3 %bcond_without audit # don't build audit log plugin
4 %bcond_without ldap # build without LDAP support
5 %bcond_without selinux # build without SELinux support
6 %bcond_with bioapi # with BioAPI support in passwd
7 %bcond_with gnutls # use GnuTLS instead of OpenSSL
9 Summary: Utilities to manage the passwd and shadow user information
10 Summary(pl.UTF-8): Narzędzia do zarządzania informacjami o użytkownikach z passwd i shadow
15 Group: Applications/System
16 Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2
17 # Source0-md5: 1d583e2d1ce1ab6add51b59b64d81f7e
18 Source1: %{name}.useradd
19 Source2: %{name}.rpasswdd.init
20 Source3: %{name}.login.defs
27 Source10: rpasswd.pamd
28 Patch0: %{name}-f-option.patch
29 Patch1: %{name}-no_bash.patch
30 Patch2: %{name}-silent_crontab.patch
31 Patch3: %{name}-pl.po-update.patch
32 URL: http://www.thkukuk.de/pam/pwdutils/
33 %{?with_audit:BuildRequires: audit-libs-devel}
34 BuildRequires: autoconf
35 BuildRequires: automake >= 1:1.8
36 %{?with_bioapi:BuildRequires: bioapi-devel}
37 BuildRequires: gcc >= 5:3.2
38 BuildRequires: gettext-devel
39 %{?with_gnutls:BuildRequires: gnutls-devel >= 1.0.0}
40 BuildRequires: libnscd-devel
41 %{?with_selinux:BuildRequires: libselinux-devel}
42 BuildRequires: libtool
43 %{?with_ldap:BuildRequires: openldap-devel >= 2.4.6}
44 BuildRequires: openslp-devel
45 %{!?with_gnutls:BuildRequires: openssl-devel >= 0.9.7d}
46 BuildRequires: libxcrypt-devel
47 BuildRequires: pam-devel
48 BuildRequires: rpmbuild(macros) >= 1.268
49 BuildRequires: sed >= 4.0
50 Requires: pam >= 0.99.7.1
51 Provides: shadow = 2:%{version}-%{release}
52 Provides: shadow-extras = 2:%{version}-%{release}
54 Obsoletes: shadow-extras
55 Obsoletes: shadow-utils
56 Conflicts: util-linux < 2.12-10
57 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
59 # for pam module in /%{_lib}/security
60 %define _libdir /%{_lib}
63 pwdutils is a collection of utilities to manage the passwd and shadow
64 user information. The difference to the shadow suite is that these
65 utilities can also modify the information stored in NIS, NIS+, or
66 LDAP. PAM is used for user authentication and changing the pasword. It
67 contains passwd, chage, chfn, chsh, and a daemon for changing the
68 password on a remote machine over a secure SSL connection. The daemon
69 also uses PAM so that it can change passwords independent of where
72 %description -l pl.UTF-8
73 pwdutils to zestaw narzędzi do zarządzania informacjami o
74 użytkownikach z passwd i shadow. Różnica w stosunku do pakietu shadow
75 polega na tym, że te narzędzia mogą także modyfikować informacje
76 zapisane w bazie NIS, NIS+ lub LDAP. PAM jest używany do
77 uwierzytelniania użytkowników i zmiany haseł. Zestaw zawiera passwd,
78 chage, chfn, chsh oraz demona do zmiany hasła na zdalnej maszynie po
79 bezpiecznym połączeniu SSL. Demon także używa PAM, więc można zmieniać
80 hasła niezależnie od tego, gdzie są przechowywane.
83 Summary: audit log plugin for pwdutils
84 Summary(pl.UTF-8): Wtyczka logująca audit dla pwdutils
86 Requires: %{name} = %{version}-%{release}
88 %description log-audit
89 audit log plugin for pwdutils.
91 %description log-audit -l pl.UTF-8
92 Wtyczka logująca audit dla pwdutils.
95 Summary: Remote password update client
96 Summary(pl.UTF-8): Klient do zdalnego uaktualniania haseł
97 Group: Applications/System
99 %description -n rpasswd
100 rpasswd changes passwords for user accounts on a remote server over a
101 secure SSL connection. A normal user may only change the password for
102 their own account, if the user knows the password of the administrator
103 account (in the moment this is the root password on the server), he may
104 change the password for any account if he calls rpasswd with the -a
107 %description -n rpasswd -l pl.UTF-8
108 rpasswd pozwala zmieniać hasła użytkowników na zdalnym serwerze przy
109 użyciu bezpiecznego połączenia SSL. Zwykły użytkownik może zmienić
110 jedynie swoje hasło, a jeśli zna hasło administratora (obecnie jest to
111 hasło roota na serwerze), może zmienić hasło dla dowolnego konta
112 wywołując rpasswd z opcją -a.
