specs/s/shadow-utils/shadow-utils-vl.spec

%define WITH_SELINUX 0

Summary: Utilities for managing accounts and shadow password files.
Summary(ja): シャドウパスワードファイルとアカウントを管理するユーティリティ
Name: shadow-utils
Epoch: 2
Version: 4.8
Release: 1%{?_dist_release}
Group: System Environment/Base

Vendor: Project Vine
Distribution: Vine Linux

License: BSD and GPLv2+
URL: http://pkg-shadow.alioth.debian.org/

Source0: http://pkg-shadow.alioth.debian.org/shadow-%{version}.tar.xz
Source1: shadow-4.0.17-login.defs
Source2: shadow-utils.useradd

# Misc small changes - most probably non-upstreamable
Patch0: shadow-4.6-redhat.patch
# Be more lenient with acceptable user/group names - non upstreamable
Patch1: shadow-4.8-goodname.patch
# Docfix for newusers - could be upstreamed
Patch2: shadow-4.1.5.1-info-parent-dir.patch
# Misc SElinux related changes - upstreamability unknown
Patch6: shadow-4.8-selinux.patch
# Syslog message change - could be upstreamed
Patch11: shadow-4.1.5.1-logmsg.patch
# SElinux related - upstreamability unknown
Patch14: shadow-4.1.5.1-default-range.patch
# Misc manual page changes - only some of them could be upstreamed
Patch15: shadow-4.8-manfix.patch
# Userdel usage message change - could be upstreamed
Patch17: shadow-4.1.5.1-userdel-helpfix.patch
# Date parsing improvement - could be upstreamed
Patch19: shadow-4.2.1-date-parsing.patch
# Additional error message - could be upstreamed
Patch21: shadow-4.6-move-home.patch
# Audit message changes - upstreamability unknown
Patch22: shadow-4.8-audit-update.patch
# Changes related to password unlocking - could be upstreamed
Patch23: shadow-4.5-usermod-unlock.patch
# Additional SElinux related changes - upstreamability unknown
Patch28: shadow-4.8-selinux-perms.patch
# Handle NULL return from *time funcs - could be upstreamed
Patch29: shadow-4.2.1-null-tm.patch
# SElinux related - upstreamability unknown
Patch31: shadow-4.6-getenforce.patch
# Handle include of crypt.h - could be upstreamed
Patch32: shadow-4.8-crypt_h.patch
# Handle /etc/passwd corruption - could be upstreamed
Patch33: shadow-4.8-long-entry.patch
# Limit uid/gid allocation to non-zero - could be upstreamed
Patch38: shadow-4.6-sysugid-min-limit.patch
# Ignore LOGIN_PLAIN_PROMPT in login.defs - upstreamability unknown
Patch40: shadow-4.8-ignore-login-prompt.patch
# Make the missing shell check into warning - could be upstreamed
Patch41: shadow-4.8-invalid-shell-check.patch
# Generate /var/spool/mail/$USER with the proper SELinux user identity - already  upstreamed
Patch42: shadow-4.8-useradd-selinux-mail.patch

BuildRoot: %{_tmppath}/%{name}-%{version}-root
BuildRequires: gcc
BuildRequires: audit-libs-devel >= 1.6.5
BuildRequires: libacl-devel, libattr-devel
BuildRequires: bison, flex, docbook-style-xsl, docbook-dtds
BuildRequires: autoconf, automake, libtool, gettext-devel
BuildRequires: /usr/bin/xsltproc, /usr/bin/itstool
Obsoletes: adduser

%description
The shadow-utils package includes the necessary programs for
converting UNIX password files to the shadow password format, plus
programs for managing user and group accounts. The pwconv command
converts passwords to the shadow password format. The pwunconv command
unconverts shadow passwords and generates an npasswd file (a standard
UNIX password file). The pwck command checks the integrity of password
and shadow files. The lastlog command prints out the last login times
for all users. The useradd, userdel, and usermod commands are used for
managing user accounts. The groupadd, groupdel, and groupmod commands
are used for managing group accounts.

