From: Marcin Krol Date: Fri, 31 Aug 2018 21:48:06 +0000 (+0000) Subject: - from PLD X-Git-Url: https://git.tld-linux.org/?a=commitdiff_plain;h=a9f467efba7d0653cbb5c452d37632ba210bc346;p=packages%2Fshadow.git - from PLD --- a9f467efba7d0653cbb5c452d37632ba210bc346 diff --git a/chage.pamd b/chage.pamd new file mode 100644 index 0000000..cd2149e --- /dev/null +++ b/chage.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_deny.so +account required pam_permit.so +password include system-auth diff --git a/chfn.pamd b/chfn.pamd new file mode 100644 index 0000000..0aa09c4 --- /dev/null +++ b/chfn.pamd @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_listfile.so item=user sense=allow file=/etc/security/chfn.allow onerr=fail +auth include system-auth +account include system-auth +password include system-auth diff --git a/chgpasswd.pamd b/chgpasswd.pamd new file mode 100644 index 0000000..cd2149e --- /dev/null +++ b/chgpasswd.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_deny.so +account required pam_permit.so +password include system-auth diff --git a/chpasswd.pamd b/chpasswd.pamd new file mode 100644 index 0000000..cd2149e --- /dev/null +++ b/chpasswd.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_deny.so +account required pam_permit.so +password include system-auth diff --git a/chsh.pamd b/chsh.pamd new file mode 100644 index 0000000..ac578e1 --- /dev/null +++ b/chsh.pamd @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_listfile.so item=user sense=allow file=/etc/security/chsh.allow onerr=fail +auth include system-auth +account include system-auth +password include system-auth diff --git a/groupadd.pamd b/groupadd.pamd new file mode 100644 index 0000000..cd2149e --- /dev/null +++ b/groupadd.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_deny.so +account required pam_permit.so +password include system-auth diff --git a/groupdel.pamd b/groupdel.pamd new file mode 100644 index 0000000..cd2149e --- /dev/null +++ b/groupdel.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_deny.so +account required pam_permit.so +password include system-auth diff --git a/groupmems.pamd b/groupmems.pamd new file mode 100644 index 0000000..0aa09c4 --- /dev/null +++ b/groupmems.pamd @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_listfile.so item=user sense=allow file=/etc/security/chfn.allow onerr=fail +auth include system-auth +account include system-auth +password include system-auth diff --git a/groupmod.pamd b/groupmod.pamd new file mode 100644 index 0000000..cd2149e --- /dev/null +++ b/groupmod.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_deny.so +account required pam_permit.so +password include system-auth diff --git a/newusers.pamd b/newusers.pamd new file mode 100644 index 0000000..cd2149e --- /dev/null +++ b/newusers.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_deny.so +account required pam_permit.so +password include system-auth diff --git a/passwd.pamd b/passwd.pamd new file mode 100644 index 0000000..6a4fd03 --- /dev/null +++ b/passwd.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth required pam_listfile.so item=user sense=deny file=/etc/security/blacklist.passwd onerr=succeed +auth include system-auth +account include system-auth +password include system-auth diff --git a/shadow-goodname.patch b/shadow-goodname.patch new file mode 100644 index 0000000..1fdd84f --- /dev/null +++ b/shadow-goodname.patch @@ -0,0 +1,118 @@ +diff -up shadow-4.1.5.1/libmisc/chkname.c.goodname shadow-4.1.5.1/libmisc/chkname.c +--- shadow-4.1.5.1/libmisc/chkname.c.goodname 2009-07-13 00:24:45.000000000 +0200 ++++ shadow-4.1.5.1/libmisc/chkname.c 2012-09-19 18:43:53.492160653 +0200 +@@ -49,20 +49,28 @@ + static bool is_valid_name (const char *name) + { + /* +- * User/group names must match [a-z_][a-z0-9_-]*[$] +- */ +- if (('\0' == *name) || +- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) { ++ * User/group names must match gnu e-regex: ++ * [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]? ++ * ++ * as a non-POSIX, extension, allow "$" as the last char for ++ * sake of Samba 3.x "add machine script" ++ */ ++ if ( ('\0' == *name) || ++ !((*name >= 'a' && *name <= 'z') || ++ (*name >= 'A' && *name <= 'Z') || ++ (*name >= '0' && *name <= '9') || ++ (*name == '_') || (*name == '.') ++ )) { + return false; + } + + while ('\0' != *++name) { +- if (!(( ('a' <= *name) && ('z' >= *name) ) || +- ( ('0' <= *name) && ('9' >= *name) ) || +- ('_' == *name) || +- ('-' == *name) || +- ( ('$' == *name) && ('\0' == *(name + 1)) ) +- )) { ++ if (!