shadow: add tcb support
This commit is contained in:
parent
4804305f6e
commit
0e32191623
2 changed files with 34 additions and 2 deletions
|
@ -1,6 +1,7 @@
|
|||
{ lib, stdenv, nixosTests, fetchpatch, fetchFromGitHub, autoreconfHook, libxslt
|
||||
, libxml2 , docbook_xml_dtd_45, docbook_xsl, itstool, flex, bison, runtimeShell
|
||||
, libxcrypt, pam ? null, glibcCross ? null
|
||||
, withTcb ? stdenv.isLinux, tcb
|
||||
}:
|
||||
|
||||
let
|
||||
|
@ -24,7 +25,8 @@ stdenv.mkDerivation rec {
|
|||
};
|
||||
|
||||
buildInputs = [ libxcrypt ]
|
||||
++ lib.optional (pam != null && stdenv.isLinux) pam;
|
||||
++ lib.optional (pam != null && stdenv.isLinux) pam
|
||||
++ lib.optional withTcb tcb;
|
||||
nativeBuildInputs = [autoreconfHook libxslt libxml2
|
||||
docbook_xml_dtd_45 docbook_xsl flex bison itstool
|
||||
];
|
||||
|
@ -34,6 +36,7 @@ stdenv.mkDerivation rec {
|
|||
# Obtain XML resources from XML catalog (patch adapted from gtk-doc)
|
||||
./respect-xml-catalog-files-var.patch
|
||||
./runtime-shell.patch
|
||||
./fix-install-with-tcb.patch
|
||||
# Fix HAVE_SHADOWGRP configure check
|
||||
(fetchpatch {
|
||||
url = "https://github.com/shadow-maint/shadow/commit/a281f241b592aec636d1b93a99e764499d68c7ef.patch";
|
||||
|
@ -64,7 +67,8 @@ stdenv.mkDerivation rec {
|
|||
"--with-group-name-max-length=32"
|
||||
"--with-bcrypt"
|
||||
"--with-yescrypt"
|
||||
] ++ lib.optional (stdenv.hostPlatform.libc != "glibc") "--disable-nscd";
|
||||
] ++ lib.optional (stdenv.hostPlatform.libc != "glibc") "--disable-nscd"
|
||||
++ lib.optional withTcb "--with-tcb";
|
||||
|
||||
preBuild = lib.optionalString (stdenv.hostPlatform.libc == "glibc")
|
||||
''
|
||||
|
|
28
pkgs/os-specific/linux/shadow/fix-install-with-tcb.patch
Normal file
28
pkgs/os-specific/linux/shadow/fix-install-with-tcb.patch
Normal file
|
@ -0,0 +1,28 @@
|
|||
diff --git a/src/Makefile.am b/src/Makefile.am
|
||||
index a1a2e4e..fa17f9d 100644
|
||||
--- a/src/Makefile.am
|
||||
+++ b/src/Makefile.am
|
||||
@@ -74,10 +74,6 @@ suidubins += newgidmap newuidmap
|
||||
endif
|
||||
endif
|
||||
|
||||
-if WITH_TCB
|
||||
-shadowsgidubins = passwd
|
||||
-endif
|
||||
-
|
||||
LDADD = $(INTLLIBS) \
|
||||
$(top_builddir)/libmisc/libmisc.la \
|
||||
$(top_builddir)/lib/libshadow.la \
|
||||
@@ -146,12 +142,6 @@ install-am: all-am
|
||||
set -e; for i in $(suidusbins); do \
|
||||
chmod $(suidperms) $(DESTDIR)$(usbindir)/$$i; \
|
||||
done
|
||||
-if WITH_TCB
|
||||
- set -e; for i in $(shadowsgidubins); do \
|
||||
- chown root:shadow $(DESTDIR)$(ubindir)/$$i; \
|
||||
- chmod $(sgidperms) $(DESTDIR)$(ubindir)/$$i; \
|
||||
- done
|
||||
-endif
|
||||
if ENABLE_SUBIDS
|
||||
if FCAPS
|
||||
setcap cap_setuid+ep $(DESTDIR)$(ubindir)/newuidmap
|
Loading…
Reference in a new issue