commit: 56ef9db115f32af950b7306c47380c3169ddacb4
Author: Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Sat Dec 13 21:28:50 2025 +0000
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Sun Dec 14 01:44:52 2025 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=56ef9db1
sys-apps/shadow: move login.defs manipulation to src_configure
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>
sys-apps/shadow/shadow-4.19.0_rc1.ebuild | 121 ++++++++++++++++---------------
1 file changed, 61 insertions(+), 60 deletions(-)
diff --git a/sys-apps/shadow/shadow-4.19.0_rc1.ebuild
b/sys-apps/shadow/shadow-4.19.0_rc1.ebuild
index a01e6c6e658b..1063118472e3 100644
--- a/sys-apps/shadow/shadow-4.19.0_rc1.ebuild
+++ b/sys-apps/shadow/shadow-4.19.0_rc1.ebuild
@@ -68,6 +68,22 @@ src_prepare() {
elibtoolize
}
+set_login_opt() {
+ local comment="" opt=${1} val=${2}
+ if [[ -z ${val} ]]; then
+ comment="#"
+ sed -i \
+ -e "/^${opt}\>/s:^:#:" \
+ etc/login.defs || die
+ else
+ sed -i -r \
+ -e "/^#?${opt}\>/s:.*:${opt} ${val}:" \
+ etc/login.defs || die
+ fi
+ local res=$(grep "^${comment}${opt}\>" etc/login.defs)
+ einfo "${res:-Unable to find ${opt} in etc/login.defs}"
+}
+
src_configure() {
local myeconfargs=(
# Negate new upstream default of disabling for now
@@ -95,22 +111,47 @@ src_configure() {
)
econf "${myeconfargs[@]}"
-}
-set_login_opt() {
- local comment="" opt=${1} val=${2}
- if [[ -z ${val} ]]; then
- comment="#"
- sed -i \
- -e "/^${opt}\>/s:^:#:" \
- "${ED}"/etc/login.defs || die
+ set_login_opt CREATE_HOME yes
+ if use pam; then
+ # Comment out login.defs options that pam hates
+ local opts=(
+ CHFN_AUTH
+ CONSOLE
+ ENV_HZ
+ ENVIRON_FILE
+ FAILLOG_ENAB
+ FTMP_FILE
+ LASTLOG_ENAB
+ MAIL_CHECK_ENAB
+ MOTD_FILE
+ NOLOGINS_FILE
+ OBSCURE_CHECKS_ENAB
+ PASS_ALWAYS_WARN
+ PASS_CHANGE_TRIES
+ PASS_MIN_LEN
+ PORTTIME_CHECKS_ENAB
+ QUOTAS_ENAB
+ SU_WHEEL_ONLY
+ )
+ local opt sed_args=()
+ for opt in "${opts[@]}"; do
+ set_login_opt ${opt}
+ sed_args+=( -e "/^#${opt}\>/b pamnote" )
+ done
+ sed_args+=(
+ -e 'b exit'
+ -e ': pamnote; i# NOTE: This setting should be
configured via /etc/pam.d/ and not in this file.'
+ -e ': exit'
+ )
+ sed -i "${sed_args[@]}" etc/login.defs || die
else
- sed -i -r \
- -e "/^#?${opt}\>/s:.*:${opt} ${val}:" \
- "${ED}"/etc/login.defs
+ set_login_opt MAIL_CHECK_ENAB no
+ set_login_opt SU_WHEEL_ONLY yes
+ set_login_opt LOGIN_RETRIES 3
+ set_login_opt ENCRYPT_METHOD YESCRYPT
+ set_login_opt CONSOLE
fi
- local res=$(grep "^${comment}${opt}\>" "${ED}"/etc/login.defs)
- einfo "${res:-Unable to find ${opt} in /etc/login.defs}"
}
src_install() {
@@ -125,16 +166,17 @@ src_install() {
find "${ED}" -name '*.la' -type f -delete || die
insinto /etc
- if ! use pam ; then
- insopts -m0600
- doins etc/login.access etc/limits
- fi
+ doins etc/login.defs
# needed for 'useradd -D'
- insinto /etc/default
insopts -m0600
+ insinto /etc/default
doins "${FILESDIR}"/default/useradd
+ if ! use pam ; then
+ doins etc/login.access etc/limits
+ fi
+
if use split-usr ; then
# move passwd to / to help recover broke systems #64441
# We cannot simply remove this or else net-misc/scponly
@@ -145,18 +187,7 @@ src_install() {
dosym ../../bin/passwd /usr/bin/passwd
fi
- insinto /etc
- insopts -m0644
- newins etc/login.defs login.defs
-
- set_login_opt CREATE_HOME yes
- if ! use pam ; then
- set_login_opt MAIL_CHECK_ENAB no
- set_login_opt SU_WHEEL_ONLY yes
- set_login_opt LOGIN_RETRIES 3
- set_login_opt ENCRYPT_METHOD YESCRYPT
- set_login_opt CONSOLE
- else
+ if use pam; then
dopamd "${FILESDIR}"/pam.d-include/shadow
for x in chsh chfn ; do
@@ -169,36 +200,6 @@ src_install() {
newpamd "${FILESDIR}"/pam.d-include/shadow-r1 groupmems
- # Comment out login.defs options that pam hates
- local opt sed_args=()
- for opt in \
- CHFN_AUTH \
- CONSOLE \
- ENV_HZ \
- ENVIRON_FILE \
- FAILLOG_ENAB \
- FTMP_FILE \
- LASTLOG_ENAB \
- MAIL_CHECK_ENAB \
- MOTD_FILE \
- NOLOGINS_FILE \
- OBSCURE_CHECKS_ENAB \
- PASS_ALWAYS_WARN \
- PASS_CHANGE_TRIES \
- PASS_MIN_LEN \
- PORTTIME_CHECKS_ENAB \
- QUOTAS_ENAB \
- SU_WHEEL_ONLY
- do
- set_login_opt ${opt}
- sed_args+=( -e "/^#${opt}\>/b pamnote" )
- done
- sed -i "${sed_args[@]}" \
- -e 'b exit' \
- -e ': pamnote; i# NOTE: This setting should be
configured via /etc/pam.d/ and not in this file.' \
- -e ': exit' \
- "${ED}"/etc/login.defs || die
-
# Remove manpages that pam will install for us
# and/or don't apply when using pam
find "${ED}"/usr/share/man -type f \