( (*name >= 'a' && *name <= 'z') || ++ (*name >= 'A' && *name <= 'Z') || ++ (*name >= '0' && *name <= '9') || ++ (*name == '_') || (*name == '.') || (*name == '-') || ++ (*name == '$' && *(name + 1) == '\0') ++ )) { + return false; + } + } +diff -up shadow-4.1.5.1/man/groupadd.8.xml.goodname shadow-4.1.5.1/man/groupadd.8.xml +--- shadow-4.1.5.1/man/groupadd.8.xml.goodname 2012-05-25 13:45:27.000000000 +0200 ++++ shadow-4.1.5.1/man/groupadd.8.xml 2012-09-19 18:43:53.492160653 +0200 +@@ -259,12 +259,6 @@ + + CAVEATS + +- Groupnames must start with a lower case letter or an underscore, +- followed by lower case letters, digits, underscores, or dashes. +- They can end with a dollar sign. +- In regular expression terms: [a-z_][a-z0-9_-]*[$]? +- +- + Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long. + + +diff -up shadow-4.1.5.1/man/man8/groupadd.8.goodname shadow-4.1.5.1/man/man8/groupadd.8 +--- shadow-4.1.5.1/man/man8/groupadd.8.goodname 2012-05-25 13:58:40.000000000 +0200 ++++ shadow-4.1.5.1/man/man8/groupadd.8 2012-09-19 18:44:42.175123079 +0200 +@@ -190,9 +190,7 @@ Shadow password suite configuration\&. + .RE + .SH "CAVEATS" + .PP +-Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]? +-.PP +-Groupnames may only be up to 16 characters long\&. ++Groupnames may only be up to 32 characters long\&. + .PP + You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&. + .PP +diff -up shadow-4.1.5.1/man/man8/useradd.8.goodname shadow-4.1.5.1/man/man8/useradd.8 +--- shadow-4.1.5.1/man/man8/useradd.8.goodname 2012-05-25 13:59:28.000000000 +0200 ++++ shadow-4.1.5.1/man/man8/useradd.8 2012-09-19 18:46:09.249033949 +0200 +@@ -224,7 +224,7 @@ is not enabled, no home directories are + .PP + \fB\-M\fR + .RS 4 +-Do no create the user\*(Aqs home directory, even if the system wide setting from ++Do not create the user\*(Aqs home directory, even if the system wide setting from + /etc/login\&.defs + (\fBCREATE_HOME\fR) is set to + \fIyes\fR\&. +@@ -430,8 +430,6 @@ Similarly, if the username already exist + \fBuseradd\fR + will deny the user account creation request\&. + .PP +-Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]? +-.PP + Usernames may only be up to 32 characters long\&. + .SH "CONFIGURATION" + .PP +diff -up shadow-4.1.5.1/man/useradd.8.xml.goodname shadow-4.1.5.1/man/useradd.8.xml +--- shadow-4.1.5.1/man/useradd.8.xml.goodname 2012-05-25 13:45:29.000000000 +0200 ++++ shadow-4.1.5.1/man/useradd.8.xml 2012-09-19 18:43:53.493160675 +0200 +@@ -366,7 +366,7 @@ + + + +- Do no create the user's home directory, even if the system ++ Do not create the user's home directory, even if the system + wide setting from /etc/login.defs + () is set to + yes. +@@ -654,12 +654,6 @@ + + + +- Usernames must start with a lower case letter or an underscore, +- followed by lower case letters, digits, underscores, or dashes. +- They can end with a dollar sign. +- In regular expression terms: [a-z_][a-z0-9_-]*[$]? +- +- + Usernames may only be up to 32 characters long. + + diff --git a/shadow-login.defs b/shadow-login.defs new file mode 100644 index 0000000..25b4b05 --- /dev/null +++ b/shadow-login.defs @@ -0,0 +1,387 @@ +# +# /etc/login.defs - Configuration control definitions for the shadow package. +# +# $Id: login.defs 3189 2010-03-26 11:53:06Z nekral-guest $ +# + +# +# Delay in seconds before being allowed another attempt after a login failure +# Note: When PAM is used, some modules may enfore a minimal delay (e.g. +# pam_unix enforces a 2s delay) +# +FAIL_DELAY 3 + +# +# Enable logging and display of /var/log/faillog login failure info. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable logging and display of /var/log/lastlog login time info. +# +LASTLOG_ENAB yes + +# +# Enable checking and display of mailbox status upon login. +# +# Disable if the shell startup files already check for mail +# ("mailx -e" or equivalent). +# +MAIL_CHECK_ENAB yes + +# +# Enable additional checks upon password changes. +# +OBSCURE_CHECKS_ENAB yes + +# +# Enable checking of time restrictions specified in /etc/porttime. +# +PORTTIME_CHECKS_ENAB yes + +# +# Enable setting of ulimit, umask, and niceness from passwd gecos field. +# +QUOTAS_ENAB yes + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +CONSOLE /etc/securetty +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, ":" delimited list of "message of the day" files to +# be displayed upon login. +# +MOTD_FILE /etc/motd +#MOTD_FILE /etc/motd:/usr/lib/news/news-motd + +# +# If defined, this file will be output before each login prompt. +# +#ISSUE_FILE /etc/issue + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format. +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, name of file whose presence which will inhibit non-root +# logins. The contents of this file should be a message indicating +# why logins are inhibited. +# +NOLOGINS_FILE /etc/nologin + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# *REQUIRED* +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define both, MAIL_DIR takes precedence. +# +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# If defined, either a TZ environment parameter spec or the +# fully-rooted pathname of a file containing such a spec. +# +#ENV_TZ TZ=CST6CDT +#ENV_TZ /etc/tzname + +# +# If defined, an HZ environment parameter spec. +# +# for Linux/x86 +ENV_HZ HZ=100 +# For Linux/Alpha... +#ENV_HZ HZ=1024 + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin +ENV_PATH PATH=/bin:/usr/bin + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# ULIMIT Default "ulimit" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# The ULIMIT is used only if the system supports it. +# (now it works with setrlimit too; ulimit is in 512-byte units) +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +#ULIMIT 2097152 + +# Default initial "umask" value used by login on non-PAM enabled systems. +# Default "umask" value for pam_umask on PAM enabled systems. +# UMASK is also used by useradd and newusers to set the mode of new home +# directories. +# 022 is the default value, but 027, or even 077, could be considered +# better for privacy. There is no One True Answer here: each sysadmin +# must make up her mind. +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_MIN_LEN Minimum acceptable password length. