[arch-commits] Commit in shadow/trunk (PKGBUILD shadow.install)
Date: Sunday, July 12, 2020 @ 14:10:45
Author: dreisner
Revision: 391755
upgpkg: shadow 4.8.1-2
- use libcap-ng to set filecaps rather than libcap (FS#63920)
Modified:
shadow/trunk/PKGBUILD
shadow/trunk/shadow.install
+
PKGBUILD |5 +++--
shadow.install | 11 +--
2 files changed, 12 insertions(+), 4 deletions(-)
Modified: PKGBUILD
===
--- PKGBUILD2020-07-12 13:02:37 UTC (rev 391754)
+++ PKGBUILD2020-07-12 14:10:45 UTC (rev 391755)
@@ -3,12 +3,13 @@
pkgname=shadow
pkgver=4.8.1
-pkgrel=1
+pkgrel=2
pkgdesc="Password and account management tool suite with support for shadow
files and PAM"
arch=('x86_64')
url='https://github.com/shadow-maint/shadow'
license=('BSD')
-depends=('pam' 'acl' 'audit' 'libaudit.so')
+# libcap-ng needed by install scriptlet for 'filecap'
+depends=('pam' 'acl' 'audit' 'libaudit.so' 'libcap-ng')
makedepends=('git' 'itstool' 'libxslt' 'docbook-xsl')
backup=(etc/login.defs
etc/pam.d/{chage,passwd,shadow,useradd,usermod,userdel}
Modified: shadow.install
===
--- shadow.install 2020-07-12 13:02:37 UTC (rev 391754)
+++ shadow.install 2020-07-12 14:10:45 UTC (rev 391755)
@@ -1,7 +1,14 @@
setcaps() {
+ _setcap() {
+if filecap "$1" "$2"; then
+ chmod -s "$1"
+fi
+ }
+
# shadow ships these as setuid, but if we can apply file caps, use those
instead.
- setcap cap_setuid+ep usr/bin/newuidmap 2>/dev/null && chmod -s
usr/bin/newuidmap
- setcap cap_setgid+ep usr/bin/newgidmap 2>/dev/null && chmod -s
usr/bin/newgidmap
+ # 'filecap' insists on absolute paths
+ _setcap /usr/bin/newuidmap setuid
+ _setcap /usr/bin/newgidmap setgid
}
post_install() {
[arch-commits] Commit in shadow/trunk (PKGBUILD shadow.install)
Date: Thursday, August 1, 2019 @ 18:04:21
Author: dreisner
Revision: 358862
upgpkg: shadow 4.7-2
- apply filecaps to newuidmap/newgidmap instead of setuid (FS#63248)
Added:
shadow/trunk/shadow.install
Modified:
shadow/trunk/PKGBUILD
+
PKGBUILD |3 ++-
shadow.install | 15 +++
2 files changed, 17 insertions(+), 1 deletion(-)
Modified: PKGBUILD
===
--- PKGBUILD2019-08-01 14:12:28 UTC (rev 358861)
+++ PKGBUILD2019-08-01 18:04:21 UTC (rev 358862)
@@ -3,7 +3,7 @@
pkgname=shadow
pkgver=4.7
-pkgrel=1
+pkgrel=2
pkgdesc="Password and account management tool suite with support for shadow
files and PAM"
arch=('x86_64')
url='https://github.com/shadow-maint/shadow'
@@ -28,6 +28,7 @@
passwd
shadow.{timer,service}
useradd.defaults)
+install=shadow.install
sha1sums=('SKIP'
'33a6cf1e44a1410e5c9726c89e5de68b78f5f922'
'4ad0e059406a305c8640ed30d93c2a1f62c2f4ad'
Added: shadow.install
===
--- shadow.install (rev 0)
+++ shadow.install 2019-08-01 18:04:21 UTC (rev 358862)
@@ -0,0 +1,15 @@
+setcaps() {
+ # shadow ships these as setuid, but if we can apply file caps, use those
instead.
+ setcap cap_setuid+ep usr/bin/newuidmap 2>/dev/null && chmod -s
usr/bin/newuidmap
+ setcap cap_setgid+ep usr/bin/newgidmap 2>/dev/null && chmod -s
usr/bin/newgidmap
+}
+
+post_install() {
+ setcaps
+}
+
+post_upgrade() {
+ setcaps
+}
+
+# vim:set ts=2 sw=2 et:
[arch-commits] Commit in shadow/trunk (PKGBUILD shadow.install)
Date: Sunday, June 30, 2019 @ 19:48:28
Author: dreisner
Revision: 357127
upgpkg: shadow 4.7-1
- drop shadow.install, duplicates things from shadow.service
- drop bash dependency, probably had it historically for adduser (and
scriptlet?)
