2007-10-07 11:44:02 +00:00
|
|
|
dnl Process this file with autoconf to produce a configure script.
|
2007-10-07 11:45:23 +00:00
|
|
|
AC_INIT
|
2010-03-20 10:31:36 +00:00
|
|
|
AM_INIT_AUTOMAKE(shadow, 4.1.5)
|
2007-10-07 11:45:23 +00:00
|
|
|
AC_CONFIG_HEADERS([config.h])
|
2007-10-07 11:44:02 +00:00
|
|
|
|
|
|
|
dnl Some hacks...
|
|
|
|
test "$prefix" = "NONE" && prefix="/usr"
|
|
|
|
test "$prefix" = "/usr" && exec_prefix=""
|
|
|
|
|
2007-10-07 11:46:07 +00:00
|
|
|
AC_GNU_SOURCE
|
|
|
|
|
2007-10-07 11:44:51 +00:00
|
|
|
AM_DISABLE_SHARED
|
|
|
|
AM_ENABLE_STATIC
|
|
|
|
|
2007-10-07 11:45:23 +00:00
|
|
|
AM_MAINTAINER_MODE
|
|
|
|
|
2007-10-07 11:44:02 +00:00
|
|
|
dnl Checks for programs.
|
|
|
|
AC_PROG_CC
|
|
|
|
AC_ISC_POSIX
|
|
|
|
AC_PROG_LN_S
|
|
|
|
AC_PROG_YACC
|
|
|
|
AM_C_PROTOTYPES
|
|
|
|
AM_PROG_LIBTOOL
|
|
|
|
|
|
|
|
dnl Checks for libraries.
|
|
|
|
|
|
|
|
dnl Checks for header files.
|
|
|
|
AC_HEADER_DIRENT
|
|
|
|
AC_HEADER_STDC
|
|
|
|
AC_HEADER_SYS_WAIT
|
2008-05-25 21:34:38 +00:00
|
|
|
AC_HEADER_STDBOOL
|
2007-10-07 11:44:51 +00:00
|
|
|
|
2007-10-07 11:45:40 +00:00
|
|
|
AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
|
|
|
|
utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \
|
2008-01-05 16:33:43 +00:00
|
|
|
utime.h ulimit.h sys/resource.h gshadow.h lastlog.h \
|
2010-03-31 12:24:03 +00:00
|
|
|
locale.h rpc/key_prot.h netdb.h acl/libacl.h attr/libattr.h \
|
2010-03-30 21:01:27 +00:00
|
|
|
attr/error_context.h)
|
2007-10-07 11:44:51 +00:00
|
|
|
|
2008-01-05 16:33:43 +00:00
|
|
|
dnl shadow now uses the libc's shadow implementation
|
|
|
|
AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])])
|
|
|
|
|
2008-08-30 18:30:36 +00:00
|
|
|
AC_CHECK_FUNCS(l64a fchmod fchown fsync futimes getgroups gethostname getspnam \
|
2007-10-07 11:44:51 +00:00
|
|
|
gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \
|
2008-08-30 18:30:36 +00:00
|
|
|
lutimes memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \
|
2009-04-21 22:39:14 +00:00
|
|
|
getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getaddrinfo)
|
2007-10-07 11:45:58 +00:00
|
|
|
AC_SYS_LARGEFILE
|
2007-10-07 11:44:02 +00:00
|
|
|
|
|
|
|
dnl Checks for typedefs, structures, and compiler characteristics.
|
|
|
|
AC_C_CONST
|
|
|
|
AC_TYPE_UID_T
|
|
|
|
AC_TYPE_OFF_T
|
|
|
|
AC_TYPE_PID_T
|
|
|
|
AC_TYPE_MODE_T
|
|
|
|
AC_HEADER_STAT
|
2007-10-07 11:45:23 +00:00
|
|
|
AC_CHECK_MEMBERS([struct stat.st_rdev])
|
2008-08-30 18:31:35 +00:00
|
|
|
AC_CHECK_MEMBERS([struct stat.st_atim])
|
|
|
|
AC_CHECK_MEMBERS([struct stat.st_atimensec])
|
2008-09-07 00:05:38 +00:00
|
|
|
AC_CHECK_MEMBERS([struct stat.st_mtim])
|
|
|
|
AC_CHECK_MEMBERS([struct stat.st_mtimensec])
|
2007-10-07 11:44:02 +00:00
|
|
|
AC_HEADER_TIME
|
|
|
|
AC_STRUCT_TM
|
|
|
|
|
2009-04-21 22:39:14 +00:00
|
|
|
AC_CHECK_MEMBERS([struct utmp.ut_type,
|
|
|
|
struct utmp.ut_id,
|
|
|
|
struct utmp.ut_name,
|
|
|
|
struct utmp.ut_user,
|
|
|
|
struct utmp.ut_host,
|
|
|
|
struct utmp.ut_syslen,
|
|
|
|
struct utmp.ut_addr,
|
|
|
|
struct utmp.ut_addr_v6,
|
|
|
|
struct utmp.ut_time,
|
|
|
|
struct utmp.ut_xtime,
|
|
|
|
struct utmp.ut_tv],,,[[#include <utmp.h>]])
|
|
|
|
dnl There are dependencies:
|
|
|
|
dnl If UTMPX has to be used, the utmp structure shall have a ut_id field.
|
|
|
|
if test "$ac_cv_header_utmpx_h" = "yes" &&
|
|
|
|
test "$ac_cv_member_struct_utmp_ut_id" != "yes"; then
|
|
|
|
AC_MSG_ERROR(Systems with UTMPX and no ut_id field in the utmp structure are not supported)
|
2007-10-07 11:44:02 +00:00
|
|
|
fi
|
|
|
|
|
2009-04-21 22:39:14 +00:00
|
|
|
AC_CHECK_MEMBERS([struct utmpx.ut_name,
|
|
|
|
struct utmpx.ut_host,
|
|
|
|
struct utmpx.ut_syslen,
|
|
|
|
struct utmpx.ut_addr,
|
|
|
|
struct utmpx.ut_addr_v6,
|
|
|
|
struct utmpx.ut_time,
|
|
|
|
struct utmpx.ut_xtime],,,[[#include <utmpx.h>]])
|
|
|
|
|
2007-10-07 11:44:02 +00:00
|
|
|
if test "$ac_cv_header_lastlog_h" = "yes"; then
|
|
|
|
AC_CACHE_CHECK(for ll_host in struct lastlog,
|
2007-10-07 11:45:23 +00:00
|
|
|
ac_cv_struct_lastlog_ll_host,
|
|
|
|
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <lastlog.h>],
|
|
|
|
[struct lastlog ll; char *cp = ll.ll_host;]
|
|
|
|
)],
|
|
|
|
[ac_cv_struct_lastlog_ll_host=yes],
|
|
|
|
[ac_cv_struct_lastlog_ll_host=no]
|
|
|
|
)
|
|
|
|
)
|
2007-10-07 11:44:02 +00:00
|
|
|
|
|
|
|
if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_DEFINE(HAVE_LL_HOST, 1,
|
|
|
|
[Define if struct lastlog has ll_host])
|
2007-10-07 11:44:02 +00:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
dnl Checks for library functions.