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_MIN_LEN 5 +PASS_WARN_AGE 7 + +# +# If "yes", the user must be listed as a member of the first gid 0 group +# in /etc/group (called "root" on most Linux systems) to be able to "su" +# to uid 0 accounts. If the group doesn't exist or is empty, no one +# will be able to "su" to uid 0. +# +SU_WHEEL_ONLY no + +# +# If compiled with cracklib support, where are the dictionaries +# +CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +SYS_UID_MIN 1 +SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +SYS_GID_MIN 10 +SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Maximum number of attempts to change password if rejected (too easy) +# +PASS_CHANGE_TRIES 5 + +# +# Warn about weak passwords (but still allow them) if you are root. +# +PASS_ALWAYS_WARN yes + +# +# Number of significant characters in the password for crypt(). +# Default is 8, don't change unless your crypt() is better. +# Ignored if MD5_CRYPT_ENAB set to "yes". +# +#PASS_MAX_LEN 8 + +# +# Require password before chfn/chsh can make any changes. +# +CHFN_AUTH yes + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Password prompt (%s will be replaced by user name). +# +# XXX - it doesn't work correctly yet, for now leave it commented out +# to use the default which is just "Password: ". +#LOGIN_STRING "%s's Password: " + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# Note: If you use PAM, it is recommended to use a value consistent with +# the PAM modules configuration. +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# Only works if compiled with ENCRYPTMETHOD_SELECT defined: +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: If you use PAM, it is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If this file exists and is readable, login environment will be +# read from it. Every line should be in the form name=value. +# +ENVIRON_FILE /etc/environment + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# Enable setting of the umask group bits to be the same as owner bits +# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is +# the same as gid, and username is the same as the primary group name. +# +# This also enables userdel to remove user groups if no members exist. +# +#USERGROUPS_ENAB yes + +# +# If set to a non-nul number, the shadow utilities will make sure that +# groups never have more than this number of users on one line. +# This permit to support split groups (groups split into multiple lines, +# with the same group ID, to avoid limitation of the line length in the +# group file). +# +# 0 is the default value and disables this feature. +# +#MAX_MEMBERS_PER_GROUP 0 + +# +# If useradd should create home directories for users by default (non +# system users only) +# This option is overridden with the -M or -m flags on the useradd command +# line. +# +#CREATE_HOME yes + diff --git a/shadow-pld.patch b/shadow-pld.patch new file mode 100644 index 0000000..69836c2 --- /dev/null +++ b/shadow-pld.patch @@ -0,0 +1,51 @@ +--- shadow-4.0.6/src/useradd.c 2004-11-18 21:45:00.713398344 +0100 ++++ shadow-4.0.16/src/useradd.c 2006-06-08 01:17:05.580340031 +0300 +@@ -72,10 +72,10 @@ + /* + * These defaults are used if there is no defaults file. + */ +-static gid_t def_group = 100; ++static gid_t def_group = 1000; + static const char *def_gname = "other"; +-static const char *def_home = "/home"; +-static const char *def_shell = ""; ++static const char *def_home = "/home/users"; ++static const char *def_shell = "/sbin/nologin"; + static const char *def_template = SKEL_DIR; + static const char *def_create_mail_spool = "no"; + +@@ -89,7 +89,7 @@ + #define VALID(s) (strcspn (s, ":\n") == strlen (s)) + + static const char *user_name = ""; +-static const char *user_pass = "!"; ++static const char *user_pass = "!!"; + static uid_t user_id; + static gid_t user_gid; + static const char *user_comment = ""; +--- shadow-4.5/libmisc/find_new_gid.c~ 2017-01-29 22:37:22.000000000 +0200 ++++ shadow-4.5/libmisc/find_new_gid.c 2017-05-17 23:13:32.785253060 +0300 +@@ -61,8 +61,8 @@ + /* A requested ID is allowed to be below the autoselect range */ + *preferred_min = (gid_t) 1; + +- /* Get the minimum ID range from login.defs or default to 101 */ +- *min_id = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL); ++ /* Get the minimum ID range from login.defs or default to 10 */ ++ *min_id = (gid_t) getdef_ulong ("SYS_GID_MIN", 10UL); + + /* + * If SYS_GID_MAX is unspecified, we should assume it to be one +--- shadow-4.5/libmisc/find_new_uid.c~ 2017-01-29 22:37:22.000000000 +0200 ++++ shadow-4.5/libmisc/find_new_uid.c 2017-05-17 23:10:38.366687971 +0300 +@@ -61,8 +61,8 @@ + /* A requested ID is allowed to be below the autoselect range */ + *preferred_min = (uid_t) 1; + +- /* Get the minimum ID range from login.defs or default to 101 */ +- *min_id = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL); ++ /* Get the minimum ID range from login.defs or default to 1 */ ++ *min_id = (uid_t) getdef_ulong ("SYS_UID_MIN", 1UL); + + /* + * If SYS_UID_MAX is unspecified, we should assume it to be one diff --git a/shadow.spec