115 Summary: Remote password update daemon
116 Summary(pl.UTF-8): Demon do zdalnego uaktualniania haseł
117 Group: Applications/System
118 Requires(post,preun): /sbin/chkconfig
121 %description -n rpasswdd
122 rpasswdd is a daemon that lets users change their passwords in the
123 presence of a directory service like NIS, NIS+ or LDAP over a secure
124 SSL connection. rpasswdd behaves like the normal passwd(1) program and
125 uses PAM for authentication and changing the password, so it can be
126 configured very flexible for the local requirements.
128 %description -n rpasswdd -l pl.UTF-8
129 rpasswdd to demon pozwalający użytkownikom zmieniać hasła w obecności
130 usług katalogowych takich jak NIS, NIS+ czy LDAP po bezpiecznym
131 połączeniu SSL. rpasswdd zachowuje się tak, jak normalny program
132 passwd(1) i używam PAM do uwierzytelniania i zmiany haseł, więc może
133 być bardzo elastycznie konfigurowany dla lokalnych wymagań.
135 %package -n pam-pam_rpasswd
136 Summary: pam_rpasswd - PAM module to change remote password
137 Summary(pl.UTF-8): pam_rpasswd - moduł PAM do zdalnej zmiany hasła
139 # rpasswd.conf is in rpasswd
140 Requires: rpasswd = %{version}-%{release}
142 %description -n pam-pam_rpasswd
143 The pam_rpasswd PAM module is for changing the password of user
144 accounts on a remote server over a secure SSL connection. It only
145 provides functionality for one PAM management group: password
148 %description -n pam-pam_rpasswd -l pl.UTF-8
149 Moduł PAM pam_rpasswd służy do zmiany haseł dla kont użytkowników na
150 zdalnym serwerze po bezpiecznym połączeniu SSL. Udostępnia
151 funkcjonalność tylko dla jednej grupy zarządzania PAM: zmiany haseł.
160 sed -i -e 's/-Werror //' configure.in
172 %{?with_bioapi:CPPFLAGS="-I/usr/include/bioapi"} \
173 %{!?with_bioapi:ac_cv_header_bioapi_h=no ac_cv_lib_bioapi100_BioAPI_Init=no} \
174 %{?with_audit:--enable-audit-plugin} \
175 %{!?with_gnutls:--disable-gnutls} \
176 --%{?with_ldap:en}%{!?with_ldap:dis}able-ldap \
178 --enable-pam_rpasswd \
179 --%{?with_selinux:en}%{!?with_selinux:dis}able-selinux \
185 rm -rf $RPM_BUILD_ROOT
186 install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel/{etc,tmp}}
189 DESTDIR=$RPM_BUILD_ROOT
191 mv -f $RPM_BUILD_ROOT%{_sbindir}/*.local $RPM_BUILD_ROOT%{_sysconfdir}/pwdutils
192 install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/default/useradd
193 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/rpasswdd
194 install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/login.defs
196 install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/chage
197 install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/chfn
198 install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/chsh
199 install %{SOURCE7} $RPM_BUILD_ROOT/etc/pam.d/passwd
200 install %{SOURCE8} $RPM_BUILD_ROOT/etc/pam.d/useradd
201 install %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/shadow
202 install %{SOURCE10} $RPM_BUILD_ROOT/etc/pam.d/rpasswd
204 rm -f $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a}
205 rm -f $RPM_BUILD_ROOT/%{_lib}/security/pam_*.la
206 rm -f $RPM_BUILD_ROOT/etc/init.d/rpasswdd
208 :> $RPM_BUILD_ROOT%{_sysconfdir}/shadow
209 :> $RPM_BUILD_ROOT/etc/security/chfn.allow
210 :> $RPM_BUILD_ROOT/etc/security/chsh.allow
215 rm -rf $RPM_BUILD_ROOT
218 if [ ! -f /etc/shadow ]; then
223 /sbin/chkconfig --add rpasswdd
224 %service rpasswdd restart "rpasswdd daemon"
227 if [ "$1" = "0" ]; then
228 %service rpasswdd stop
229 /sbin/chkconfig --del rpasswdd
