[gentoo-commits] repo/gentoo:master commit in: sys-apps/shadow/

Mon, 19 Jan 2026 10:43:11 -0800 

commit:     d868eb6c3ac81b706ee4db744f6f08082c64211c
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Mon Jan 19 18:42:17 2026 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Mon Jan 19 18:42:17 2026 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d868eb6c

sys-apps/shadow: add 4.19.2

Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>

 sys-apps/shadow/Manifest             |   2 +
 sys-apps/shadow/shadow-4.19.2.ebuild | 262 +++++++++++++++++++++++++++++++++++
 2 files changed, 264 insertions(+)

diff --git a/sys-apps/shadow/Manifest b/sys-apps/shadow/Manifest
index d8715e607227..ca82b4ce8960 100644
--- a/sys-apps/shadow/Manifest
+++ b/sys-apps/shadow/Manifest
@@ -2,3 +2,5 @@ DIST shadow-4.14.8.tar.xz 1806352 BLAKE2B 
a6ed45e44560c68baec97072399c106060be85
 DIST shadow-4.14.8.tar.xz.asc 833 BLAKE2B 
1b8b8f3f36e06c1dda0a4e0d1508b1ad0ef85f0fa993a92a583831687076ba22d05f47109d56c1e740b60632c3bbeeb6c8cc001e41f46b1a2f9177ce62854f8c
 SHA512 
1db2647babe3f434204c93e7700ff6a0ece078f6c5adb96ae0c0ac9d82a862835c4ab8afb37b0ffc80cf62e9a59f1ba33a92ff454e7ae0ca2aa535b19627615e
 DIST shadow-4.19.0-rc1.tar.xz 2386400 BLAKE2B 
cc7d09b87d535fe4317fc85a788293fefb5ef4cf1b4a86d4b3499476945c13ee652a17656c88a05efd8031b3bbe9c2aeda3069e9a149b6906f134d690ce2e11e
 SHA512 
cf382d2dd7e9acd991fc5c2c91d4e984ae52ee8ddc9cb688a6c3911627d43ea395fe90f1b8430d0ed8dc240a0ad810c5074e62ef7751052d9680b004a9de04f8
 DIST shadow-4.19.0-rc1.tar.xz.asc 488 BLAKE2B 
00968b448d91558117a1958ebd984cd23fdbe1e414230f8c17b3ca98176ffd1768c04fd9afb44eea080f3bcd7a104efe1f8169052329d5a00b987af8cf6f7c4f
 SHA512 
993963f6ef0a9501d4fc2fabfb7d330280b07e916bc61bd254bd1bb8d795166423e4bcbe662a6bad0026f5556becb43d12ed8c99b4ea285b43fffa8264bd1c85
+DIST shadow-4.19.2.tar.xz 2339472 BLAKE2B 
f2fc64f071e8fe09ed76545abe64e30cff780d7d1c276ebdb05e04ebc36dddb3db86b2537808755049d342e2101247bd76d01c8861b53246f5c81b780952a1e5
 SHA512 
b03b2fca7bc65dc6b78d465f0b2ab170bb799cbfbdd588b8ae239c1ec99045864302cbd17d27beb1ea0c63ea33370aa28c0231dfb8864e007de21220de8c2f48
+DIST shadow-4.19.2.tar.xz.asc 488 BLAKE2B 
f2d76a47b5a8d97ce6528bfa0a4f4b0f3b23c434cc4bd8db9dff186e2b014063907c53d358e59c2c8dd4fbaebccfd6b5063150ed79b0b20b0fe719cf6917b7e0
 SHA512 
2c434fd939a0a2faca76e48ab3dd1c0afac763fa6b5bfc73c859f552335590d60506fe7649b5ff045692fcc7f378f6ba97dfe798c8682286fd4a9a0eaa4c1f81