%description -l ja
shadow-utilsパッケージはUNIXパスワードファイルをシャドウパスワー
ドフォーマットに変換するのに必要なプログラムとユーザやグループア
カウントを管理するプログラムを含みます。
pwconvコマンドはパスワードをシャドウパスワードフォーマットに変換
します。pwunconvコマンドはシャドウパスワードを逆変換し、npasswd
ファイル(標準のUNIXパスワードファイル)を生成します。pwckコマンド
はパスワードファイルとシャドウパスワードファイルの完全性をチェッ
クします。lastlogコマンドは全ユーザの最後にログインした時間を出
力します。useradd、userdelやusermodコマンドはユーザーアカウント
を管理するのに使用されます。groupadd、groupdelやgroupmodコマンド
はグループアカウントを管理するのに使用されます。
  

%prep
%setup -q -n shadow-%{version}
%patch0 -p1 -b .redhat
%patch1 -p1 -b .goodname
%patch2 -p1 -b .info-parent-dir
%if %{WITH_SELINUX}
%patch6 -p1 -b .selinux
%endif
%patch11 -p1 -b .logmsg
%patch14 -p1 -b .default-range
%patch15 -p1 -b .manfix
%patch17 -p1 -b .userdel
%patch19 -p1 -b .date-parsing
%patch21 -p1 -b .move-home
%patch22 -p1 -b .audit-update
%patch23 -p1 -b .unlock
%patch28 -p1 -b .selinux-perms
%patch29 -p1 -b .null-tm
%if %{WITH_SELINUX}
%patch31 -p1 -b .getenforce
%endif
%patch32 -p1 -b .crypt_h
%patch33 -p1 -b .long-entry
%patch38 -p1 -b .sysugid-min-limit
%patch40 -p1 -b .login-prompt
%patch41 -p1 -b .invalid-shell
%if %{WITH_SELINUX}
%patch42 -p1 -b .useradd-selinux-mail
%endif

iconv -f ISO88591 -t utf-8  doc/HOWTO > doc/HOWTO.utf8
cp -f doc/HOWTO.utf8 doc/HOWTO

# Force regeneration of getdate.c
rm libmisc/getdate.c


%build
export CFLAGS="$RPM_OPT_FLAGS -fpie"
export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"

%configure \
	--enable-shadowgrp \
	--without-libcrack \
	--with-sha-crypt \
%if %{WITH_SELINUX}
	--with-selinux \
%else
	--without-selinux \
%endif
	--without-libpam \
	--disable-shared \
	--with-group-name-max-length=32
make %{_smp_mflags}

%install
rm -rf %{buildroot}
make install DESTDIR=%{buildroot} gnulocaledir=%{buildroot}/%{_datadir}/locale MKINSTALLDIRS=`pwd`/mkinstalldirs
install -d -m 755 %{buildroot}/etc/default
install -c -m 0644 %{SOURCE1} %{buildroot}/etc/login.defs
install -c -m 0600 %{SOURCE2} %{buildroot}/etc/default/useradd


ln -s useradd %{buildroot}%{_sbindir}/adduser
ln -s useradd.8 %{buildroot}/%{_mandir}/man8/adduser.8
for subdir in %{buildroot}/%{_mandir}/{??,??_??,??_??.*}/man* ; do
	test -d $subdir && test -e $subdir/useradd.8 && echo ".so man8/useradd.8" > $subdir/adduser.8
done

# Remove binaries we don't use.
rm %{buildroot}/%{_bindir}/chfn
rm %{buildroot}/%{_bindir}/chsh
rm %{buildroot}/%{_bindir}/expiry
rm %{buildroot}/%{_bindir}/groups
rm %{buildroot}/%{_bindir}/login
rm %{buildroot}/%{_bindir}/passwd
rm %{buildroot}/%{_bindir}/su
rm %{buildroot}/%{_sysconfdir}/login.access
rm %{buildroot}/%{_sysconfdir}/limits
rm %{buildroot}/%{_sbindir}/logoutd
rm %{buildroot}/%{_sbindir}/nologin
rm %{buildroot}/%{_sbindir}/chgpasswd
rm %{buildroot}/%{_mandir}/man1/chfn.*
rm %{buildroot}/%{_mandir}/*/man1/chfn.*
rm %{buildroot}/%{_mandir}/man1/chsh.*
rm %{buildroot}/%{_mandir}/*/man1/chsh.*
rm %{buildroot}/%{_mandir}/man1/expiry.*
rm %{buildroot}/%{_mandir}/*/man1/expiry.*
rm %{buildroot}/%{_mandir}/man1/groups.*
rm %{buildroot}/%{_mandir}/*/man1/groups.*
rm %{buildroot}/%{_mandir}/man1/login.*
rm %{buildroot}/%{_mandir}/*/man1/login.*
rm %{buildroot}/%{_mandir}/man1/passwd.*
rm %{buildroot}/%{_mandir}/*/man1/passwd.*
rm %{buildroot}/%{_mandir}/man1/su.*
rm %{buildroot}/%{_mandir}/*/man1/su.*
rm %{buildroot}/%{_mandir}/man5/limits.*
rm %{buildroot}/%{_mandir}/*/man5/limits.*
rm %{buildroot}/%{_mandir}/man5/login.access.*
rm %{buildroot}/%{_mandir}/*/man5/login.access.*
rm %{buildroot}/%{_mandir}/man5/passwd.*
rm %{buildroot}/%{_mandir}/*/man5/passwd.*
rm %{buildroot}/%{_mandir}/man5/porttime.*
rm %{buildroot}/%{_mandir}/*/man5/porttime.*
rm %{buildroot}/%{_mandir}/man5/suauth.*
rm %{buildroot}/%{_mandir}/*/man5/suauth.*
rm %{buildroot}/%{_mandir}/man8/logoutd.*
rm %{buildroot}/%{_mandir}/*/man8/logoutd.*
rm %{buildroot}/%{_mandir}/man8/nologin.*
rm %{buildroot}/%{_mandir}/*/man8/nologin.*
rm %{buildroot}/%{_mandir}/man8/chgpasswd.*
rm %{buildroot}/%{_mandir}/*/man8/chgpasswd.*

