3 %bcond_without audit # don't build audit log plugin
4 %bcond_without ldap # build without LDAP support
5 %bcond_without selinux # build without SELinux support
6 %bcond_with bioapi # with BioAPI support in passwd
7 %bcond_with gnutls # use GnuTLS instead of OpenSSL
9 Summary: Utilities to manage the passwd and shadow user information
10 Summary(pl.UTF-8): Narzędzia do zarządzania informacjami o użytkownikach z passwd i shadow
15 Group: Applications/System
16 Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2
17 # Source0-md5: e8b88e57838c4601275eaa1d67f92cf2
18 Source1: %{name}.useradd
19 Source2: %{name}.rpasswdd.init
20 Source3: %{name}.login.defs
27 Source10: rpasswd.pamd
28 Patch0: %{name}-f-option.patch
29 Patch1: %{name}-no_bash.patch
30 Patch2: %{name}-silent_crontab.patch
31 Patch3: %{name}-pl.po-update.patch
33 URL: http://www.thkukuk.de/pam/pwdutils/
34 %{?with_audit:BuildRequires: audit-libs-devel}
35 BuildRequires: autoconf
36 BuildRequires: automake >= 1:1.8
37 %{?with_bioapi:BuildRequires: bioapi-devel}
38 BuildRequires: gcc >= 5:3.2
39 BuildRequires: gettext-devel
40 %{?with_gnutls:BuildRequires: gnutls-devel >= 1.0.0}
41 BuildRequires: libnscd-devel
42 %{?with_selinux:BuildRequires: libselinux-devel}
43 BuildRequires: libtool
44 %{?with_ldap:BuildRequires: openldap-devel >= 2.4.6}
45 BuildRequires: openslp-devel
46 %{!?with_gnutls:BuildRequires: openssl-devel >= 0.9.7d}
47 BuildRequires: libxcrypt-devel
48 BuildRequires: pam-devel
49 BuildRequires: rpmbuild(macros) >= 1.268
50 BuildRequires: sed >= 4.0
51 Requires: pam >= 0.99.7.1
52 Provides: shadow = 2:%{version}-%{release}
53 Provides: shadow-extras = 2:%{version}-%{release}
55 Obsoletes: shadow-extras
56 Obsoletes: shadow-utils
57 Conflicts: util-linux < 2.12-10
58 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
60 # for pam module in /%{_lib}/security
61 %define _libdir /%{_lib}
64 pwdutils is a collection of utilities to manage the passwd and shadow
65 user information. The difference to the shadow suite is that these
66 utilities can also modify the information stored in NIS, NIS+, or
67 LDAP. PAM is used for user authentication and changing the pasword. It
68 contains passwd, chage, chfn, chsh, and a daemon for changing the
69 password on a remote machine over a secure SSL connection. The daemon
70 also uses PAM so that it can change passwords independent of where
73 %description -l pl.UTF-8
74 pwdutils to zestaw narzędzi do zarządzania informacjami o
75 użytkownikach z passwd i shadow. Różnica w stosunku do pakietu shadow
76 polega na tym, że te narzędzia mogą także modyfikować informacje
77 zapisane w bazie NIS, NIS+ lub LDAP. PAM jest używany do
78 uwierzytelniania użytkowników i zmiany haseł. Zestaw zawiera passwd,
79 chage, chfn, chsh oraz demona do zmiany hasła na zdalnej maszynie po
80 bezpiecznym połączeniu SSL. Demon także używa PAM, więc można zmieniać
81 hasła niezależnie od tego, gdzie są przechowywane.
84 Summary: audit log plugin for pwdutils
85 Summary(pl.UTF-8): Wtyczka logująca audit dla pwdutils
87 Requires: %{name} = %{version}-%{release}
89 %description log-audit
90 audit log plugin for pwdutils.
92 %description log-audit -l pl.UTF-8
93 Wtyczka logująca audit dla pwdutils.
96 Summary: Remote password update client
97 Summary(pl.UTF-8): Klient do zdalnego uaktualniania haseł
98 Group: Applications/System
100 %description -n rpasswd
101 rpasswd changes passwords for user accounts on a remote server over a
102 secure SSL connection. A normal user may only change the password for
103 their own account, if the user knows the password of the administrator
104 account (in the moment this is the root password on the server), he may
105 change the password for any account if he calls rpasswd with the -a
108 %description -n rpasswd -l pl.UTF-8
109 rpasswd pozwala zmieniać hasła użytkowników na zdalnym serwerze przy
110 użyciu bezpiecznego połączenia SSL. Zwykły użytkownik może zmienić
111 jedynie swoje hasło, a jeśli zna hasło administratora (obecnie jest to
112 hasło roota na serwerze), może zmienić hasło dla dowolnego konta
113 wywołując rpasswd z opcją -a.
