7.6. Shadow-4.2.1

The Shadow package contains programs for handling passwords in a secure way.

7.6.1. Installation of Shadow

Run the following sed command to disable the installation of the groups and nologin programs, as better versions of these programs are provided by other packages, and prevent Shadow from setting the suid bit on its installed programs:

cp -v src/Makefile.in{,.orig}
sed -e 's/groups$(EXEEXT) //' \
    -e 's/= nologin$(EXEEXT)/= /' \
    -e 's/\(^suidu*bins = \).*/\1/' \
    src/Makefile.in.orig > src/Makefile.in

Tell Shadow to use passwd in /tools/bin:

cat > config.cache << "EOF"
shadow_cv_passwd_dir=/tools/bin
EOF

Prepare Shadow for compilation:

./configure --prefix=/tools \
    --build=${CLFS_HOST} --host=${CLFS_TARGET} --cache-file=config.cache \
    --enable-subordinate-ids=no

The meaning of the configure options:

--enable-subordinate-ids=no

Disable subordinate ids option during cross-compile.

Append to config.h since a test program will not be ran when cross-compiling:

echo "#define ENABLE_SUBUIDS 1" >> config.h

Compile the package:

make

Install the package:

make install

Details on this package are located in Section 10.23.4, “Contents of Shadow.”