b/shadow.spec new file mode 100644 index 0000000..ab458da --- /dev/null +++ b/shadow.spec @@ -0,0 +1,648 @@ +# TODO +# - /etc/login.defs contains options valid only when PAM is disabled: +# gpasswd -M chef_server chef_server +#configuration error - unknown item 'FAILLOG_ENAB' (notify administrator) +#configuration error - unknown item 'LASTLOG_ENAB' (notify administrator) +#configuration error - unknown item 'MAIL_CHECK_ENAB' (notify administrator) +#configuration error - unknown item 'OBSCURE_CHECKS_ENAB' (notify administrator) +#configuration error - unknown item 'PORTTIME_CHECKS_ENAB' (notify administrator) +#configuration error - unknown item 'QUOTAS_ENAB' (notify administrator) +#configuration error - unknown item 'MOTD_FILE' (notify administrator) +#configuration error - unknown item 'FTMP_FILE' (notify administrator) +#configuration error - unknown item 'NOLOGINS_FILE' (notify administrator) +#configuration error - unknown item 'ENV_HZ' (notify administrator) +#configuration error - unknown item 'PASS_MIN_LEN' (notify administrator) +#configuration error - unknown item 'SU_WHEEL_ONLY' (notify administrator) +#configuration error - unknown item 'CRACKLIB_DICTPATH' (notify administrator) +#configuration error - unknown item 'PASS_CHANGE_TRIES' (notify administrator) +#configuration error - unknown item 'PASS_ALWAYS_WARN' (notify administrator) +#configuration error - unknown item 'CHFN_AUTH' (notify administrator) +#configuration error - unknown item 'ENVIRON_FILE' (notify administrator) +# - sync pam files from pwdutils +# - tcb support? +# - ensure Conflicts with various packages (util-linux,sysvinit,coreutils) is up to date + +# Conditional build: +%bcond_without selinux # build without SE-Linux support +%bcond_with shared # build with shared libshadow (linking with selinux is broken) + +Summary: Shadow password file utilities for Linux +Summary(de.UTF-8): Shadow-Paßwortdatei-Dienstprogramme für Linux +Summary(es.UTF-8): Utilitarios para el archivo de contraseñas Shadow +Summary(fr.UTF-8): Fichiers utilitaires pour Shadow password pour Linux +Summary(pl.UTF-8): Narzędzia do obsługi mechanizmu ukrytych haseł +Summary(pt_BR.UTF-8): Utilitários para o arquivo de senhas Shadow +Summary(tr.UTF-8): Gölge parola dosyası araçları +Name: shadow +Version: 4.6 +#BuildRequires: useradd -g is broken, use pwdutils, or fix it: +# http://zie.pg.gda.pl/mailman/pipermail/shadow/2006-September/000395.html +Release: 0.1 +Epoch: 1 +License: BSD +Group: Applications/System +Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/%{name}-%{version}.tar.xz +# Source0-md5: b491fecbf1232632c32ff8f1437fd60e +Source2: %{name}-login.defs +Source3: %{name}.useradd +Source10: chage.pamd +Source11: chfn.pamd +Source12: chgpasswd.pamd +Source13: chpasswd.pamd +Source14: chsh.pamd +Source15: groupadd.pamd +Source16: groupdel.pamd +Source17: groupmems.pamd +Source18: groupmod.pamd +Source19: newusers.pamd +Source20: passwd.pamd +Source21: useradd.pamd +Source22: userdel.pamd +Source23: usermod.pamd +Patch0: %{name}-pld.patch +# allow names with upper case letters or containing dot in the middle +Patch1: %{name}-goodname.patch +URL: https://github.com/shadow-maint/shadow +BuildRequires: acl-devel +BuildRequires: attr-devel +BuildRequires: audit-libs-devel +BuildRequires: autoconf >= 2.64 +BuildRequires: automake >= 1:1.11 +BuildRequires: gettext-tools >= 0.12.1 +%{?with_selinux:BuildRequires: libselinux-devel} +%{?with_selinux:BuildRequires: libsemanage-devel} +BuildRequires: libtool +BuildRequires: pam-devel +BuildRequires: tar >= 1:1.22 +BuildRequires: xz +Requires: pam >= 0.99.7.1 +Provides: passwd +Provides: shadow-utils +Obsoletes: passwd +Obsoletes: pwdutils +Obsoletes: shadow-extras +Obsoletes: shadow-utils +Conflicts: util-linux < 2.12-10 +BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) + +%description +This package includes the programs necessary to convert standard UNIX +password files to the shadow password format, as well as programs for +command-line management of the user's accounts. +- pwconv - converts everything to the shadow password format, +- pwunconv - unconverts from shadow password, generating a file in the + current directory called npasswd that is a standard UNIX password + file, +- pwck - checks the integrity of the password and shadow files, +- useradd, userdel, usermod - for accounts management, +- groupadd, groupdel, groupmod - for group management. + +A number of man pages are also included that relate to these +utilities, and shadow passwords in general. + +%description -l es.UTF-8 +Este paquete incluye los programas necesarios para convertir Archivos +padrón UNIX de contraseña al formato shadow. +- pwconv5 - convierte todo al formato de contraseñas del shadow, +- pwunconv - deshace la conversión de contraseñas shadow, creando un + archivo en el directorio corriente llamado npasswd que es el archivo + padrón UNIX de contraseña, +- pwck - chequea la integridad de la contraseña y de los archivos + shadow, + +Están también incluidas, en general, varias páginas de manual sobre +estos utilitarios y contraseñas shadow. + +%description -l pl.UTF-8 +Pakiet zawiera programy do obsługi mechanizmu ukrytych haseł (shadow +password). Znajdują się w nim programy do konwersji standardowego +pliku haseł do wersji shadow password a także