Generate /etc/shadow and /etc/gshadow files instead of copying them.

These files are not accessible by regular users in properly configured
build system, so copying them from should fail.
Hence, they should be just generated in %{buildroot}
from /etc/passwd and /etc/group files, not copied.

Signed-off-by: Oleg Girko <oleg.girko@jolla.com>

sb2-tools-aarch64.spec

@@ -41,6 +41,8 @@ It is not intended to be used in a normal system!
 mkdir -p %buildroot
 rpm -ql %packages_in_tools %cross_compilers > filestoinclude1
 cat > filestoignore << EOF
+/etc/shadow
+/etc/gshadow
 /usr/share/man
 /root
 /var/lib/rpm
@@ -62,6 +64,11 @@ EOF
 grep -vf filestoignore filestoinclude1 | sort | uniq > filestoinclude2
 tar --no-recursion -T filestoinclude2 -cpf - | ( cd %buildroot && fakeroot tar -xvpf - )
 
+sed 's|:.*$|:*:16229:0:99999:7:::|' < /etc/passwd > %{buildroot}/etc/shadow
+sed 's|:.*$|:*::|' < /etc/group > %{buildroot}/etc/gshadow
+chmod 0400 %buildroot/etc/shadow
+chmod 0400 %buildroot/etc/gshadow
+
 mkdir -p %buildroot/root/
 mkdir -p %buildroot/var/lib/rpm/
 mkdir -p %buildroot/etc/
@@ -118,6 +125,8 @@ rm -rf $RPM_BUILD_ROOT
 %dir /var/lib/rpm/
 %dir /var/cache/ldconfig/
 /etc/securetty
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/shadow
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/gshadow
 
 %files dependency
 %defattr(-,root,root)

sb2-tools-armv6l.spec

@@ -41,6 +41,8 @@ It is not intended to be used in a normal system!
 mkdir -p %buildroot
 rpm -ql %packages_in_tools %cross_compilers > filestoinclude1
 cat > filestoignore << EOF
+/etc/shadow
+/etc/gshadow
 /usr/share/man
 /root
 /var/lib/rpm
@@ -62,6 +64,11 @@ EOF
 grep -vf filestoignore filestoinclude1 | sort | uniq > filestoinclude2
 tar --no-recursion -T filestoinclude2 -cpf - | ( cd %buildroot && fakeroot tar -xvpf - )
 
+sed 's|:.*$|:*:16229:0:99999:7:::|' < /etc/passwd > %{buildroot}/etc/shadow
+sed 's|:.*$|:*::|' < /etc/group > %{buildroot}/etc/gshadow
+chmod 0400 %buildroot/etc/shadow
+chmod 0400 %buildroot/etc/gshadow
+
 mkdir -p %buildroot/root/
 mkdir -p %buildroot/var/lib/rpm/
 mkdir -p %buildroot/etc/
@@ -118,6 +125,8 @@ rm -rf $RPM_BUILD_ROOT
 %dir /var/lib/rpm/
 %dir /var/cache/ldconfig/
 /etc/securetty
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/shadow
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/gshadow
 
 %files dependency
 %defattr(-,root,root)

sb2-tools-armv7hl.spec

@@ -41,6 +41,8 @@ It is not intended to be used in a normal system!
 mkdir -p %buildroot
 rpm -ql %packages_in_tools %cross_compilers > filestoinclude1
 cat > filestoignore << EOF
+/etc/shadow
+/etc/gshadow
 /usr/share/man
 /root
 /var/lib/rpm
@@ -62,6 +64,11 @@ EOF
 grep -vf filestoignore filestoinclude1 | sort | uniq > filestoinclude2
 tar --no-recursion -T filestoinclude2 -cpf - | ( cd %buildroot && fakeroot tar -xvpf - )
 
+sed 's|:.*$|:*:16229:0:99999:7:::|' < /etc/passwd > %{buildroot}/etc/shadow
+sed 's|:.*$|:*::|' < /etc/group > %{buildroot}/etc/gshadow
+chmod 0400 %buildroot/etc/shadow
+chmod 0400 %buildroot/etc/gshadow
+
 mkdir -p %buildroot/root/
 mkdir -p %buildroot/var/lib/rpm/
 mkdir -p %buildroot/etc/
@@ -118,6 +125,8 @@ rm -rf $RPM_BUILD_ROOT
 %dir /var/lib/rpm/
 %dir /var/cache/ldconfig/
 /etc/securetty
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/shadow
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/gshadow
 
