]>
Commit | Line | Data |
---|---|---|
1 | # | |
2 | # Conditional build: | |
3 | %bcond_without audit # don't build audit log plugin | |
4 | %bcond_without ldap # build without LDAP support | |
5 | %bcond_without selinux # build without SELinux support | |
6 | %bcond_with bioapi # with BioAPI support in passwd | |
7 | %bcond_with gnutls # use GnuTLS instead of OpenSSL | |
8 | ||
9 | Summary: Utilities to manage the passwd and shadow user information | |
10 | Summary(pl.UTF-8): Narzędzia do zarządzania informacjami o użytkownikach z passwd i shadow | |
11 | Name: pwdutils | |
12 | Version: 3.2.19 | |
13 | Release: 2 | |
14 | License: GPL v2 | |
15 | Group: Base | |
16 | #Source0: ftp://ftp.kernel.org/pub/linux/utils/net/NIS/%{name}-%{version}.tar.bz2 | |
17 | Source0: http://www.linux-nis.org/download/pwdutils/%{name}-%{version}.tar.bz2 | |
18 | # Source0-md5: 25a77a0ab376eacf24ad5eab7af4cdce | |
19 | Source1: %{name}.useradd | |
20 | Source2: %{name}.rpasswdd.init | |
21 | Source3: %{name}.login.defs | |
22 | Source4: chage.pamd | |
23 | Source5: chfn.pamd | |
24 | Source6: chsh.pamd | |
25 | Source7: passwd.pamd | |
26 | Source8: useradd.pamd | |
27 | Source9: userdb.pamd | |
28 | Source10: rpasswd.pamd | |
29 | Patch0: %{name}-f-option.patch | |
30 | Patch1: %{name}-no_bash.patch | |
31 | Patch2: %{name}-silent_crontab.patch | |
32 | Patch3: %{name}-pl.po-update.patch | |
33 | Patch4: %{name}-selinux.patch | |
34 | Patch5: %{name}-am.patch | |
35 | Patch6: %{name}-libc-lock.patch | |
36 | Patch7: %{name}-format-security.patch | |
37 | Patch8: dlsym.patch | |
38 | URL: http://www.thkukuk.de/pam/pwdutils/ | |
39 | %{?with_audit:BuildRequires: audit-libs-devel} | |
40 | BuildRequires: autoconf | |
41 | BuildRequires: automake >= 1:1.9 | |
42 | %{?with_bioapi:BuildRequires: bioapi-devel} | |
43 | BuildRequires: gcc >= 5:3.2 | |
44 | BuildRequires: gettext-tools | |
45 | %{?with_gnutls:BuildRequires: gnutls-devel >= 1.0.0} | |
46 | BuildRequires: libnscd-devel | |
47 | %{?with_selinux:BuildRequires: libselinux-devel} | |
48 | BuildRequires: libtool | |
49 | BuildRequires: libxcrypt-devel | |
50 | %{?with_ldap:BuildRequires: openldap-devel >= 2.4.6} | |
51 | BuildRequires: openslp-devel | |
52 | %{!?with_gnutls:BuildRequires: openssl-devel >= 0.9.7d} | |
53 | BuildRequires: pam-devel | |
54 | BuildRequires: rpmbuild(macros) >= 1.268 | |
55 | BuildRequires: sed >= 4.0 | |
56 | Requires: pam >= 0.99.7.1 | |
57 | Suggests: make | |
58 | Provides: shadow = 2:%{version}-%{release} | |
59 | Provides: shadow-extras = 2:%{version}-%{release} | |
60 | Obsoletes: shadow | |
61 | Obsoletes: shadow-extras | |
62 | Obsoletes: shadow-utils | |
63 | Conflicts: util-linux < 2.12-10 | |
64 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) | |
65 | ||
66 | # for pam module in /%{_lib}/security | |
67 | %define _libdir /%{_lib} | |
68 | ||
69 | %description | |
70 | pwdutils is a collection of utilities to manage the passwd and shadow | |
71 | user information. The difference to the shadow suite is that these | |
72 | utilities can also modify the information stored in NIS, NIS+, or | |
73 | LDAP. PAM is used for user authentication and changing the pasword. It | |
74 | contains passwd, chage, chfn, chsh, and a daemon for changing the | |
75 | password on a remote machine over a secure SSL connection. The daemon | |
76 | also uses PAM so that it can change passwords independent of where | |
77 | they are stored. | |
78 | ||
79 | %description -l pl.UTF-8 | |
80 | pwdutils to zestaw narzędzi do zarządzania informacjami o | |
81 | użytkownikach z passwd i shadow. Różnica w stosunku do pakietu shadow | |
