%define WITH_SELINUX 0
Summary: Utilities for managing accounts and shadow password files.
Summary(ja): シャドウパスワードファイルとアカウントを管理するユーティリティ
Name: shadow-utils
Epoch: 2
Version: 4.13
Release: 1%{?_dist_release}
Group: system
Vendor: Project Vine
Distribution: Vine Linux
License: BSD and GPLv2+
URL: https://github.com/shadow-maint/shadow
Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz
Source1: shadow-utils.login.defs
Source2: shadow-utils.useradd
Source3: shadow-bsd.txt
Source4: https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
### Patches ###
# Misc small changes - most probably non-upstreamable
Patch0: shadow-4.12.3-redhat.patch
# SElinux related - upstreamability unknown
Patch3: shadow-4.13-default-range.patch
# Misc manual page changes - non-upstreamable
Patch4: shadow-4.9-manfix.patch
# Date parsing improvement - could be upstreamed
Patch5: shadow-4.2.1-date-parsing.patch
# Audit message changes - upstreamability unknown
Patch7: shadow-4.11.1-audit-update.patch
# Changes related to password unlocking - could be upstreamed
Patch8: shadow-4.5-usermod-unlock.patch
# Additional SElinux related changes - upstreamability unknown
Patch9: shadow-4.12.3-selinux-perms.patch
Patch10: shadow-utils-configure-gshadow.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-root
BuildRequires: gcc
BuildRequires: audit-libs-devel >= 1.6.5
BuildRequires: libacl-devel, libattr-devel
BuildRequires: bison, flex, docbook-style-xsl, docbook-dtds
BuildRequires: autoconf, automake, libtool, gettext-devel
BuildRequires: /usr/bin/xsltproc, /usr/bin/itstool
Obsoletes: adduser
### Globals ###
%global includesubiddir %{_includedir}/shadow
%description
The shadow-utils package includes the necessary programs for
converting UNIX password files to the shadow password format, plus
programs for managing user and group accounts. The pwconv command
converts passwords to the shadow password format. The pwunconv command
unconverts shadow passwords and generates an npasswd file (a standard
UNIX password file). The pwck command checks the integrity of password
and shadow files. The lastlog command prints out the last login times
for all users. The useradd, userdel, and usermod commands are used for
managing user accounts. The groupadd, groupdel, and groupmod commands
are used for managing group accounts.
%description -l ja
shadow-utilsパッケージはUNIXパスワードファイルをシャドウパスワー
ドフォーマットに変換するのに必要なプログラムとユーザやグループア
カウントを管理するプログラムを含みます。
pwconvコマンドはパスワードをシャドウパスワードフォーマットに変換
します。pwunconvコマンドはシャドウパスワードを逆変換し、npasswd
ファイル(標準のUNIXパスワードファイル)を生成します。pwckコマンド
はパスワードファイルとシャドウパスワードファイルの完全性をチェッ
クします。lastlogコマンドは全ユーザの最後にログインした時間を出
力します。useradd、userdelやusermodコマンドはユーザーアカウント
を管理するのに使用されます。groupadd、groupdelやgroupmodコマンド
はグループアカウントを管理するのに使用されます。
%package subid
Summary: A library to manage subordinate uid and gid ranges
Group: system
License: BSD and GPLv2+
%description subid
Utility library that provides a way to manage subid ranges.
%package subid-devel
Summary: Development package for shadow-utils-subid
Group: programming
License: BSD and GPLv2+
%description subid-devel
Development files for shadow-utils-subid.
%debug_package
%prep
%setup -q -n shadow-%{version}
%patch0 -p1 -b .redhat
%patch3 -p1 -b .default-range
%patch4 -p1 -b .manfix
%patch5 -p1 -b .date-parsing
%patch7 -p1 -b .audit-update
%patch8 -p1 -b .unlock
%if %{WITH_SELINUX}
%patch9 -p1 -b .selinux-perms
%endif
%patch10 -p1
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
cp -f doc/HOWTO.utf8 doc/HOWTO
cp -a %{SOURCE3} %{SOURCE4} .
