2 # - review default login.defs
5 %bcond_without audit # don't build audit log plugin
6 %bcond_without ldap # build without LDAP support
7 %bcond_without selinux # build without SELinux support
8 %bcond_with bioapi # with BioAPI support in passwd
9 %bcond_with gnutls # use GnuTLS instead of OpenSSL
11 Summary: Utilities to manage the passwd and shadow user information
12 Summary(pl): Narzêdzia do zarz±dzania informacjami o u¿ytkownikach z passwd i shadow
17 Group: Applications/System
18 Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2
19 # Source0-md5: b18c601e282d8695cbb5ddd87eaa473c
20 Source1: %{name}.useradd
21 Source2: %{name}.rpasswdd.init
22 Source3: %{name}.login.defs
29 Patch0: %{name}-f-option.patch
30 Patch1: %{name}-no_bash.patch
31 Patch2: %{name}-silent_crontab.patch
32 Patch3: %{name}-pl.po-update.patch
33 URL: http://www.thkukuk.de/pam/pwdutils/
34 %{?with_audit:BuildRequires: audit-libs-devel}
35 BuildRequires: autoconf
36 BuildRequires: automake >= 1:1.7
37 %{?with_bioapi:BuildRequires: bioapi-devel}
38 BuildRequires: gcc >= 5:3.2
39 BuildRequires: gettext-devel
40 %{?with_gnutls:BuildRequires: gnutls-devel >= 1.0.0}
41 BuildRequires: libnscd-devel
42 %{?with_selinux:BuildRequires: libselinux-devel}
43 BuildRequires: libtool
44 %{?with_ldap:BuildRequires: openldap-devel >= 2.3.0}
45 BuildRequires: openslp-devel
46 %{!?with_gnutls:BuildRequires: openssl-devel >= 0.9.7d}
47 BuildRequires: pam-devel
48 BuildRequires: rpmbuild(macros) >= 1.268
49 BuildRequires: sed >= 4.0
50 Requires: pam >= 0.99.7.1
51 Provides: shadow = 2:%{version}-%{release}
52 Provides: shadow-extras = 2:%{version}-%{release}
54 Obsoletes: shadow-extras
55 Obsoletes: shadow-utils
56 Conflicts: util-linux < 2.12-10
57 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
59 # for pam module in /%{_lib}/security
60 %define _libdir /%{_lib}
63 pwdutils is a collection of utilities to manage the passwd and shadow
64 user information. The difference to the shadow suite is that these
65 utilities can also modify the information stored in NIS, NIS+, or
66 LDAP. PAM is used for user authentication and changing the pasword. It
67 contains passwd, chage, chfn, chsh, and a daemon for changing the
68 password on a remote machine over a secure SSL connection. The daemon
69 also uses PAM so that it can change passwords independent of where
73 pwdutils to zestaw narzêdzi do zarz±dzania informacjami o
74 u¿ytkownikach z passwd i shadow. Ró¿nica w stosunku do pakietu shadow
75 polega na tym, ¿e te narzêdzia mog± tak¿e modyfikowaæ informacje
76 zapisane w bazie NIS, NIS+ lub LDAP. PAM jest u¿ywany do
77 uwierzytelniania u¿ytkowników i zmiany hase³. Zestaw zawiera passwd,
78 chage, chfn, chsh oraz demona do zmiany has³a na zdalnej maszynie po
79 bezpiecznym po³±czeniu SSL. Demon tak¿e u¿ywa PAM, wiêc mo¿na zmieniaæ
80 has³a niezale¿nie od tego, gdzie s± przechowywane.
83 Summary: audit log plugin for pwdutils
84 Summary(pl): Wtyczka loguj±ca audit dla pwdutils
86 Requires: %{name} = %{version}-%{release}
88 %description log-audit
89 audit log plugin for pwdutils.