diff --git a/sys-apps/shadow/shadow-4.19.2.ebuild 
b/sys-apps/shadow/shadow-4.19.2.ebuild
new file mode 100644
index 000000000000..48c058484178
--- /dev/null
+++ b/sys-apps/shadow/shadow-4.19.2.ebuild
@@ -0,0 +1,262 @@
+# Copyright 1999-2026 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+# Upstream sometimes pushes releases as pre-releases before marking them
+# official. Don't keyword the pre-releases!
+# Check https://github.com/shadow-maint/shadow/releases.
+
+inherit libtool pam user-info verify-sig
+
+DESCRIPTION="Utilities to deal with user accounts"
+HOMEPAGE="https://github.com/shadow-maint/shadow";
+MY_PV="${PV/_/-}"
+MY_P="${PN}-${MY_PV}"
+SRC_URI="https://github.com/shadow-maint/shadow/releases/download/${MY_PV}/${MY_P}.tar.xz";
+SRC_URI+=" verify-sig? ( 
https://github.com/shadow-maint/shadow/releases/download/${MY_PV}/${MY_P}.tar.xz.asc
 )"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="BSD GPL-2"
+# Subslot is for libsubid's SONAME.
+SLOT="0/5"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~m68k ~mips ~ppc ~ppc64 
~riscv ~s390 ~sparc ~x86"
+IUSE="acl audit nls pam selinux skey split-usr su systemd test xattr"
+RESTRICT="!test? ( test )"
+
+COMMON_DEPEND="
+       virtual/libcrypt:=
+       acl? ( sys-apps/acl:= )
+       audit? ( >=sys-process/audit-2.6:= )
+       nls? ( virtual/libintl )
+       pam? ( sys-libs/pam:= )
+       skey? ( sys-auth/skey:= )
+       selinux? (
+               >=sys-libs/libselinux-1.28:=
+               sys-libs/libsemanage:=
+       )
+       systemd? ( sys-apps/systemd:= )
+       xattr? ( sys-apps/attr:= )
+       !<sys-libs/glibc-2.38
+"
+DEPEND="
+       ${COMMON_DEPEND}
+       >=sys-kernel/linux-headers-4.14
+"
+RDEPEND="
+       ${COMMON_DEPEND}
+       acct-group/shadow
+       pam? ( >=sys-auth/pambase-20150213 )
+       su? ( !sys-apps/util-linux[su(-)] )
+"
+BDEPEND="
+       acct-group/shadow
+       app-arch/xz-utils
+       sys-devel/gettext
+       test? ( dev-util/cmocka )
+"
+
+BDEPEND+=" verify-sig? ( sec-keys/openpgp-keys-sergehallyn )"
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/sergehallyn.asc
+
+src_prepare() {
+       default
+       elibtoolize
+}
+
+set_login_opt() {
+       local comment="" opt=${1} val=${2}
+       if [[ -z ${val} ]]; then
+               comment="#"
+               sed -i \
+                       -e "/^${opt}\>/s:^:#:" \
+                       etc/login.defs || die
+       else
+               sed -i -r \
+                       -e "/^#?${opt}\>/s:.*:${opt} ${val}:" \
+                       etc/login.defs || die
+       fi
+       local res=$(grep "^${comment}${opt}\>" etc/login.defs)
+       einfo "${res:-Unable to find ${opt} in etc/login.defs}"
+}
+
+src_configure() {
+       local myeconfargs=(
+               # Negate new upstream default of disabling for now
+               --enable-lastlog
+               --disable-account-tools-setuid
+               --disable-static
+               --with-btrfs
+               # Use bundled replacements for readpassphrase and freezero
+               --without-libbsd
+               --without-group-name-max-length
+               --without-tcb
+               --with-bcrypt
+               --with-yescrypt
+               $(use_enable nls)
+               # TODO: wire up upstream for elogind too (bug #931119)
+               $(use_enable systemd logind)
+               $(use_with acl)
+               $(use_with audit)
+               $(use_with elibc_glibc nscd)
+               $(use_with pam libpam)
+               $(use_with selinux)
+               $(use_with skey)
+               $(use_with su)
+               $(use_with xattr attr)
+       )
+
+       econf "${myeconfargs[@]}"
+
+       set_login_opt CREATE_HOME yes
+       if use pam; then
+               # Comment out login.defs options that pam hates
+               local opts=(
+                       CHFN_AUTH
+                       CONSOLE
+                       ENV_HZ
+                       ENVIRON_FILE
+                       FAILLOG_ENAB
+                       FTMP_FILE
+                       LASTLOG_ENAB
+                       MAIL_CHECK_ENAB
+                       MOTD_FILE
+                       NOLOGINS_FILE
+                       OBSCURE_CHECKS_ENAB
+                       PASS_ALWAYS_WARN
+                       PASS_CHANGE_TRIES
+                       PASS_MIN_LEN
+                       PORTTIME_CHECKS_ENAB
+                       QUOTAS_ENAB
+                       SU_WHEEL_ONLY
+               )
+               local opt sed_args=()
+               for opt in "${opts[@]}"; do