# Force regeneration of getdate.c
rm libmisc/getdate.c
%build
export CFLAGS="$RPM_OPT_FLAGS -fpie"
export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
autoreconf -ivf
%configure \
--enable-shadowgrp \
--enable-man \
--with-audit \
--with-sha-crypt \
--with-bcrypt \
--with-yescrypt \
%if %{WITH_SELINUX}
--with-selinux \
%else
--without-selinux \
%endif
--without-libcrack \
--without-libpam \
--enable-shared \
--with-group-name-max-length=32
make %{_smp_mflags}
%install
rm -rf %{buildroot}
make install DESTDIR=%{buildroot} gnulocaledir=%{buildroot}/%{_datadir}/locale MKINSTALLDIRS=`pwd`/mkinstalldirs
install -d -m 755 %{buildroot}/etc/default
install -c -m 0644 %{SOURCE1} %{buildroot}/etc/login.defs
install -c -m 0600 %{SOURCE2} %{buildroot}/etc/default/useradd
ln -s useradd %{buildroot}%{_sbindir}/adduser
ln -s useradd.8 %{buildroot}/%{_mandir}/man8/adduser.8
for subdir in %{buildroot}/%{_mandir}/{??,??_??,??_??.*}/man* ; do
test -d $subdir && test -e $subdir/useradd.8 && echo ".so man8/useradd.8" > $subdir/adduser.8
done
# Remove binaries we don't use.
rm %{buildroot}%{_bindir}/chfn
rm %{buildroot}%{_bindir}/chsh
rm %{buildroot}%{_bindir}/expiry
rm %{buildroot}%{_bindir}/groups
rm %{buildroot}%{_bindir}/login
rm %{buildroot}%{_bindir}/passwd
rm %{buildroot}%{_bindir}/su
rm %{buildroot}%{_bindir}/faillog
rm %{buildroot}%{_sysconfdir}/login.access
rm %{buildroot}%{_sysconfdir}/limits
rm %{buildroot}%{_sbindir}/logoutd
rm %{buildroot}%{_sbindir}/nologin
rm %{buildroot}%{_mandir}/man1/chfn.*
rm %{buildroot}%{_mandir}/*/man1/chfn.*
rm %{buildroot}%{_mandir}/man1/chsh.*
rm %{buildroot}%{_mandir}/*/man1/chsh.*
rm %{buildroot}%{_mandir}/man1/expiry.*
rm %{buildroot}%{_mandir}/*/man1/expiry.*
rm %{buildroot}%{_mandir}/man1/groups.*
rm %{buildroot}%{_mandir}/*/man1/groups.*
rm %{buildroot}%{_mandir}/man1/login.*
rm %{buildroot}%{_mandir}/*/man1/login.*
rm %{buildroot}%{_mandir}/man1/passwd.*
rm %{buildroot}%{_mandir}/*/man1/passwd.*
rm %{buildroot}%{_mandir}/man1/su.*
rm %{buildroot}%{_mandir}/*/man1/su.*
rm %{buildroot}%{_mandir}/man5/limits.*
rm %{buildroot}%{_mandir}/*/man5/limits.*
rm %{buildroot}%{_mandir}/man5/login.access.*
rm %{buildroot}%{_mandir}/*/man5/login.access.*
rm %{buildroot}%{_mandir}/man5/passwd.*
rm %{buildroot}%{_mandir}/*/man5/passwd.*
rm %{buildroot}%{_mandir}/man5/porttime.*
rm %{buildroot}%{_mandir}/*/man5/porttime.*
rm %{buildroot}%{_mandir}/man5/suauth.*
rm %{buildroot}%{_mandir}/*/man5/suauth.*
rm %{buildroot}%{_mandir}/man8/logoutd.*
rm %{buildroot}%{_mandir}/*/man8/logoutd.*
rm %{buildroot}%{_mandir}/man8/nologin.*
rm %{buildroot}%{_mandir}/*/man8/nologin.*
rm %{buildroot}%{_mandir}/man3/getspnam.*
rm %{buildroot}%{_mandir}/*/man3/getspnam.*
rm %{buildroot}%{_mandir}/man5/faillog.*
rm %{buildroot}%{_mandir}/*/man5/faillog.*
rm %{buildroot}%{_mandir}/man8/faillog.*
rm %{buildroot}%{_mandir}/*/man8/faillog.*
find $RPM_BUILD_ROOT%{_mandir} -depth -type d -empty -delete
%find_lang shadow
for dir in $(ls -1d $RPM_BUILD_ROOT%{_mandir}/{??,??_??}) ; do
