%bcond_without audit # don't build audit log plugin
%bcond_without ldap # build without LDAP support
%bcond_without selinux # build without SELinux support
+%bcond_without xcrypt # crypt() from libxcrypt
%bcond_with bioapi # with BioAPI support in passwd
%bcond_with gnutls # use GnuTLS instead of OpenSSL
-#
+
Summary: Utilities to manage the passwd and shadow user information
Summary(pl.UTF-8): Narzędzia do zarządzania informacjami o użytkownikach z passwd i shadow
Name: pwdutils
-Version: 3.2.5
-Release: 1
+Version: 3.2.19
+Release: 4
License: GPL v2
-Group: Applications/System
-Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2
-# Source0-md5: 1d583e2d1ce1ab6add51b59b64d81f7e
+Group: Base
+#Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2
+Source0: http://www.linux-nis.org/download/pwdutils/%{name}-%{version}.tar.bz2
+# Source0-md5: 25a77a0ab376eacf24ad5eab7af4cdce
Source1: %{name}.useradd
Source2: %{name}.rpasswdd.init
Source3: %{name}.login.defs
Patch1: %{name}-no_bash.patch
Patch2: %{name}-silent_crontab.patch
Patch3: %{name}-pl.po-update.patch
+Patch4: %{name}-selinux.patch
+Patch5: %{name}-am.patch
+Patch6: %{name}-libc-lock.patch
+Patch7: %{name}-format-security.patch
+Patch8: dlsym.patch
URL: http://www.thkukuk.de/pam/pwdutils/
%{?with_audit:BuildRequires: audit-libs-devel}
BuildRequires: autoconf
-BuildRequires: automake >= 1:1.8
+BuildRequires: automake >= 1:1.9
%{?with_bioapi:BuildRequires: bioapi-devel}
BuildRequires: gcc >= 5:3.2
-BuildRequires: gettext-devel
+BuildRequires: gettext-tools
%{?with_gnutls:BuildRequires: gnutls-devel >= 1.0.0}
BuildRequires: libnscd-devel
%{?with_selinux:BuildRequires: libselinux-devel}
BuildRequires: libtool
-%{?with_ldap:BuildRequires: openldap-devel >= 2.4.6}
+%{?with_xcrypt:BuildRequires: libxcrypt-devel}
+%{?with_ldap:BuildRequires: openldap-devel >= 2.3.0}
BuildRequires: openslp-devel
%{!?with_gnutls:BuildRequires: openssl-devel >= 0.9.7d}
-BuildRequires: libxcrypt-devel
BuildRequires: pam-devel
BuildRequires: rpmbuild(macros) >= 1.268
BuildRequires: sed >= 4.0
Requires: pam >= 0.99.7.1
+Suggests: make
Provides: shadow = 2:%{version}-%{release}
Provides: shadow-extras = 2:%{version}-%{release}
Obsoletes: shadow
rpasswd changes passwords for user accounts on a remote server over a
secure SSL connection. A normal user may only change the password for
their own account, if the user knows the password of the administrator
-account (in the moment this is the root password on the server), he may
-change the password for any account if he calls rpasswd with the -a
-option.
+account (in the moment this is the root password on the server), he
+may change the password for any account if he calls rpasswd with the
+-a option.
%description -n rpasswd -l pl.UTF-8
rpasswd pozwala zmieniać hasła użytkowników na zdalnym serwerze przy
%patch0 -p1
%patch1 -p1
%patch2 -p1
-#%patch3 -p1
-
-sed -i -e 's/-Werror //' configure.in
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
-rm -f po/stamp-po
+%{__rm} po/stamp-po
%build
%{__gettextize}
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel/{etc,tmp}}
-
+install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel/tmp}
%{__make} install \
DESTDIR=$RPM_BUILD_ROOT
install %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/shadow
install %{SOURCE10} $RPM_BUILD_ROOT/etc/pam.d/rpasswd
-rm -f $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a}
-rm -f $RPM_BUILD_ROOT/%{_lib}/security/pam_*.la
-rm -f $RPM_BUILD_ROOT/etc/init.d/rpasswdd
+%{__rm} $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a}
+%{__rm} $RPM_BUILD_ROOT/%{_lib}/security/pam_*.la
+%{__rm} $RPM_BUILD_ROOT%{_sysconfdir}/init.d/rpasswdd
:> $RPM_BUILD_ROOT%{_sysconfdir}/shadow
:> $RPM_BUILD_ROOT/etc/security/chfn.allow
rm -rf $RPM_BUILD_ROOT
%post
-if [ ! -f /etc/shadow ]; then
+if [ ! -f %{_sysconfdir}/shadow ]; then
%{_sbindir}/pwconv
fi
%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow
-%dir /etc/skel
-%dir /etc/skel/etc
-%dir /etc/skel/tmp
+%dir %config(missingok) %attr(700,root,root) /etc/skel/tmp
%attr(755,root,root) %{_bindir}/chage
%attr(4755,root,root) %{_bindir}/chfn
%attr(4755,root,root) %{_bindir}/chsh
%attr(4755,root,root) %{_bindir}/expiry
%attr(4755,root,root) %{_bindir}/gpasswd
-%attr(755,root,root) %{_bindir}/newgrp
+%attr(4755,root,root) %{_bindir}/newgrp
%attr(4755,root,root) %{_bindir}/passwd
-%attr(755,root,root) %{_bindir}/sg
+%attr(4755,root,root) %{_bindir}/sg
%attr(755,root,root) %{_sbindir}/chpasswd
%attr(755,root,root) %{_sbindir}/groupadd
%attr(755,root,root) %{_sbindir}/groupdel
%files -n rpasswd
%defattr(644,root,root,755)
%attr(755,root,root) %{_bindir}/rpasswd
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/rpasswd.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/rpasswd.conf
%{_mandir}/man1/rpasswd.1*
%{_mandir}/man5/rpasswd.conf.5*