Modified:
shadow/trunk/PKGBUILD
Deleted:
shadow/trunk/shadow.install
+
PKGBUILD | 13 +++--
shadow.install |9 -
2 files changed, 3 insertions(+), 19 deletions(-)
Modified: PKGBUILD
===
--- PKGBUILD2019-06-30 19:25:57 UTC (rev 357126)
+++ PKGBUILD2019-06-30 19:48:28 UTC (rev 357127)
@@ -2,14 +2,14 @@
# Maintainer: Aaron Griffin
pkgname=shadow
-pkgver=4.6
-pkgrel=3
+pkgver=4.7
+pkgrel=1
pkgdesc="Password and account management tool suite with support for shadow
files and PAM"
arch=('x86_64')
url='https://github.com/shadow-maint/shadow'
license=('BSD')
groups=('base')
-depends=('bash' 'pam' 'acl' 'audit' 'libaudit.so')
+depends=('pam' 'acl' 'audit' 'libaudit.so')
makedepends=('git' 'libxslt' 'docbook-xsl' 'gnome-doc-utils')
backup=(etc/login.defs
etc/pam.d/{chage,passwd,shadow,useradd,usermod,userdel}
@@ -17,7 +17,6 @@
etc/pam.d/{chgpasswd,groupmems}
etc/default/useradd)
options=(strip debug)
-install='shadow.install'
validpgpkeys=('D5C2F9BFCA128BBA22A77218872F702C4D6E25A8') # Christian Perrier
source=("git+https://github.com/shadow-maint/shadow.git#tag=$pkgver";
LICENSE
@@ -51,12 +50,6 @@
cd "$pkgname"
local backports=(
-# Fix usermod crash
-73a876a05612c278da747faeaeea40c3b8d34a53
-# usermod: prevent a segv
-48dcf7852e51b9d8e7926737cc7f7823978b7d7d
-# https://github.com/shadow-maint/shadow/issues/125
-10e388efc2c786d1ec4ed007891bfefa8826b6fd
)
for commit in "${backports[@]}"; do
Deleted: shadow.install
===
--- shadow.install 2019-06-30 19:25:57 UTC (rev 357126)
+++ shadow.install 2019-06-30 19:48:28 UTC (rev 357127)
@@ -1,9 +0,0 @@
-post_upgrade() {
- grpck -r >/dev/null 2>&1
- if [ $? -eq 2 ]; then
-printf '%s\n' \
- "==> Warning: /etc/group or /etc/gshadow are inconsistent." \
- "Run 'grpck' to correct this."
- fi
- return 0
-}
[arch-commits] Commit in shadow/trunk (PKGBUILD shadow.install)
Date: Saturday, December 3, 2011 @ 20:15:57
Author: dreisner
Revision: 144102
upgpkg: shadow 4.1.4.3-5
- remove bashism from install scriptlet
- remove auto-fixit if grpck exit with 2 (FS#27270)
Modified:
shadow/trunk/PKGBUILD
shadow/trunk/shadow.install
+
PKGBUILD |2 +-
shadow.install |7 ---
2 files changed, 5 insertions(+), 4 deletions(-)
Modified: PKGBUILD
===
--- PKGBUILD2011-12-03 22:12:51 UTC (rev 144101)
+++ PKGBUILD2011-12-04 01:15:57 UTC (rev 144102)
@@ -4,7 +4,7 @@
pkgname=shadow
pkgver=4.1.4.3
-pkgrel=4
+pkgrel=5
pkgdesc="Password and account management tool suite with support for shadow
files and PAM"
arch=('i686' 'x86_64')
url='http://pkg-shadow.alioth.debian.org/'
Modified: shadow.install
===
--- shadow.install 2011-12-03 22:12:51 UTC (rev 144101)
+++ shadow.install 2011-12-04 01:15:57 UTC (rev 144102)
@@ -1,8 +1,9 @@
post_upgrade() {
- grpck -r &>/dev/null
+ grpck -r >/dev/null 2>&1
if [ $? -eq 2 ]; then
-echo "Fixing gshadow file ..."
-while :; do echo "y"; done | grpck &>/dev/null
+printf '%s\n' \
+ "==> Warning: /etc/group or /etc/gshadow are inconsistant." \
+ "Run 'grpck' to correct this."
fi
return 0
}
