]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/blob - meta/recipes-extended/shadow/shadow.inc
projects / thirdparty / openembedded / openembedded-core.git / blob
? search:


16b99a0b60e8d0237ad156479787992eda485f49
[thirdparty/openembedded/openembedded-core.git] / meta / recipes-extended / shadow / shadow.inc
1 SUMMARY = "Tools to change and administer password and group data"
2 HOMEPAGE = "http://github.com/shadow-maint/shadow"
3 DESCRIPTION = "${SUMMARY}"
4 BUGTRACKER = "http://github.com/shadow-maint/shadow/issues"
5 SECTION = "base/utils"
6 LICENSE = "BSD-3-Clause"
7 LIC_FILES_CHKSUM = "file://COPYING;md5=c9a450b7be84eac23e6353efecb60b5b \
8 file://src/passwd.c;beginline=2;endline=7;md5=67bcf314687820b2f010d4863fce3fc5 \
9 "
10
11 DEPENDS = "virtual/crypt"
12
13 GITHUB_BASE_URI = "https://github.com/shadow-maint/shadow/releases"
14 SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.gz \
15 ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \
16 file://useradd \
17 "
18
19 SRC_URI:append:class-target = " \
20 file://login_defs_pam.sed \
21 file://shadow-update-pam-conf.patch \
22 "
23
24 SRC_URI:append:class-native = " \
25 file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \
26 "
27 SRC_URI[sha256sum] = "a305edf5d19bddbdf5e836d2d609fa8bff2d35458819de4d9f06306a1cf24342"
28
29 # Additional Policy files for PAM
30 PAM_SRC_URI = "file://pam.d/chfn \
31 file://pam.d/chpasswd \
32 file://pam.d/chsh \
33 file://pam.d/login \
34 file://pam.d/newusers \
35 file://pam.d/passwd \
36 file://pam.d/su"
37
38 inherit autotools gettext github-releases pkgconfig
39
40 export CONFIG_SHELL="/bin/sh"
41
42 EXTRA_OECONF += "--without-libcrack \
43 --with-group-name-max-length=24 \
44 --enable-subordinate-ids=yes \
45 --without-sssd \
46 ${NSCDOPT}"
47
48 CFLAGS:append:libc-musl = " -DLIBBSD_OVERLAY"
49
50 NSCDOPT = ""
51 NSCDOPT:class-native = "--without-nscd"
52 NSCDOPT:class-nativesdk = "--without-nscd"
53 NSCDOPT:libc-glibc = "--with-nscd"
54
55 PAM_PLUGINS = "libpam-runtime \
56 pam-plugin-faildelay \
57 pam-plugin-securetty \
58 pam-plugin-nologin \
59 pam-plugin-env \
60 pam-plugin-group \
61 pam-plugin-limits \
62 pam-plugin-motd \
63 pam-plugin-mail \
64 pam-plugin-shells \
65 pam-plugin-rootok"
66
67 PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \
68 ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)}"
69 PACKAGECONFIG:class-native ??= "${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)} libbsd"
70 PACKAGECONFIG:class-nativesdk = ""
71 PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam,${PAM_PLUGINS}"
72 PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr"
73 PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl"
74 PACKAGECONFIG[audit] = "--with-audit,--without-audit,audit"
75 PACKAGECONFIG[selinux] = "--with-selinux,--without-selinux,libselinux libsemanage"
76 PACKAGECONFIG[libbsd] = "--with-libbsd,--without-libbsd,libbsd"
77 PACKAGECONFIG[logind] = "--enable-logind,--disable-logind,systemd"
78
79 RDEPENDS:${PN} = "shadow-securetty \
80 base-passwd \
81 util-linux-sulogin"
82 RDEPENDS:${PN}:class-native = ""
83 RDEPENDS:${PN}:class-nativesdk = ""
84
85 do_install() {
86 oe_runmake DESTDIR="${D}" sbindir="${base_sbindir}" usbindir="${sbindir}" install
87
88 # Info dir listing isn't interesting at this point so remove it if it exists.
89 if [ -e "${D}${infodir}/dir" ]; then
90 rm -f ${D}${infodir}/dir
91 fi
92
93 # Enable CREATE_HOME by default.
94 sed -i 's/#CREATE_HOME/CREATE_HOME/g' ${D}${sysconfdir}/login.defs
95
96 # As we are on an embedded system, ensure the users mailbox is in
97 # ~/ not /var/spool/mail by default, as who knows where or how big
98 # /var is. The system MDA will set this later anyway.
99 sed -i 's/MAIL_DIR/#MAIL_DIR/g' ${D}${sysconfdir}/login.defs
100 sed -i 's/#MAIL_FILE/MAIL_FILE/g' ${D}${sysconfdir}/login.defs
101
102 # Disable checking emails.
103 sed -i 's/MAIL_CHECK_ENAB/#MAIL_CHECK_ENAB/g' ${D}${sysconfdir}/login.defs
104
105 # Comment out SU_NAME to work correctly with busybox
106 # See Bug#5359 and Bug#7173
107 sed -i 's:^SU_NAME:#SU_NAME:g' ${D}${sysconfdir}/login.defs
108
109 # Use proper encryption for passwords
110 sed -i 's/^#ENCRYPT_METHOD.*$/ENCRYPT_METHOD SHA512/' ${D}${sysconfdir}/login.defs
111
112 install -d ${D}${sysconfdir}/default
113 install -m 0644 ${WORKDIR}/useradd ${D}${sysconfdir}/default
114 }
115
116 do_install:append() {
117 # Ensure that the image has as a /var/spool/mail dir so shadow can
118 # put mailboxes there if the user reconfigures shadow to its
119 # defaults (see sed below).