dir=$(echo $dir | sed -e "s|^$RPM_BUILD_ROOT||")
lang=$(basename $dir)
# echo "%%lang($lang) $dir" >> shadow.lang
# echo "%%lang($lang) $dir/man*" >> shadow.lang
echo "%%lang($lang) $dir/man*/*" >> shadow.lang
done
# Move header files to its own folder
echo $(ls)
mkdir -p $RPM_BUILD_ROOT/%{includesubiddir}
install -m 644 libsubid/subid.h $RPM_BUILD_ROOT/%{includesubiddir}/
# Remove .a and .la files created by libsubid
rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.{a,la}
%clean
rm -rf %{buildroot}
%files -f shadow.lang
%defattr(-,root,root)
%license gpl-2.0.txt shadow-bsd.txt
%doc NEWS doc/HOWTO README
%dir /etc/default
%attr(0644,root,root) %config /etc/login.defs
%attr(0600,root,root) %config /etc/default/useradd
%{_bindir}/sg
%attr(4755,root,root) %{_bindir}/chage
%attr(4755,root,root) %{_bindir}/gpasswd
%{_bindir}/lastlog
%attr(4755,root,root) %{_bindir}/newgrp
%attr(0755,root,root) %caps(cap_setgid=ep) %{_bindir}/newgidmap
%attr(0755,root,root) %caps(cap_setuid=ep) %{_bindir}/newuidmap
%{_sbindir}/adduser
%attr(0755,root,root) %{_sbindir}/user*
%attr(0755,root,root) %{_sbindir}/group*
%{_sbindir}/grpck
%{_sbindir}/pwck
%{_sbindir}/*conv
%{_sbindir}/chpasswd
%{_sbindir}/chgpasswd
%{_sbindir}/newusers
%{_sbindir}/vipw
%{_sbindir}/vigr
%{_mandir}/man1/chage.1*
%{_mandir}/man1/gpasswd.1*
%{_mandir}/man1/sg.1*
%{_mandir}/man1/newgrp.1*
%{_mandir}/man1/newgidmap.1*
%{_mandir}/man1/newuidmap.1*
%{_mandir}/man3/shadow.3*
%{_mandir}/man5/shadow.5*
%{_mandir}/man5/login.defs.5*
%{_mandir}/man5/gshadow.5*
%{_mandir}/man5/subuid.5*
%{_mandir}/man5/subgid.5*
%{_mandir}/man8/adduser.8*
%{_mandir}/man8/group*.8*
%{_mandir}/man8/user*.8*
%{_mandir}/man8/pwck.8*
%{_mandir}/man8/grpck.8*
%{_mandir}/man8/chpasswd.8*
%{_mandir}/man8/chgpasswd.8*
%{_mandir}/man8/newusers.8*
%{_mandir}/man8/*conv.8*
%{_mandir}/man8/lastlog.8*
%{_mandir}/man8/vipw.8*
%{_mandir}/man8/vigr.8*
%files subid
%{_bindir}/getsubids
%{_libdir}/libsubid.so.*
%{_mandir}/man1/getsubids.1*
%files subid-devel
%{includesubiddir}/subid.h
%{_libdir}/libsubid.so
%changelog
* Mon Feb 13 2023 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2:4.13-1
- updated to 4.13.
- dropped Patch1, 6 and 10-13.
- updated Patch3.
- imported Patch10 from rawhide.
* Thu Aug 25 2022 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2:4.12.3-1
- updated to 4.12.3.
- updated all patches.
* Mon Jan 03 2022 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2:4.11.1-1
- updated to 4.11.1.
- updated Patch7 and 10.
* Fri Dec 24 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2:4.10-1
- updated to 4.10.
- dropped Patch2 and 14-16: fixed in upstream.
- updated Patch7.
* Fri Aug 20 2021 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2:4.9-1
- updated to 4.9.
- updated patches.
- updated Source1.
- added license files (Source3 and 4).
- added sub-packages: subid, subid-devel.
* Wed Mar 18 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2:4.8-1
- updated to 4.8.
- updated patches.