|
|
|
|
AC_TYPE_GETGROUPS
|
|
|
|
AC_TYPE_SIGNAL
|
|
|
|
AC_FUNC_UTIME_NULL
|
|
|
|
AC_FUNC_STRFTIME
|
|
|
|
AC_REPLACE_FUNCS(mkdir putgrent putpwent putspent rename rmdir)
|
|
|
|
AC_REPLACE_FUNCS(sgetgrent sgetpwent sgetspent)
|
|
|
|
AC_REPLACE_FUNCS(snprintf strcasecmp strdup strerror strstr)
|
|
|
|
|
|
|
|
AC_CHECK_FUNC(setpgrp)
|
|
|
|
|
|
|
|
if test "$ac_cv_header_shadow_h" = "yes"; then
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_CACHE_CHECK(for working shadow group support,
|
|
|
|
ac_cv_libc_shadowgrp,
|
|
|
|
AC_RUN_IFELSE([AC_LANG_SOURCE([
|
|
|
|
#include <shadow.h>
|
|
|
|
main()
|
|
|
|
{
|
|
|
|
struct sgrp *sg = sgetsgent("test:x::");
|
|
|
|
/* NYS libc on Red Hat 3.0.3 has broken shadow group support */
|
|
|
|
return !sg || !sg->sg_adm || !sg->sg_mem;
|
|
|
|
}]
|
|
|
|
)],
|
|
|
|
[ac_cv_libc_shadowgrp=yes],
|
|
|
|
[ac_cv_libc_shadowgrp=no],
|
|
|
|
[ac_cv_libc_shadowgrp=no]
|
|
|
|
)
|
2007-10-07 11:45:23 +00:00
|
|
|
)
|
2007-10-07 11:44:02 +00:00
|
|
|
|
2007-10-07 11:46:34 +00:00
|
|
|
if test "$ac_cv_libc_shadowgrp" = "yes"; then
|
|
|
|
AC_DEFINE(HAVE_SHADOWGRP, 1, [Have working shadow group support in libc])
|
|
|
|
fi
|
2007-10-07 11:44:02 +00:00
|
|
|
fi
|
|
|
|
|
2007-10-07 11:45:40 +00:00
|
|
|
AC_CACHE_CHECK([location of shared mail directory], shadow_cv_maildir,
|
2007-10-07 11:45:49 +00:00
|
|
|
[for shadow_cv_maildir in /var/mail /var/spool/mail /usr/spool/mail /usr/mail none; do
|
|
|
|
if test -d $shadow_cv_maildir; then
|
2007-10-07 11:44:02 +00:00
|
|
|
break
|
|
|
|
fi
|
2007-10-07 11:45:40 +00:00
|
|
|
done])
|
2007-10-07 11:45:49 +00:00
|
|
|
if test $shadow_cv_maildir != none; then
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_DEFINE_UNQUOTED(MAIL_SPOOL_DIR, "$shadow_cv_maildir",
|
|
|
|
[Location of system mail spool directory.])
|
2007-10-07 11:45:49 +00:00
|
|
|
fi
|
2007-10-07 11:45:40 +00:00
|
|
|
|
|
|
|
AC_CACHE_CHECK([location of user mail file], shadow_cv_mailfile,
|
2007-10-07 11:45:49 +00:00
|
|
|
[for shadow_cv_mailfile in Mailbox mailbox Mail mail .mail none; do
|
2007-10-07 11:45:40 +00:00
|
|
|
if test -f $HOME/$shadow_cv_mailfile; then
|
2007-10-07 11:44:02 +00:00
|
|
|
break
|
|
|
|
fi
|
2007-10-07 11:45:40 +00:00
|
|
|
done])
|
2007-10-07 11:45:49 +00:00
|
|
|
if test $shadow_cv_mailfile != none; then
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_DEFINE_UNQUOTED(MAIL_SPOOL_FILE, "$shadow_cv_mailfile",
|
|
|
|
[Name of user's mail spool file if stored in user's home directory.])
|
2007-10-07 11:45:49 +00:00
|
|
|
fi
|
2007-10-07 11:45:40 +00:00
|
|
|
|
|
|
|
AC_CACHE_CHECK([location of utmp], shadow_cv_utmpdir,
|
2007-10-07 11:46:07 +00:00
|
|
|
[for shadow_cv_utmpdir in /var/run /var/adm /usr/adm /etc none; do
|
2007-10-07 11:45:40 +00:00
|
|
|
if test -f $shadow_cv_utmpdir/utmp; then
|
2007-10-07 11:44:02 +00:00
|
|
|
break
|
|
|
|
fi
|
2007-10-07 11:45:40 +00:00
|
|
|
done])
|
|
|
|
if test "$shadow_cv_utmpdir" = "none"; then
|
|
|
|
AC_MSG_WARN(utmp file not found)
|
|
|
|
fi
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_DEFINE_UNQUOTED(_UTMP_FILE, "$shadow_cv_utmpdir/utmp",
|
|
|
|
[Path for utmp file.])
|
2007-10-07 11:44:02 +00:00
|
|
|
|
2007-10-07 11:45:40 +00:00
|
|
|
AC_CACHE_CHECK([location of faillog/lastlog/wtmp], shadow_cv_logdir,
|
|
|
|
[for shadow_cv_logdir in /var/log /var/adm /usr/adm /etc; do
|
2007-10-07 11:47:11 +00:00
|
|
|
if test -d $shadow_cv_logdir; then
|
2007-10-07 11:44:02 +00:00
|
|
|
break
|
|
|
|
fi
|
2007-10-07 11:45:40 +00:00
|
|
|
done])
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_DEFINE_UNQUOTED(_WTMP_FILE, "$shadow_cv_logdir/wtmp",
|
|
|
|
[Path for wtmp file.])
|
|
|
|
AC_DEFINE_UNQUOTED(LASTLOG_FILE, "$shadow_cv_logdir/lastlog",
|
|
|
|
[Path for lastlog file.])
|
|
|
|
AC_DEFINE_UNQUOTED(FAILLOG_FILE, "$shadow_cv_logdir/faillog",
|
|
|
|
[Path for faillog file.])
|
2007-10-07 11:45:40 +00:00
|
|
|
|
|
|
|
AC_CACHE_CHECK([location of the passwd program], shadow_cv_passwd_dir,
|
|
|
|
[if test -f /usr/bin/passwd; then
|
|
|
|
shadow_cv_passwd_dir=/usr/bin
|
2007-10-07 11:44:02 +00:00
|
|
|
else
|
2007-10-07 11:45:40 +00:00
|
|
|
shadow_cv_passwd_dir=/bin
|
|
|
|
fi])
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
|
|
|
|
[Path to passwd program.])
|
2007-10-07 11:44:02 +00:00
|
|
|
|
|
|
|
dnl XXX - quick hack, should disappear before anyone notices :).