programy do zarządzania +kontami użytkowników w systemie: +- pwconv - konwertuje do formatu shadow password +- pwunconv - konwertuje z shadow password do formatu standardowego + pliku haseł. W bieżącym katalogu tworzy plik npasswd będący + standardowym plikiem z hasłami, +- useradd, userdel, usermod - do zarządzania kontami użytkowników, +- groupadd, groupdel, groupmod - do zarządzania grupami. + +Ostrzeżenie: + +Programy znajdujące się w tym pakiecie są niezbędne do prawidłowej +pracy systemu i podobnie jak pakiet z bibliotekami systemowymi (glibc) +nigdy nie powinien zostać odinstalowany! + +%description -l pt_BR.UTF-8 +Este pacote inclui os programas necessários para converter +arquivos-padrão UNIX de senha para o formato shadow. +- pwconv - converte tudo para o formato de senhas do shadow, +- pwunconv - desconverte senhas shadow, gerando um arquivo no + diretório corrente chamado npasswd que é o arquivo-padrão UNIX de + senha, +- pwck - checa a integridade da senha e dos arquivos shadow, + +Várias páginas de manual estão também incluídas sobre estes +utilitários e senhas shadow em geral. + +%prep +%setup -q +%patch0 -p1 +%patch1 -p1 + +%build +# NOTE: +# - cracklib option refers to non-PAM passwd code +# - skey referes to non-PAM pw_auth/passwd_check (login, su, chfn, chsh) code +%configure \ + --bindir=/bin \ + --sbindir=/sbin \ + --enable-shadowgrp \ + %{?with_shared:--enable-shared --disable-static} \ + --disable-silent-rules \ + --enable-subordinate-ids \ + --with-acl \ + --with-attr \ + --with-audit \ + --with-group-name-max-length=32 \ + --with-libpam \ + --with-nscd \ + --without-libcrack \ + %{?with_selinux:--with-selinux} \ + --with-sha-crypt \ + --without-tcb + +%{__make} + +%install +rm -rf $RPM_BUILD_ROOT +install -d $RPM_BUILD_ROOT{/sbin,%{_sysconfdir}/{default,pam.d,security,skel/tmp}} + +%{__make} install \ + DESTDIR=$RPM_BUILD_ROOT + +cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/login.defs +cp -p %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/default/useradd + +cp -p %{SOURCE10} $RPM_BUILD_ROOT/etc/pam.d/chage +cp -p %{SOURCE11} $RPM_BUILD_ROOT/etc/pam.d/chfn +cp -p %{SOURCE12} $RPM_BUILD_ROOT/etc/pam.d/chgpasswd +cp -p %{SOURCE13} $RPM_BUILD_ROOT/etc/pam.d/chpasswd +cp -p %{SOURCE14} $RPM_BUILD_ROOT/etc/pam.d/chsh +cp -p %{SOURCE15} $RPM_BUILD_ROOT/etc/pam.d/groupadd +cp -p %{SOURCE16} $RPM_BUILD_ROOT/etc/pam.d/groupdel +cp -p %{SOURCE17} $RPM_BUILD_ROOT/etc/pam.d/groupmems +cp -p %{SOURCE18} $RPM_BUILD_ROOT/etc/pam.d/groupmod +cp -p %{SOURCE19} $RPM_BUILD_ROOT/etc/pam.d/newusers +cp -p %{SOURCE20} $RPM_BUILD_ROOT/etc/pam.d/passwd +cp -p %{SOURCE21} $RPM_BUILD_ROOT/etc/pam.d/useradd +cp -p %{SOURCE22} $RPM_BUILD_ROOT/etc/pam.d/userdel +cp -p %{SOURCE23} $RPM_BUILD_ROOT/etc/pam.d/usermod + +> $RPM_BUILD_ROOT%{_sysconfdir}/shadow +> $RPM_BUILD_ROOT/etc/security/chfn.allow +> $RPM_BUILD_ROOT/etc/security/chsh.allow + +%{__rm} $RPM_BUILD_ROOT/{etc/pam.d,bin}/{login,su} +%{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man1/{login,su}.1* +%{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man3/*.3* + +# packaged in SysVinit-tools +%{__rm} $RPM_BUILD_ROOT%{_bindir}/lastlog +%{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man8/lastlog.8* +# packaged in coreutils +%{__rm} $RPM_BUILD_ROOT/bin/groups +%{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man1/groups.1* +# packaged in util-linux +%{__rm} $RPM_BUILD_ROOT/sbin/nologin +%{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man*/nologin.8* + +%find_lang %{name} + +%clean +rm -rf $RPM_BUILD_ROOT + +%post +%{?with_shared:/sbin/ldconfig} +if [ ! -f /etc/shadow ]; then + %{_sbindir}/pwconv +fi + +%{?with_shared:%postun -p /sbin/ldconfig} + +%files -f %{name}.lang +%defattr(644,root,root,755) +%doc ChangeLog NEWS TODO doc/{HOWTO,WISHLIST} +%attr(750,root,root) %dir %{_sysconfdir}/default +%attr(640,root,root) %config %verify(not md5 mtime size) %{_sysconfdir}/default/useradd +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chgpasswd +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chpasswd +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chsh +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/groupadd +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/groupdel +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/groupmems +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/groupmod +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/newusers +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/passwd +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/useradd +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/userdel +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/usermod + +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chfn.allow +%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/chsh.allow +%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/login.defs +%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %ghost %{_sysconfdir}/shadow +%dir /etc/skel +%dir /etc/skel/tmp +%{?with_shared:%attr(755,root,root) %{_libdir}/lib*.so.*.