%find_lang shadow

%clean
rm -rf %{buildroot}

%files -f shadow.lang
%defattr(-,root,root)
%doc NEWS doc/HOWTO README
%dir /etc/default
%attr(0644,root,root)	%config /etc/login.defs
%attr(0600,root,root)	%config /etc/default/useradd
%{_bindir}/sg
%{_bindir}/chage
%{_bindir}/faillog
%{_bindir}/gpasswd
%{_bindir}/lastlog
%{_bindir}/newgrp
%attr(0755,root,root) %caps(cap_setgid=ep) %{_bindir}/newgidmap
%attr(0755,root,root) %caps(cap_setuid=ep) %{_bindir}/newuidmap
%{_sbindir}/adduser
%{_sbindir}/user*
%{_sbindir}/group*
%{_sbindir}/grpck
%{_sbindir}/pwck
%{_sbindir}/*conv
%{_sbindir}/chpasswd
%{_sbindir}/newusers
%{_sbindir}/vipw
%{_sbindir}/vigr
%{_mandir}/man1/chage.1*
%{_mandir}/*/man1/chage.1*
%{_mandir}/man1/gpasswd.1*
%{_mandir}/*/man1/gpasswd.1*
%{_mandir}/man1/sg.1*
%{_mandir}/*/man1/sg.1*
%{_mandir}/man1/newgrp.1*
%{_mandir}/*/man1/newgrp.1*
%{_mandir}/man1/newgidmap.1*
%{_mandir}/*/man1/newgidmap.1*
%{_mandir}/man1/newuidmap.1*
%{_mandir}/*/man1/newuidmap.1*
%{_mandir}/man3/shadow.3*
%{_mandir}/*/man3/shadow.3*
%{_mandir}/man3/getspnam.3*
%{_mandir}/*/man3/getspnam.3*
%{_mandir}/man5/shadow.5*
%{_mandir}/*/man5/shadow.5*
%{_mandir}/man5/login.defs.5*
%{_mandir}/*/man5/login.defs.5*
%{_mandir}/man5/gshadow.5*
%{_mandir}/*/man5/gshadow.5*
%{_mandir}/man5/faillog.5*
%{_mandir}/*/man5/faillog.5*
%{_mandir}/man5/subgid.5*
%{_mandir}/*/man5/subgid.5*
%{_mandir}/man5/subuid.5*
%{_mandir}/*/man5/subuid.5*
%{_mandir}/man8/adduser.8*
%{_mandir}/*/man8/adduser.8*
%{_mandir}/man8/group*.8*
%{_mandir}/*/man8/group*.8*
%{_mandir}/man8/user*.8*
%{_mandir}/*/man8/user*.8*
%{_mandir}/man8/pwck.8*
%{_mandir}/*/man8/pwck.8*
%{_mandir}/man8/grpck.8*
%{_mandir}/*/man8/grpck.8*
%{_mandir}/man8/chpasswd.8*
%{_mandir}/*/man8/chpasswd.8*
%{_mandir}/man8/newusers.8*
%{_mandir}/*/man8/newusers.8*
%{_mandir}/man8/*conv.8*
%{_mandir}/*/man8/*conv.8*
%{_mandir}/man8/lastlog.8*
%{_mandir}/*/man8/lastlog.8*
%{_mandir}/man8/faillog.8*
%{_mandir}/*/man8/faillog.8*
%{_mandir}/man8/vipw.8*
%{_mandir}/*/man8/vipw.8*
%{_mandir}/man8/vigr.8*
%{_mandir}/*/man8/vigr.8*

%changelog
* Wed Mar 18 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2:4.8-1
- updated to 4.8.
- updated patches.