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().])
|
|
|
|
AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
|
|
|
|
AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).])
|
2007-10-07 11:44:02 +00:00
|
|
|
|
2007-10-07 11:46:43 +00:00
|
|
|
AC_ARG_ENABLE(shadowgrp,
|
2007-10-07 11:47:01 +00:00
|
|
|
[AC_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])],
|
2007-10-07 11:46:43 +00:00
|
|
|
[case "${enableval}" in
|
|
|
|
yes) enable_shadowgrp="yes" ;;
|
|
|
|
no) enable_shadowgrp="no" ;;
|
|
|
|
*) AC_MSG_ERROR(bad value ${enableval} for --enable-shadowgrp) ;;
|
|
|
|
esac],
|
2007-10-07 11:46:52 +00:00
|
|
|
[enable_shadowgrp="yes"]
|
2007-10-07 11:46:43 +00:00
|
|
|
)
|
2007-10-07 11:44:02 +00:00
|
|
|
|
2007-10-07 11:47:01 +00:00
|
|
|
AC_ARG_ENABLE(man,
|
|
|
|
[AC_HELP_STRING([--enable-man],
|
|
|
|
[regenerate roff man pages from Docbook @<:@default=no@:>@])],
|
2008-05-25 20:30:45 +00:00
|
|
|
[enable_man="${enableval}"],
|
2009-04-27 20:03:48 +00:00
|
|
|
[enable_man="no"]
|
2007-10-07 11:47:01 +00:00
|
|
|
)
|
|
|
|
|
* configure.in: Added option --enable-account-tools-setuid to
enable/disable the usage of PAM to authenticate the callers of
account management tools: chage, chgpasswd, chpasswd, groupadd,
groupdel, groupmod, useradd, userdel, usermod.
* src/Makefile.am: Do not link the above tools with libpam if
account-tools-setuid is disabled.
* src/userdel.c, src/newusers.c, src/chpasswd.c, src/usermod.c,
src/groupdel.c, src/chgpasswd.c, src/useradd.c, src/groupmod.c,
src/groupadd.c, src/chage.c: Implement ACCT_TOOLS_SETUID
(--enable-account-tools-setuid).
* etc/pam.d/Makefile.am: Install the pam service file for the
above tools only when needed.
* src/useradd.c, src/userdel.c, src/usermod.c: It is no more
needed to initialize retval to PAM_SUCCESS.
2008-09-06 21:35:37 +00:00
|
|
|
AC_ARG_ENABLE(account-tools-setuid,
|
|
|
|
[AC_HELP_STRING([--enable-account-tools-setuid],
|
|
|
|
[Install the user and group management tools setuid and authenticate the callers. This requires --with-pam.])],
|
|
|
|
[case "${enableval}" in
|
|
|
|
yes) enable_acct_tools_setuid="yes" ;;
|
|
|
|
no) enable_acct_tools_setuid="no" ;;
|
|
|
|
*) AC_MSG_ERROR(bad value ${enableval} for --enable-account-tools-setuid)
|
|
|
|
;;
|
|
|
|
esac],
|
2008-09-07 20:40:41 +00:00
|
|
|
[enable_acct_tools_setuid="maybe"]
|
* configure.in: Added option --enable-account-tools-setuid to
enable/disable the usage of PAM to authenticate the callers of
account management tools: chage, chgpasswd, chpasswd, groupadd,
groupdel, groupmod, useradd, userdel, usermod.
* src/Makefile.am: Do not link the above tools with libpam if
account-tools-setuid is disabled.
* src/userdel.c, src/newusers.c, src/chpasswd.c, src/usermod.c,
src/groupdel.c, src/chgpasswd.c, src/useradd.c, src/groupmod.c,
src/groupadd.c, src/chage.c: Implement ACCT_TOOLS_SETUID
(--enable-account-tools-setuid).
* etc/pam.d/Makefile.am: Install the pam service file for the
above tools only when needed.
* src/useradd.c, src/userdel.c, src/usermod.c: It is no more
needed to initialize retval to PAM_SUCCESS.
2008-09-06 21:35:37 +00:00
|
|
|
)
|
|
|
|
|
2009-04-27 20:03:48 +00:00
|
|
|
AC_ARG_ENABLE(utmpx,
|
|
|
|
[AC_HELP_STRING([--enable-utmpx],
|
|
|
|
[enable loggin in utmpx / wtmpx @<:@default=no@:>@])],
|
|
|
|
[case "${enableval}" in
|
|
|
|
yes) enable_utmpx="yes" ;;
|
|
|
|
no) enable_utmpx="no" ;;
|
|
|
|
*) AC_MSG_ERROR(bad value ${enableval} for --enable-utmpx) ;;
|
|
|
|
esac],
|
|
|
|
[enable_utmpx="no"]
|
|
|
|
)
|
|
|
|
|
2007-10-07 11:47:01 +00:00
|
|
|
AC_ARG_WITH(audit,
|
|
|
|
[AC_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])],
|
2008-04-16 20:09:03 +00:00
|
|
|
[with_audit=$withval], [with_audit=maybe])
|
2007-10-07 11:47:01 +00:00
|
|
|
AC_ARG_WITH(libpam,
|
|
|
|
[AC_HELP_STRING([--with-libpam], [use libpam for PAM support @<:@default=yes if found@:>@])],
|
2008-04-16 21:18:20 +00:00
|
|
|
[with_libpam=$withval], [with_libpam=maybe])
|
2007-10-07 11:47:01 +00:00
|
|
|
AC_ARG_WITH(selinux,
|
2008-04-16 20:16:43 +00:00
|
|
|
[AC_HELP_STRING([--with-selinux], [use SELinux support @<:@default=yes if found@:>@])],
|
2008-04-16 21:18:20 +00:00
|
|
|
[with_selinux=$withval], [with_selinux=maybe])
|
2010-03-30 21:01:27 +00:00
|
|
|
AC_ARG_WITH(acl,
|
|
|
|
[AC_HELP_STRING([--with-acl], [use ACL support @<:@default=yes if found@:>@])],
|
2010-03-31 12:24:03 +00:00
|
|
|
[with_acl=$withval], [with_acl=maybe])
|
|
|
|
AC_ARG_WITH(attr,
|
2010-03-30 21:01:27 +00:00
|
|
|
[AC_HELP_STRING([--with-attr], [use Extended Attribute support @<:@default=yes if found@:>@])],
|
|
|
|
[with_attr=$withval], [with_attr=maybe])
|
2007-10-07 11:47:01 +00:00
|
|
|
AC_ARG_WITH(skey,
|
|
|
|
[AC_HELP_STRING([--with-skey], [use S/Key support @<:@default=no@:>@])],
|
|
|
|
[with_skey=$withval], [with_skey=no])
|
2010-01-24 16:53:15 +00:00
|
|
|
AC_ARG_WITH(tcb,
|
|
|
|
[AC_HELP_STRING([--with-tcb], [use tcb support (incomplete) @<:@default=yes if found@:>@])],
|
|
|
|
[with_tcb=$withval], [with_tcb=maybe])
|
2007-10-07 11:47:01 +00:00
|
|
|
AC_ARG_WITH(libcrack,
|
|
|
|
[AC_HELP_STRING([--with-libcrack], [use libcrack @<:@default=yes if found and if PAM not enabled@:>@])],
|
|
|
|
[with_libcrack=$withval], [with_libcrack=no])
|
* configure.in: New configure option: --with-sha-crypt enabled by
default. Keeping the feature enabled is safe. Disabling it permits
to disable the references to the SHA256 and SHA512 password
encryption algorithms from the usage help and manuals (in addition
to the support for these algorithms in the code).