116 Summary: Remote password update daemon
117 Summary(pl.UTF-8): Demon do zdalnego uaktualniania haseł
118 Group: Applications/System
119 Requires(post,preun): /sbin/chkconfig
122 %description -n rpasswdd
123 rpasswdd is a daemon that lets users change their passwords in the
124 presence of a directory service like NIS, NIS+ or LDAP over a secure
125 SSL connection. rpasswdd behaves like the normal passwd(1) program and
126 uses PAM for authentication and changing the password, so it can be
127 configured very flexible for the local requirements.
129 %description -n rpasswdd -l pl.UTF-8
130 rpasswdd to demon pozwalający użytkownikom zmieniać hasła w obecności
131 usług katalogowych takich jak NIS, NIS+ czy LDAP po bezpiecznym
132 połączeniu SSL. rpasswdd zachowuje się tak, jak normalny program
133 passwd(1) i używam PAM do uwierzytelniania i zmiany haseł, więc może
134 być bardzo elastycznie konfigurowany dla lokalnych wymagań.
136 %package -n pam-pam_rpasswd
137 Summary: pam_rpasswd - PAM module to change remote password
138 Summary(pl.UTF-8): pam_rpasswd - moduł PAM do zdalnej zmiany hasła
140 # rpasswd.conf is in rpasswd
141 Requires: rpasswd = %{version}-%{release}
143 %description -n pam-pam_rpasswd
144 The pam_rpasswd PAM module is for changing the password of user
145 accounts on a remote server over a secure SSL connection. It only
146 provides functionality for one PAM management group: password
149 %description -n pam-pam_rpasswd -l pl.UTF-8
150 Moduł PAM pam_rpasswd służy do zmiany haseł dla kont użytkowników na
151 zdalnym serwerze po bezpiecznym połączeniu SSL. Udostępnia
152 funkcjonalność tylko dla jednej grupy zarządzania PAM: zmiany haseł.
162 sed -i -e 's/-Werror //' configure.in
174 %{?with_bioapi:CPPFLAGS="-I/usr/include/bioapi"} \
175 %{!?with_bioapi:ac_cv_header_bioapi_h=no ac_cv_lib_bioapi100_BioAPI_Init=no} \
176 %{?with_audit:--enable-audit-plugin} \
177 %{!?with_gnutls:--disable-gnutls} \
178 --%{?with_ldap:en}%{!?with_ldap:dis}able-ldap \
180 --enable-pam_rpasswd \
181 --%{?with_selinux:en}%{!?with_selinux:dis}able-selinux \
187 rm -rf $RPM_BUILD_ROOT
188 install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel/{etc,tmp}}
191 DESTDIR=$RPM_BUILD_ROOT
193 mv -f $RPM_BUILD_ROOT%{_sbindir}/*.local $RPM_BUILD_ROOT%{_sysconfdir}/pwdutils
194 install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/default/useradd
195 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/rpasswdd
196 install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/login.defs
198 install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/chage
199 install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/chfn
200 install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/chsh
201 install %{SOURCE7} $RPM_BUILD_ROOT/etc/pam.d/passwd
202 install %{SOURCE8} $RPM_BUILD_ROOT/etc/pam.d/useradd
203 install %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/shadow
204 install %{SOURCE10} $RPM_BUILD_ROOT/etc/pam.d/rpasswd
206 rm -f $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a}
207 rm -f $RPM_BUILD_ROOT/%{_lib}/security/pam_*.la
208 rm -f $RPM_BUILD_ROOT/etc/init.d/rpasswdd
210 :> $RPM_BUILD_ROOT%{_sysconfdir}/shadow
211 :> $RPM_BUILD_ROOT/etc/security/chfn.allow
212 :> $RPM_BUILD_ROOT/etc/security/chsh.allow
217 rm -rf $RPM_BUILD_ROOT
220 if [ ! -f /etc/shadow ]; then
225 /sbin/chkconfig --add rpasswdd
226 %service rpasswdd restart "rpasswdd daemon"
229 if [ "$1" = "0" ]; then
230 %service rpasswdd stop
231 /sbin/chkconfig --del rpasswdd
234 %files -f %{name}.lang
235 %defattr(644,root,root,755)