* Wed Jul 09 2014 Daisuke SUZUKI <daisuke@vinelinux.org> 2:4.1.5.1-1
- update to 4.1.5.1
* Sun Apr 17 2011 Shu KONNO <owa@bg.wakwak.com> 2:4.1.4.2-2
- rebuilt with rpm-4.8.1-3
* Mon Apr 12 2010 Daisuke SUZUKI <daisuke@linux.or.jp> 2:4.1.4.2-1
- new upstream release
- add vipw/vigr (moved from util-linux-ng)
- max group name length set to 32 characters
- update Patch0
- increase threshold for uid/gid reservations to 200
- import Patch1,2,3 from fedora
- disable autoreconf
* Mon Jun 15 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 2:4.1.4.1-1
- new upstream release
- NEW UPSTREAM: http://pkg-shadow.alioth.debian.org/
- update URL:, SOURCES: to new upstream
* Fri Aug 15 2008 Shu KONNO <owa@bg.wakwak.com> 2:4.0.16-1vl5
- applied new versioning policy, spec in utf-8
* Mon Aug 14 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 2:4.0.16-0vl3
- update Patch0 to fix <BTS:0499>
- select smaller gid value for system account
* Tue Aug 08 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 2:4.0.16-0vl2
- update ja.po from debian-doc (committed in upstream)
* Mon Jun 05 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 2:4.0.16-0vl1
- new upstream release
- add Japanese Summary and descriptions from spec file translation project.
- convert Japanese man pages to EUC-JP from UTF-8
- import changes from FC pacakge.
* Mon Jan 31 2005 Daisuke SUZUKI <daisuke@linux.or.jp> 1:4.0.3-35vl2
- rebuild for VineSeed
* Sun Jan 09 2005 IKEDA Katsumi <ikeda@webmasters.gr.jp> 2:4.0.3-35vl1.1
- added a security patch (shadow-4.0.3-can-2004-1001.patch) for CAN-2004-1001.
* Mon Oct 18 2004 Daisuke SUZUKI <daisuke@linux.or.jp> 2:4.0.3-35vl1
- import Patch1[3-7] from fedora development.
- fixed username/groupname limits. (vine-users:54797)
* Sat Apr 10 2004 <tkoba@vinelinux.org> 4.0.3-21vl1
- sync to fedora
* Fri Jun 08 2001 <sagami@vinelinux.org>
- 20000902-1vl1: added ja.po from 19990827-10vl2
- disable patch9 (creating mailspool in /var/mail)
* Tue May 22 2001 Bernhard Rosenkraenzer <bero@redhat.com> 20000902-1
- Create an empty mailspool when creating a user so non-setuid/non-setgid
MDAs (postfix+procmail) can deliver mail (#41811)
- 20000902
- adapt patches
* Fri Mar 9 2001 Nalin Dahyabhai <nalin@redhat.com>
- don't overwrite user dot files in useradd (#19982)
- truncate new files when moving overwriting files with the contents of other
files while moving directories (keeps files from looking weird later on)
- configure using %%{_prefix} as the prefix
* Fri Feb 23 2001 Trond Eivind Glomsr藷?<teg@redhat.com>
- langify
* Wed Aug 30 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- Fix up chage behavior (Bug #15883)
* Wed Aug 30 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- 20000826
- Fix up useradd man page (Bug #17036)
* Tue Aug 8 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- check for vipw lock before adding or deleting users (Bug #6489)
* Mon Aug 7 2000 Nalin Dahyabhai <nalin@redhat.com>
- take LOG_CONS out of the openlog() call so that we don't litter the
screen during text-mode upgrades
* Tue Jul 18 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- Remove a fixed-size buffer that caused problems when adding a huge number
of users to a group (>8192 bytes) (Bugs #3809, #11930)
* Tue Jul 18 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- remove dependency on util-linux because it causes prereq loops
* Tue Jul 18 2000 Nalin Dahyabhai <nalin@redhat.com>
- change symlinked man pages to includers
- require /usr/bin/newgrp (util-linux) so that /usr/bin/sg isn't left dangling
* Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
- automatic rebuild
* Sun Jun 18 2000 Matt Wilson <msw@redhat.com>
- use mandir for FHS
- added patches in src/ and po/ to honor DESTDIR
- use make install DESTDIR=$RPM_BUILD_ROOT
* Wed Feb 16 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- Fix up usermod's symlink behavior (Bug #5458)
* Fri Feb 11 2000 Cristian Gafton <gafton@redhat.com>
- get rid of mkpasswd
* Mon Feb 7 2000 Nalin Dahyabhai <nalin@redhat.com>
- fix usermod patch to check for shadow before doing any shadow-specific stuff
and merge it into the pwlock patch
* Sat Feb 5 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- fix man symlinks
* Wed Feb 2 2000 Nalin Dahyabhai <gafton@redhat.com>
- make -p only change shadow password (bug #8923)
* Mon Jan 31 2000 Cristian Gafton <gafton@redhat.com>
- rebuild to fix dependeencies
- man pages are compressed
* Wed Jan 19 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- Fix a security bug (adduser could overwrite previously existing
groups, Bug #8609)
* Sun Jan 9 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- unset LINGUAS before building
- Fix typo in newusers manpage (Bug #8258)
- libtoolize
* Wed Sep 22 1999 Cristian Gafton <gafton@redhat.com>
- fix segfault for userdel when the primary group for the user is not
defined
* Tue Sep 21 1999 Cristian Gafton <gafton@redhat.com>
- Serial: 1 because now we are using 19990827 (why the heck can't they have
a normal version just like everybody else?!)