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is
always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT
preprocessor condition.
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and
SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a
subset of the ENCRYPTMETHOD_SELECT sections).
2007-11-24 13:08:08 +00:00
|
|
|
AC_ARG_WITH(sha-crypt,
|
|
|
|
[AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
|
|
|
|
[with_sha_crypt=$withval], [with_sha_crypt=yes])
|
2008-08-30 18:30:36 +00:00
|
|
|
AC_ARG_WITH(nscd,
|
|
|
|
[AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])],
|
|
|
|
[with_nscd=$withval], [with_nscd=yes])
|
2008-11-30 01:29:40 +00:00
|
|
|
AC_ARG_WITH(group-name-max-length,
|
|
|
|
[AC_HELP_STRING([--with-group-name-max-length], [set max group name length @<:@default=16@:>@])],
|
|
|
|
[with_group_name_max_length=$withval], [with_group_name_max_length=yes])
|
|
|
|
|
|
|
|
if test "$with_group_name_max_length" = "no" ; then
|
|
|
|
with_group_name_max_length=0
|
|
|
|
elif test "$with_group_name_max_length" = "yes" ; then
|
|
|
|
with_group_name_max_length=16
|
|
|
|
fi
|
|
|
|
AC_DEFINE_UNQUOTED(GROUP_NAME_MAX_LENGTH, $with_group_name_max_length, [max group name length])
|
2008-12-23 22:36:44 +00:00
|
|
|
AC_SUBST(GROUP_NAME_MAX_LENGTH)
|
|
|
|
GROUP_NAME_MAX_LENGTH="$with_group_name_max_length"
|
* configure.in: New configure option: --with-sha-crypt enabled by
default. Keeping the feature enabled is safe. Disabling it permits
to disable the references to the SHA256 and SHA512 password
encryption algorithms from the usage help and manuals (in addition
to the support for these algorithms in the code).
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is
always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT
preprocessor condition.
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and
SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a
subset of the ENCRYPTMETHOD_SELECT sections).
2007-11-24 13:08:08 +00:00
|
|
|
|
|
|
|
AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes")
|
|
|
|
if test "$with_sha_crypt" = "yes"; then
|
2008-08-31 17:27:06 +00:00
|
|
|
AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
|
* configure.in: New configure option: --with-sha-crypt enabled by
default. Keeping the feature enabled is safe. Disabling it permits
to disable the references to the SHA256 and SHA512 password
encryption algorithms from the usage help and manuals (in addition
to the support for these algorithms in the code).
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is
always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT
preprocessor condition.
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and
SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a
subset of the ENCRYPTMETHOD_SELECT sections).
2007-11-24 13:08:08 +00:00
|
|
|
fi
|
2007-10-07 11:44:02 +00:00
|
|
|
|
2008-08-30 18:30:36 +00:00
|
|
|
if test "$with_nscd" = "yes"; then
|
2008-08-30 18:32:43 +00:00
|
|
|
AC_CHECK_FUNC(posix_spawn,
|
|
|
|
[AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches])],
|
|
|
|
[AC_MSG_ERROR([posix_spawn is needed for nscd support])])
|
2008-08-30 18:30:36 +00:00
|
|
|
fi
|
|
|
|
|
2007-10-07 11:44:02 +00:00
|
|
|
dnl Check for some functions in libc first, only if not found check for
|
|
|
|
dnl other libraries. This should prevent linking libnsl if not really
|
|
|
|
dnl needed (Linux glibc, Irix), but still link it if needed (Solaris).
|
|
|
|
|
2007-10-07 11:45:40 +00:00
|
|
|
AC_SEARCH_LIBS(inet_ntoa, inet)
|
|
|
|
AC_SEARCH_LIBS(socket, socket)
|
|
|
|
AC_SEARCH_LIBS(gethostbyname, nsl)
|
2007-10-07 11:44:02 +00:00
|
|
|
|
2007-10-07 11:46:34 +00:00
|
|
|
if test "$enable_shadowgrp" = "yes"; then
|
|
|
|
AC_DEFINE(SHADOWGRP, 1, [Define to support the shadow group file.])
|
2007-10-07 11:44:02 +00:00
|
|
|
fi
|
2007-11-22 21:36:38 +00:00
|
|
|
AM_CONDITIONAL(SHADOWGRP, test "x$enable_shadowgrp" = "xyes")
|
2007-10-07 11:44:02 +00:00
|
|
|
|
2007-10-07 11:47:01 +00:00
|
|
|
if test "$enable_man" = "yes"; then
|
|
|
|
dnl
|
|
|
|
dnl Check for xsltproc
|
|
|
|
dnl
|
|
|
|
AC_PATH_PROG([XSLTPROC], [xsltproc])
|
|
|
|
if test -z "$XSLTPROC"; then
|
|
|
|
enable_man=no
|
|
|
|
fi
|
|
|
|
|
|
|
|
dnl check for DocBook DTD and stylesheets in the local catalog.
