From bede0f2a64132d561bd1dd32f52e1a92e9fdcd61 Mon Sep 17 00:00:00 2001
From: Luis <lumaro@disroot.org>
Date: Sun, 22 Oct 2023 12:37:22 +0000
Subject: [PATCH] shadow: hashing algorithm changed from SHA512 to yescrypt

---
 testing/shadow/.checksums      |  2 ++
 testing/shadow/.pkgfiles       | 56 ++++++++++++++++++++++++++++++++++
 testing/shadow/post-install.sh |  5 +++
 testing/shadow/pwck            |  7 +++++
 testing/shadow/spkgbuild       | 38 +++++++++++++++++++++++
 5 files changed, 108 insertions(+)
 create mode 100644 testing/shadow/.checksums
 create mode 100644 testing/shadow/.pkgfiles
 create mode 100644 testing/shadow/post-install.sh
 create mode 100644 testing/shadow/pwck
 create mode 100644 testing/shadow/spkgbuild

diff --git a/testing/shadow/.checksums b/testing/shadow/.checksums
new file mode 100644
index 000000000..8c8c9945e
--- /dev/null
+++ b/testing/shadow/.checksums
@@ -0,0 +1,2 @@
+11f5b3140ca4cef4dee8034091af88cc  pwck
+674950d5545fb29463af51c244ce2121  shadow-4.14.1.tar.xz
diff --git a/testing/shadow/.pkgfiles b/testing/shadow/.pkgfiles
new file mode 100644
index 000000000..7ae442955
--- /dev/null
+++ b/testing/shadow/.pkgfiles
@@ -0,0 +1,56 @@
+shadow-4.14.1-2
+drwxr-xr-x root/root    bin/
+-rwxr-xr-x root/root    bin/getsubids
+-rwxr-xr-x root/root    bin/login
+-rwsr-xr-x root/root    bin/su
+drwxr-xr-x root/root    etc/
+drwxr-xr-x root/root    etc/cron/
+drwxr-xr-x root/root    etc/cron/daily/
+-rwxr-xr-x root/root    etc/cron/daily/pwck
+-rw-r--r-- root/root    etc/limits
+-rw-r--r-- root/root    etc/login.access
+-rw-r--r-- root/root    etc/login.defs
+drwxr-xr-x root/root    lib/
+lrwxrwxrwx root/root    lib/libsubid.so -> libsubid.so.4.0.0
+lrwxrwxrwx root/root    lib/libsubid.so.4 -> libsubid.so.4.0.0
+-rwxr-xr-x root/root    lib/libsubid.so.4.0.0
+drwxr-xr-x root/root    sbin/
+-rwxr-xr-x root/root    sbin/nologin
+drwxr-xr-x root/root    usr/
+drwxr-xr-x root/root    usr/bin/
+-rwsr-xr-x root/root    usr/bin/chage
+-rwsr-xr-x root/root    usr/bin/chfn
+-rwsr-xr-x root/root    usr/bin/chsh
+-rwsr-xr-x root/root    usr/bin/expiry
+-rwxr-xr-x root/root    usr/bin/faillog
+-rwsr-xr-x root/root    usr/bin/gpasswd
+-rwxr-xr-x root/root    usr/bin/lastlog
+-rwsr-xr-x root/root    usr/bin/newgidmap
+-rwsr-xr-x root/root    usr/bin/newgrp
+-rwsr-xr-x root/root    usr/bin/newuidmap
+-rwsr-xr-x root/root    usr/bin/passwd
+lrwxrwxrwx root/root    usr/bin/sg -> newgrp
+drwxr-xr-x root/root    usr/include/
+drwxr-xr-x root/root    usr/include/shadow/
+-rw-r--r-- root/root    usr/include/shadow/subid.h
+drwxr-xr-x root/root    usr/sbin/
+-rwxr-xr-x root/root    usr/sbin/chgpasswd
+-rwxr-xr-x root/root    usr/sbin/chpasswd
+-rwxr-xr-x root/root    usr/sbin/groupadd
+-rwxr-xr-x root/root    usr/sbin/groupdel
+-rwxr-xr-x root/root    usr/sbin/groupmems
+-rwxr-xr-x root/root    usr/sbin/groupmod
+-rwxr-xr-x root/root    usr/sbin/grpck
+-rwxr-xr-x root/root    usr/sbin/grpconv
+-rwxr-xr-x root/root    usr/sbin/grpunconv
+-rwxr-xr-x root/root    usr/sbin/logoutd
+-rwxr-xr-x root/root    usr/sbin/newusers
+-rwxr-xr-x root/root    usr/sbin/pwck
+-rwxr-xr-x root/root    usr/sbin/pwconv
+-rwxr-xr-x root/root    usr/sbin/pwunconv
+-rwxr-xr-x root/root    usr/sbin/useradd
+-rwxr-xr-x root/root    usr/sbin/userdel
+-rwxr-xr-x root/root    usr/sbin/usermod
+lrwxrwxrwx root/root    usr/sbin/vigr -> vipw
+-rwxr-xr-x root/root    usr/sbin/vipw
+drwxr-xr-x root/root    usr/share/
diff --git a/testing/shadow/post-install.sh b/testing/shadow/post-install.sh
new file mode 100644
index 000000000..b6f8199ce
--- /dev/null
+++ b/testing/shadow/post-install.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+if [ -x usr/sbin/pwconv -a -x usr/sbin/grpconv ]; then
+	pwconv && grpconv
+fi
diff --git a/testing/shadow/pwck b/testing/shadow/pwck
new file mode 100644
index 000000000..e7852f46f
--- /dev/null
+++ b/testing/shadow/pwck
@@ -0,0 +1,7 @@
+#!/bin/sh
+#
+# /etc/cron/daily/pwck: verify integrity of password and group files
+#
+
+/usr/sbin/pwck -r
+/usr/sbin/grpck -r
diff --git a/testing/shadow/spkgbuild b/testing/shadow/spkgbuild
new file mode 100644
index 000000000..74b49f967
--- /dev/null
+++ b/testing/shadow/spkgbuild
@@ -0,0 +1,38 @@
+# description	: Programs for handling passwords in a secure way
+# homepage	: https://github.com/shadow-maint/shadow
+# depends	: acl
+
+name=shadow
+version=4.14.1
+release=2
+source="https://github.com/shadow-maint/$name/releases/download/$version/$name-$version.tar.xz
+	pwck"
+
+build() {
+	cd $name-$version
+
+	sed -i 's/groups$(EXEEXT) //' src/Makefile.in
+	find man -name Makefile.in -exec sed -i 's/groups\.1 / /'   {} \;
+	find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \;
+	find man -name Makefile.in -exec sed -i 's/passwd\.5 / /'   {} \;
+
+	sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD YESCRYPT@' etc/login.defs
+
+	./configure \
+		--prefix=/usr \
+		--sysconfdir=/etc \
+		--disable-logind \
+		--disable-nsl \
+		--disable-static \
+		--enable-lastlog \
+		--with-yescrypt \
+		--without-libbsd \
+		--without-libpam \
+		--with-group-name-max-length=32 
+
+	make
+	make DESTDIR=$PKG install
+
+	mkdir -p $PKG/bin $PKG/etc/cron/daily
+	install -m 755 $SRC/pwck $PKG/etc/cron/daily
+}