120 install -m 0775 -d ${D}${localstatedir}/spool/mail
121 chown root:mail ${D}${localstatedir}/spool/mail
122
123 if [ -e ${WORKDIR}/pam.d ]; then
124 install -d ${D}${sysconfdir}/pam.d/
125 install -m 0644 ${WORKDIR}/pam.d/* ${D}${sysconfdir}/pam.d/
126 # Remove defaults that are not used when supporting PAM.
127 sed -i -f ${WORKDIR}/login_defs_pam.sed ${D}${sysconfdir}/login.defs
128 fi
129
130 install -d ${D}${sbindir} ${D}${base_sbindir} ${D}${base_bindir}
131
132 # Move binaries to the locations we want
133 rm ${D}${sbindir}/vigr
134 ln -sf vipw.${BPN} ${D}${base_sbindir}/vigr
135 if [ "${sbindir}" != "${base_sbindir}" ]; then
136 mv ${D}${sbindir}/vipw ${D}${base_sbindir}/vipw
137 fi
138 if [ "${bindir}" != "${base_bindir}" ]; then
139 mv ${D}${bindir}/login ${D}${base_bindir}/login
140 mv ${D}${bindir}/su ${D}${base_bindir}/su
141 fi
142
143 # Handle link properly after rename, otherwise missing files would
144 # lead rpm failed dependencies.
145 ln -sf newgrp.${BPN} ${D}${bindir}/sg
146
147 # usermod requires the subuid/subgid files to be in place before being
148 # able to use the -v/-V flags otherwise it fails:
149 # usermod: /etc/subuid does not exist, you cannot use the flags -v or -V
150 install -d ${D}${sysconfdir}
151 touch ${D}${sysconfdir}/subuid
152 touch ${D}${sysconfdir}/subgid
153 }
154
155 # Make executables look for dynamically linked libraries in a custom location, and install
156 # the needed libraries there. That way we can use them from sstate
157 # in setscene tasks without worrying about the dependency libraries being available.
158 do_install:append:class-native() {
159 binaries=$(find ${D}${base_bindir}/ ${D}${base_sbindir}/ ${D}${bindir}/ ${D}${sbindir}/ -executable -type f)
160 chrpath -k -r ${STAGING_DIR_NATIVE}/lib-shadow-deps $binaries
161 mkdir -p ${D}${STAGING_DIR_NATIVE}/lib-shadow-deps/
162 install ${STAGING_LIBDIR_NATIVE}/libattr.so.* ${STAGING_LIBDIR_NATIVE}/libbsd.so.* ${STAGING_LIBDIR_NATIVE}/libmd.so.* ${D}${STAGING_DIR_NATIVE}/lib-shadow-deps/
163 install ${D}${libdir}/*.so.* ${D}${STAGING_DIR_NATIVE}/lib-shadow-deps/
164 }
165
166 SYSROOT_DIRS:append:class-native = " ${STAGING_DIR_NATIVE}/lib-shadow-deps/"
167 INSANE_SKIP:${PN}:class-native = "already-stripped"
168
169 PACKAGES =+ "${PN}-base"
170 FILES:${PN}-base = "\
171 ${base_bindir}/login.shadow \
172 ${base_bindir}/su.shadow \
173 ${bindir}/sg \
174 ${bindir}/newgrp.shadow \
175 ${bindir}/groups.shadow \
176 ${sysconfdir}/pam.d/login \
177 ${sysconfdir}/pam.d/su \
178 ${sysconfdir}/login.defs \
179 "
180 RDEPENDS:${PN} += "${PN}-base"
181
182 inherit update-alternatives
183
184 ALTERNATIVE_PRIORITY = "200"
185
186 ALTERNATIVE:${PN} = "passwd chfn chsh chpasswd vipw vigr nologin"
187 ALTERNATIVE_LINK_NAME[chfn] = "${bindir}/chfn"
188 ALTERNATIVE_LINK_NAME[chsh] = "${bindir}/chsh"
189 ALTERNATIVE_LINK_NAME[chpasswd] = "${sbindir}/chpasswd"
190 ALTERNATIVE_LINK_NAME[vipw] = "${base_sbindir}/vipw"
191 ALTERNATIVE_LINK_NAME[vigr] = "${base_sbindir}/vigr"
192 ALTERNATIVE_LINK_NAME[nologin] = "${base_sbindir}/nologin"
193
194 ALTERNATIVE:${PN}-base = "newgrp groups login su"
195 ALTERNATIVE_LINK_NAME[login] = "${base_bindir}/login"
196 ALTERNATIVE_LINK_NAME[su] = "${base_bindir}/su"
197
198 PACKAGE_WRITE_DEPS += "shadow-native"
199 pkg_postinst:${PN}:class-target () {
200 if [ "x$D" != "x" ]; then
201 rootarg="--root $D"
202 else
203 rootarg=""
204 fi
205
206 pwconv $rootarg || exit 1
207 grpconv $rootarg || exit 1
208 }
Mirror of git://git.openembedded.org/openembedded-core