*} +%attr(4755,root,root) %{_bindir}/chfn +%attr(4755,root,root) %{_bindir}/chsh +%attr(4755,root,root) %{_bindir}/expiry +%attr(4755,root,root) %{_bindir}/gpasswd +%attr(4755,root,root) %{_bindir}/passwd +%attr(755,root,root) %{_bindir}/chage +%attr(755,root,root) %{_bindir}/faillog +%attr(755,root,root) %{_bindir}/newgidmap +%attr(755,root,root) %{_bindir}/newgrp +%attr(755,root,root) %{_bindir}/newuidmap +%attr(755,root,root) %{_bindir}/sg +%attr(755,root,root) %{_sbindir}/chgpasswd +%attr(755,root,root) %{_sbindir}/chpasswd +%attr(755,root,root) %{_sbindir}/groupadd +%attr(755,root,root) %{_sbindir}/groupdel +%attr(755,root,root) %{_sbindir}/groupmems +%attr(755,root,root) %{_sbindir}/groupmod +%attr(755,root,root) %{_sbindir}/grpck +%attr(755,root,root) %{_sbindir}/grpconv +%attr(755,root,root) %{_sbindir}/grpunconv +%attr(755,root,root) %{_sbindir}/logoutd +%attr(755,root,root) %{_sbindir}/newusers +%attr(755,root,root) %{_sbindir}/pwck +%attr(755,root,root) %{_sbindir}/pwconv +%attr(755,root,root) %{_sbindir}/pwunconv +%attr(755,root,root) %{_sbindir}/useradd +%attr(755,root,root) %{_sbindir}/userdel +%attr(755,root,root) %{_sbindir}/usermod +%attr(755,root,root) %{_sbindir}/vigr +%attr(755,root,root) %{_sbindir}/vipw +%{_mandir}/man1/chage.1* +%{_mandir}/man1/chfn.1* +%{_mandir}/man1/chsh.1* +%{_mandir}/man1/expiry.1* +%{_mandir}/man1/gpasswd.1* +%{_mandir}/man1/newgidmap.1* +%{_mandir}/man1/newgrp.1* +%{_mandir}/man1/newuidmap.1* +%{_mandir}/man1/passwd.1* +%{_mandir}/man1/sg.1* +%{_mandir}/man5/faillog.5* +%{_mandir}/man5/gshadow.5* +%{_mandir}/man5/login.defs.5* +%{_mandir}/man5/passwd.5* +%{_mandir}/man5/shadow.5* +%{_mandir}/man5/suauth.5* +%{_mandir}/man5/subgid.5* +%{_mandir}/man5/subuid.5* +%{_mandir}/man8/chgpasswd.8* +%{_mandir}/man8/chpasswd.8* +%{_mandir}/man8/faillog.8* +%{_mandir}/man8/groupadd.8* +%{_mandir}/man8/groupdel.8* +%{_mandir}/man8/groupmems.8* +%{_mandir}/man8/groupmod.8* +%{_mandir}/man8/grpck.8* +%{_mandir}/man8/grpconv.8* +%{_mandir}/man8/grpunconv.8* +%{_mandir}/man8/logoutd.8* +%{_mandir}/man8/newusers.8* +%{_mandir}/man8/pwck.8* +%{_mandir}/man8/pwconv.8* +%{_mandir}/man8/pwunconv.8* +%{_mandir}/man8/useradd.8* +%{_mandir}/man8/userdel.8* +%{_mandir}/man8/usermod.8* +%{_mandir}/man8/vigr.8* +%{_mandir}/man8/vipw.8* + +%lang(cs) %{_mandir}/cs/man1/expiry.1* +%lang(cs) %{_mandir}/cs/man1/gpasswd.1* +%lang(cs) %{_mandir}/cs/man5/faillog.5* +%lang(cs) %{_mandir}/cs/man5/gshadow.5* +%lang(cs) %{_mandir}/cs/man5/passwd.5* +%lang(cs) %{_mandir}/cs/man5/shadow.5* +%lang(cs) %{_mandir}/cs/man8/faillog.8* +%lang(cs) %{_mandir}/cs/man8/groupadd.8* +%lang(cs) %{_mandir}/cs/man8/groupdel.8* +%lang(cs) %{_mandir}/cs/man8/groupmod.8* +%lang(cs) %{_mandir}/cs/man8/grpck.8* +%lang(cs) %{_mandir}/cs/man8/vipw.8* + +%lang(da) %{_mandir}/da/man1/chfn.1* +%lang(da) %{_mandir}/da/man1/newgrp.1* +%lang(da) %{_mandir}/da/man1/sg.1* +%lang(da) %{_mandir}/da/man5/gshadow.5* +%lang(da) %{_mandir}/da/man8/groupdel.8* +%lang(da) %{_mandir}/da/man8/logoutd.8* +%lang(da) %{_mandir}/da/man8/vigr.8 +%lang(da) %{_mandir}/da/man8/vipw.8* + +%lang(de) %{_mandir}/de/man1/chage.1* +%lang(de) %{_mandir}/de/man1/chfn.1* +%lang(de) %{_mandir}/de/man1/chsh.1* +%lang(de) %{_mandir}/de/man1/expiry.1* +%lang(de) %{_mandir}/de/man1/gpasswd.1* +%lang(de) %{_mandir}/de/man1/newgrp.1* +%lang(de) %{_mandir}/de/man1/passwd.1* +%lang(de) %{_mandir}/de/man1/sg.1* +%lang(de) %{_mandir}/de/man5/faillog.5* +%lang(de) %{_mandir}/de/man5/gshadow.5* +%lang(de) %{_mandir}/de/man5/login.defs.5* +%lang(de) %{_mandir}/de/man5/passwd.5* +%lang(de) %{_mandir}/de/man5/shadow.5* +%lang(de) %{_mandir}/de/man5/suauth.5* +%lang(de) %{_mandir}/de/man8/chgpasswd.8* +%lang(de) %{_mandir}/de/man8/chpasswd.8* +%lang(de) %{_mandir}/de/man8/faillog.8* +%lang(de) %{_mandir}/de/man8/groupadd.8* +%lang(de) %{_mandir}/de/man8/groupdel.8* +%lang(de) %{_mandir}/de/man8/groupmems.8* +%lang(de) %{_mandir}/de/man8/groupmod.8* +%lang(de) %{_mandir}/de/man8/grpck.8* +%lang(de) %{_mandir}/de/man8/grpconv.8* +%lang(de) %{_mandir}/de/man8/grpunconv.8* +%lang(de) %{_mandir}/de/man8/logoutd.8* +%lang(de) %{_mandir}/de/man8/newusers.8* +%lang(de) %{_mandir}/de/man8/pwck.8* +%lang(de) %{_mandir}/de/man8/pwconv.8* +%lang(de) %{_mandir}/de/man8/pwunconv.8* +%lang(de) %{_mandir}/de/man8/useradd.8* +%lang(de) %{_mandir}/de/man8/userdel.8* +%lang(de) %{_mandir}/de/man8/usermod.8* +%lang(de) %{_mandir}/de/man8/vigr.8* +%lang(de) %{_mandir}/de/man8/vipw.8* + +%lang(fi) %{_mandir}/fi/man1/chfn.1* +%lang(fi) %{_mandir}/fi/man1/chsh.1* + +%lang(fr) %{_mandir}/fr/man1/chage.1* +%lang(fr) %{_mandir}/fr/man1/chfn.1* +%lang(fr) %{_mandir}/fr/man1/chsh.1* +%lang(fr) %{_mandir}/fr/man1/expiry.1* +%lang(fr) %{_mandir}/fr/man1/gpasswd.1* +%lang(fr) %{_mandir}/fr/man1/newgidmap.1* +%lang(fr) %{_mandir}/fr/man1/newgrp.1* +%lang(fr) %{_mandir}/fr/man1/newuidmap.1* +%lang(fr) %{_mandir}/fr/man1/passwd.1* +%lang(fr) %{_mandir}/fr/man1/sg.1* +%lang(fr) %{_mandir}/fr/man5/faillog.5* +%lang(fr) %{_mandir}/fr/man5/gshadow.5* +%lang(fr) %{_mandir}/fr/man5/login.defs.5* +%lang(fr) %{_mandir}/fr/man5/passwd.5* +%lang(fr) %{_mandir}/fr/man5/shadow.5* +%lang(fr) %{_mandir}/fr/man5/suauth.5* +%lang(fr) %{_mandir}/fr/man5/subgid.5* +%lang(fr) %{_mandir}/fr/man5/subuid.5* +%lang(fr) %{_mandir}/fr/man8/chgpasswd.8* +%lang(fr) %{_mandir}/fr/man8/chpasswd.8* +%lang(fr) %{_mandir}/fr/man8/faillog.8* +%lang(fr) %{_mandir}/fr/man8/groupadd.8* +%lang(fr) %{_mandir}/fr/man8/groupdel.8* +%lang(fr) %{_mandir}/fr/man8/groupmems.8* +%lang(fr) %{_mandir}/fr/man