[Pkg-shadow-devel] [PATCH v2 3/5] Filter out non-applicable settings from login.defs when compiled with PAM support.

Dimitri John Ledkov dimitri.j.ledkov at intel.com
Wed Apr 1 12:43:29 UTC 2015 

This is similar to manpage generation, which excludes documentation
for non-PAM settings.
---
 configure.in                      |  1 +
 etc/Makefile.am                   | 13 ++++++++++++-
 etc/{login.defs => login.defs.m4} | 26 ++++++++++++++++++++++++--
 3 files changed, 37 insertions(+), 3 deletions(-)
 rename etc/{login.defs => login.defs.m4} (96%)

diff --git a/configure.in b/configure.in
index a55f125..d025bc7 100644
--- a/configure.in
+++ b/configure.in
@@ -20,6 +20,7 @@ AC_ISC_POSIX
 AC_PROG_LN_S
 AC_PROG_YACC
 AM_PROG_LIBTOOL
+AC_PATH_PROG([M4], [m4])
 
 dnl Checks for libraries.
 
diff --git a/etc/Makefile.am b/etc/Makefile.am
index cc31c60..1f4d351 100644
--- a/etc/Makefile.am
+++ b/etc/Makefile.am
@@ -3,6 +3,17 @@
 
 sysconf_DATA = login.defs
 
+BUILT_SOURCES = login.defs
+CLEANFILES = $(BUILT_SOURCES)
+
+M4_DEFINES=
+if USE_PAM
+M4_DEFINES += -DUSE_PAM
+endif
+
+login.defs: login.defs.m4
+	$(M4) -P $(M4_DEFINES) < $< > $@
+
 defaultdir = $(sysconfdir)/default
 default_DATA = \
 	useradd
@@ -17,8 +28,8 @@ nonpam_DATA = $(nonpam_files)
 endif
 
 EXTRA_DIST = \
+	login.defs.m4 \
 	$(nonpam_files) \
-	$(sysconf_DATA) \
 	$(default_DATA)
 
 SUBDIRS = pam.d
diff --git a/etc/login.defs b/etc/login.defs.m4
similarity index 96%
rename from etc/login.defs
rename to etc/login.defs.m4
index 8dd7c44..a45550e 100644
--- a/etc/login.defs
+++ b/etc/login.defs.m4
@@ -1,8 +1,6 @@
 #
 # /etc/login.defs - Configuration control definitions for the shadow package.
 #
-#	$Id$
-#
 
 #
 # Delay in seconds before being allowed another attempt after a login failure
@@ -11,11 +9,13 @@
 #
 FAIL_DELAY		3
 
+m4_ifdef(`USE_PAM',`',
 #
 # Enable logging and display of /var/log/faillog login(1) failure info.
 #
 FAILLOG_ENAB		yes
 
+)m4_dnl
 #
 # Enable display of unknown usernames when login(1) failures are recorded.
 #
@@ -39,6 +39,7 @@ LASTLOG_ENAB		yes
 #
 MAIL_CHECK_ENAB		yes
 
+m4_ifdef(`USE_PAM',`',
 #
 # Enable additional checks upon password changes.
 #
@@ -54,6 +55,7 @@ PORTTIME_CHECKS_ENAB	yes
 #
 QUOTAS_ENAB		yes
 
+)m4_dnl
 #
 # Enable "syslog" logging of su(1) activity - in addition to sulog file logging.
 # SYSLOG_SG_ENAB does the same for newgrp(1) and sg(1).
@@ -74,6 +76,7 @@ CONSOLE		/etc/securetty
 #
 #SULOG_FILE	/var/log/sulog
 
+m4_ifdef(`USE_PAM',`',
 #
 # If defined, ":" delimited list of "message of the day" files to
 # be displayed upon login.
@@ -86,12 +89,14 @@ MOTD_FILE	/etc/motd
 #
 #ISSUE_FILE	/etc/issue
 
+)m4_dnl
 #
 # If defined, file which maps tty line to TERM environment parameter.
 # Each line of the file is in a format similar to "vt100  tty01".
 #
 #TTYTYPE_FILE	/etc/ttytype
 