82 | polega na tym, że te narzędzia mogą także modyfikować informacje | |
83 | zapisane w bazie NIS, NIS+ lub LDAP. PAM jest używany do | |
84 | uwierzytelniania użytkowników i zmiany haseł. Zestaw zawiera passwd, | |
85 | chage, chfn, chsh oraz demona do zmiany hasła na zdalnej maszynie po | |
86 | bezpiecznym połączeniu SSL. Demon także używa PAM, więc można zmieniać | |
87 | hasła niezależnie od tego, gdzie są przechowywane. | |
88 | ||
89 | %package log-audit | |
90 | Summary: audit log plugin for pwdutils | |
91 | Summary(pl.UTF-8): Wtyczka logująca audit dla pwdutils | |
92 | Group: Libraries | |
93 | Requires: %{name} = %{version}-%{release} | |
94 | ||
95 | %description log-audit | |
96 | audit log plugin for pwdutils. | |
97 | ||
98 | %description log-audit -l pl.UTF-8 | |
99 | Wtyczka logująca audit dla pwdutils. | |
100 | ||
101 | %package -n rpasswd | |
102 | Summary: Remote password update client | |
103 | Summary(pl.UTF-8): Klient do zdalnego uaktualniania haseł | |
104 | Group: Applications/System | |
105 | ||
106 | %description -n rpasswd | |
107 | rpasswd changes passwords for user accounts on a remote server over a | |
108 | secure SSL connection. A normal user may only change the password for | |
109 | their own account, if the user knows the password of the administrator | |
110 | account (in the moment this is the root password on the server), he | |
111 | may change the password for any account if he calls rpasswd with the | |
112 | -a option. | |
113 | ||
114 | %description -n rpasswd -l pl.UTF-8 | |
115 | rpasswd pozwala zmieniać hasła użytkowników na zdalnym serwerze przy | |
116 | użyciu bezpiecznego połączenia SSL. Zwykły użytkownik może zmienić | |
117 | jedynie swoje hasło, a jeśli zna hasło administratora (obecnie jest to | |
118 | hasło roota na serwerze), może zmienić hasło dla dowolnego konta | |
119 | wywołując rpasswd z opcją -a. | |
120 | ||
121 | %package -n rpasswdd | |
122 | Summary: Remote password update daemon | |
123 | Summary(pl.UTF-8): Demon do zdalnego uaktualniania haseł | |
124 | Group: Applications/System | |
125 | Requires(post,preun): /sbin/chkconfig | |
126 | Requires: rc-scripts | |
127 | ||
128 | %description -n rpasswdd | |
129 | rpasswdd is a daemon that lets users change their passwords in the | |
130 | presence of a directory service like NIS, NIS+ or LDAP over a secure | |
131 | SSL connection. rpasswdd behaves like the normal passwd(1) program and | |
132 | uses PAM for authentication and changing the password, so it can be | |
133 | configured very flexible for the local requirements. | |
134 | ||
135 | %description -n rpasswdd -l pl.UTF-8 | |
136 | rpasswdd to demon pozwalający użytkownikom zmieniać hasła w obecności | |
137 | usług katalogowych takich jak NIS, NIS+ czy LDAP po bezpiecznym | |
138 | połączeniu SSL. rpasswdd zachowuje się tak, jak normalny program | |
139 | passwd(1) i używam PAM do uwierzytelniania i zmiany haseł, więc może | |
140 | być bardzo elastycznie konfigurowany dla lokalnych wymagań. | |
141 | ||
142 | %package -n pam-pam_rpasswd | |
143 | Summary: pam_rpasswd - PAM module to change remote password | |
144 | Summary(pl.UTF-8): pam_rpasswd - moduł PAM do zdalnej zmiany hasła | |
145 | Group: Base | |
146 | # rpasswd.conf is in rpasswd | |
147 | Requires: rpasswd = %{version}-%{release} | |
148 | ||
149 | %description -n pam-pam_rpasswd | |
150 | The pam_rpasswd PAM module is for changing the password of user | |
151 | accounts on a remote server over a secure SSL connection. It only | |
152 | provides functionality for one PAM management group: password | |
153 | changing. | |
154 | ||
155 | %description -n pam-pam_rpasswd -l pl.UTF-8 | |