236 %doc AUTHORS ChangeLog NEWS README THANKS TODO
237 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost %{_sysconfdir}/shadow
238 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/default/*
239 %attr(750,root,root) %dir %{_sysconfdir}/%{name}
240 %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/*.local
241 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/logging
242 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage
243 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn
244 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chsh
245 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/passwd
246 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/useradd
247 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/shadow
248 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs
249 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow
250 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow
252 %dir %attr(750,root,root) /etc/skel/etc
253 %dir %attr(700,root,root) /etc/skel/tmp
254 %attr(755,root,root) %{_bindir}/chage
255 %attr(4755,root,root) %{_bindir}/chfn
256 %attr(4755,root,root) %{_bindir}/chsh
257 %attr(4755,root,root) %{_bindir}/expiry
258 %attr(4755,root,root) %{_bindir}/gpasswd
259 %attr(755,root,root) %{_bindir}/newgrp
260 %attr(4755,root,root) %{_bindir}/passwd
261 %attr(755,root,root) %{_bindir}/sg
262 %attr(755,root,root) %{_sbindir}/chpasswd
263 %attr(755,root,root) %{_sbindir}/groupadd
264 %attr(755,root,root) %{_sbindir}/groupdel
265 %attr(755,root,root) %{_sbindir}/groupmod
266 %attr(755,root,root) %{_sbindir}/grpconv
267 %attr(755,root,root) %{_sbindir}/grpck
268 %attr(755,root,root) %{_sbindir}/grpunconv
269 %attr(755,root,root) %{_sbindir}/pwconv
270 %attr(755,root,root) %{_sbindir}/pwck
271 %attr(755,root,root) %{_sbindir}/pwunconv
272 %attr(755,root,root) %{_sbindir}/useradd
273 %attr(755,root,root) %{_sbindir}/userdel
274 %attr(755,root,root) %{_sbindir}/usermod
275 %attr(755,root,root) %{_sbindir}/vigr
276 %attr(755,root,root) %{_sbindir}/vipw
277 %dir %{_libdir}/pwdutils
278 %attr(755,root,root) %{_libdir}/pwdutils/liblog_syslog.so*
279 %{_mandir}/man1/chage.1*
280 %{_mandir}/man1/chfn.1*
281 %{_mandir}/man1/chsh.1*
282 %{_mandir}/man1/expiry.1*
283 %{_mandir}/man1/gpasswd.1*
284 %{_mandir}/man1/newgrp.1*
285 %{_mandir}/man1/passwd.1*
286 %{_mandir}/man1/sg.1*
287 %{_mandir}/man5/login.defs.5*
288 %{_mandir}/man8/chpasswd.8*
289 %{_mandir}/man8/groupadd.8*
290 %{_mandir}/man8/groupdel.8*
291 %{_mandir}/man8/groupmod.8*
292 %{_mandir}/man8/grpck.8*
293 %{_mandir}/man8/grpconv.8*
294 %{_mandir}/man8/grpunconv.8*
295 %{_mandir}/man8/pwck.8*
296 %{_mandir}/man8/pwconv.8*
297 %{_mandir}/man8/pwunconv.8*
298 %{_mandir}/man8/useradd.8*
299 %{_mandir}/man8/userdel.8*
300 %{_mandir}/man8/usermod.8*
301 %{_mandir}/man8/vigr.8*
302 %{_mandir}/man8/vipw.8*
306 %defattr(644,root,root,755)
307 %attr(755,root,root) %{_libdir}/pwdutils/liblog_audit.so*
311 %defattr(644,root,root,755)
312 %attr(755,root,root) %{_bindir}/rpasswd
313 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/rpasswd.conf
314 %{_mandir}/man1/rpasswd.1*
315 %{_mandir}/man5/rpasswd.conf.5*
318 %defattr(644,root,root,755)
319 %attr(755,root,root) %{_sbindir}/rpasswdd
320 %attr(754,root,root) /etc/rc.d/init.d/rpasswdd
321 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/rpasswd
322 %{_mandir}/man8/rpasswdd.8*
324 %files -n pam-pam_rpasswd
325 %defattr(644,root,root,755)
326 %attr(755,root,root) /%{_lib}/security/pam_rpasswd.so
327 %{_mandir}/man8/pam_rpasswd.8*