3 |
3 |
|
4 |
4 |
EAPI=8
|
5 |
5 |
|
|
6 |
if [[ ${PV} != 4.14.0 ]]; then
|
|
7 |
die "Please replace eautoreconf with elibtoolize and drop autotools when bumping!"
|
|
8 |
fi
|
|
9 |
|
6 |
10 |
# Upstream sometimes pushes releases as pre-releases before marking them
|
7 |
11 |
# official. Don't keyword the pre-releases!
|
8 |
12 |
# Check https://github.com/shadow-maint/shadow/releases.
|
9 |
13 |
|
10 |
14 |
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/sergehallyn.asc
|
11 |
|
inherit libtool pam verify-sig
|
|
15 |
inherit autotools libtool pam verify-sig
|
12 |
16 |
|
13 |
17 |
DESCRIPTION="Utilities to deal with user accounts"
|
14 |
18 |
HOMEPAGE="https://github.com/shadow-maint/shadow"
|
... | ... | |
18 |
22 |
LICENSE="BSD GPL-2"
|
19 |
23 |
# Subslot is for libsubid's SONAME.
|
20 |
24 |
SLOT="0/4"
|
21 |
|
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ~ppc ppc64 ~riscv ~s390 ~sparc x86"
|
22 |
|
IUSE="acl audit bcrypt cracklib nls pam selinux skey split-usr su xattr"
|
|
25 |
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
|
|
26 |
IUSE="acl audit cracklib nls pam selinux skey split-usr su systemd xattr"
|
23 |
27 |
# Taken from the man/Makefile.am file.
|
24 |
28 |
LANGS=( cs da de es fi fr hu id it ja ko pl pt_BR ru sv tr zh_CN zh_TW )
|
25 |
29 |
|
26 |
30 |
REQUIRED_USE="?? ( cracklib pam )"
|
27 |
31 |
|
|
32 |
# TODO: Revisit libbsd dep once glibc-2.28 is stable as it provides strlcpy.
|
28 |
33 |
COMMON_DEPEND="
|
|
34 |
dev-libs/libbsd
|
29 |
35 |
virtual/libcrypt:=
|
30 |
36 |
acl? ( sys-apps/acl:= )
|
31 |
37 |
audit? ( >=sys-process/audit-2.6:= )
|
... | ... | |
37 |
43 |
>=sys-libs/libselinux-1.28:=
|
38 |
44 |
sys-libs/libsemanage:=
|
39 |
45 |
)
|
|
46 |
systemd? ( sys-apps/systemd:= )
|
40 |
47 |
xattr? ( sys-apps/attr:= )
|
41 |
48 |
"
|
42 |
49 |
DEPEND="
|
... | ... | |
62 |
69 |
verify-sig? ( sec-keys/openpgp-keys-sergehallyn )
|
63 |
70 |
"
|
64 |
71 |
|
65 |
|
PATCHES=(
|
66 |
|
"${FILESDIR}"/${P}-configure-clang16.patch
|
67 |
|
"${FILESDIR}"/${P}-CVE-2023-29383.patch
|
68 |
|
"${FILESDIR}"/${P}-usermod-prefix-gid.patch
|
69 |
|
"${FILESDIR}"/${P}-password-leak.patch
|
70 |
|
)
|
71 |
|
|
72 |
72 |
src_prepare() {
|
|
73 |
local PATCHES=(
|
|
74 |
"${FILESDIR}"/shadow-4.14.0-bug912446.patch
|
|
75 |
)
|
73 |
76 |
default
|
74 |
|
|
75 |
|
elibtoolize
|
|
77 |
eautoreconf
|
76 |
78 |
}
|
77 |
79 |
|
78 |
80 |
src_configure() {
|
79 |
81 |
local myeconfargs=(
|
|
82 |
# Negate new upstream default of disabling for now
|
|
83 |
--enable-lastlog
|
80 |
84 |
--disable-account-tools-setuid
|
81 |
85 |
--disable-static
|
82 |
86 |
--with-btrfs
|
|
87 |
# shadow uses a bundled copy of readpassphrase if --without-libbsd
|
|
88 |
--with-libbsd
|
83 |
89 |
--without-group-name-max-length
|
84 |
90 |
--without-tcb
|
|
91 |
--with-bcrypt
|
|
92 |
--with-yescrypt
|
85 |
93 |
$(use_enable nls)
|
|
94 |
# TODO: wire up upstream for elogind too
|
|
95 |
$(use_enable systemd logind)
|
86 |
96 |
$(use_with acl)
|
87 |
97 |
$(use_with audit)
|
88 |
|
$(use_with bcrypt)
|
89 |
98 |
$(use_with cracklib libcrack)
|
90 |
99 |
$(use_with elibc_glibc nscd)
|
91 |
100 |
$(use_with pam libpam)
|