 %files dependency
 %defattr(-,root,root)

sb2-tools-armv7l.spec

@@ -41,6 +41,8 @@ It is not intended to be used in a normal system!
 mkdir -p %buildroot
 rpm -ql %packages_in_tools %cross_compilers > filestoinclude1
 cat > filestoignore << EOF
+/etc/shadow
+/etc/gshadow
 /usr/share/man
 /root
 /var/lib/rpm
@@ -62,6 +64,11 @@ EOF
 grep -vf filestoignore filestoinclude1 | sort | uniq > filestoinclude2
 tar --no-recursion -T filestoinclude2 -cpf - | ( cd %buildroot && fakeroot tar -xvpf - )
 
+sed 's|:.*$|:*:16229:0:99999:7:::|' < /etc/passwd > %{buildroot}/etc/shadow
+sed 's|:.*$|:*::|' < /etc/group > %{buildroot}/etc/gshadow
+chmod 0400 %buildroot/etc/shadow
+chmod 0400 %buildroot/etc/gshadow
+
 mkdir -p %buildroot/root/
 mkdir -p %buildroot/var/lib/rpm/
 mkdir -p %buildroot/etc/
@@ -118,6 +125,8 @@ rm -rf $RPM_BUILD_ROOT
 %dir /var/lib/rpm/
 %dir /var/cache/ldconfig/
 /etc/securetty
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/shadow
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/gshadow
 
 %files dependency
 %defattr(-,root,root)

sb2-tools-armv7thl.spec

@@ -41,6 +41,8 @@ It is not intended to be used in a normal system!
 mkdir -p %buildroot
 rpm -ql %packages_in_tools %cross_compilers > filestoinclude1
 cat > filestoignore << EOF
+/etc/shadow
+/etc/gshadow
 /usr/share/man
 /root
 /var/lib/rpm
@@ -62,6 +64,11 @@ EOF
 grep -vf filestoignore filestoinclude1 | sort | uniq > filestoinclude2
 tar --no-recursion -T filestoinclude2 -cpf - | ( cd %buildroot && fakeroot tar -xvpf - )
 
+sed 's|:.*$|:*:16229:0:99999:7:::|' < /etc/passwd > %{buildroot}/etc/shadow
+sed 's|:.*$|:*::|' < /etc/group > %{buildroot}/etc/gshadow
+chmod 0400 %buildroot/etc/shadow
+chmod 0400 %buildroot/etc/gshadow
+
 mkdir -p %buildroot/root/
 mkdir -p %buildroot/var/lib/rpm/
 mkdir -p %buildroot/etc/
@@ -118,6 +125,8 @@ rm -rf $RPM_BUILD_ROOT
 %dir /var/lib/rpm/
 %dir /var/cache/ldconfig/
 /etc/securetty
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/shadow
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/gshadow
 
 %files dependency
 %defattr(-,root,root)

sb2-tools-armv7tnhl.spec

@@ -41,6 +41,8 @@ It is not intended to be used in a normal system!
 mkdir -p %buildroot
 rpm -ql %packages_in_tools %cross_compilers > filestoinclude1
 cat > filestoignore << EOF
+/etc/shadow
+/etc/gshadow
 /usr/share/man
 /root
 /var/lib/rpm
@@ -62,6 +64,11 @@ EOF
 grep -vf filestoignore filestoinclude1 | sort | uniq > filestoinclude2
 tar --no-recursion -T filestoinclude2 -cpf - | ( cd %buildroot && fakeroot tar -xvpf - )
 
+sed 's|:.*$|:*:16229:0:99999:7:::|' < /etc/passwd > %{buildroot}/etc/shadow
+sed 's|:.*$|:*::|' < /etc/group > %{buildroot}/etc/gshadow
+chmod 0400 %buildroot/etc/shadow
+chmod 0400 %buildroot/etc/gshadow
+
 mkdir -p %buildroot/root/
 mkdir -p %buildroot/var/lib/rpm/
 mkdir -p %buildroot/etc/
@@ -118,6 +125,8 @@ rm -rf $RPM_BUILD_ROOT
 %dir /var/lib/rpm/
 %dir /var/cache/ldconfig/
 /etc/securetty
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/shadow
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/gshadow
 