91 %description log-audit -l pl
92 Wtyczka loguj±ca audit dla pwdutils.
95 Summary: Remote password update client
96 Summary(pl): Klient do zdalnego uaktualniania hase³
97 Group: Applications/System
99 %description -n rpasswd
100 rpasswd changes passwords for user accounts on a remote server over a
101 secure SSL connection. A normal user may only change the password for
102 their own account, if the user knows the password of the administrator
103 account (in the moment this is the root password on the server), he may
104 change the password for any account if he calls rpasswd with the -a
107 %description -n rpasswd -l pl
108 rpasswd pozwala zmieniaæ has³a u¿ytkowników na zdalnym serwerze przy
109 u¿yciu bezpiecznego po³±czenia SSL. Zwyk³y u¿ytkownik mo¿e zmieniæ
110 jedynie swoje has³o, a je¶li zna has³o administratora (obecnie jest to
111 has³o roota na serwerze), mo¿e zmieniæ has³o dla dowolnego konta
112 wywo³uj±c rpasswd z opcj± -a.
115 Summary: Remote password update daemon
116 Summary(pl): Demon do zdalnego uaktualniania hase³
117 Group: Applications/System
118 Requires(post,preun): /sbin/chkconfig
121 %description -n rpasswdd
122 rpasswdd is a daemon that lets users change their passwords in the
123 presence of a directory service like NIS, NIS+ or LDAP over a secure
124 SSL connection. rpasswdd behaves like the normal passwd(1) program and
125 uses PAM for authentication and changing the password, so it can be
126 configured very flexible for the local requirements.
128 %description -n rpasswdd -l pl
129 rpasswdd to demon pozwalaj±cy u¿ytkownikom zmieniaæ has³a w obecno¶ci
130 us³ug katalogowych takich jak NIS, NIS+ czy LDAP po bezpiecznym
131 po³±czeniu SSL. rpasswdd zachowuje siê tak, jak normalny program
132 passwd(1) i u¿ywam PAM do uwierzytelniania i zmiany hase³, wiêc mo¿e
133 byæ bardzo elastycznie konfigurowany dla lokalnych wymagañ.
135 %package -n pam-pam_rpasswd
136 Summary: pam_rpasswd - PAM module to change remote password
137 Summary(pl): pam_rpasswd - modu³ PAM do zdalnej zmiany has³a
139 # rpasswd.conf is in rpasswd
140 Requires: rpasswd = %{version}-%{release}
142 %description -n pam-pam_rpasswd
143 The pam_rpasswd PAM module is for changing the password of user
144 accounts on a remote server over a secure SSL connection. It only
145 provides functionality for one PAM management group: password
148 %description -n pam-pam_rpasswd -l pl
149 Modu³ PAM pam_rpasswd s³u¿y do zmiany hase³ dla kont u¿ytkowników na
150 zdalnym serwerze po bezpiecznym po³±czeniu SSL. Udostêpnia
151 funkcjonalno¶æ tylko dla jednej grupy zarz±dzania PAM: zmiany hase³.
160 sed -i -e 's/-Werror //' configure.in
171 %{?with_bioapi:CPPFLAGS="-I/usr/include/bioapi"} \
172 %{!?with_bioapi:ac_cv_header_bioapi_h=no ac_cv_lib_bioapi100_BioAPI_Init=no} \
173 %{?with_audit:--enable-audit-plugin} \
174 %{!?with_gnutls:--disable-gnutls} \
175 --%{?with_ldap:en}%{!?with_ldap:dis}able-ldap \
177 --enable-pam_rpasswd \
178 --%{?with_selinux:en}%{!?with_selinux:dis}able-selinux \
184 rm -rf $RPM_BUILD_ROOT
185 install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel/tmp}
188 DESTDIR=$RPM_BUILD_ROOT
190 mv -f $RPM_BUILD_ROOT%{_sbindir}/*.local $RPM_BUILD_ROOT%{_sysconfdir}/pwdutils
191 install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/default/useradd
192 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/rpasswdd
193 install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/login.defs
195 install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/chage
196 install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/chfn
197 install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/chsh