+m4_ifdef(`USE_PAM',`',
 #
 # If defined, login(1) failures will be logged here in a utmp format.
 # last(1), when invoked as lastb(1), will read /var/log/btmp, so...
@@ -105,6 +110,7 @@ FTMP_FILE	/var/log/btmp
 #
 NOLOGINS_FILE	/etc/nologin
 
+)m4_dnl
 #
 # If defined, the command name to display when running "su -".  For
 # example, if this is defined as "su" then ps(1) will display the
@@ -130,6 +136,7 @@ MAIL_DIR	/var/spool/mail
 HUSHLOGIN_FILE	.hushlogin
 #HUSHLOGIN_FILE	/etc/hushlogins
 
+m4_ifdef(`USE_PAM',`',
 #
 # If defined, either a TZ environment parameter spec or the
 # fully-rooted pathname of a file containing such a spec.
@@ -145,6 +152,7 @@ ENV_HZ		HZ=100
 # For Linux/Alpha...
 #ENV_HZ		HZ=1024
 
+)m4_dnl
 #
 # *REQUIRED*  The default PATH settings, for superuser and normal users.
 #
@@ -171,7 +179,9 @@ TTYPERM		0600
 #
 #	ERASECHAR	Terminal ERASE character ('\010' = backspace).
 #	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+m4_ifdef(`USE_PAM',`',
 #	ULIMIT		Default "ulimit" value.
+)m4_dnl
 #
 # The ERASECHAR and KILLCHAR are used only on System V machines.
 # The ULIMIT is used only if the system supports it.
@@ -181,7 +191,9 @@ TTYPERM		0600
 #
 ERASECHAR	0177
 KILLCHAR	025
+m4_ifdef(`USE_PAM',`',
 #ULIMIT		2097152
+)m4_dnl
 
 # Default initial "umask" value used by login(1) on non-PAM enabled systems.
 # Default "umask" value for pam_umask(8) on PAM enabled systems.
@@ -197,14 +209,19 @@ UMASK		022
 #
 #	PASS_MAX_DAYS	Maximum number of days a password may be used.
 #	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+m4_ifdef(`USE_PAM',`',
 #	PASS_MIN_LEN	Minimum acceptable password length.
+)m4_dnl
 #	PASS_WARN_AGE	Number of days warning given before a password expires.
 #
 PASS_MAX_DAYS	99999
 PASS_MIN_DAYS	0
+m4_ifdef(`USE_PAM',`',
 PASS_MIN_LEN	5
+)m4_dnl
 PASS_WARN_AGE	7
 
+m4_ifdef(`USE_PAM',`',
 #
 # If "yes", the user must be listed as a member of the first gid 0 group
 # in /etc/group (called "root" on most Linux systems) to be able to "su"
@@ -218,6 +235,7 @@ SU_WHEEL_ONLY	no
 #
 CRACKLIB_DICTPATH	/var/cache/cracklib/cracklib_dict
 
+)m4_dnl
 #
 # Min/max values for automatic uid selection in useradd(8)
 #
@@ -254,6 +272,7 @@ LOGIN_RETRIES		5
 #
 LOGIN_TIMEOUT		60
 
+m4_ifdef(`USE_PAM',`',
 #
 # Maximum number of attempts to change password if rejected (too easy)
 #
@@ -276,6 +295,7 @@ PASS_ALWAYS_WARN	yes
 #
 CHFN_AUTH		yes
 
+)m4_dnl
 #
 # Which fields may be changed by regular users using chfn(1) - use
 # any combination of letters "frwh" (full name, room number, work
@@ -352,12 +372,14 @@ CHFN_RESTRICT		rwh
 #
 DEFAULT_HOME	yes
 
+m4_ifdef(`USE_PAM',`',
 #
 # If this file exists and is readable, login environment will be
 # read from it.  Every line should be in the form name=value.
 #
 ENVIRON_FILE	/etc/environment
 
+)m4_dnl
 #
 # If defined, this command is run when removing a user.
 # It should remove any at/cron/print jobs etc. owned by
-- 
2.1.0

More information about the Pkg-shadow-devel mailing list