|
|
|
|
JH_CHECK_XML_CATALOG([-//OASIS//DTD DocBook XML V4.1.2//EN],
|
|
|
|
[DocBook XML DTD V4.1.2], [], enable_man=no)
|
2007-10-07 11:47:45 +00:00
|
|
|
JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl],
|
2007-10-07 11:47:33 +00:00
|
|
|
[DocBook XSL Stylesheets >= 1.70.1], [], enable_man=no)
|
2007-10-07 11:47:01 +00:00
|
|
|
fi
|
2008-05-25 20:30:45 +00:00
|
|
|
AM_CONDITIONAL(ENABLE_REGENERATE_MAN, test "x$enable_man" != "xno")
|
2007-10-07 11:47:01 +00:00
|
|
|
|
2007-10-07 11:44:02 +00:00
|
|
|
AC_SUBST(LIBCRYPT)
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt],
|
|
|
|
[AC_MSG_ERROR([crypt() not found])])
|
2007-10-07 11:44:02 +00:00
|
|
|
|
2010-03-30 21:01:27 +00:00
|
|
|
AC_SUBST(LIBACL)
|
|
|
|
if test "$with_acl" != "no"; then
|
|
|
|
AC_CHECK_HEADERS(acl/libacl.h attr/error_context.h, [acl_header="yes"], [acl_header="no"])
|
|
|
|
if test "$acl_header$with_acl" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR([acl/libacl.h or attr/error_context.h is missing])
|
|
|
|
elif test "$acl_header" = "yes" ; then
|
|
|
|
AC_CHECK_LIB(acl, perm_copy_file,
|
|
|
|
[AC_CHECK_LIB(acl, perm_copy_fd,
|
|
|
|
[acl_lib="yes"],
|
|
|
|
[acl_lib="no"])],
|
|
|
|
[acl_lib="no"])
|
|
|
|
if test "$acl_lib$with_acl" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR([libacl not found])
|
|
|
|
elif test "$acl_lib" = "no" ; then
|
|
|
|
with_acl="no"
|
|
|
|
else
|
|
|
|
AC_DEFINE(WITH_ACL, 1,
|
|
|
|
[Build shadow with ACL support])
|
|
|
|
LIBACL="-lacl"
|
|
|
|
with_acl="yes"
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
with_acl="no"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
AC_SUBST(LIBATTR)
|
|
|
|
if test "$with_attr" != "no"; then
|
|
|
|
AC_CHECK_HEADERS(attr/libattr.h attr/error_context.h, [attr_header="yes"], [attr_header="no"])
|
|
|
|
if test "$attr_header$with_attr" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR([attr/libattr.h or attr/error_context.h is missing])
|
|
|
|
elif test "$attr_header" = "yes" ; then
|
|
|
|
AC_CHECK_LIB(attr, attr_copy_file,
|
|
|
|
[AC_CHECK_LIB(attr, attr_copy_fd,
|
|
|
|
[attr_lib="yes"],
|
|
|
|
[attr_lib="no"])],
|
|
|
|
[attr_lib="no"])
|
|
|
|
if test "$attr_lib$with_attr" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR([libattr not found])
|
|
|
|
elif test "$attr_lib" = "no" ; then
|
|
|
|
with_attr="no"
|
|
|
|
else
|
|
|
|
AC_DEFINE(WITH_ATTR, 1,
|
|
|
|
[Build shadow with Extended Attributes support])
|
2010-08-21 16:51:53 +00:00
|
|
|
LIBATTR="-lattr"
|
2010-03-30 21:01:27 +00:00
|
|
|
with_attr="yes"
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
with_attr="no"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2007-10-07 11:47:01 +00:00
|
|
|
AC_SUBST(LIBAUDIT)
|
2008-04-16 20:09:03 +00:00
|
|
|
if test "$with_audit" != "no"; then
|
2007-10-07 11:47:01 +00:00
|
|
|
AC_CHECK_HEADER(libaudit.h, [audit_header="yes"], [audit_header="no"])
|
2008-04-16 20:09:03 +00:00
|
|
|
if test "$audit_header$with_audit" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR([libaudit.h is missing])
|
|
|
|
elif test "$audit_header" = "yes"; then
|
2008-09-04 22:34:20 +00:00
|
|
|
AC_CHECK_DECL(AUDIT_ADD_USER,,[audit_header="no"],[#include <libaudit.h>])
|
|
|
|
AC_CHECK_DECL(AUDIT_DEL_USER,,[audit_header="no"],[#include <libaudit.h>])
|
|
|
|
AC_CHECK_DECL(AUDIT_ADD_GROUP,,[audit_header="no"],[#include <libaudit.h>])
|
|
|
|
AC_CHECK_DECL(AUDIT_DEL_GROUP,,[audit_header="no"],[#include <libaudit.h>])
|
|
|
|
if test "$audit_header$with_audit" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR([AUDIT_ADD_USER AUDIT_DEL_USER AUDIT_ADD_GROUP or AUDIT_DEL_GROUP missing from libaudit.h])
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
if test "$audit_header" = "yes"; then
|
2007-10-07 11:47:11 +00:00
|
|
|
AC_CHECK_LIB(audit, audit_log_acct_message,
|
2008-04-16 20:09:03 +00:00
|
|
|
[audit_lib="yes"], [audit_lib="no"])
|
|
|
|
if test "$audit_lib$with_audit" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR([libaudit not found])
|
|
|
|
elif test "$audit_lib" = "no" ; then
|
|
|
|
with_audit="no"
|
|
|
|
else
|
|
|
|
AC_DEFINE(WITH_AUDIT, 1,
|
|
|
|
[Define if you want to enable Audit messages])
|
|
|
|
LIBAUDIT="-laudit"
|
|
|
|
with_audit="yes"
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
with_audit="no"
|
2007-10-07 11:47:01 +00:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2007-10-07 11:44:02 +00:00
|
|
|
AC_SUBST(LIBCRACK)
|
2007-10-07 11:46:34 +00:00
|
|
|
if test "$with_libcrack" = "yes"; then
|
2007-10-07 11:44:02 +00:00
|
|
|
echo "checking cracklib flavour, don't be surprised by the results"
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_CHECK_LIB(crack, FascistCheck,
|
|
|
|
[LIBCRACK=-lcrack AC_DEFINE(HAVE_LIBCRACK, 1, [Defined if you have libcrack.])])
|
|
|
|
AC_CHECK_LIB(crack, FascistHistory,
|
|
|
|
AC_DEFINE(HAVE_LIBCRACK_HIST, 1, [Defined if you have the ts&szs cracklib.]))
|
|
|
|
AC_CHECK_LIB(crack, FascistHistoryPw,
|
|
|
|
AC_DEFINE(HAVE_LIBCRACK_PW, 1, [Defined if it includes *Pw functions.]))