198 install %{SOURCE7} $RPM_BUILD_ROOT/etc/pam.d/passwd
199 install %{SOURCE8} $RPM_BUILD_ROOT/etc/pam.d/useradd
200 install %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/shadow
202 rm -f $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a}
203 rm -f $RPM_BUILD_ROOT/etc/init.d/rpasswdd
205 :> $RPM_BUILD_ROOT%{_sysconfdir}/shadow
206 :> $RPM_BUILD_ROOT/etc/security/chfn.allow
207 :> $RPM_BUILD_ROOT/etc/security/chsh.allow
212 rm -rf $RPM_BUILD_ROOT
215 if [ ! -f /etc/shadow ]; then
220 /sbin/chkconfig --add rpasswdd
221 %service rpasswdd restart "rpasswdd daemon"
224 if [ "$1" = "0" ]; then
225 %service rpasswdd stop
226 /sbin/chkconfig --del rpasswdd
229 %files -f %{name}.lang
230 %defattr(644,root,root,755)
231 %doc AUTHORS ChangeLog NEWS README THANKS TODO
232 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost %{_sysconfdir}/shadow
233 %attr(750,root,root) %dir %{_sysconfdir}/default
234 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/default/*
235 %attr(750,root,root) %dir %{_sysconfdir}/%{name}
236 %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/*.local
237 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/logging
238 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage
239 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn
240 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chsh
241 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/passwd
242 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/useradd
243 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/shadow
244 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs
245 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow
246 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow
249 %attr(755,root,root) %{_bindir}/chage
250 %attr(4755,root,root) %{_bindir}/chfn
251 %attr(4755,root,root) %{_bindir}/chsh
252 %attr(4755,root,root) %{_bindir}/expiry
253 %attr(4755,root,root) %{_bindir}/gpasswd
254 %attr(755,root,root) %{_bindir}/newgrp
255 %attr(4755,root,root) %{_bindir}/passwd
256 %attr(755,root,root) %{_bindir}/sg
257 %attr(755,root,root) %{_sbindir}/chpasswd
258 %attr(755,root,root) %{_sbindir}/groupadd
259 %attr(755,root,root) %{_sbindir}/groupdel
260 %attr(755,root,root) %{_sbindir}/groupmod
261 %attr(755,root,root) %{_sbindir}/grpconv
262 %attr(755,root,root) %{_sbindir}/grpck
263 %attr(755,root,root) %{_sbindir}/grpunconv
264 %attr(755,root,root) %{_sbindir}/pwconv
265 %attr(755,root,root) %{_sbindir}/pwck
266 %attr(755,root,root) %{_sbindir}/pwunconv
267 %attr(755,root,root) %{_sbindir}/useradd
268 %attr(755,root,root) %{_sbindir}/userdel
269 %attr(755,root,root) %{_sbindir}/usermod
270 %attr(755,root,root) %{_sbindir}/vigr
271 %attr(755,root,root) %{_sbindir}/vipw
272 %dir %{_libdir}/pwdutils
273 %attr(755,root,root) %{_libdir}/pwdutils/liblog_syslog.so*
275 %exclude %{_mandir}/man1/rpasswd.1*
276 %exclude %{_mandir}/man5/rpasswd.conf.5*
277 %exclude %{_mandir}/man8/rpasswdd.8*
278 %exclude %{_mandir}/man8/pam_rpasswd.8*
282 %defattr(644,root,root,755)
283 %attr(755,root,root) %{_libdir}/pwdutils/liblog_audit.so*
287 %defattr(644,root,root,755)
288 %attr(755,root,root) %{_bindir}/rpasswd
289 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/rpasswd.conf
290 %{_mandir}/man1/rpasswd.1*
291 %{_mandir}/man5/rpasswd.conf.5*
294 %defattr(644,root,root,755)
295 %attr(755,root,root) %{_sbindir}/rpasswdd
296 %attr(754,root,root) /etc/rc.d/init.d/rpasswdd
297 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/rpasswd
298 %{_mandir}/man8/rpasswdd.8*
300 %files -n pam-pam_rpasswd
301 %defattr(644,root,root,755)
302 %attr(755,root,root) /%{_lib}/security/pam_rpasswd.so
303 %{_mandir}/man8/pam_rpasswd.8*