diff --git a/base/shadow-utils/centos/build_srpm.data b/base/shadow-utils/centos/build_srpm.data deleted file mode 100644 index 82b607648..000000000 --- a/base/shadow-utils/centos/build_srpm.data +++ /dev/null @@ -1,2 +0,0 @@ -COPY_LIST="$PKG_BASE/$DISTRO/files/*" -TIS_PATCH_VER=4 diff --git a/base/shadow-utils/centos/meta_patches/0001-Update-package-versioning-for-TIS-format.patch b/base/shadow-utils/centos/meta_patches/0001-Update-package-versioning-for-TIS-format.patch deleted file mode 100644 index d02737ca0..000000000 --- a/base/shadow-utils/centos/meta_patches/0001-Update-package-versioning-for-TIS-format.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 6cb96c430ee1b3bb97450d16f3dee57331be8242 Mon Sep 17 00:00:00 2001 -From: Don Penney -Date: Tue, 27 Sep 2016 10:52:27 -0400 -Subject: [PATCH] Update package versioning for TIS format - ---- - SPECS/shadow-utils.spec | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/SPECS/shadow-utils.spec b/SPECS/shadow-utils.spec -index d7e2ba9..1aacd11 100644 ---- a/SPECS/shadow-utils.spec -+++ b/SPECS/shadow-utils.spec -@@ -1,7 +1,7 @@ - Summary: Utilities for managing accounts and shadow password files - Name: shadow-utils - Version: 4.1.5.1 --Release: 24%{?dist} -+Release: 24.el7%{?_tis_dist}.%{tis_patch_ver} - Epoch: 2 - URL: http://pkg-shadow.alioth.debian.org/ - Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2 --- -1.8.3.1 - diff --git a/base/shadow-utils/centos/meta_patches/PATCH_ORDER b/base/shadow-utils/centos/meta_patches/PATCH_ORDER deleted file mode 100644 index 3c14c230b..000000000 --- a/base/shadow-utils/centos/meta_patches/PATCH_ORDER +++ /dev/null @@ -1,3 +0,0 @@ -add-clear-shadow-locs-service-in-spec.patch -0001-Update-package-versioning-for-TIS-format.patch -add-BuildRequires-systemd.patch diff --git a/base/shadow-utils/centos/meta_patches/add-BuildRequires-systemd.patch b/base/shadow-utils/centos/meta_patches/add-BuildRequires-systemd.patch deleted file mode 100644 index 11a374fb8..000000000 --- a/base/shadow-utils/centos/meta_patches/add-BuildRequires-systemd.patch +++ /dev/null @@ -1,27 +0,0 @@ -From aa9e9fcaa006d87e706ed8fcd445108ab48bd479 Mon Sep 17 00:00:00 2001 -From: Scott Little -Date: Mon, 21 Nov 2016 13:35:26 -0500 -Subject: [PATCH 1/1] shadow-utils: add BuildRequires systemd to provide macro - ---- - SPECS/shadow-utils.spec | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/SPECS/shadow-utils.spec b/SPECS/shadow-utils.spec -index 1aacd11..dde526c 100644 ---- a/SPECS/shadow-utils.spec -+++ b/SPECS/shadow-utils.spec -@@ -46,6 +46,10 @@ BuildRequires: libsemanage-devel - BuildRequires: libacl-devel libattr-devel - BuildRequires: gnome-doc-utils docbook-style-xsl gettext - #BuildRequires: autoconf, automake, libtool, gettext-devel -+ -+# systemd provides %{_unitdir} -+BuildRequires: systemd -+ - Requires: libselinux >= 1.25.2-1 - Requires: audit-libs >= 1.6.5 - Requires: setup --- -1.8.3.1 - diff --git a/base/shadow-utils/centos/meta_patches/add-clear-shadow-locs-service-in-spec.patch b/base/shadow-utils/centos/meta_patches/add-clear-shadow-locs-service-in-spec.patch deleted file mode 100644 index 03e1669e5..000000000 --- a/base/shadow-utils/centos/meta_patches/add-clear-shadow-locs-service-in-spec.patch +++ /dev/null @@ -1,63 +0,0 @@ -shadow-utils: add additional service into spec - -clear_shadow_locks.service service is ported from clear_shadow_lock -systemv init script. - ---- - SPECS/shadow-utils.spec | 17 ++++++++++++++++- - 1 file changed, 16 insertions(+), 1 deletion(-) - -diff --git a/SPECS/shadow-utils.spec b/SPECS/shadow-utils.spec -index e7f98da..d7e2ba9 100644 ---- a/SPECS/shadow-utils.spec -+++ b/SPECS/shadow-utils.spec -@@ -8,6 +8,8 @@ Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2 - Source3: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2.sig - Source1: shadow-utils.login.defs - Source2: shadow-utils.useradd -+Source4: login.defs.cgcs -+Source5: clear_shadow_locks.service - Patch0: shadow-4.1.5-redhat.patch - Patch1: shadow-4.1.5.1-goodname.patch - Patch2: shadow-4.1.5.1-info-parent-dir.patch -@@ -133,9 +135,11 @@ make - rm -rf $RPM_BUILD_ROOT - make install DESTDIR=$RPM_BUILD_ROOT gnulocaledir=$RPM_BUILD_ROOT/%{_datadir}/locale MKINSTALLDIRS=`pwd`/mkinstalldirs - install -d -m 755 $RPM_BUILD_ROOT/%{_sysconfdir}/default --install -p -c -m 0644 %{SOURCE1} $RPM_BUILD_ROOT/%{_sysconfdir}/login.defs -+install -p -c -m 0644 %{SOURCE4} $RPM_BUILD_ROOT/%{_sysconfdir}/login.defs - install -p -c -m 0600 %{SOURCE2} $RPM_BUILD_ROOT/%{_sysconfdir}/default/useradd - -+install -d -m 755 $RPM_BUILD_ROOT/%{_sysconfdir}/init.d -+install -D -m644 %{SOURCE5} $RPM_BUILD_ROOT/%{_unitdir}/clear_shadow_locks.service - - ln -s useradd $RPM_BUILD_ROOT%{_sbindir}/adduser - #ln -s %{_mandir}/man8/useradd.8 $RPM_BUILD_ROOT/%{_mandir}/man8/adduser.8 -@@ -221,6 +225,8 @@ rm -rf $RPM_BUILD_ROOT - %{_sbindir}/adduser - %attr(0750,root,root) %{_sbindir}/user* - %attr(0750,root,root) %{_sbindir}/group* -+%{_unitdir}/clear_shadow_locks.service -+ - %{_sbindir}/grpck - %{_sbindir}/pwck - %{_sbindir}/*conv -@@ -248,6 +254,15 @@ rm -rf $RPM_BUILD_ROOT - %{_mandir}/man8/vipw.8* - %{_mandir}/man8/vigr.8* - -+%post -+%systemd_post clear_shadow_locks.service -+ -+%preun -+%systemd_preun clear_shadow_locks.service -+ -+%postun -+%systemd_postun_with_restart clear_shadow_locks.service -+ - %changelog - * Tue Jun 28 2016 Tomáš Mráz - 2:4.1.5.1-24 - - useradd: fix typo in japanese translation (#1202629) --- -1.8.3.1 - diff --git a/base/shadow-utils/centos/srpm_path b/base/shadow-utils/centos/srpm_path deleted file mode 100644 index 7279c7ef5..000000000 --- a/base/shadow-utils/centos/srpm_path +++ /dev/null @@ -1 +0,0 @@ -mirror:Source/shadow-utils-4.1.5.1-24.el7.src.rpm diff --git a/base/shadow-utils/files/clear_shadow_locks b/base/shadow-utils/files/clear_shadow_locks deleted file mode 100644 index c131170f0..000000000 --- a/base/shadow-utils/files/clear_shadow_locks +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -# -# Copyright (c) 2016 Wind River Systems, Inc. -# -# SPDX-License-Identifier: Apache-2.0 -# -# Remove stale shadow lockfiles -# - -rm -f /etc/gshadow.lock /etc/shadow.lock /etc/passwd.lock /etc/group.lock - diff --git a/base/shadow-utils/files/pam.d/su b/base/shadow-utils/files/pam.d/su deleted file mode 100644 index 921f56cc7..000000000 --- a/base/shadow-utils/files/pam.d/su +++ /dev/null @@ -1,69 +0,0 @@ -# -# The PAM configuration file for the Shadow `su' service -# - -# This allows root to su without passwords (normal operation) -auth sufficient pam_rootok.so - -# Uncomment this to force users to be a member of group root -# before they can use `su'. You can also add "group=foo" -# to the end of this line if you want to use a group other -# than the default "root" (but this may have side effect of -# denying "root" user, unless she's a member of "foo" or explicitly -# permitted earlier by e.g. "sufficient pam_rootok.so"). -# (Replaces the `SU_WHEEL_ONLY' option from login.defs) -# auth required pam_wheel.so - -# Uncomment this if you want wheel members to be able to -# su without a password. -# auth sufficient pam_wheel.so trust - -# Uncomment this if you want members of a specific group to not -# be allowed to use su at all. -# auth required pam_wheel.so deny group=nosu - -# Uncomment and edit /etc/security/time.conf if you need to set -# time restrainst on su usage. -# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs -# as well as /etc/porttime) -# account requisite pam_time.so - -# This module parses environment configuration file(s) -# and also allows you to use an extended config -# file /etc/security/pam_env.conf. -# -# parsing /etc/environment needs "readenv=1" -session required pam_env.so readenv=1 - -# Defines the MAIL environment variable -# However, userdel also needs MAIL_DIR and MAIL_FILE variables -# in /etc/login.defs to make sure that removing a user -# also removes the user's mail spool file. -# See comments in /etc/login.defs -# -# "nopen" stands to avoid reporting new mail when su'ing to another user -session optional pam_mail.so nopen - -# Sets up user limits, please uncomment and read /etc/security/limits.conf -# to enable this functionality. -# (Replaces the use of /etc/limits in old login) -# session required pam_limits.so - -# For first time login or when the user authentication -# token stack has been flushed, su will call passwd -# which will fails with "Authentication Token Error" -# since the previous token on the stack is NULL -# -# Tickle the password service to push a previous -# authentication token on the PAM stack -password optional pam_ldap.so -password optional pam_unix.so - -# The standard Unix authentication modules, used with -# NIS (man nsswitch) as well as normal /etc/passwd and -# /etc/shadow entries. -auth include common-auth -account include common-account -session include common-session - - diff --git a/centos_iso_image.inc b/centos_iso_image.inc index 015d6b268..c2a311965 100644 --- a/centos_iso_image.inc +++ b/centos_iso_image.inc @@ -217,9 +217,6 @@ ntpdate # pam pam -# shadow-utils -shadow-utils - # syslog-ng syslog-ng syslog-ng-libdbi @@ -232,6 +229,7 @@ sudo # config files sudo-config +shadow-utils-config # net-snmp net-snmp-utils diff --git a/centos_pkg_dirs b/centos_pkg_dirs index 463e86362..3166aa604 100644 --- a/centos_pkg_dirs +++ b/centos_pkg_dirs @@ -29,7 +29,6 @@ logging/logrotate utilities/nova-utils base/ntp base/pam -base/shadow-utils security/shim-unsigned security/shim-signed logging/syslog-ng @@ -106,6 +105,7 @@ utilities/branding config-files/io-scheduler config-files/sudo-config config-files/memcached-custom +config-files/shadow-utils-config tools/collector grub/grubby utilities/platform-util diff --git a/config-files/shadow-utils-config/centos/build_srpm.data b/config-files/shadow-utils-config/centos/build_srpm.data new file mode 100644 index 000000000..7e7b60ef4 --- /dev/null +++ b/config-files/shadow-utils-config/centos/build_srpm.data @@ -0,0 +1,2 @@ +COPY_LIST="files/*" +TIS_PATCH_VER=0 diff --git a/config-files/shadow-utils-config/centos/shadow-utils-config.spec b/config-files/shadow-utils-config/centos/shadow-utils-config.spec new file mode 100644 index 000000000..3610e620f --- /dev/null +++ b/config-files/shadow-utils-config/centos/shadow-utils-config.spec @@ -0,0 +1,49 @@ +Summary: StarlingX shadow-utils Configuration File +Name: shadow-utils-config +Version: 1.0 +Release: %{tis_patch_ver}%{?_tis_dist} +License: Apache-2.0 +Group: config-files +Packager: StarlingX +URL: unknown + +Source0: LICENSE +Source1: login.defs +Source2: clear_shadow_locks.service + +BuildArch: noarch +# systemd provides %{_unitdir} +BuildRequires: systemd +Requires: shadow-utils + +%define debug_package %{nil} + +%description +StarlingX shadow-utils configuration file + +%install +install -d %{buildroot}%{_sysconfdir} +install -d %{buildroot}%{_datadir}/starlingx +install -D -m644 %{SOURCE1} %{buildroot}%{_datadir}/starlingx/login.defs + +install -d -m 755 %{buildroot}%{_sysconfdir}/init.d +install -D -m644 %{SOURCE2} %{buildroot}%{_unitdir}/clear_shadow_locks.service + +%post +if [ $1 -eq 1 ] ; then + cp -f %{_datadir}/starlingx/login.defs %{_sysconfdir}/ + chmod 644 %{_sysconfdir}/login.defs +fi +%systemd_post clear_shadow_locks.service + +%preun +%systemd_preun clear_shadow_locks.service + +%postun +%systemd_postun_with_restart clear_shadow_locks.service + +%files +%defattr(-,root,root) +%license ../SOURCES/LICENSE +%{_unitdir}/clear_shadow_locks.service +%{_datadir}/starlingx/login.defs diff --git a/config-files/shadow-utils-config/files/LICENSE b/config-files/shadow-utils-config/files/LICENSE new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/config-files/shadow-utils-config/files/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/base/shadow-utils/centos/files/clear_shadow_locks.service b/config-files/shadow-utils-config/files/clear_shadow_locks.service similarity index 100% rename from base/shadow-utils/centos/files/clear_shadow_locks.service rename to config-files/shadow-utils-config/files/clear_shadow_locks.service diff --git a/base/shadow-utils/centos/files/login.defs.cgcs b/config-files/shadow-utils-config/files/login.defs similarity index 100% rename from base/shadow-utils/centos/files/login.defs.cgcs rename to config-files/shadow-utils-config/files/login.defs