From f1b1f867fd1ef51c3161746285ae9288d2d663ca Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Fri, 12 Jul 2019 20:45:49 +0200 Subject: [PATCH] shadow: initial import --- shadow/.footprint | 102 ++++++++++++++++++++++++++++++++++++++++++++++ shadow/.signature | 19 +++++++++ shadow/Pkgfile | 46 +++++++++++++++++++++ shadow/chfn | 9 ++++ shadow/chsh | 9 ++++ shadow/groupadd | 7 ++++ shadow/groupdel | 7 ++++ shadow/groupmems | 7 ++++ shadow/groupmod | 7 ++++ shadow/login | 17 ++++++++ shadow/login.defs | 39 ++++++++++++++++++ shadow/passwd | 5 +++ shadow/pwck | 9 ++++ shadow/su | 12 ++++++ shadow/useradd | 7 ++++ shadow/userdel | 7 ++++ shadow/usermod | 7 ++++ 17 files changed, 316 insertions(+) create mode 100644 shadow/.footprint create mode 100644 shadow/.signature create mode 100644 shadow/Pkgfile create mode 100644 shadow/chfn create mode 100644 shadow/chsh create mode 100644 shadow/groupadd create mode 100644 shadow/groupdel create mode 100644 shadow/groupmems create mode 100644 shadow/groupmod create mode 100644 shadow/login create mode 100644 shadow/login.defs create mode 100644 shadow/passwd create mode 100644 shadow/pwck create mode 100644 shadow/su create mode 100644 shadow/useradd create mode 100644 shadow/userdel create mode 100644 shadow/usermod diff --git a/shadow/.footprint b/shadow/.footprint new file mode 100644 index 0000000..2bbace1 --- /dev/null +++ b/shadow/.footprint @@ -0,0 +1,102 @@ +drwxr-xr-x root/root bin/ +-rwxr-xr-x root/root bin/login +drwxr-xr-x root/root etc/ +drwxr-xr-x root/root etc/cron/ +drwxr-xr-x root/root etc/cron/daily/ +-rwxr-xr-x root/root etc/cron/daily/pwck +-rw-r--r-- root/root etc/login.defs +drwxr-xr-x root/root etc/pam.d/ +-rw-r--r-- root/root etc/pam.d/chage +-rw-r--r-- root/root etc/pam.d/chfn +-rw-r--r-- root/root etc/pam.d/chgpasswd +-rw-r--r-- root/root etc/pam.d/chpasswd +-rw-r--r-- root/root etc/pam.d/chsh +-rw-r--r-- root/root etc/pam.d/groupadd +-rw-r--r-- root/root etc/pam.d/groupdel +-rw-r--r-- root/root etc/pam.d/groupmems +-rw-r--r-- root/root etc/pam.d/groupmod +-rw-r--r-- root/root etc/pam.d/login +-rw-r--r-- root/root etc/pam.d/newusers +-rw-r--r-- root/root etc/pam.d/passwd +-rw-r--r-- root/root etc/pam.d/su +-rw-r--r-- root/root etc/pam.d/useradd +-rw-r--r-- root/root etc/pam.d/userdel +-rw-r--r-- root/root etc/pam.d/usermod +drwxr-xr-x root/root sbin/ +-rwxr-xr-x root/root sbin/nologin +drwxr-xr-x root/root usr/ +drwxr-xr-x root/root usr/bin/ +-rwsr-xr-x root/root usr/bin/chage +-rwsr-xr-x root/root usr/bin/chfn +-rwsr-xr-x root/root usr/bin/chsh +-rwsr-xr-x root/root usr/bin/expiry +-rwxr-xr-x root/root usr/bin/faillog +-rwxr-xr-x root/root usr/bin/groups +-rwxr-xr-x root/root usr/bin/lastlog +-rwsr-xr-x root/root usr/bin/newgidmap +-rwsr-xr-x root/root usr/bin/newgrp +-rwsr-xr-x root/root usr/bin/newuidmap +-rwsr-xr-x root/root usr/bin/passwd +lrwxrwxrwx root/root usr/bin/sg -> newgrp +-rwsr-xr-x root/root usr/bin/su +drwxr-xr-x root/root usr/sbin/ +-rw-r--r-- root/root usr/sbin/chfn +-rwxr-xr-x root/root usr/sbin/chgpasswd +-rw-r--r-- root/root usr/sbin/chsh +-rw-r--r-- root/root usr/sbin/groupadd +-rw-r--r-- root/root usr/sbin/groupdel +-rw-r--r-- root/root usr/sbin/groupmems +-rw-r--r-- root/root usr/sbin/groupmod +-rwxr-xr-x root/root usr/sbin/grpck +-rw-r--r-- root/root usr/sbin/login +-rw-r--r-- root/root usr/sbin/passwd +-rwxr-xr-x root/root usr/sbin/pwck +-rw-r--r-- root/root usr/sbin/su +-rw-r--r-- root/root