8/groupmod.8* +%lang(fr) %{_mandir}/fr/man8/grpck.8* +%lang(fr) %{_mandir}/fr/man8/grpconv.8* +%lang(fr) %{_mandir}/fr/man8/grpunconv.8* +%lang(fr) %{_mandir}/fr/man8/logoutd.8* +%lang(fr) %{_mandir}/fr/man8/newusers.8* +%lang(fr) %{_mandir}/fr/man8/pwck.8* +%lang(fr) %{_mandir}/fr/man8/pwconv.8* +%lang(fr) %{_mandir}/fr/man8/pwunconv.8* +%lang(fr) %{_mandir}/fr/man8/useradd.8* +%lang(fr) %{_mandir}/fr/man8/userdel.8* +%lang(fr) %{_mandir}/fr/man8/usermod.8* +%lang(fr) %{_mandir}/fr/man8/vigr.8* +%lang(fr) %{_mandir}/fr/man8/vipw.8* + +%lang(hu) %{_mandir}/hu/man1/passwd.1* +%lang(hu) %{_mandir}/hu/man1/chsh.1* +%lang(hu) %{_mandir}/hu/man1/gpasswd.1* +%lang(hu) %{_mandir}/hu/man1/newgrp.1* +%lang(hu) %{_mandir}/hu/man1/sg.1* +%lang(hu) %{_mandir}/hu/man5/passwd.5* + +%lang(id) %{_mandir}/id/man1/chsh.1* +%lang(id) %{_mandir}/id/man8/useradd.8* + +%lang(it) %{_mandir}/it/man1/chage.1* +%lang(it) %{_mandir}/it/man1/chfn.1* +%lang(it) %{_mandir}/it/man1/chsh.1* +%lang(it) %{_mandir}/it/man1/expiry.1* +%lang(it) %{_mandir}/it/man1/gpasswd.1* +%lang(it) %{_mandir}/it/man1/newgrp.1* +%lang(it) %{_mandir}/it/man1/passwd.1* +%lang(it) %{_mandir}/it/man1/sg.1* +%lang(it) %{_mandir}/it/man5/faillog.5* +%lang(it) %{_mandir}/it/man5/gshadow.5* +%lang(it) %{_mandir}/it/man5/login.defs.5* +%lang(it) %{_mandir}/it/man5/passwd.5* +%lang(it) %{_mandir}/it/man5/shadow.5* +%lang(it) %{_mandir}/it/man5/suauth.5* +%lang(it) %{_mandir}/it/man8/chgpasswd.8* +%lang(it) %{_mandir}/it/man8/chpasswd.8* +%lang(it) %{_mandir}/it/man8/faillog.8* +%lang(it) %{_mandir}/it/man8/groupadd.8* +%lang(it) %{_mandir}/it/man8/groupdel.8* +%lang(it) %{_mandir}/it/man8/groupmems.8* +%lang(it) %{_mandir}/it/man8/groupmod.8* +%lang(it) %{_mandir}/it/man8/grpck.8* +%lang(it) %{_mandir}/it/man8/grpconv.8* +%lang(it) %{_mandir}/it/man8/grpunconv.8* +%lang(it) %{_mandir}/it/man8/logoutd.8* +%lang(it) %{_mandir}/it/man8/newusers.8* +%lang(it) %{_mandir}/it/man8/pwck.8* +%lang(it) %{_mandir}/it/man8/pwconv.8* +%lang(it) %{_mandir}/it/man8/pwunconv.8* +%lang(it) %{_mandir}/it/man8/useradd.8* +%lang(it) %{_mandir}/it/man8/userdel.8* +%lang(it) %{_mandir}/it/man8/usermod.8* +%lang(it) %{_mandir}/it/man8/vigr.8* +%lang(it) %{_mandir}/it/man8/vipw.8* + +%lang(ja) %{_mandir}/ja/man1/chage.1* +%lang(ja) %{_mandir}/ja/man1/chfn.1* +%lang(ja) %{_mandir}/ja/man1/chsh.1* +%lang(ja) %{_mandir}/ja/man1/expiry.1* +%lang(ja) %{_mandir}/ja/man1/gpasswd.1* +%lang(ja) %{_mandir}/ja/man1/newgrp.1* +%lang(ja) %{_mandir}/ja/man1/passwd.1* +%lang(ja) %{_mandir}/ja/man1/sg.1* +%lang(ja) %{_mandir}/ja/man5/faillog.5* +%lang(ja) %{_mandir}/ja/man5/login.defs.5* +%lang(ja) %{_mandir}/ja/man5/passwd.5* +%lang(ja) %{_mandir}/ja/man5/shadow.5* +%lang(ja) %{_mandir}/ja/man5/suauth.5* +%lang(ja) %{_mandir}/ja/man8/chpasswd.8* +%lang(ja) %{_mandir}/ja/man8/faillog.8* +%lang(ja) %{_mandir}/ja/man8/groupadd.8* +%lang(ja) %{_mandir}/ja/man8/groupdel.8* +%lang(ja) %{_mandir}/ja/man8/groupmod.8* +%lang(ja) %{_mandir}/ja/man8/grpck.8* +%lang(ja) %{_mandir}/ja/man8/grpconv.8* +%lang(ja) %{_mandir}/ja/man8/grpunconv.8* +%lang(ja) %{_mandir}/ja/man8/logoutd.8* +%lang(ja) %{_mandir}/ja/man8/newusers.8* +%lang(ja) %{_mandir}/ja/man8/pwck.8* +%lang(ja) %{_mandir}/ja/man8/pwconv.8* +%lang(ja) %{_mandir}/ja/man8/pwunconv.8* +%lang(ja) %{_mandir}/ja/man8/useradd.8* +%lang(ja) %{_mandir}/ja/man8/userdel.8* +%lang(ja) %{_mandir}/ja/man8/usermod.8* +%lang(ja) %{_mandir}/ja/man8/vigr.8* +%lang(ja) %{_mandir}/ja/man8/vipw.8* + +%lang(ko) %{_mandir}/ko/man1/chfn.1* +%lang(ko) %{_mandir}/ko/man1/chsh.1* +%lang(ko) %{_mandir}/ko/man5/passwd.5* +%lang(ko) %{_mandir}/ko/man8/vigr.8* +%lang(ko) %{_mandir}/ko/man8/vipw.8* + +%lang(pl) %{_mandir}/pl/man1/chage.1* +%lang(pl) %{_mandir}/pl/man1/chsh.1* +%lang(pl) %{_mandir}/pl/man1/expiry.1* +%lang(pl) %{_mandir}/pl/man1/newgrp.1* +%lang(pl) %{_mandir}/pl/man1/sg.1* +%lang(pl) %{_mandir}/pl/man5/faillog.5* +%lang(pl) %{_mandir}/pl/man8/faillog.8* +%lang(pl) %{_mandir}/pl/man8/groupadd.8* +%lang(pl) %{_mandir}/pl/man8/groupdel.8* +%lang(pl) %{_mandir}/pl/man8/groupmems.8* +%lang(pl) %{_mandir}/pl/man8/groupmod.8* +%lang(pl) %{_mandir}/pl/man8/grpck.8* +%lang(pl) %{_mandir}/pl/man8/logoutd.8* +%lang(pl) %{_mandir}/pl/man8/userdel.8* +%lang(pl) %{_mandir}/pl/man8/usermod.8* +%lang(pl) %{_mandir}/pl/man8/vigr.8* +%lang(pl) %{_mandir}/pl/man8/vipw.8* + +%lang(pt_BR) %{_mandir}/pt_BR/man1/gpasswd.1* +%lang(pt_BR) %{_mandir}/pt_BR/man5/passwd.5* +%lang(pt_BR) %{_mandir}/pt_BR/man5/shadow.5* +%lang(pt_BR) %{_mandir}/pt_BR/man8/groupadd.8* +%lang(pt_BR) %{_mandir}/pt_BR/man8/groupdel.8* +%lang(pt_BR) %{_mandir}/pt_BR/man8/groupmod.8* + +%lang(ru) %{_mandir}/ru/man1/chage.1* +%lang(ru) %{_mandir}/ru/man1/chfn.1* +%lang(ru) %{_mandir}/ru/man1/chsh.1* +%lang(ru) %{_mandir}/ru/man1/expiry.1* +%lang(ru) %{_mandir}/ru/man1/gpasswd.1* +%lang(ru) %{_mandir}/ru/man1/newgrp.1* +%lang(ru) %{_mandir}/ru/man1/passwd.1* +%lang(ru) %{_mandir}/ru/man1/sg.1* +%lang(ru) %{_mandir}/ru/man5/faillog.5* +%lang(ru) %{_mandir}/ru/man5/gshadow.5* +%lang(ru) %{_mandir}/ru/man5/login.defs.5* +%lang(ru) %{_mandir}/ru/man5/passwd.5* +%lang(ru) %{_mandir}/ru/man5/shadow.5* +%lang(ru) %{_mandir}/ru/man5/suauth.5* +%lang(ru) %{_mandir}/ru/man8/chgpasswd.8* +%lang(ru) %{_mandir}/ru/man8/chpasswd.8* +%lang(ru) %{_mandir}/ru/man