1 # TODO: review default login.defs
4 %bcond_without audit # don't build audit log plugin
5 %bcond_without ldap # build without LDAP support
6 %bcond_without selinux # build without SELinux support
7 %bcond_with openssl # use OpenSSL instead of GnuTLS
9 Summary: Utilities to manage the passwd and shadow user information
10 Summary(pl): Narzêdzia do zarz±dzania informacjami o u¿ytkownikach z passwd i shadow
15 Group: Applications/System
16 Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2
17 # Source0-md5: 10603d67f4959772544a76691310dfc8
18 Source1: %{name}.useradd
19 Source2: %{name}.rpasswdd.init
20 Source3: %{name}.login.defs
27 Patch0: %{name}-f-option.patch
28 Patch1: %{name}-no_bash.patch
29 Patch2: %{name}-silent_crontab.patch
30 URL: http://www.thkukuk.de/pam/pwdutils/
31 %{?with_audit:BuildRequires: audit-libs-devel}
32 BuildRequires: autoconf
33 BuildRequires: automake >= 1:1.7
34 BuildRequires: gcc >= 5:3.2
35 BuildRequires: gettext-devel
36 %{!?with_openssl:BuildRequires: gnutls-devel >= 1.0.0}
37 BuildRequires: libnscd-devel
38 %{?with_selinux:BuildRequires: libselinux-devel}
39 BuildRequires: libtool
40 %{?with_ldap:BuildRequires: openldap-devel}
41 %{?with_openssl:BuildRequires: openssl-devel >= 0.9.7d}
42 BuildRequires: openslp-devel
43 BuildRequires: pam-devel
44 BuildRequires: sed >= 4.0
45 Provides: shadow = 2:%{version}-%{release}
46 Provides: shadow-extras = 2:%{version}-%{release}
48 Obsoletes: shadow-extras
49 Obsoletes: shadow-utils
50 Conflicts: util-linux < 2.12-10
51 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
53 # for pam module in /%{_lib}/security
54 %define _libdir /%{_lib}
57 pwdutils is a collection of utilities to manage the passwd and shadow
58 user information. The difference to the shadow suite is that these
59 utilities can also modify the information stored in NIS, NIS+, or
60 LDAP. PAM is used for user authentication and changing the pasword. It
61 contains passwd, chage, chfn, chsh, and a daemon for changing the
62 password on a remote machine over a secure SSL connection. The daemon
63 also uses PAM so that it can change passwords independent of where
67 pwdutils to zestaw narzêdzi do zarz±dzania informacjami o
68 u¿ytkownikach z passwd i shadow. Ró¿nica w stosunku do pakietu shadow
69 polega na tym, ¿e te narzêdzia mog± tak¿e modyfikowaæ informacje
70 zapisane w bazie NIS, NIS+ lub LDAP. PAM jest u¿ywany do
71 uwierzytelniania u¿ytkowników i zmiany hase³. Zestaw zawiera passwd,
72 chage, chfn, chsh oraz demona do zmiany has³a na zdalnej maszynie po
73 bezpiecznym po³±czeniu SSL. Demon tak¿e u¿ywa PAM, wiêc mo¿na zmieniaæ
74 has³a niezale¿nie od tego, gdzie s± przechowywane.
77 Summary: audit log plugin for pwdutils
78 Summary(pl): Wtyczka loguj±ca audit dla pwdutils
80 Requires: %{name} = %{version}-%{release}
82 %description log-audit
83 audit log plugin for pwdutils.
85 %description log-audit -l pl
86 Wtyczka loguj±ca audit dla pwdutils.
89 Summary: Remote password update daemon
90 Summary(pl): Demon do zdalnego uaktualniania hase³
91 Group: Applications/System
93 Requires(post,preun): /sbin/chkconfig
95 %description -n rpasswdd
96 rpasswdd is a daemon that lets users change their passwords in the
97 presence of a directory service like NIS, NIS+ or LDAP over a secure
98 SSL connection. rpasswdd behaves like the normal passwd(1) program and
99 uses PAM for authentication and changing the password, so it can be
100 configured very flexibel for the local requirements.
102 %description -n rpasswdd -l pl
103 rpasswdd to demon pozwalaj±cy u¿ytkownikom zmieniaæ has³a w obecno¶ci
104 us³ug katalogowych takich jak NIS, NIS+ czy LDAP po bezpiecznym
105 po³±czeniu SSL. rpasswdd zachowuje siê tak, jak normalny program
106 passwd(1) i u¿ywam PAM do uwierzytelniania i zmiany hase³, wiêc mo¿e
107 byæ bardzo elastycznie konfigurowany dla lokalnych wymagañ.
109 %package -n pam-pam_rpasswd
110 Summary: pam_rpasswd - PAM module to change remote password
111 Summary(pl): pam_rpasswd - modu³ PAM do zdalnej zmiany has³a
113 # rpasswd.conf is in base
114 Requires: %{name} = %{version}-%{release}
116 %description -n pam-pam_rpasswd
117 The pam_rpasswd PAM module is for changing the password of user
118 accounts on a remote server over a secure SSL connection. It only
119 provides functionality for one PAM management group: password
122 %description -n pam-pam_rpasswd -l pl
123 Modu³ PAM pam_rpasswd s³u¿y do zmiany hase³ dla kont u¿ytkowników na
124 zdalnym serwerze po bezpiecznym po³±czeniu SSL. Udostêpnia
125 funkcjonalno¶æ tylko dla jednej grupy zarz±dzania PAM: zmiany hase³.
