From: Michael Tremer Date: Tue, 12 May 2009 15:07:13 +0000 (+0200) Subject: Restructured system login. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b26de680d2954ecb20464fe2f49e7c6c4ed635c6;p=ipfire-3.x.git Restructured system login. We use the tools from util-linux-ng for login and shadow is no longer linked against pam. Split cracklib into lfs/cracklib and lfs/python-cracklib, because when we first compile cracklib, there is no python. --- diff --git a/lfs/Config b/lfs/Config index 44a1bc709..974f10d1c 100644 --- a/lfs/Config +++ b/lfs/Config @@ -73,6 +73,8 @@ PKG_PACKAGE=$(PKG_NAME)-$(PKG_VER)-$(SNAME)$(PKG_REL).$(TARGET).ipk IMAGE_FILE = $(IMAGES_DIR)/$(SNAME)-$(VERSION).sfs +LFS_FILE = $(firstword $(MAKEFILE_LIST)) + ############################################################################### # Common Macro Definitions ############################################################################### diff --git a/lfs/cracklib b/lfs/cracklib index 6520ec491..5f5d88b44 100644 --- a/lfs/cracklib +++ b/lfs/cracklib @@ -39,7 +39,6 @@ GROUP = Security/Password CORE = yes EXTRA = no DEBUG = no -DEPS = python URL = http://sourceforge.net/projects/cracklib/ LICENSE = GPLv2 @@ -55,6 +54,12 @@ define LONG_DESC in a dictionary. endef +ifeq "$(LFS_FILE)" "python-cracklib" + DEPS = python + SHORT_DESC = Python-bindings for cracklib. + LONG_DESC = A python module to use safe passwords. +endif + ############################################################################### # Top-level Rules ############################################################################### @@ -82,14 +87,20 @@ $(objects): $(OBJECT): $(objects) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && $(EXTRACTOR) $(DIR_DL)/$(DL_FILE) - -rm -rf /usr/share/dict + cd $(DIR_APP) && \ ./configure \ $(CONFIGURE_ARCH) \ --prefix=/usr \ --disable-static \ --with-default-dict=/lib/cracklib/pw_dict + +ifeq "$(LFS_FILE)" "python-cracklib" + cd $(DIR_APP)/python && make $(PARALLELISMFLAGS) + cd $(DIR_APP)/python && make install +else cd $(DIR_APP) && make $(PARALLELISMFLAGS) + -rm -rf /usr/share/dict cd $(DIR_APP) && make install mv -v /usr/lib/libcrack.so.2* /lib ln -v -sf ../../lib/libcrack.so.2.8.0 /usr/lib/libcrack.so @@ -102,5 +113,7 @@ $(OBJECT): $(objects) echo -ne "$(NAME)\n$(SNAME)\n" >> /usr/share/dict/cracklib-extra-words create-cracklib-dict /usr/share/dict/cracklib-words \ /usr/share/dict/cracklib-extra-words +endif + @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/pam b/lfs/pam index dfdc0061b..e2cb84483 100644 --- a/lfs/pam +++ b/lfs/pam @@ -35,7 +35,7 @@ CORE = yes EXTRA = no DEBUG = no -DEPS = cracklib +DEPS = #cracklib OBJECT = $(DIR_INFO)/$(STAGE_ORDER)_$(STAGE)/$(THISAPP) diff --git a/lfs/shadow b/lfs/shadow index 63af2623a..9b0d48bb0 100644 --- a/lfs/shadow +++ b/lfs/shadow @@ -39,7 +39,7 @@ GROUP = System/Base CORE = yes EXTRA = no DEBUG = no -DEPS = $(EXTRA_DEPS) +DEPS = URL = ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/ LICENSE = GPLv2+ @@ -51,13 +51,6 @@ define LONG_DESC format, plus programs for managing user and group accounts. endef -ifneq "$(STAGE)" "base" - CONFIGURE_ARGS = --with-libpam - EXTRA_DEPS = pam -else - CONFIGURE_ARGS = --without-libpam -endif - ############################################################################### # Top-level Rules ############################################################################### @@ -98,30 +91,28 @@ $(OBJECT): $(objects) cd $(DIR_APP) && \ ./configure \ $(CONFIGURE_ARCH) \ + --prefix=/usr \ --sysconfdir=/etc \ + --enable-shadowgrp \ --with-sha-crypt \ --without-selinux \ --without-libcrack \ - $(CONFIGURE_ARGS) \ + --without-libpam \ --disable-static - cd $(DIR_APP) && sed -i 's/groups$$(EXEEXT) //' src/Makefile - cd $(DIR_APP) && find man -name Makefile -exec sed -i 's/groups\.1 / /' {} \; + # Do not build these files: + cd $(DIR_APP) && \ + for i in chfn chgpasswd chpasswd chsh expiry gpasswd groups login \ + logoutd nologin passwd su; do \ + sed -i "s/$$i\$$(EXEEXT)//" src/Makefile; \ + find man -name Makefile -exec sed -i "s/$$i\.1/ /" {} \;; \ + done + + # Do not install korean and zh man pages cd $(DIR_APP) && sed -i -e 's/ ko//' -e 's/ zh_CN zh_TW//' man/Makefile cd $(DIR_APP) && make $(PARALLELISMFLAGS) cd $(DIR_APP) && make install - mv -v /usr/bin/passwd /bin - -ifeq "$(STAGE)" "base" - touch /etc/shadow - chmod 600 /etc/shadow - pwconv -else - rm -vf /etc/login.access* /etc/limits* -endif - - rm -vf /etc/{passwd,shadow}- @rm -rf $(DIR_APP) @$(POSTBUILD) diff --git a/lfs/util-linux-ng b/lfs/util-linux-ng index 74e472e89..85d1d06ee 100644 --- a/lfs/util-linux-ng +++ b/lfs/util-linux-ng @@ -36,6 +36,9 @@ OBJECT = $(DIR_INFO)/$(STAGE_ORDER)_$(STAGE)/$(THISAPP) CORE = yes EXTRA = no DEBUG = no +DEPS = pam + +CFLAGS += -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 ############################################################################### # Top-level Rules @@ -83,12 +86,38 @@ ifeq "$(STAGE)" "base" cd $(DIR_APP) && \ ./configure \ $(CONFIGURE_ARCH) \ + --bindir=/bin \ + --sbindir=/sbin \ + --disable-wall \ --enable-arch \ + --enable-kill \ + --enable-login-utils \ --enable-partx \ - --enable-write + --enable-write \ + --with-fsprobe=blkid \ + --disable-makeinstall-chown + cd $(DIR_APP) && make $(PARALLELISMFLAGS) cd $(DIR_APP) && make install + # Build nologin + cd $(DIR_APP) && gcc $(CFLAGS) -o nologin $(DIR_SOURCE)/$(PKG_NAME)/nologin.c + cd $(DIR_APP) && install -m 755 nologin /sbin + install -m 644 $(DIR_SOURCE)/$(PKG_NAME)/nologin.8 /usr/share/man/man8 + + # Install mount tmpfs helper + install -m 755 $(DIR_SOURCE)/$(PKG_NAME)/mount.tmpfs /sbin + + ln -svf ../../sbin/hwclock /usr/sbin/hwclock + ln -svf hwclock /sbin/clock + ln -sf ../../bin/kill /usr/bin/kill + + touch /var/log/lastlog + + # Remove deprecated commands + rm -rfv /sbin/{fsck,mkfs}.{bfs,minix} \ + /usr/share/man/man*/{fsck,mkfs}.{bfs,minix}* + #chmod -v -s /bin/mount #setcap CAP_DAC_OVERRIDE,CAP_SYS_ADMIN=ep /bin/mount #chmod -v -s /bin/umount diff --git a/make.sh b/make.sh index 81d0e6f78..963a6f56b 100755 --- a/make.sh +++ b/make.sh @@ -136,9 +136,11 @@ base_build() { ipfire_make attr ipfire_make libcap2 ipfire_make paxctl + ipfire_make shadow ipfire_make autoconf ipfire_make automake ipfire_make bash + ipfire_make cracklib ipfire_make diffutils ipfire_make eventlog ipfire_make file @@ -160,9 +162,9 @@ base_build() { ipfire_make man-db ipfire_make module-init-tools ipfire_make mpfr + ipfire_make pam ipfire_make patch ipfire_make psmisc - ipfire_make shadow ipfire_make syslog-ng ipfire_make sysvinit ipfire_make tar @@ -202,6 +204,7 @@ ipfire_build() { ipfire_make perl-xml-parser ipfire_make intltool ipfire_make python + ipfire_make python-cracklib ipfire_make python-dbus ipfire_make python-urlgrabber ipfire_make python-IPy @@ -243,9 +246,6 @@ ipfire_build() { ipfire_make libgpg-error ipfire_make libgcrypt ipfire_make libksba - ipfire_make cracklib - ipfire_make pam - ipfire_make shadow-pam ipfire_make slang ipfire_make newt ipfire_make cyrus-sasl