242 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/shadow
243 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs
244 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow
245 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow
248 %attr(755,root,root) %{_bindir}/chage
249 %attr(4755,root,root) %{_bindir}/chfn
250 %attr(4755,root,root) %{_bindir}/chsh
251 %attr(4755,root,root) %{_bindir}/expiry
252 %attr(4755,root,root) %{_bindir}/gpasswd
253 %attr(755,root,root) %{_bindir}/newgrp
254 %attr(4755,root,root) %{_bindir}/passwd
255 %attr(755,root,root) %{_bindir}/sg
256 %attr(755,root,root) %{_sbindir}/chpasswd
257 %attr(755,root,root) %{_sbindir}/groupadd
258 %attr(755,root,root) %{_sbindir}/groupdel
259 %attr(755,root,root) %{_sbindir}/groupmod
260 %attr(755,root,root) %{_sbindir}/grpconv
261 %attr(755,root,root) %{_sbindir}/grpck
262 %attr(755,root,root) %{_sbindir}/grpunconv
263 %attr(755,root,root) %{_sbindir}/pwconv
264 %attr(755,root,root) %{_sbindir}/pwck
265 %attr(755,root,root) %{_sbindir}/pwunconv
266 %attr(755,root,root) %{_sbindir}/useradd
267 %attr(755,root,root) %{_sbindir}/userdel
268 %attr(755,root,root) %{_sbindir}/usermod
269 %attr(755,root,root) %{_sbindir}/vigr
270 %attr(755,root,root) %{_sbindir}/vipw
271 %dir %{_libdir}/pwdutils
272 %attr(755,root,root) %{_libdir}/pwdutils/liblog_syslog.so*
274 %exclude %{_mandir}/man1/rpasswd.1*
275 %exclude %{_mandir}/man5/rpasswd.conf.5*
276 %exclude %{_mandir}/man8/rpasswdd.8*
277 %exclude %{_mandir}/man8/pam_rpasswd.8*
281 %defattr(644,root,root,755)
282 %attr(755,root,root) %{_libdir}/pwdutils/liblog_audit.so*
286 %defattr(644,root,root,755)
287 %attr(755,root,root) %{_bindir}/rpasswd
288 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/rpasswd.conf
289 %{_mandir}/man1/rpasswd.1*
290 %{_mandir}/man5/rpasswd.conf.5*
293 %defattr(644,root,root,755)
294 %attr(755,root,root) %{_sbindir}/rpasswdd
295 %attr(754,root,root) /etc/rc.d/init.d/rpasswdd
296 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/rpasswd
297 %{_mandir}/man8/rpasswdd.8*
299 %files -n pam-pam_rpasswd
300 %defattr(644,root,root,755)
301 %attr(755,root,root) /%{_lib}/security/pam_rpasswd.so
302 %{_mandir}/man8/pam_rpasswd.8*