133 sed -i -e 's/-Werror //' configure.in
142 %{?with_audit:--enable-audit-plugin} \
143 %{?with_openssl:--disable-gnutls} \
144 --%{?with_ldap:en}%{!?with_ldap:dis}able-ldap \
146 --enable-pam_rpasswd \
147 --%{?with_selinux:en}%{!?with_selinux:dis}able-selinux \
153 rm -rf $RPM_BUILD_ROOT
154 install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel}
157 DESTDIR=$RPM_BUILD_ROOT
159 mv -f $RPM_BUILD_ROOT%{_sbindir}/*.local $RPM_BUILD_ROOT%{_sysconfdir}/pwdutils
160 install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/default/useradd
161 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/rpasswdd
162 install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/login.defs
164 install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/chage
165 install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/chfn
166 install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/chsh
167 install %{SOURCE7} $RPM_BUILD_ROOT/etc/pam.d/passwd
168 install %{SOURCE8} $RPM_BUILD_ROOT/etc/pam.d/useradd
169 install %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/shadow
171 rm -f $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a}
173 :> $RPM_BUILD_ROOT%{_sysconfdir}/shadow
174 :> $RPM_BUILD_ROOT/etc/security/chfn.allow
175 :> $RPM_BUILD_ROOT/etc/security/chsh.allow
180 rm -rf $RPM_BUILD_ROOT
183 if [ ! -f /etc/shadow ]; then
188 /sbin/chkconfig --add rpasswdd
189 if [ -f /var/lock/subsys/rpasswdd ]; then
190 /etc/rc.d/init.d/rpasswdd restart 1>&2
192 echo "Run \"/etc/rc.d/init.d/rpasswdd start\" to start rpasswdd daemon."
196 if [ "$1" = "0" ]; then
197 if [ -f /var/lock/subsys/rpasswdd ]; then
198 /etc/rc.d/init.d/rpasswdd stop 1>&2
200 /sbin/chkconfig --del rpasswdd
203 %files -f %{name}.lang
204 %defattr(644,root,root,755)
205 %doc AUTHORS ChangeLog NEWS README THANKS TODO
206 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost %{_sysconfdir}/shadow
207 %attr(750,root,root) %dir %{_sysconfdir}/default
208 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/default/*
209 %attr(750,root,root) %dir %{_sysconfdir}/%{name}
210 %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/*.local
211 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/logging
212 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage
213 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn
214 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chsh
215 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/passwd
216 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/useradd
217 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/shadow
218 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs
219 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/rpasswd.conf
220 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow
221 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow
223 %attr(755,root,root) %{_bindir}/chage
224 %attr(4755,root,root) %{_bindir}/chfn
225 %attr(4755,root,root) %{_bindir}/chsh
226 %attr(4755,root,root) %{_bindir}/expiry
227 %attr(4755,root,root) %{_bindir}/gpasswd
228 %attr(755,root,root) %{_bindir}/newgrp
229 %attr(4755,root,root) %{_bindir}/passwd
230 %attr(755,root,root) %{_bindir}/rpasswd
231 %attr(755,root,root) %{_bindir}/sg
232 %attr(755,root,root) %{_sbindir}/chpasswd
233 %attr(755,root,root) %{_sbindir}/groupadd
234 %attr(755,root,root) %{_sbindir}/groupdel
235 %attr(755,root,root) %{_sbindir}/groupmod
236 %attr(755,root,root) %{_sbindir}/grpconv
237 %attr(755,root,root) %{_sbindir}/grpck
238 %attr(755,root,root) %{_sbindir}/grpunconv
239 %attr(755,root,root) %{_sbindir}/pwconv
240 %attr(755,root,root) %{_sbindir}/pwck
241 %attr(755,root,root) %{_sbindir}/pwunconv
242 %attr(755,root,root) %{_sbindir}/rpasswdd
243 %attr(755,root,root) %{_sbindir}/useradd
244 %attr(755,root,root) %{_sbindir}/userdel
245 %attr(755,root,root) %{_sbindir}/usermod
246 %attr(755,root,root) %{_sbindir}/vigr
247 %attr(755,root,root) %{_sbindir}/vipw
248 %dir %{_libdir}/pwdutils
249 %attr(755,root,root) %{_libdir}/pwdutils/liblog_syslog.so*
251 %exclude %{_mandir}/man8/rpasswdd.8*
252 %exclude %{_mandir}/man8/pam_rpasswd.8*
256 %defattr(644,root,root,755)
257 %attr(755,root,root) %{_libdir}/pwdutils/liblog_audit.so*
261 %defattr(644,root,root,755)
262 %attr(755,root,root) %{_sbindir}/rpasswdd
263 %attr(754,root,root) /etc/rc.d/init.d/rpasswdd
264 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/rpasswd
265 %{_mandir}/man8/rpasswdd.8*
267 %files -n pam-pam_rpasswd
268 %defattr(644,root,root,755)
269 %attr(755,root,root) /%{_lib}/security/pam_rpasswd.so
270 %{_mandir}/man8/pam_rpasswd.8*