232 %files -f %{name}.lang
233 %defattr(644,root,root,755)
234 %doc AUTHORS ChangeLog NEWS README THANKS TODO
235 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost %{_sysconfdir}/shadow
236 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/default/*
237 %attr(750,root,root) %dir %{_sysconfdir}/%{name}
238 %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/*.local
239 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/logging
240 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage
241 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn
242 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chsh
243 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/passwd
244 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/useradd
245 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/shadow
246 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs
247 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow
248 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow
252 %attr(755,root,root) %{_bindir}/chage
253 %attr(4755,root,root) %{_bindir}/chfn
254 %attr(4755,root,root) %{_bindir}/chsh
255 %attr(4755,root,root) %{_bindir}/expiry
256 %attr(4755,root,root) %{_bindir}/gpasswd
257 %attr(755,root,root) %{_bindir}/newgrp
258 %attr(4755,root,root) %{_bindir}/passwd
259 %attr(755,root,root) %{_bindir}/sg
260 %attr(755,root,root) %{_sbindir}/chpasswd
261 %attr(755,root,root) %{_sbindir}/groupadd
262 %attr(755,root,root) %{_sbindir}/groupdel
263 %attr(755,root,root) %{_sbindir}/groupmod
264 %attr(755,root,root) %{_sbindir}/grpconv
265 %attr(755,root,root) %{_sbindir}/grpck
266 %attr(755,root,root) %{_sbindir}/grpunconv
267 %attr(755,root,root) %{_sbindir}/pwconv
268 %attr(755,root,root) %{_sbindir}/pwck
269 %attr(755,root,root) %{_sbindir}/pwunconv
270 %attr(755,root,root) %{_sbindir}/useradd
271 %attr(755,root,root) %{_sbindir}/userdel
272 %attr(755,root,root) %{_sbindir}/usermod
273 %attr(755,root,root) %{_sbindir}/vigr
274 %attr(755,root,root) %{_sbindir}/vipw
275 %dir %{_libdir}/pwdutils
276 %attr(755,root,root) %{_libdir}/pwdutils/liblog_syslog.so*
277 %{_mandir}/man1/chage.1*
278 %{_mandir}/man1/chfn.1*
279 %{_mandir}/man1/chsh.1*
280 %{_mandir}/man1/expiry.1*
281 %{_mandir}/man1/gpasswd.1*
282 %{_mandir}/man1/newgrp.1*
283 %{_mandir}/man1/passwd.1*
284 %{_mandir}/man1/sg.1*
285 %{_mandir}/man5/login.defs.5*
286 %{_mandir}/man8/chpasswd.8*
287 %{_mandir}/man8/groupadd.8*
288 %{_mandir}/man8/groupdel.8*
289 %{_mandir}/man8/groupmod.8*
290 %{_mandir}/man8/grpck.8*
291 %{_mandir}/man8/grpconv.8*
292 %{_mandir}/man8/grpunconv.8*
293 %{_mandir}/man8/pwck.8*
294 %{_mandir}/man8/pwconv.8*
295 %{_mandir}/man8/pwunconv.8*
296 %{_mandir}/man8/useradd.8*
297 %{_mandir}/man8/userdel.8*
298 %{_mandir}/man8/usermod.8*
299 %{_mandir}/man8/vigr.8*
300 %{_mandir}/man8/vipw.8*
304 %defattr(644,root,root,755)
305 %attr(755,root,root) %{_libdir}/pwdutils/liblog_audit.so*
309 %defattr(644,root,root,755)
310 %attr(755,root,root) %{_bindir}/rpasswd
311 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/rpasswd.conf
312 %{_mandir}/man1/rpasswd.1*
313 %{_mandir}/man5/rpasswd.conf.5*
316 %defattr(644,root,root,755)
317 %attr(755,root,root) %{_sbindir}/rpasswdd
318 %attr(754,root,root) /etc/rc.d/init.d/rpasswdd
319 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/rpasswd
320 %{_mandir}/man8/rpasswdd.8*
322 %files -n pam-pam_rpasswd
323 %defattr(644,root,root,755)
324 %attr(755,root,root) /%{_lib}/security/pam_rpasswd.so
325 %{_mandir}/man8/pam_rpasswd.8*