8/faillog.8* +%lang(ru) %{_mandir}/ru/man8/groupadd.8* +%lang(ru) %{_mandir}/ru/man8/groupdel.8* +%lang(ru) %{_mandir}/ru/man8/groupmems.8* +%lang(ru) %{_mandir}/ru/man8/groupmod.8* +%lang(ru) %{_mandir}/ru/man8/grpck.8* +%lang(ru) %{_mandir}/ru/man8/grpconv.8* +%lang(ru) %{_mandir}/ru/man8/grpunconv.8* +%lang(ru) %{_mandir}/ru/man8/logoutd.8* +%lang(ru) %{_mandir}/ru/man8/newusers.8* +%lang(ru) %{_mandir}/ru/man8/pwck.8* +%lang(ru) %{_mandir}/ru/man8/pwconv.8* +%lang(ru) %{_mandir}/ru/man8/pwunconv.8* +%lang(ru) %{_mandir}/ru/man8/useradd.8* +%lang(ru) %{_mandir}/ru/man8/userdel.8* +%lang(ru) %{_mandir}/ru/man8/usermod.8* +%lang(ru) %{_mandir}/ru/man8/vigr.8* +%lang(ru) %{_mandir}/ru/man8/vipw.8* + +%lang(sv) %{_mandir}/sv/man1/chage.1* +%lang(sv) %{_mandir}/sv/man1/chsh.1* +%lang(sv) %{_mandir}/sv/man1/expiry.1* +%lang(sv) %{_mandir}/sv/man1/newgrp.1* +%lang(sv) %{_mandir}/sv/man1/passwd.1* +%lang(sv) %{_mandir}/sv/man1/sg.1* +%lang(sv) %{_mandir}/sv/man5/faillog.5* +%lang(sv) %{_mandir}/sv/man5/gshadow.5* +%lang(sv) %{_mandir}/sv/man5/passwd.5* +%lang(sv) %{_mandir}/sv/man5/suauth.5* +%lang(sv) %{_mandir}/sv/man8/faillog.8* +%lang(sv) %{_mandir}/sv/man8/groupadd.8* +%lang(sv) %{_mandir}/sv/man8/groupdel.8* +%lang(sv) %{_mandir}/sv/man8/groupmems.8* +%lang(sv) %{_mandir}/sv/man8/groupmod.8* +%lang(sv) %{_mandir}/sv/man8/grpck.8* +%lang(sv) %{_mandir}/sv/man8/logoutd.8* +%lang(sv) %{_mandir}/sv/man8/pwck.8* +%lang(sv) %{_mandir}/sv/man8/userdel.8* +%lang(sv) %{_mandir}/sv/man8/vigr.8* +%lang(sv) %{_mandir}/sv/man8/vipw.8* + +%lang(tr) %{_mandir}/tr/man1/chage.1* +%lang(tr) %{_mandir}/tr/man1/chfn.1* +%lang(tr) %{_mandir}/tr/man1/passwd.1* +%lang(tr) %{_mandir}/tr/man5/passwd.5* +%lang(tr) %{_mandir}/tr/man5/shadow.5* +%lang(tr) %{_mandir}/tr/man8/groupadd.8* +%lang(tr) %{_mandir}/tr/man8/groupdel.8* +%lang(tr) %{_mandir}/tr/man8/groupmod.8* +%lang(tr) %{_mandir}/tr/man8/useradd.8* +%lang(tr) %{_mandir}/tr/man8/userdel.8* +%lang(tr) %{_mandir}/tr/man8/usermod.8* + +%lang(zh_CN) %{_mandir}/zh_CN/man1/chage.1* +%lang(zh_CN) %{_mandir}/zh_CN/man1/chfn.1* +%lang(zh_CN) %{_mandir}/zh_CN/man1/chsh.1* +%lang(zh_CN) %{_mandir}/zh_CN/man1/expiry.1* +%lang(zh_CN) %{_mandir}/zh_CN/man1/gpasswd.1* +%lang(zh_CN) %{_mandir}/zh_CN/man1/newgrp.1* +%lang(zh_CN) %{_mandir}/zh_CN/man1/passwd.1* +%lang(zh_CN) %{_mandir}/zh_CN/man1/sg.1* +%lang(zh_CN) %{_mandir}/zh_CN/man5/faillog.5* +%lang(zh_CN) %{_mandir}/zh_CN/man5/gshadow.5* +%lang(zh_CN) %{_mandir}/zh_CN/man5/login.defs.5* +%lang(zh_CN) %{_mandir}/zh_CN/man5/passwd.5* +%lang(zh_CN) %{_mandir}/zh_CN/man5/shadow.5* +%lang(zh_CN) %{_mandir}/zh_CN/man5/suauth.5* +%lang(zh_CN) %{_mandir}/zh_CN/man8/chgpasswd.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/chpasswd.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/faillog.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/groupadd.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/groupdel.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/groupmems.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/groupmod.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/grpck.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/grpconv.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/grpunconv.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/logoutd.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/newusers.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/pwck.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/pwconv.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/pwunconv.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/useradd.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/userdel.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/usermod.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/vigr.8* +%lang(zh_CN) %{_mandir}/zh_CN/man8/vipw.8* + +%lang(zh_TW) %{_mandir}/zh_TW/man1/chfn.1* +%lang(zh_TW) %{_mandir}/zh_TW/man1/chsh.1* +%lang(zh_TW) %{_mandir}/zh_TW/man1/newgrp.1* +%lang(zh_TW) %{_mandir}/zh_TW/man5/passwd.5* +%lang(zh_TW) %{_mandir}/zh_TW/man8/chpasswd.8* +%lang(zh_TW) %{_mandir}/zh_TW/man8/groupadd.8* +%lang(zh_TW) %{_mandir}/zh_TW/man8/groupdel.8* +%lang(zh_TW) %{_mandir}/zh_TW/man8/groupmod.8* +%lang(zh_TW) %{_mandir}/zh_TW/man8/useradd.8* +%lang(zh_TW) %{_mandir}/zh_TW/man8/userdel.8* +%lang(zh_TW) %{_mandir}/zh_TW/man8/usermod.8* diff --git a/shadow.useradd b/shadow.useradd new file mode 100644 index 0000000..0a28b4e --- /dev/null +++ b/shadow.useradd @@ -0,0 +1,7 @@ +# useradd defaults file +GROUP=1000 +HOME=/home/users +INACTIVE=-1 +EXPIRE= +SHELL=/bin/bash +SKEL=/etc/skel diff --git a/useradd.pamd b/useradd.pamd new file mode 100644 index 0000000..cd2149e --- /dev/null +++ b/useradd.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_deny.so +account required pam_permit.so +password include system-auth diff --git a/userdel.pamd b/userdel.pamd new file mode 100644 index 0000000..cd2149e --- /dev/null +++ b/userdel.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_deny.so +account required pam_permit.so +password include system-auth diff --git a/usermod.pamd b/usermod.pamd new file mode 100644 index 0000000..cd2149e --- /dev/null +++ b/usermod.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_deny.so +account required pam_permit.so +password include system-auth