+                       set_login_opt ${opt}
+                       sed_args+=( -e "/^#${opt}\>/b pamnote" )
+               done
+               sed_args+=(
+                       -e 'b exit'
+                       -e ': pamnote; i# NOTE: This setting should be 
configured via /etc/pam.d/ and not in this file.'
+                       -e ': exit'
+               )
+               sed -i "${sed_args[@]}" etc/login.defs || die
+       else
+               set_login_opt MAIL_CHECK_ENAB no
+               set_login_opt SU_WHEEL_ONLY yes
+               set_login_opt LOGIN_RETRIES 3
+               set_login_opt ENCRYPT_METHOD YESCRYPT
+               set_login_opt CONSOLE
+       fi
+}
+
+src_install() {
+       emake DESTDIR="${D}" suidperms=4755 install
+
+       fowners :shadow /usr/bin/{chage,expiry}
+       fperms u-s,g+s /usr/bin/{chage,expiry}
+
+       # 4.9 regression: https://github.com/shadow-maint/shadow/issues/389
+       emake DESTDIR="${D}" -C man install
+
+       find "${ED}" -name '*.la' -type f -delete || die
+
+       insinto /etc
+       doins etc/login.defs
+
+       # needed for 'useradd -D'
+       insopts -m0600
+       insinto /etc/default
+       doins "${FILESDIR}"/default/useradd
+
+       if ! use pam ; then
+               doins etc/login.access etc/limits
+       fi
+
+       if use split-usr ; then
+               # move passwd to / to help recover broke systems #64441
+               # We cannot simply remove this or else net-misc/scponly
+               # and other tools will break because of hardcoded passwd
+               # location
+               dodir /bin
+               mv "${ED}"/usr/bin/passwd "${ED}"/bin/ || die
+               dosym ../../bin/passwd /usr/bin/passwd
+       fi
+
+       if use pam; then
+               dopamd "${FILESDIR}"/pam.d-include/shadow
+
+               for x in chsh chfn ; do
+                       newpamd "${FILESDIR}"/pam.d-include/passwd ${x}
+               done
+
+               for x in chpasswd newusers ; do
+                       newpamd "${FILESDIR}"/pam.d-include/chpasswd ${x}
+               done
+
+               newpamd "${FILESDIR}"/pam.d-include/shadow-r1 groupmems
+
+               # Remove manpages that pam will install for us
+               # and/or don't apply when using pam
+               find "${ED}"/usr/share/man -type f \
+                       '(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
+                       -delete
+
+               # Remove pam.d files provided by pambase.
+               rm "${ED}"/etc/pam.d/{login,passwd} || die
+               if use su ; then
+                       rm "${ED}"/etc/pam.d/su || die
+               fi
+       fi
+
+       # Remove manpages that are handled by other packages
+       find "${ED}"/usr/share/man -type f -name getspnam.3 -delete || die
+
+       if ! use su ; then
+               find "${ED}"/usr/share/man -type f -name su.1 -delete || die
+       fi
+
+       dodoc README doc/HOWTO doc/README.limits
+
+       if use elibc_musl; then
+               QA_CONFIG_IMPL_DECL_SKIP+=( sgetsgent )
+       fi
+}
+
+pkg_postinst() {
+       # Missing entries from /etc/passwd can cause odd system blips.
+       # See bug #829872.
+       if ! pwck -r -q -R "${EROOT:-/}" &>/dev/null ; then
+               ewarn "Running 'pwck' returned errors. Please run it manually 
to fix any errors."
+       fi
+
+       local group=shadow
+
+       if [[ -n ${ROOT} ]]; then
+               # Resolve to a group id using ${ROOT}/etc/passwd
+               group=$(egetent group shadow | cut -d: -f3)
+               if [[ -n ${group} ]]; then
+                       chgrp "${group}" "${EROOT}"/usr/bin/{chage,expiry} &&
+                       chmod g+s "${EROOT}"/usr/bin/{chage,expiry}
+               fi
+       fi
+
+       # Enable shadow groups.
+       if [[ ! -f "${EROOT}"/etc/gshadow ]] ; then
+               if grpck -r -R "${EROOT:-/}" 2>/dev/null ; then
+                       grpconv -R "${EROOT:-/}"
+                       if [[ -n ${group} ]]; then
+                               chgrp "${group}" "${EROOT}"/etc/gshadow &&
+                               chmod g+r "${EROOT}"/etc/gshadow
+                       fi
+               else
+                       ewarn "Running 'grpck' returned errors. Please run it 
by hand, and then"
+                       ewarn "run 'grpconv' afterwards!"
+               fi
+       fi
+
+       [[ ! -f "${EROOT}"/etc/subgid ]] &&
+               touch "${EROOT}"/etc/subgid
+       [[ ! -f "${EROOT}"/etc/subuid ]] &&
+               touch "${EROOT}"/etc/subuid
+}

Reply via email to