usr/sbin/useradd +-rw-r--r-- root/root usr/sbin/userdel +-rw-r--r-- root/root usr/sbin/usermod +lrwxrwxrwx root/root usr/sbin/vigr -> vipw +-rwxr-xr-x root/root usr/sbin/vipw +drwxr-xr-x root/root usr/share/ +drwxr-xr-x root/root usr/share/man/ +drwxr-xr-x root/root usr/share/man/man1/ +-rw-r--r-- root/root usr/share/man/man1/chage.1.gz +-rw-r--r-- root/root usr/share/man/man1/chfn.1.gz +-rw-r--r-- root/root usr/share/man/man1/chsh.1.gz +-rw-r--r-- root/root usr/share/man/man1/expiry.1.gz +-rw-r--r-- root/root usr/share/man/man1/groups.1.gz +-rw-r--r-- root/root usr/share/man/man1/login.1.gz +-rw-r--r-- root/root usr/share/man/man1/newgidmap.1.gz +-rw-r--r-- root/root usr/share/man/man1/newgrp.1.gz +-rw-r--r-- root/root usr/share/man/man1/newuidmap.1.gz +-rw-r--r-- root/root usr/share/man/man1/passwd.1.gz +-rw-r--r-- root/root usr/share/man/man1/sg.1.gz +-rw-r--r-- root/root usr/share/man/man1/su.1.gz +drwxr-xr-x root/root usr/share/man/man5/ +-rw-r--r-- root/root usr/share/man/man5/faillog.5.gz +-rw-r--r-- root/root usr/share/man/man5/login.defs.5.gz +-rw-r--r-- root/root usr/share/man/man5/passwd.5.gz +-rw-r--r-- root/root usr/share/man/man5/shadow.5.gz +-rw-r--r-- root/root usr/share/man/man5/suauth.5.gz +-rw-r--r-- root/root usr/share/man/man5/subgid.5.gz +-rw-r--r-- root/root usr/share/man/man5/subuid.5.gz +drwxr-xr-x root/root usr/share/man/man8/ +-rw-r--r-- root/root usr/share/man/man8/chgpasswd.8.gz +-rw-r--r-- root/root usr/share/man/man8/faillog.8.gz +-rw-r--r-- root/root usr/share/man/man8/groupadd.8.gz +-rw-r--r-- root/root usr/share/man/man8/groupdel.8.gz +-rw-r--r-- root/root usr/share/man/man8/groupmems.8.gz +-rw-r--r-- root/root usr/share/man/man8/groupmod.8.gz +-rw-r--r-- root/root usr/share/man/man8/grpck.8.gz +-rw-r--r-- root/root usr/share/man/man8/lastlog.8.gz +-rw-r--r-- root/root usr/share/man/man8/nologin.8.gz +-rw-r--r-- root/root usr/share/man/man8/pwck.8.gz +-rw-r--r-- root/root usr/share/man/man8/useradd.8.gz +-rw-r--r-- root/root usr/share/man/man8/userdel.8.gz +-rw-r--r-- root/root usr/share/man/man8/usermod.8.gz +-rw-r--r-- root/root usr/share/man/man8/vigr.8.gz +-rw-r--r-- root/root usr/share/man/man8/vipw.8.gz +drwxr-xr-x root/root var/ +drwxr-xr-x root/root var/log/ +-rw-r--r-- root/root var/log/faillog (EMPTY) +-rw-r--r-- root/root var/log/lastlog (EMPTY) diff --git a/shadow/.signature b/shadow/.signature new file mode 100644 index 0000000..f64e45c --- /dev/null +++ b/shadow/.signature @@ -0,0 +1,19 @@ +untrusted comment: verify with /etc/ports/core-arm64.pub +RWSKslkvIwb+2U/K1xFk57UD/iv7vXSAPB0gzjSty6Y31yiHLvspyKUX14OIoDeik2AmhILAR6o6jjMYd+6Ivpx7GNvtT+JSKAc= +SHA256 (Pkgfile) = 4a6a102be0cb5bbdf38edbc648b0ef6147cbd1f8c58fc395b438aff3a52a94f1 +SHA256 (.footprint) = 17c281f8a824da1e9a3e0540213b72364118d78cc75202bcf83eafd1f1f1d3e5 +SHA256 (shadow-4.6.tar.xz) = 0998c8d84242a231ab0acb7f8613927ff5bcff095f8aa6b79478893a03f05583 +SHA256 (pwck) = c62f1bf5785c2bb93bb269156bfa02b06728a01ff5d6c2e09cf6285701a1fda0 +SHA256 (login.defs) = def991c4bc012834d726a4010783634a930558b91650bc4cba5fe822064c3535 +SHA256 (chfn) = b31ef7a14f747e114c970027a57acb5dcefffee439ce0b4a7d55cc2f6b632fcf +SHA256 (chsh) = 20e39e9c738599272a10f46a11338d62d755df32a26db27ce0b5c04a71d66460 +SHA256 (login) = ae3f6b4ddfc86f30f864e3e9cb514964bb323a9e59840624672f412005c64285 +SHA256 (groupadd) = c7b90c655b974d396328ddf5d028ef682c2115b6646433f430d8d4a5f9f21bc5 +SHA256 (groupdel) = c84a5e8751ca237eddaf2ac3a3bb7ef63f6535a83df6a8c52511eed65a981314 +SHA256 (groupmems) = 1bb62dc2a199118900c6c690888342e1c80d38aae89e7f29138edbfd1d8b1194 +SHA256 (groupmod) = 9cf502d1fb1d89b5115592cf5d3151bf1fca6f69ea27592768789573a079c02f +SHA256 (passwd) = e746db74b7d3ed8d4bfb796c8e27c666ea2df73504e0620fd5ac8766b055175d +SHA256 (su) = fd033d23c243c3ec7c0491f109365419bfa34c305fe6554f526b4df797486454 +SHA256 (useradd) = 2988d648da4c4c6924360aa3c648937e11ea8f5e98c856d293d071adf63a0ec9 +SHA256 (userdel) = 478cc2d620831ca266f953c0a743c19c1f007d567fb61a1757b631a80b328d41 +SHA256 (usermod) = 800ba6178170142c7202c7fdbdc30323bdbcf9b592c4f0328375b8830cf81d51 diff --git a/shadow/Pkgfile b/shadow/Pkgfile new file mode 100644 index 0000000..430018f --- /dev/null +++ b/shadow/Pkgfile @@ -0,0 +1,46 @@ +# Description: Shadow password file utilities +# URL: https://github.com/shadow-maint/shadow/ +# Maintainer: CRUX System Team, core-ports at crux dot nu +# Depends on: acl linux-pam + +name=shadow +version=4.6 +release=2 +source=(https://github.com/shadow-maint/$name/releases/download/$version/$name-$version.tar.xz \ + pwck login.defs chfn chsh login groupadd groupdel \ + groupmems groupmod passwd su useradd userdel usermod) + +build() { + cd $name-$version + + ./configure --prefix=/usr \ + --sysconfdir=/etc \ + --disable-shared \ + --disable-shadowgrp \ + --disable-nls \ + --without-selinux \ + --without-audit + + make + make DESTDIR=$PKG install + + install -d $PKG/etc/cron/daily $PKG/var/log + install -m 644 $SRC/login.defs $PKG/etc + install -m 755 $SRC/pwck $PKG/etc/cron/daily + mv $PKG/bin/{su,groups} $PKG/usr/bin + touch $PKG/var/log/{lastlog,faillog} + + rm -r $PKG/usr/bin/gpasswd \ + $PKG/usr/share/man/man1/gpasswd.1 \ + $PKG/usr/sbin/{chpasswd,grpconv,grpunconv,logoutd} \ + $PKG/usr/sbin/{newusers,pwconv,pwunconv} \ + $PKG/usr/share/man/man8/{chpasswd.8,grpconv.8,grpunconv.8,logoutd.8} \ + $PKG/usr/share/man/man8/{newusers.8,pwconv.8,pwunconv.8} \ + $PKG/usr/share/man/man5/gshadow.5 \ + $PKG/usr/share/man/man3 \ + $PKG/etc/default + + install -o root -g root -m 0644 \ + $SRC/{ch{fn,sh},login,group{add,del,mems,mod},passwd,su,user{add,del,mod}} \ + $PKG/usr/sbin/ +} diff --git a/shadow/chfn b/shadow/chfn new file mode 100644 index 0000000..5c7dc45 --- /dev/null +++ b/shadow/chfn @@ -0,0 +1,9 @@ +# +# /etc/pam.d/chfn - chfn service module configuration +# + +auth sufficient pam_rootok.so + +auth include common-auth + +account include common-account diff --git a/shadow/chsh b/shadow/chsh new file mode 100644 index 0000000..e0ee487 --- /dev/null +++ b/shadow/chsh @@ -0,0 +1,9 @@ +# +# /etc/pam.d/chsh - chsh service module configuration +# + +auth sufficient pam_rootok.so + +auth include common-auth + +account include common-account diff --git a/shadow/groupadd b/shadow/groupadd new file mode 100644 index 0000000..22ff070 --- /dev/null +++ b/shadow/groupadd @@ -0,0 +1,7 @@ +# +# /etc/pam.d/groupadd - groupadd service module configuration +# + +auth sufficient pam_rootok.so + +account include common-account diff --git a/shadow/groupdel b/shadow/groupdel new file mode 100644 index 0000000..dce358d --- /dev/null +++ b/shadow/groupdel @@ -0,0 +1,7 @@ +# +# /etc/pam.d/groupdel - groupdel service module configuration +# + +auth sufficient pam_rootok.so + +account include common-account diff --git a/shadow/groupmems b/shadow/groupmems new file mode 100644 index 0000000..bd60d05 --- /dev/null +++ b/shadow/groupmems @@ -0,0 +1,7 @@ +# +# /etc/pam.d/groupmems - groupmems service module configuration +# + +auth sufficient pam_rootok.so + +account include common-account diff --git a/shadow/groupmod b/shadow/groupmod new file mode 100644 index 0000000..c6f9878 --- /dev/null +++ b/shadow/groupmod @@ -0,0 +1,7 @@ +# +# /etc/pam.d/groupmod - groupmod service module configuration +# + +auth sufficient pam_rootok.so + +account include common-account diff --git a/shadow/login b/shadow/login new file mode 100644 index 0000000..de1a8e6 --- /dev/null +++ b/shadow/login @@ -0,0 +1,17 @@ +# +# /etc/pam.d/login - login service module configuration +# + +auth include common-auth + +auth required pam_securetty.so +auth requisite pam_nologin.so + +account include common-account + +password include common-password + +session include common-session + +session optional pam_lastlog.so +session optional pam_motd.so diff --git a/shadow/login.defs b/shadow/login.defs new file mode 100644 index 0000000..1a1293b --- /dev/null +++ b/shadow/login.defs @@ -0,0 +1,39 @@ +# +# /etc/login.defs: login configuration, see login.defs(5) +# + +FAIL_DELAY 0 +LOG_UNKFAIL_ENAB no +LOG_OK_LOGINS no +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes +CONSOLE /etc/securetty +SU_NAME su +MAIL_DIR /var/spool/mail +HUSHLOGIN_FILE .hushlogin +ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin +ENV_PATH PATH=/bin:/usr/bin +TTYGROUP tty +TTYPERM 0600 +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 +UID_MIN 100 +UID_MAX 60000 +GID_MIN 100 +GID_MAX 60000 +SYS_UID_MIN 25 +SYS_UID_MAX 99 +SYS_GID_MIN 25 +SYS_GID_MAX 99 +LOGIN_RETRIES 5 +LOGIN_TIMEOUT 60 +CHFN_RESTRICT rwh +ENCRYPT_METHOD SHA512 +DEFAULT_HOME yes +USERGROUPS_ENAB no + +# End of file diff --git a/shadow/passwd b/shadow/passwd new file mode 100644 index 0000000..079f5d3 --- /dev/null +++ b/shadow/passwd @@ -0,0 +1,5 @@ +# +# /etc/pam.d/passwd - passwd service module configuration +# + +password include common-password diff --git a/shadow/pwck b/shadow/pwck new file mode 100644 index 0000000..97d1aa7 --- /dev/null +++ b/shadow/pwck @@ -0,0 +1,9 @@ +#!/bin/sh +# +# /etc/cron/daily/pwck: verify integrity of password and group files +# + +/usr/sbin/pwck -r +/usr/sbin/grpck -r + +# End of file diff --git a/shadow/su b/shadow/su new file mode 100644 index 0000000..01417c6 --- /dev/null +++ b/shadow/su @@ -0,0 +1,12 @@ +# +# /etc/pam.d/su - su service module configuration +# + +auth sufficient pam_rootok.so +#auth required pam_wheel.so use_uid + +auth include common-auth + +account include common-account + +session include common-session diff --git a/shadow/useradd b/shadow/useradd new file mode 100644 index 0000000..8df28b1 --- /dev/null +++ b/shadow/useradd @@ -0,0 +1,7 @@ +# +# /etc/pam.d/useradd - useradd service module configuration +# + +auth sufficient pam_rootok.so + +account include common-account diff --git a/shadow/userdel b/shadow/userdel new file mode 100644 index 0000000..ffee7b5 --- /dev/null +++ b/shadow/userdel @@ -0,0 +1,7 @@ +# +# /etc/pam.d/userdel - userdel service module configuration +# + +auth sufficient pam_rootok.so + +account include common-account diff --git a/shadow/usermod b/shadow/usermod new file mode 100644 index 0000000..7a0c27d --- /dev/null +++ b/shadow/usermod @@ -0,0 +1,7 @@ +# +# /etc/pam.d/usermod - usermod service module configuration +# + +auth sufficient pam_rootok.so + +account include common-account -- 2.26.2