forked from pool/shadow
Accepting request 316943 from home:jkeil:branches:Base:System
- Add systemd unit files to continuously check password & groupfile integrity * Idea from Arch Linux * pending request to systemd-presets-branding-openSUSE to enable by default OBS-URL: https://build.opensuse.org/request/show/316943 OBS-URL: https://build.opensuse.org/package/show/Base:System/shadow?expand=0&rev=17
This commit is contained in:
parent
c2bce11198
commit
bac7fc27fa
@ -1,3 +1,10 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Jul 15 13:25:11 UTC 2015 - jkeil@suse.de
|
||||||
|
|
||||||
|
- Add systemd unit files to continuously check password & groupfile integrity
|
||||||
|
* Idea from Arch Linux
|
||||||
|
* pending request to systemd-presets-branding-openSUSE to enable by default
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Mar 31 22:00:00 UTC 2014 - tbehrens@suse.com
|
Mon Mar 31 22:00:00 UTC 2014 - tbehrens@suse.com
|
||||||
|
|
||||||
|
10
shadow.service
Normal file
10
shadow.service
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Verify integrity of password and group files
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=/usr/sbin/pwck -r
|
||||||
|
ExecStart=/usr/sbin/grpck -r
|
||||||
|
Nice=19
|
||||||
|
IOSchedulingClass=best-effort
|
||||||
|
IOSchedulingPriority=7
|
19
shadow.spec
19
shadow.spec
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package shadow
|
# spec file for package shadow
|
||||||
#
|
#
|
||||||
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -29,6 +29,8 @@ Source2: README.changes-pwdutils
|
|||||||
Source3: useradd.local
|
Source3: useradd.local
|
||||||
Source4: userdel-pre.local
|
Source4: userdel-pre.local
|
||||||
Source5: userdel-post.local
|
Source5: userdel-post.local
|
||||||
|
Source6: shadow.service
|
||||||
|
Source7: shadow.timer
|
||||||
Patch: shadow-login_defs.diff
|
Patch: shadow-login_defs.diff
|
||||||
Patch1: userdel-scripts.diff
|
Patch1: userdel-scripts.diff
|
||||||
Patch2: useradd-script.diff
|
Patch2: useradd-script.diff
|
||||||
@ -102,6 +104,8 @@ make install DESTDIR=$RPM_BUILD_ROOT gnulocaledir=$RPM_BUILD_ROOT/%{_datadir}/lo
|
|||||||
install -m 0755 %SOURCE3 $RPM_BUILD_ROOT/%{_sbindir}/
|
install -m 0755 %SOURCE3 $RPM_BUILD_ROOT/%{_sbindir}/
|
||||||
install -m 0755 %SOURCE4 $RPM_BUILD_ROOT/%{_sbindir}/
|
install -m 0755 %SOURCE4 $RPM_BUILD_ROOT/%{_sbindir}/
|
||||||
install -m 0755 %SOURCE5 $RPM_BUILD_ROOT/%{_sbindir}/
|
install -m 0755 %SOURCE5 $RPM_BUILD_ROOT/%{_sbindir}/
|
||||||
|
install -Dm644 %{S:6} %{buildroot}%{_unitdir}/shadow.service
|
||||||
|
install -Dm644 %{S:7} %{buildroot}%{_unitdir}/shadow.timer
|
||||||
|
|
||||||
# Remove binaries we don't use.
|
# Remove binaries we don't use.
|
||||||
rm $RPM_BUILD_ROOT/%{_bindir}/groups
|
rm $RPM_BUILD_ROOT/%{_bindir}/groups
|
||||||
@ -166,6 +170,9 @@ rm -rf $RPM_BUILD_ROOT%{_mandir}/{??,??_??}
|
|||||||
%clean
|
%clean
|
||||||
rm -rf $RPM_BUILD_ROOT
|
rm -rf $RPM_BUILD_ROOT
|
||||||
|
|
||||||
|
%pre
|
||||||
|
%service_add_pre shadow.service shadow.timer
|
||||||
|
|
||||||
%post
|
%post
|
||||||
%set_permissions /usr/bin/chage
|
%set_permissions /usr/bin/chage
|
||||||
%set_permissions /usr/bin/chfn
|
%set_permissions /usr/bin/chfn
|
||||||
@ -184,6 +191,14 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%verify_permissions /usr/bin/newgrp
|
%verify_permissions /usr/bin/newgrp
|
||||||
%verify_permissions /usr/bin/passwd
|
%verify_permissions /usr/bin/passwd
|
||||||
|
|
||||||
|
%service_add_post shadow.service shadow.timer
|
||||||
|
|
||||||
|
%preun
|
||||||
|
%service_del_preun shadow.service shadow.timer
|
||||||
|
|
||||||
|
%postun
|
||||||
|
%service_del_postun shadow.service shadow.timer
|
||||||
|
|
||||||
%files -f shadow.lang
|
%files -f shadow.lang
|
||||||
%defattr(-,root,root)
|
%defattr(-,root,root)
|
||||||
%doc NEWS doc/HOWTO README README.changes-pwdutils
|
%doc NEWS doc/HOWTO README README.changes-pwdutils
|
||||||
@ -254,4 +269,6 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%{_mandir}/man8/vigr.8*
|
%{_mandir}/man8/vigr.8*
|
||||||
%{_mandir}/man8/vipw.8*
|
%{_mandir}/man8/vipw.8*
|
||||||
|
|
||||||
|
%{_unitdir}/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
7
shadow.timer
Normal file
7
shadow.timer
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Daily verification of password and group files
|
||||||
|
|
||||||
|
[Timer]
|
||||||
|
OnCalendar=daily
|
||||||
|
AccuracySec=12h
|
||||||
|
Persistent=true
|
Loading…
Reference in New Issue
Block a user