* Wed Jul 09 2014 Daisuke SUZUKI <daisuke@vinelinux.org> 2:4.1.5.1-1
- update to 4.1.5.1

* Sun Apr 17 2011 Shu KONNO <owa@bg.wakwak.com> 2:4.1.4.2-2
- rebuilt with rpm-4.8.1-3

* Mon Apr 12 2010 Daisuke SUZUKI <daisuke@linux.or.jp> 2:4.1.4.2-1
- new upstream release
- add vipw/vigr (moved from util-linux-ng)
- max group name length set to 32 characters
- update Patch0
  - increase threshold for uid/gid reservations to 200
- import Patch1,2,3 from fedora
- disable autoreconf

* Mon Jun 15 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 2:4.1.4.1-1
- new upstream release
  - NEW UPSTREAM: http://pkg-shadow.alioth.debian.org/
  - update URL:, SOURCES: to new upstream

* Fri Aug 15 2008 Shu KONNO <owa@bg.wakwak.com> 2:4.0.16-1vl5
- applied new versioning policy, spec in utf-8

* Mon Aug 14 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 2:4.0.16-0vl3
- update Patch0 to fix <BTS:0499>
  - select smaller gid value for system account

* Tue Aug 08 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 2:4.0.16-0vl2
- update ja.po from debian-doc (committed in upstream)

* Mon Jun 05 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 2:4.0.16-0vl1
- new upstream release
- add Japanese Summary and descriptions from spec file translation project.
- convert Japanese man pages to EUC-JP from UTF-8
- import changes from FC pacakge.

* Mon Jan 31 2005 Daisuke SUZUKI <daisuke@linux.or.jp> 1:4.0.3-35vl2
- rebuild for VineSeed

* Sun Jan 09 2005 IKEDA Katsumi <ikeda@webmasters.gr.jp> 2:4.0.3-35vl1.1
- added a security patch (shadow-4.0.3-can-2004-1001.patch) for CAN-2004-1001.

* Mon Oct 18 2004 Daisuke SUZUKI <daisuke@linux.or.jp> 2:4.0.3-35vl1
- import Patch1[3-7] from fedora development.
- fixed username/groupname limits. (vine-users:54797)

* Sat Apr 10 2004 <tkoba@vinelinux.org> 4.0.3-21vl1
- sync to fedora

* Fri Jun 08 2001 <sagami@vinelinux.org>
- 20000902-1vl1: added ja.po from 19990827-10vl2
- disable patch9 (creating mailspool in /var/mail)

* Tue May 22 2001 Bernhard Rosenkraenzer <bero@redhat.com> 20000902-1
- Create an empty mailspool when creating a user so non-setuid/non-setgid
  MDAs (postfix+procmail) can deliver mail (#41811)
- 20000902
- adapt patches

* Fri Mar  9 2001 Nalin Dahyabhai <nalin@redhat.com>
- don't overwrite user dot files in useradd (#19982)
- truncate new files when moving overwriting files with the contents of other
  files while moving directories (keeps files from looking weird later on)
- configure using %%{_prefix} as the prefix

* Fri Feb 23 2001 Trond Eivind Glomsr藷?<teg@redhat.com>
- langify

* Wed Aug 30 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- Fix up chage behavior (Bug #15883)

* Wed Aug 30 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- 20000826
- Fix up useradd man page (Bug #17036)

* Tue Aug  8 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- check for vipw lock before adding or deleting users (Bug #6489)

* Mon Aug  7 2000 Nalin Dahyabhai <nalin@redhat.com>
- take LOG_CONS out of the openlog() call so that we don't litter the
  screen during text-mode upgrades

* Tue Jul 18 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- Remove a fixed-size buffer that caused problems when adding a huge number
  of users to a group (>8192 bytes) (Bugs #3809, #11930)

* Tue Jul 18 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- remove dependency on util-linux because it causes prereq loops

* Tue Jul 18 2000 Nalin Dahyabhai <nalin@redhat.com>
- change symlinked man pages to includers
- require /usr/bin/newgrp (util-linux) so that /usr/bin/sg isn't left dangling

* Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
- automatic rebuild

* Sun Jun 18 2000 Matt Wilson <msw@redhat.com>
- use mandir for FHS
- added patches in src/ and po/ to honor DESTDIR
- use make install DESTDIR=$RPM_BUILD_ROOT

* Wed Feb 16 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- Fix up usermod's symlink behavior (Bug #5458)

* Fri Feb 11 2000 Cristian Gafton <gafton@redhat.com>
- get rid of mkpasswd

* Mon Feb  7 2000 Nalin Dahyabhai <nalin@redhat.com>
- fix usermod patch to check for shadow before doing any shadow-specific stuff
  and merge it into the pwlock patch

* Sat Feb  5 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- fix man symlinks

* Wed Feb  2 2000 Nalin Dahyabhai <gafton@redhat.com>
- make -p only change shadow password (bug #8923)

* Mon Jan 31 2000 Cristian Gafton <gafton@redhat.com>
- rebuild to fix dependeencies
- man pages are compressed

* Wed Jan 19 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- Fix a security bug (adduser could overwrite previously existing
  groups, Bug #8609)

* Sun Jan  9 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- unset LINGUAS before building
- Fix typo in newusers manpage (Bug #8258)
- libtoolize

* Wed Sep 22 1999 Cristian Gafton <gafton@redhat.com>
- fix segfault for userdel when the primary group for the user is not
  defined

* Tue Sep 21 1999 Cristian Gafton <gafton@redhat.com>
- Serial: 1 because now we are using 19990827 (why the heck can't they have
  a normal version just like everybody else?!)
- ported all patches to the new code base

* Thu Apr 15 1999 Bill Nottingham <notting@redhat.com>
- SIGHUP nscd from usermod, too

* Fri Apr 09 1999 Michael K. Johnson <johnsonm@redhat.com>
- added usermod password locking from Chris Adams <cadams@ro.com>

* Thu Apr 08 1999 Bill Nottingham <notting@redhat.com>
- have things that modify users/groups SIGHUP nscd on exit

* Wed Mar 31 1999 Michael K. Johnson <johnsonm@redhat.com>
- have userdel remove user private groups when it is safe to do so
- allow -f to force user removal even when user appears busy in utmp

* Tue Mar 23 1999 Preston Brown <pbrown@redhat.com>
- edit out unused CHFN fields from login.defs.

* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com> 
- auto rebuild in the new build environment (release 7)

* Wed Jan 13 1999 Bill Nottingham <notting@redhat.com>
- configure fix for arm

* Wed Dec 30 1998 Cristian Gafton <gafton@redhat.com>
- build against glibc 2.1

* Fri Aug 21 1998 Jeff Johnson <jbj@redhat.com>
- Note that /usr/sbin/mkpasswd conflicts with /usr/bin/mkpasswd;
  one of these (I think /usr/sbin/mkpasswd but other opinions are valid)
  should probably be renamed.  In any case, mkpasswd.8 from this package
  needs to be installed. (problem #823)

* Fri May 08 1998 Prospector System <bugs@redhat.com>
- translations modified for de, fr, tr

* Tue Apr 21 1998 Cristian Gafton <gafton@redhat.com>
- updated to 980403
- redid the patches

* Tue Dec 30 1997 Cristian Gafton <gafton@redhat.com>
- updated the spec file
- updated the patch so that new accounts created on shadowed system won't
  confuse pam_pwdb anymore ('!!' default password instead on '!')
- fixed a bug that made useradd -G segfault
- the check for the ut_user is now patched into configure

* Thu Nov 13 1997 Erik Troan <ewt@redhat.com>
- added patch for XOPEN oddities in glibc headers
- check for ut_user before checking for ut_name -- this works around some
  confusion on glibc 2.1 due to the utmpx header not defining the ut_name
  compatibility stuff. I used a gross sed hack here because I couldn't make
  automake work properly on the sparc (this could be a glibc 2.0.99 problem
  though). The utuser patch works fine, but I don't apply it.
- sleep after running autoconf

* Thu Nov 06 1997 Cristian Gafton <gafton@redhat.com>
- added forgot lastlog command to the spec file

* Sun Oct 26 1997 Cristian Gafton <gafton@redhat.com>
- obsoletes adduser

* Thu Oct 23 1997 Cristian Gafton <gafton@redhat.com>
- modified groupadd; updated the patch

* Fri Sep 12 1997 Cristian Gafton <gafton@redhat.com>
- updated to 970616
- changed useradd to meet RH specs
- fixed some bugs

* Tue Jun 17 1997 Erik Troan <ewt@redhat.com>
- built against glibc