|
2007-10-07 11:44:02 +00:00
|
|
|
fi
|
|
|
|
|
2008-04-16 21:18:20 +00:00
|
|
|
AC_SUBST(LIBSELINUX)
|
|
|
|
if test "$with_selinux" != "no"; then
|
|
|
|
AC_CHECK_HEADERS(selinux/selinux.h, [selinux_header="yes"], [selinux_header="no"])
|
|
|
|
if test "$selinux_header$with_selinux" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR([selinux/selinux.h is missing])
|
|
|
|
elif test "$selinux_header" = "yes" ; then
|
|
|
|
AC_CHECK_LIB(selinux, is_selinux_enabled,
|
|
|
|
[selinux_lib="yes"], [selinux_lib="no"])
|
|
|
|
if test "$selinux_lib$with_selinux" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR([libselinux not found])
|
|
|
|
elif test "$selinux_lib" = "no" ; then
|
|
|
|
with_selinux="no"
|
|
|
|
else
|
|
|
|
AC_DEFINE(WITH_SELINUX, 1,
|
|
|
|
[Build shadow with SELinux support])
|
|
|
|
LIBSELINUX="-lselinux"
|
2008-04-16 21:24:14 +00:00
|
|
|
with_selinux="yes"
|
2008-04-16 21:18:20 +00:00
|
|
|
fi
|
|
|
|
else
|
|
|
|
with_selinux="no"
|
|
|
|
fi
|
2007-10-07 11:45:40 +00:00
|
|
|
fi
|
|
|
|
|
2010-01-24 16:53:15 +00:00
|
|
|
AC_SUBST(LIBTCB)
|
|
|
|
if test "$with_tcb" != "no"; then
|
|
|
|
AC_CHECK_HEADERS(tcb.h, [tcb_header="yes"], [tcb_header="no"])
|
|
|
|
if test "$tcb_header$with_tcb" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR([tcb.h is missing])
|
|
|
|
elif test "$tcb_header" = "yes" ; then
|
|
|
|
AC_CHECK_LIB(tcb, tcb_is_suspect, [tcb_lib="yes"], [tcb_lib="no"])
|
|
|
|
if test "$tcb_lib$with_tcb" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR([libtcb not found])
|
|
|
|
elif test "$tcb_lib" = "no" ; then
|
|
|
|
with_tcb="no"
|
|
|
|
else
|
|
|
|
AC_DEFINE(WITH_TCB, 1, [Build shadow with tcb support (incomplete)])
|
|
|
|
LIBTCB="-ltcb"
|
|
|
|
with_tcb="yes"
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
with_tcb="no"
|
|
|
|
fi
|
|
|
|
fi
|
2010-01-30 Paweł Hajdan, Jr. <phajdan.jr@gentoo.org>
* NEWS: Add support for TCB.
* lib/tcbfuncs.h, lib/tcbfuncs.c, lib/Makefile.am: New library to
support TCB.
* lib/prototypes, libmisc/copydir.c (remove_tree): Add boolean
parameter remove_root.
* configure.in: Add conditional WITH_TCB.
* src/userdel.c, src/usermod.c: Add support for TCB. Update call to
remove_tree().
* src/pwconv.c, src/pwunconv.c: Should not be used with TCB enabled.
* src/vipw.c: Add support for TCB. Update call to remove_tree().
* src/useradd.c: Add support for TCB. Open the shadow file outside
of open_files().
* src/chage.c: Add support for TCB.
* src/Makefile.am: Install passwd sgid shadow when TCB is enabled.
* lib/getdefs.c, man/vipw.8.xml, man/login.defs.5.xml,
man/login.defs/TCB_AUTH_GROUP.xml, man/login.defs/USE_TCB.xml,
man/login.defs/TCB_SYMLINKS.xml, man/generate_mans.mak,
man/generate_mans.deps, man/Makefile.am: New configuration
parameters: TCB_AUTH_GROUP, TCB_SYMLINKS, USE_TCB.
* lib/shadowio.c, lib/commonio.c: Add support for TCB.
2010-03-04 18:11:13 +00:00
|
|
|
AM_CONDITIONAL(WITH_TCB, test x$with_tcb = xyes)
|
2010-01-24 16:53:15 +00:00
|
|
|
|
2007-10-07 11:44:02 +00:00
|
|
|
AC_SUBST(LIBPAM)
|
2008-04-16 21:18:20 +00:00
|
|
|
if test "$with_libpam" != "no"; then
|
2007-10-07 11:44:51 +00:00
|
|
|
AC_CHECK_LIB(pam, pam_start,
|
2008-04-16 21:18:20 +00:00
|
|
|
[pam_lib="yes"], [pam_lib="no"])
|
|
|
|
if test "$pam_lib$with_libpam" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR(libpam not found)
|
|
|
|
fi
|
|
|
|
|
2008-07-21 21:14:06 +00:00
|
|
|
LIBPAM="-lpam"
|
|
|
|
pam_conv_function="no"
|
|
|
|
|
|
|
|
AC_CHECK_LIB(pam, openpam_ttyconv,
|
2008-07-21 22:45:08 +00:00
|
|
|
[pam_conv_function="openpam_ttyconv"],
|
|
|
|
AC_CHECK_LIB(pam_misc, misc_conv,
|
|
|
|
[pam_conv_function="misc_conv"; LIBPAM="$LIBPAM -lpam_misc"])
|
|
|
|
)
|
2008-07-21 21:14:06 +00:00
|
|
|
|
|
|
|
if test "$pam_conv_function$with_libpam" = "noyes" ; then
|
|
|
|
AC_MSG_ERROR(PAM conversation function not found)
|
2008-04-16 21:18:20 +00:00
|
|
|
fi
|
|
|
|
|
2008-07-21 21:14:06 +00:00
|
|
|
pam_headers_found=no
|
|
|
|
AC_CHECK_HEADERS( [security/openpam.h security/pam_misc.h],
|
2008-07-21 22:45:08 +00:00
|
|
|
[ pam_headers_found=yes ; break ], [],
|
|
|
|
[ #include <security/pam_appl.h> ] )
|
|
|
|
if test "$pam_headers_found$with_libpam" = "noyes" ; then
|
2008-07-21 21:14:06 +00:00
|
|
|
AC_MSG_ERROR(PAM headers not found)
|
2008-07-21 22:45:08 +00:00
|
|
|
fi
|
2008-07-21 21:14:06 +00:00
|
|
|
|
|
|
|
|
|
|
|
if test "$pam_lib$pam_headers_found" = "yesyes" -a "$pam_conv_function" != "no" ; then
|
2008-04-16 21:18:20 +00:00
|
|
|
with_libpam="yes"
|
|
|
|
else
|
|
|
|
with_libpam="no"
|
2009-05-03 22:46:26 +00:00
|
|
|
unset LIBPAM
|
2008-04-16 21:18:20 +00:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
dnl Now with_libpam is either yes or no
|
|
|
|
if test "$with_libpam" = "yes"; then
|
2008-07-21 21:14:06 +00:00
|
|
|
AC_CHECK_DECLS([PAM_ESTABLISH_CRED,
|
2008-07-21 22:45:08 +00:00
|
|
|
PAM_DELETE_CRED,
|
|
|
|
PAM_NEW_AUTHTOK_REQD,
|
|
|
|
PAM_DATA_SILENT],
|
|
|
|
[], [], [#include <security/pam_appl.h>])
|
2008-07-21 21:14:06 +00:00
|
|
|
|
|
|
|
|
|
|
|
save_libs=$LIBS
|
2008-08-31 17:27:16 +00:00
|
|
|
LIBS="$LIBS $LIBPAM"
