VesperOS/shadow
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
787ebc3336366b67dd9707be39bb04b8c430499e
shadow/debian/rules
Andreas Henriksson 93ea3fe510 Use explicit --without-su configure flag 
The shadow package did now ship the su program even before this,
Debian uses the util-linux implementation of su (since Buster).
In shadow 4.8 there's now an explicit configure flag that can be
used to disable su explicitly, rather than just not shipping it in
the resulting debian package.

See commit 88de51965d
"Stop shipping su and break old util-linux version. (See #833256)"
2019-12-05 13:39:26 +01:00

84 lines
2.4 KiB
Makefile
Executable File
Raw Blame History

#!/usr/bin/make -f
# -*- mode: makefile; coding: utf-8 -*-
# Enable PIE, BINDNOW, and possible future flags.
export DEB_BUILD_MAINT_OPTIONS = hardening=+all
DPKG_EXPORT_BUILDFLAGS = 1
include /usr/share/dpkg/buildflags.mk
# TODO test if this can be dropped:
# Specify where dh_install will find the files that it needs to move:
DEB_DH_INSTALL_SOURCEDIR=debian/tmp
# Specify the destination of shadow's "make install"
# (This is only needed on The Hurd, where only one package is built. On
# the other arch, DEB_DESTDIR already points to debian/tmp)
DEB_DESTDIR=$(CURDIR)/debian/tmp
# Adds extra options when calling the configure script:
DEB_CONFIGURE_EXTRA_FLAGS := --disable-shared \
--without-libcrack \
--mandir=/usr/share/man \
--with-libpam \
--enable-shadowgrp \
--enable-man \
--disable-account-tools-setuid \
--with-group-name-max-length=32 \
--without-acl \
--without-attr \
--without-su \
--without-tcb \
SHELL=/bin/sh
# Set the default editor for vipw/vigr
CFLAGS += -DDEFAULT_EDITOR="\"sensible-editor\""
%:
dh $@
override_dh_auto_configure:
dh_auto_configure -- $(DEB_CONFIGURE_EXTRA_FLAGS)
override_dh_install-arch:
ifneq ($(DEB_HOST_ARCH_OS),linux)
sed -i 's/session optional pam_keyinit.so/# Linux only # session optional pam_keyinit.so/' debian/login.pam
endif
dh_install -a
ifeq ($(DEB_HOST_ARCH_OS),hurd)
# /bin/login is provided by the hurd package.
rm -f debian/login/bin/login
endif
override_dh_installpam:
# Distribute the pam.d files; unless for the commands with disabled PAM
# support
dh_installpam -p login
dh_installpam -p passwd --name=passwd
dh_installpam -p passwd --name=chfn
dh_installpam -p passwd --name=chsh
dh_installpam -p passwd --name=chpasswd
dh_installpam -p passwd --name=newusers
override_dh_builddeb-arch:
# uidmap
chmod u+s debian/uidmap/usr/bin/newuidmap
chmod u+s debian/uidmap/usr/bin/newgidmap
# login
# No real need for login to be setuid root
# chmod u+s debian/login/bin/login
chmod u+s debian/login/usr/bin/newgrp
# passwd
chmod u+s debian/passwd/usr/bin/chfn
chmod u+s debian/passwd/usr/bin/chsh
chmod u+s debian/passwd/usr/bin/gpasswd
chmod u+s debian/passwd/usr/bin/passwd
chgrp shadow debian/passwd/usr/bin/chage
chgrp shadow debian/passwd/usr/bin/expiry
chmod g+s debian/passwd/usr/bin/chage
chmod g+s debian/passwd/usr/bin/expiry
dh_builddeb -a
override_dh_auto_clean:
sed -i 's/# Linux only # //' debian/login.pam
dh_auto_clean
Reference in New Issue View Git Blame Copy Permalink