lfs/BMLFS
1
0
Fork 0
mirror of https://github.com/dslm4515/BMLFS.git synced 2025-08-20 14:31:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
cf155aa1fcfb6e3eef286b5f26c5e34a7a24c729
BMLFS/build-scripts/shadow.rebuild
dslm4515 4c4cac9ff1 Upgraded shadow from 4.9 to 4.14.1
2023-10-27 18:14:38 -05:00

158 lines
5.3 KiB
Bash
Raw Blame History

#! /bin/bash
# Shadow Rebuild with PAM support
# Source: https://github.com/shadow-maint/shadow/releases/download/4.14.1/shadow-4.14.1.tar.xz
#
# $BUILD = Directory to temporarily install
# $PKGS = Directory to store built packages
#
# DEPS
# Required: Linux-PAM (for PAM support) and/or CrackLib (cracklib support)
# Optional: None
# If optimizing, use these flags with LTO (-flto=4)
export CFLAGS="-march=native -mtune=native -O3 -g -pipe -fno-semantic-interposition "
export CFLAGS+="-ffat-lto-objects -fstack-protector-strong -fzero-call-used-regs=used "
export LDFLAGS="-Wl,-O2 -Wl,--as-needed "
# Apply patch from Chimera Linux for remove __BEGIN_DECLS code
patch -Np1 -i ../patches/shadow-chimera/begin-decls.patch
# Apply patch from Chimera linux for xstrdup
patch -Np1 -i ../patches/shadow-chimera/xstrdup.patch
sed -i 's/groups$(EXEEXT) //' src/Makefile.in &&
find man -name Makefile.in -exec sed -i 's/groups\.1 / /' {} \; &&
find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \; &&
find man -name Makefile.in -exec sed -i 's/passwd\.5 / /' {} \; &&
sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@' \
-e 's@/var/spool/mail@/var/mail@' etc/login.defs &&
# Per https://github.com/dslm4515/Musl-LFS/issues/79,
# Apply musl's limit to shadow for SHA_ROUNDS_MAX
sed -i -e 's/^\(#define SHA_ROUNDS_MAX 9999999\)99/\1/' lib/salt.c
# Update build system
autoreconf -fvi
# Configure
LIBS="-lutmps -lskarnet" \
./configure --sysconfdir=/etc \
--bindir=/usr/bin \
--sbindir=/usr/sbin \
--libdir=/usr/lib \
--with-group-name-max-length=32 \
--enable-utmpx \
--without-libbsd \
--enable-lastlog \
--with-acl -with-attr \
--without-nscd \
--disable-nls \
--enable-subordinate-ids \
--disable-account-tools-setuid \
--enable-shared \
--with-{b,yes}crypt $BUILDTRUPLE &&
read -p "Compile?" && make -j2 &&
read -p "Press Enter to install" &&
# if not using a package manager:
# make install
# if using pkgtools from Slackware, then:
su -c "make DESTDIR=$BUILD exec_prefix=/usr install"
su -c "mkdir -pv ${BUILD}/etc/default"
cat > /tmp/useradd << "EOF"
GROUP=999
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=no
EOF
su -c "mv /tmp/useradd ${BUILD}/etc/default/"
# move misplaces binaries
su -C "mkdir -pv ${BUILD}/{bin,sbin}"
for b in passwd login su
do
su -c "mv -v ${BUILD}/usr/bin/$b ${BUILD}/bin/"
done
su -c "mv -v ${BUILD}/usr/sbin/nologin ${BUILD}/sbin/"
for c in chage login passwd su
do
su -c "cp -v ../files/shadow-lfs/$c ${BUILD}/etc/pam.d/"
done
cd $BUILD && su -c "mkdir -v install" &&
su -c "install -v -m644 etc/login.defs etc/login.defs.orig" &&
for FUNCTION in FAIL_DELAY \
FAILLOG_ENAB \
LASTLOG_ENAB \
MAIL_CHECK_ENAB \
OBSCURE_CHECKS_ENAB \
PORTTIME_CHECKS_ENAB \
QUOTAS_ENAB \
CONSOLE MOTD_FILE \
FTMP_FILE NOLOGINS_FILE \
ENV_HZ PASS_MIN_LEN \
SU_WHEEL_ONLY \
CRACKLIB_DICTPATH \
PASS_CHANGE_TRIES \
PASS_ALWAYS_WARN \
CHFN_AUTH ENCRYPT_METHOD \
ENVIRON_FILE
do
su -c 'sed -i "s/^${FUNCTION}/# &/" etc/login.defs'
done
for PROGRAM in chfn chgpasswd chpasswd chsh groupadd groupdel \
groupmems groupmod newusers useradd userdel usermod
do
su -c "install -v -m644 etc/pam.d/chage etc/pam.d/${PROGRAM}"
su -c 'sed -i "s/chage/$PROGRAM/" etc/pam.d/${PROGRAM}'
done
cat > /tmp/slack-desc << "EOF"
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in. You must
# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
shadow: shadow (shadow password suite with Linux-Pam support)
shadow:
shadow: This set of login related programs utilizes an alternate, non-readable
shadow: file to contain the actual encrypted passwords. This is presumed to
shadow: increase system security by increasing the difficulty with which
shadow: system crackers obtain encrypted passwords. It was written by
shadow: Julianne Frances Haugh and the Linux port is maintained by Tomasz
shadow: Kloczko.
shadow:
shadow: Homepage: https://github.com/shadow-maint/shadow
shadow:
EOF
su -c "mv /tmp/slack-desc install/" &&
read -p "Enter to build package" &&
su -c "makepkg -l y -c n $PKGS/shadow-4.14.1-$PSUFFIX" &&
cp -v install/doinst.sh /tmp/
cat >> /tmp/doinst.sh << "EOF"
[ -f /etc/login.access ] && mv -v /etc/login.access{,.NOUSE}
[ -f /etc/limits ] && mv -v /etc/limits{,.NOUSE}
EOF
su -c "cp -v /tmp/doinst.sh install/"
su -c "makepkg -l y -c n $PKGS/shadow-4.14.1-$PSUFFIX" &&
su -c "rm -rf $BUILD/*"
Reference in New Issue View Git Blame Copy Permalink