|
|
|
|
# We do not use AC_CHECK_FUNCS to avoid duplicated definition with
|
|
|
|
# Linux PAM.
|
|
|
|
AC_CHECK_FUNC(pam_fail_delay, [AC_DEFINE(HAS_PAM_FAIL_DELAY, 1, [Define to 1 if you have the declaration of 'pam_fail_delay'])])
|
2008-07-21 21:14:06 +00:00
|
|
|
LIBS=$save_libs
|
|
|
|
|
2008-04-16 21:18:20 +00:00
|
|
|
AC_DEFINE(USE_PAM, 1, [Define to support Pluggable Authentication Modules])
|
2008-07-21 21:14:06 +00:00
|
|
|
AC_DEFINE_UNQUOTED(SHADOW_PAM_CONVERSATION, [$pam_conv_function],[PAM converstation to use])
|
2008-04-16 21:18:20 +00:00
|
|
|
AM_CONDITIONAL(USE_PAM, [true])
|
2008-07-21 21:14:06 +00:00
|
|
|
|
2007-10-07 11:44:51 +00:00
|
|
|
AC_MSG_CHECKING(use login and su access checking if PAM not used)
|
|
|
|
AC_MSG_RESULT(no)
|
|
|
|
else
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_DEFINE(SU_ACCESS, 1, [Define to support /etc/suauth su access control.])
|
2007-10-07 11:47:33 +00:00
|
|
|
AM_CONDITIONAL(USE_PAM, [false])
|
2008-04-16 21:18:20 +00:00
|
|
|
AC_MSG_CHECKING(use login and su access checking if PAM not used)
|
|
|
|
AC_MSG_RESULT(yes)
|
2007-10-07 11:44:02 +00:00
|
|
|
fi
|
|
|
|
|
2008-09-07 20:40:41 +00:00
|
|
|
if test "$enable_acct_tools_setuid" != "no"; then
|
* configure.in: Added option --enable-account-tools-setuid to
enable/disable the usage of PAM to authenticate the callers of
account management tools: chage, chgpasswd, chpasswd, groupadd,
groupdel, groupmod, useradd, userdel, usermod.
* src/Makefile.am: Do not link the above tools with libpam if
account-tools-setuid is disabled.
* src/userdel.c, src/newusers.c, src/chpasswd.c, src/usermod.c,
src/groupdel.c, src/chgpasswd.c, src/useradd.c, src/groupmod.c,
src/groupadd.c, src/chage.c: Implement ACCT_TOOLS_SETUID
(--enable-account-tools-setuid).
* etc/pam.d/Makefile.am: Install the pam service file for the
above tools only when needed.
* src/useradd.c, src/userdel.c, src/usermod.c: It is no more
needed to initialize retval to PAM_SUCCESS.
2008-09-06 21:35:37 +00:00
|
|
|
if test "$with_libpam" != "yes"; then
|
2008-09-07 20:40:41 +00:00
|
|
|
if test "$enable_acct_tools_setuid" = "yes"; then
|
|
|
|
AC_MSG_ERROR(PAM support is required for --enable-account-tools-setuid)
|
|
|
|
else
|
|
|
|
enable_acct_tools_setuid="no"
|
|
|
|
fi
|
2009-04-21 22:22:08 +00:00
|
|
|
else
|
|
|
|
enable_acct_tools_setuid="yes"
|
2008-09-07 20:40:41 +00:00
|
|
|
fi
|
2008-11-30 01:32:38 +00:00
|
|
|
if test "$enable_acct_tools_setuid" = "yes"; then
|
2008-09-07 20:40:41 +00:00
|
|
|
AC_DEFINE(ACCT_TOOLS_SETUID,
|
|
|
|
1,
|
|
|
|
[Define if account management tools should be installed setuid and authenticate the callers])
|
* configure.in: Added option --enable-account-tools-setuid to
enable/disable the usage of PAM to authenticate the callers of
account management tools: chage, chgpasswd, chpasswd, groupadd,
groupdel, groupmod, useradd, userdel, usermod.
* src/Makefile.am: Do not link the above tools with libpam if
account-tools-setuid is disabled.
* src/userdel.c, src/newusers.c, src/chpasswd.c, src/usermod.c,
src/groupdel.c, src/chgpasswd.c, src/useradd.c, src/groupmod.c,
src/groupadd.c, src/chage.c: Implement ACCT_TOOLS_SETUID
(--enable-account-tools-setuid).
* etc/pam.d/Makefile.am: Install the pam service file for the
above tools only when needed.
* src/useradd.c, src/userdel.c, src/usermod.c: It is no more
needed to initialize retval to PAM_SUCCESS.
2008-09-06 21:35:37 +00:00
|
|
|
fi
|
|
|
|
fi
|
|
|
|
AM_CONDITIONAL(ACCT_TOOLS_SETUID, test "x$enable_acct_tools_setuid" = "xyes")
|
|
|
|
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_SUBST(LIBSKEY)
|
|
|
|
AC_SUBST(LIBMD)
|
2007-10-07 11:47:01 +00:00
|
|
|
if test "$with_skey" = "yes"; then
|
2007-10-07 11:46:34 +00:00
|
|
|
AC_CHECK_LIB(md, MD5Init, [LIBMD=-lmd])
|
|
|
|
AC_CHECK_LIB(skey, skeychallenge, [LIBSKEY=-lskey],
|
|
|
|
[AC_MSG_ERROR([liskey missing. You can download S/Key source code from http://rsync1.it.gentoo.org/gentoo/distfiles/skey-1.1.5.tar.bz2])])
|
|
|
|
AC_DEFINE(SKEY, 1, [Define to support S/Key logins.])