156 | Moduł PAM pam_rpasswd służy do zmiany haseł dla kont użytkowników na | |
157 | zdalnym serwerze po bezpiecznym połączeniu SSL. Udostępnia | |
158 | funkcjonalność tylko dla jednej grupy zarządzania PAM: zmiany haseł. | |
159 | ||
160 | %prep | |
161 | %setup -q | |
162 | %patch0 -p1 | |
163 | %patch1 -p1 | |
164 | %patch2 -p1 | |
165 | %patch3 -p1 | |
166 | %patch4 -p1 | |
167 | %patch5 -p1 | |
168 | %patch6 -p1 | |
169 | %patch7 -p1 | |
170 | %patch8 -p1 | |
171 | ||
172 | %{__rm} po/stamp-po | |
173 | ||
174 | %build | |
175 | %{__gettextize} | |
176 | %{__libtoolize} | |
177 | %{__aclocal} -I m4 | |
178 | %{__autoconf} | |
179 | %{__autoheader} | |
180 | %{__automake} | |
181 | %configure \ | |
182 | %{?with_bioapi:CPPFLAGS="-I/usr/include/bioapi"} \ | |
183 | %{!?with_bioapi:ac_cv_header_bioapi_h=no ac_cv_lib_bioapi100_BioAPI_Init=no} \ | |
184 | %{?with_audit:--enable-audit-plugin} \ | |
185 | %{!?with_gnutls:--disable-gnutls} \ | |
186 | --%{?with_ldap:en}%{!?with_ldap:dis}able-ldap \ | |
187 | --enable-nls \ | |
188 | --enable-pam_rpasswd \ | |
189 | --%{?with_selinux:en}%{!?with_selinux:dis}able-selinux \ | |
190 | --enable-slp \ | |
191 | --disable-rpath | |
192 | %{__make} | |
193 | ||
194 | %install | |
195 | rm -rf $RPM_BUILD_ROOT | |
196 | install -d $RPM_BUILD_ROOT/etc/{rc.d/init.d,pwdutils,security,skel/{etc,tmp}} | |
197 | ||
198 | %{__make} install \ | |
199 | DESTDIR=$RPM_BUILD_ROOT | |
200 | ||
201 | mv -f $RPM_BUILD_ROOT%{_sbindir}/*.local $RPM_BUILD_ROOT%{_sysconfdir}/pwdutils | |
202 | install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/default/useradd | |
203 | install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/rpasswdd | |
204 | install %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/login.defs | |
205 | ||
206 | install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/chage | |
207 | install %{SOURCE5} $RPM_BUILD_ROOT/etc/pam.d/chfn | |
208 | install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/chsh | |
209 | install %{SOURCE7} $RPM_BUILD_ROOT/etc/pam.d/passwd | |
210 | install %{SOURCE8} $RPM_BUILD_ROOT/etc/pam.d/useradd | |
211 | install %{SOURCE9} $RPM_BUILD_ROOT/etc/pam.d/shadow | |
212 | install %{SOURCE10} $RPM_BUILD_ROOT/etc/pam.d/rpasswd | |
213 | ||
214 | %{__rm} $RPM_BUILD_ROOT%{_libdir}/pwdutils/*.{la,a} | |
215 | %{__rm} $RPM_BUILD_ROOT/%{_lib}/security/pam_*.la | |
216 | %{__rm} $RPM_BUILD_ROOT%{_sysconfdir}/init.d/rpasswdd | |
217 | ||
218 | :> $RPM_BUILD_ROOT%{_sysconfdir}/shadow | |
219 | :> $RPM_BUILD_ROOT/etc/security/chfn.allow | |
220 | :> $RPM_BUILD_ROOT/etc/security/chsh.allow | |
221 | ||
222 | %find_lang %{name} | |
223 | ||
224 | %clean | |
225 | rm -rf $RPM_BUILD_ROOT | |
226 | ||
227 | %post | |
228 | if [ ! -f %{_sysconfdir}/shadow ]; then | |
229 | %{_sbindir}/pwconv | |
230 | fi | |
231 | ||
232 | %post -n rpasswdd | |
233 | /sbin/chkconfig --add rpasswdd | |
234 | %service rpasswdd restart "rpasswdd daemon" | |
235 | ||
236 | %preun -n rpasswdd | |
237 | if [ "$1" = "0" ]; then | |
238 | %service rpasswdd stop | |
239 | /sbin/chkconfig --del rpasswdd | |
240 | fi | |
241 | ||
242 | %files -f %{name}.lang | |
243 | %defattr(644,root,root,755) | |
244 | %doc AUTHORS ChangeLog NEWS README THANKS TODO | |
245 | %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost %{_sysconfdir}/shadow | |
246 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/default/* | |
247 | %attr(750,root,root) %dir %{_sysconfdir}/%{name} | |
248 | %attr(750,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/*.local | |
249 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/logging | |
250 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage | |
251 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn | |
252 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chsh | |
253 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/passwd | |
254 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/useradd | |
255 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/shadow | |
256 | %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs | |
257 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow | |
258 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow | |
259 | %dir /etc/skel | |
260 | %dir %config(missingok) %attr(700,root,root) /etc/skel/tmp | |
261 | %attr(755,root,root) %{_bindir}/chage | |
262 | %attr(4755,root,root) %{_bindir}/chfn | |
263 | %attr(4755,root,root) %{_bindir}/chsh | |
264 | %attr(4755,root,root) %{_bindir}/expiry | |
265 | %attr(4755,root,root) %{_bindir}/gpasswd | |
266 | %attr(4755,root,root) %{_bindir}/newgrp | |
267 | %attr(4755,root,root) %{_bindir}/passwd | |
268 | %attr(4755,root,root) %{_bindir}/sg | |
269 | %attr(755,root,root) %{_sbindir}/chpasswd | |
270 | %attr(755,root,root) %{_sbindir}/groupadd | |
271 | %attr(755,root,root) %{_sbindir}/groupdel | |
272 | %attr(755,root,root) %{_sbindir}/groupmod | |
273 | %attr(755,root,root) %{_sbindir}/grpconv | |
274 | %attr(755,root,root) %{_sbindir}/grpck | |
275 | %attr(755,root,root) %{_sbindir}/grpunconv | |
276 | %attr(755,root,root) %{_sbindir}/pwconv | |
277 | %attr(755,root,root) %{_sbindir}/pwck | |
278 | %attr(755,root,root) %{_sbindir}/pwunconv | |
279 | %attr(755,root,root) %{_sbindir}/useradd | |
280 | %attr(755,root,root) %{_sbindir}/userdel | |
281 | %attr(755,root,root) %{_sbindir}/usermod | |
282 | %attr(755,root,root) %{_sbindir}/vigr | |
283 | %attr(755,root,root) %{_sbindir}/vipw | |
284 | %dir %{_libdir}/pwdutils | |
285 | %attr(755,root,root) %{_libdir}/pwdutils/liblog_syslog.so* | |
286 | %{_mandir}/man1/chage.1* | |
287 | %{_mandir}/man1/chfn.1* | |
288 | %{_mandir}/man1/chsh.1* | |
289 | %{_mandir}/man1/expiry.1* | |
290 | %{_mandir}/man1/gpasswd.1* | |
291 | %{_mandir}/man1/newgrp.1* | |
292 | %{_mandir}/man1/passwd.1* | |
293 | %{_mandir}/man1/sg.1* | |
294 | %{_mandir}/man5/login.defs.5* | |
295 | %{_mandir}/man8/chpasswd.8* | |
296 | %{_mandir}/man8/groupadd.8* | |
297 | %{_mandir}/man8/groupdel.8* | |
298 | %{_mandir}/man8/groupmod.8* | |
299 | %{_mandir}/man8/grpck.8* | |
300 | %{_mandir}/man8/grpconv.8* | |
301 | %{_mandir}/man8/grpunconv.8* | |
302 | %{_mandir}/man8/pwck.8* | |
303 | %{_mandir}/man8/pwconv.8* | |
304 | %{_mandir}/man8/pwunconv.8* | |
305 | %{_mandir}/man8/useradd.8* | |
306 | %{_mandir}/man8/userdel.8* | |
307 | %{_mandir}/man8/usermod.8* | |
308 | %{_mandir}/man8/vigr.8* | |
309 | %{_mandir}/man8/vipw.8* | |
310 | ||
311 | %if %{with audit} | |
312 | %files log-audit | |
313 | %defattr(644,root,root,755) | |
314 | %attr(755,root,root) %{_libdir}/pwdutils/liblog_audit.so* | |
315 | %endif | |
316 | ||
317 | %files -n rpasswd | |
318 | %defattr(644,root,root,755) | |
319 | %attr(755,root,root) %{_bindir}/rpasswd | |
320 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/rpasswd.conf | |
321 | %{_mandir}/man1/rpasswd.1* | |
322 | %{_mandir}/man5/rpasswd.conf.5* | |
323 | ||
324 | %files -n rpasswdd | |
325 | %defattr(644,root,root,755) | |
326 | %attr(755,root,root) %{_sbindir}/rpasswdd | |
327 | %attr(754,root,root) /etc/rc.d/init.d/rpasswdd | |
328 | %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/rpasswd | |
329 | %{_mandir}/man8/rpasswdd.8* | |
330 | ||
331 | %files -n pam-pam_rpasswd | |
332 | %defattr(644,root,root,755) | |
333 | %attr(755,root,root) /%{_lib}/security/pam_rpasswd.so | |
334 | %{_mandir}/man8/pam_rpasswd.8* |