- ported all patches to the new code base
* Thu Apr 15 1999 Bill Nottingham <notting@redhat.com>
- SIGHUP nscd from usermod, too
* Fri Apr 09 1999 Michael K. Johnson <johnsonm@redhat.com>
- added usermod password locking from Chris Adams <cadams@ro.com>
* Thu Apr 08 1999 Bill Nottingham <notting@redhat.com>
- have things that modify users/groups SIGHUP nscd on exit
* Wed Mar 31 1999 Michael K. Johnson <johnsonm@redhat.com>
- have userdel remove user private groups when it is safe to do so
- allow -f to force user removal even when user appears busy in utmp
* Tue Mar 23 1999 Preston Brown <pbrown@redhat.com>
- edit out unused CHFN fields from login.defs.
* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
- auto rebuild in the new build environment (release 7)
* Wed Jan 13 1999 Bill Nottingham <notting@redhat.com>
- configure fix for arm
* Wed Dec 30 1998 Cristian Gafton <gafton@redhat.com>
- build against glibc 2.1
* Fri Aug 21 1998 Jeff Johnson <jbj@redhat.com>
- Note that /usr/sbin/mkpasswd conflicts with /usr/bin/mkpasswd;
one of these (I think /usr/sbin/mkpasswd but other opinions are valid)
should probably be renamed. In any case, mkpasswd.8 from this package
needs to be installed. (problem #823)
* Fri May 08 1998 Prospector System <bugs@redhat.com>
- translations modified for de, fr, tr
* Tue Apr 21 1998 Cristian Gafton <gafton@redhat.com>
- updated to 980403
- redid the patches
* Tue Dec 30 1997 Cristian Gafton <gafton@redhat.com>
- updated the spec file
- updated the patch so that new accounts created on shadowed system won't
confuse pam_pwdb anymore ('!!' default password instead on '!')
- fixed a bug that made useradd -G segfault
- the check for the ut_user is now patched into configure
* Thu Nov 13 1997 Erik Troan <ewt@redhat.com>
- added patch for XOPEN oddities in glibc headers
- check for ut_user before checking for ut_name -- this works around some
confusion on glibc 2.1 due to the utmpx header not defining the ut_name
compatibility stuff. I used a gross sed hack here because I couldn't make
automake work properly on the sparc (this could be a glibc 2.0.99 problem
though). The utuser patch works fine, but I don't apply it.
- sleep after running autoconf
* Thu Nov 06 1997 Cristian Gafton <gafton@redhat.com>
- added forgot lastlog command to the spec file
* Sun Oct 26 1997 Cristian Gafton <gafton@redhat.com>
- obsoletes adduser
* Thu Oct 23 1997 Cristian Gafton <gafton@redhat.com>
- modified groupadd; updated the patch
* Fri Sep 12 1997 Cristian Gafton <gafton@redhat.com>
- updated to 970616
- changed useradd to meet RH specs
- fixed some bugs
* Tue Jun 17 1997 Erik Troan <ewt@redhat.com>
- built against glibc