|
2007-10-07 11:47:22 +00:00
|
|
|
AC_TRY_COMPILE([
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <skey.h>
|
|
|
|
],[
|
|
|
|
skeychallenge((void*)0, (void*)0, (void*)0, 0);
|
|
|
|
],[AC_DEFINE(SKEY_BSD_STYLE, 1, [Define to support newer BSD S/Key API])])
|
2007-10-07 11:46:34 +00:00
|
|
|
fi
|
|
|
|
|
2009-04-27 20:03:48 +00:00
|
|
|
if test "$enable_utmpx" = "yes"; then
|
|
|
|
if test "$ac_cv_header_utmpx_h" != "yes"; then
|
|
|
|
AC_MSG_ERROR([The utmpx.h header file is required for utmpx support.])
|
|
|
|
fi
|
|
|
|
AC_DEFINE(USE_UTMPX,
|
|
|
|
1,
|
|
|
|
[Define if utmpx should be used])
|
|
|
|
fi
|
|
|
|
|
2009-07-23 21:02:03 +00:00
|
|
|
AC_DEFINE_UNQUOTED(SHELL, ["$SHELL"], [The default shell.])
|
2009-07-22 13:30:06 +00:00
|
|
|
|
2007-10-27 23:22:11 +00:00
|
|
|
AM_GNU_GETTEXT_VERSION(0.16)
|
2007-10-07 11:46:52 +00:00
|
|
|
AM_GNU_GETTEXT([external], [need-ngettext])
|
2007-10-07 11:47:22 +00:00
|
|
|
AM_CONDITIONAL(USE_NLS, test "x$USE_NLS" = "xyes")
|
2007-10-07 11:44:02 +00:00
|
|
|
|
2007-10-07 11:45:23 +00:00
|
|
|
AC_CONFIG_FILES([
|
2007-10-07 11:44:51 +00:00
|
|
|
Makefile
|
|
|
|
po/Makefile.in
|
|
|
|
doc/Makefile
|
|
|
|
man/Makefile
|
2008-12-23 22:36:44 +00:00
|
|
|
man/config.xml
|
2011-02-12 14:57:37 +00:00
|
|
|
man/po/Makefile
|
2007-10-07 11:45:14 +00:00
|
|
|
man/cs/Makefile
|
|
|
|
man/de/Makefile
|
2007-10-07 11:45:23 +00:00
|
|
|
man/es/Makefile
|
2007-10-07 11:47:11 +00:00
|
|
|
man/fi/Makefile
|
2007-10-07 11:45:14 +00:00
|
|
|
man/fr/Makefile
|
2007-10-07 11:44:59 +00:00
|
|
|
man/hu/Makefile
|
2007-10-07 11:45:14 +00:00
|
|
|
man/id/Makefile
|
|
|
|
man/it/Makefile
|
2007-10-07 11:44:51 +00:00
|
|
|
man/ja/Makefile
|
2007-10-07 11:45:14 +00:00
|
|
|
man/ko/Makefile
|
2007-10-07 11:44:51 +00:00
|
|
|
man/pl/Makefile
|
|
|
|
man/pt_BR/Makefile
|
2007-10-07 11:45:23 +00:00
|
|
|
man/ru/Makefile
|
2007-10-07 11:47:57 +00:00
|
|
|
man/sv/Makefile
|
2007-10-07 11:47:11 +00:00
|
|
|
man/tr/Makefile
|
2007-10-07 11:45:23 +00:00
|
|
|
man/zh_CN/Makefile
|
|
|
|
man/zh_TW/Makefile
|
2007-10-07 11:44:51 +00:00
|
|
|
libmisc/Makefile
|
|
|
|
lib/Makefile
|
|
|
|
src/Makefile
|
|
|
|
contrib/Makefile
|
|
|
|
etc/Makefile
|
|
|
|
etc/pam.d/Makefile
|
2007-10-07 11:45:23 +00:00
|
|
|
shadow.spec
|
|
|
|
])
|
|
|
|
AC_OUTPUT
|
2007-10-07 11:47:01 +00:00
|
|
|
|
|
|
|
echo
|
2007-10-07 11:48:07 +00:00
|
|
|
echo "shadow will be compiled with the following features:"
|
2007-10-07 11:47:01 +00:00
|
|
|
echo
|
|
|
|
echo " auditing support: $with_audit"
|
|
|
|
echo " CrackLib support: $with_libcrack"
|
|
|
|
echo " PAM support: $with_libpam"
|
* configure.in: Added option --enable-account-tools-setuid to
enable/disable the usage of PAM to authenticate the callers of
account management tools: chage, chgpasswd, chpasswd, groupadd,
groupdel, groupmod, useradd, userdel, usermod.
* src/Makefile.am: Do not link the above tools with libpam if
account-tools-setuid is disabled.
* src/userdel.c, src/newusers.c, src/chpasswd.c, src/usermod.c,
src/groupdel.c, src/chgpasswd.c, src/useradd.c, src/groupmod.c,
src/groupadd.c, src/chage.c: Implement ACCT_TOOLS_SETUID
(--enable-account-tools-setuid).
* etc/pam.d/Makefile.am: Install the pam service file for the
above tools only when needed.
* src/useradd.c, src/userdel.c, src/usermod.c: It is no more
needed to initialize retval to PAM_SUCCESS.
2008-09-06 21:35:37 +00:00
|
|
|
if test "$with_libpam" = "yes"; then
|
|
|
|
echo " suid account management tools: $enable_acct_tools_setuid"
|
|
|
|
fi
|
2007-10-07 11:47:01 +00:00
|
|
|
echo " SELinux support: $with_selinux"
|
2010-03-30 21:01:27 +00:00
|
|
|
echo " ACL support: $with_acl"
|
|
|
|
echo " Extended Attributes support: $with_attr"
|
2010-01-24 16:53:15 +00:00
|
|
|
echo " tcb support (incomplete): $with_tcb"
|
2007-10-07 11:47:01 +00:00
|
|
|
echo " shadow group support: $enable_shadowgrp"
|
|
|
|
echo " S/Key support: $with_skey"
|
* configure.in: New configure option: --with-sha-crypt enabled by
default. Keeping the feature enabled is safe. Disabling it permits
to disable the references to the SHA256 and SHA512 password
encryption algorithms from the usage help and manuals (in addition
to the support for these algorithms in the code).
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is
always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT
preprocessor condition.
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and
SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a
subset of the ENCRYPTMETHOD_SELECT sections).
2007-11-24 13:08:08 +00:00
|
|
|
echo " SHA passwords encryption: $with_sha_crypt"
|
2008-08-30 18:30:36 +00:00
|
|
|
echo " nscd support: $with_nscd"
|
2007-10-07 11:47:01 +00:00
|
|
|
echo
|