 %files dependency
 %defattr(-,root,root)

sb2-tools-i486.spec

@@ -41,6 +41,8 @@ It is not intended to be used in a normal system!
 mkdir -p %buildroot
 rpm -ql %packages_in_tools %cross_compilers > filestoinclude1
 cat > filestoignore << EOF
+/etc/shadow
+/etc/gshadow
 /usr/share/man
 /root
 /var/lib/rpm
@@ -62,6 +64,11 @@ EOF
 grep -vf filestoignore filestoinclude1 | sort | uniq > filestoinclude2
 tar --no-recursion -T filestoinclude2 -cpf - | ( cd %buildroot && fakeroot tar -xvpf - )
 
+sed 's|:.*$|:*:16229:0:99999:7:::|' < /etc/passwd > %{buildroot}/etc/shadow
+sed 's|:.*$|:*::|' < /etc/group > %{buildroot}/etc/gshadow
+chmod 0400 %buildroot/etc/shadow
+chmod 0400 %buildroot/etc/gshadow
+
 mkdir -p %buildroot/root/
 mkdir -p %buildroot/var/lib/rpm/
 mkdir -p %buildroot/etc/
@@ -118,6 +125,8 @@ rm -rf $RPM_BUILD_ROOT
 %dir /var/lib/rpm/
 %dir /var/cache/ldconfig/
 /etc/securetty
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/shadow
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/gshadow
 
 %files dependency
 %defattr(-,root,root)

sb2-tools-mipsel.spec

@@ -41,6 +41,8 @@ It is not intended to be used in a normal system!
 mkdir -p %buildroot
 rpm -ql %packages_in_tools %cross_compilers > filestoinclude1
 cat > filestoignore << EOF
+/etc/shadow
+/etc/gshadow
 /usr/share/man
 /root
 /var/lib/rpm
@@ -62,6 +64,11 @@ EOF
 grep -vf filestoignore filestoinclude1 | sort | uniq > filestoinclude2
 tar --no-recursion -T filestoinclude2 -cpf - | ( cd %buildroot && fakeroot tar -xvpf - )
 
+sed 's|:.*$|:*:16229:0:99999:7:::|' < /etc/passwd > %{buildroot}/etc/shadow
+sed 's|:.*$|:*::|' < /etc/group > %{buildroot}/etc/gshadow
+chmod 0400 %buildroot/etc/shadow
+chmod 0400 %buildroot/etc/gshadow
+
 mkdir -p %buildroot/root/
 mkdir -p %buildroot/var/lib/rpm/
 mkdir -p %buildroot/etc/
@@ -118,6 +125,8 @@ rm -rf $RPM_BUILD_ROOT
 %dir /var/lib/rpm/
 %dir /var/cache/ldconfig/
 /etc/securetty
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/shadow
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/gshadow
 
 %files dependency
 %defattr(-,root,root)

sb2-tools-template.changes

@@ -1,3 +1,6 @@
+* Tue Jun 10 2014 Oleg Girko <oleg.girko@jolla.com> - 1.0
+- Generate /etc/shadow and /etc/gshadow files instead of copying them
+
 * Wed Jun 05 2013 Juha Kallioinen <juha.kallioinen@jollamobile.com> - 1.0
 - Add cmake to tools
 

sb2-tools-template.spec

@@ -41,6 +41,8 @@ It is not intended to be used in a normal system!
 mkdir -p %buildroot
 rpm -ql %packages_in_tools %cross_compilers > filestoinclude1
 cat > filestoignore << EOF
+/etc/shadow
+/etc/gshadow
 /usr/share/man
 /root
 /var/lib/rpm
@@ -62,6 +64,11 @@ EOF
 grep -vf filestoignore filestoinclude1 | sort | uniq > filestoinclude2
 tar --no-recursion -T filestoinclude2 -cpf - | ( cd %buildroot && fakeroot tar -xvpf - )
 
+sed 's|:.*$|:*:16229:0:99999:7:::|' < /etc/passwd > %{buildroot}/etc/shadow
+sed 's|:.*$|:*::|' < /etc/group > %{buildroot}/etc/gshadow
+chmod 0400 %buildroot/etc/shadow
+chmod 0400 %buildroot/etc/gshadow
+
 mkdir -p %buildroot/root/
 mkdir -p %buildroot/var/lib/rpm/
 mkdir -p %buildroot/etc/
@@ -118,6 +125,8 @@ rm -rf $RPM_BUILD_ROOT
 %dir /var/lib/rpm/
 %dir /var/cache/ldconfig/
 /etc/securetty
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/shadow
+%verify(not md5 size mtime) %attr(0400,root,root) %config(noreplace) /etc/gshadow
 
 %files dependency
 %defattr(-,root,root)