Patchwork shadow: Create recipe nativesdk-shadow

login
register
mail settings
Submitter David Nyström
Date Sept. 23, 2013, 4:34 p.m.
Message ID <1379954041-5575-2-git-send-email-david.nystrom@enea.com>
Download mbox | patch
Permalink /patch/58563/
State New
Headers show

Comments

David Nyström - Sept. 23, 2013, 4:34 p.m.
This is a second in a series of patches to enable
offline rootfs creation from a package repository.

Some postinstall cmds are Yocto specific and needed to create a
rootfs with pre and post install hooks successfully run,
using only the toolchain tarball + a package repo.

End goal is to create a sandbox where _users_ of a Yocto
based distribution can customize a rootfs from a package feed
with their package manager of choice.

With this patch, I can successfully create packagegroup-core-boot
with only the toolchain tarball(OPKG). More fixes for a few postinstall
hooks outside of packagegroup-core-boot will come next.

Signed-off-by: David Nyström <david.nystrom@enea.com>
---
 .../nativesdk-packagegroup-sdk-host.bb             |  1 +
 .../shadow/nativesdk-shadow_4.1.4.3.bb             | 62 ++++++++++++++++++++++
 2 files changed, 63 insertions(+)
 create mode 100644 meta/recipes-extended/shadow/nativesdk-shadow_4.1.4.3.bb
Mark Hatle - Sept. 23, 2013, 6:01 p.m.
This looks to be the same as the 'native' package, but I don't think you can 
just add a BBCLASSEXTEND = "nativesdk"

Perhaps (in 1.6) someone should look at merging the three back together.

If this is the same as the native version, I'd suggest adding a comment stating 
as much so we can hopefully keep them in sync.

--Mark

On 9/23/13 11:34 AM, David Nyström wrote:
> This is a second in a series of patches to enable
> offline rootfs creation from a package repository.
>
> Some postinstall cmds are Yocto specific and needed to create a
> rootfs with pre and post install hooks successfully run,
> using only the toolchain tarball + a package repo.
>
> End goal is to create a sandbox where _users_ of a Yocto
> based distribution can customize a rootfs from a package feed
> with their package manager of choice.
>
> With this patch, I can successfully create packagegroup-core-boot
> with only the toolchain tarball(OPKG). More fixes for a few postinstall
> hooks outside of packagegroup-core-boot will come next.
>
> Signed-off-by: David Nyström <david.nystrom@enea.com>
> ---
>   .../nativesdk-packagegroup-sdk-host.bb             |  1 +
>   .../shadow/nativesdk-shadow_4.1.4.3.bb             | 62 ++++++++++++++++++++++
>   2 files changed, 63 insertions(+)
>   create mode 100644 meta/recipes-extended/shadow/nativesdk-shadow_4.1.4.3.bb
>
> diff --git a/meta/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bb b/meta/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bb
> index 84fb95d..5a64934 100644
> --- a/meta/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bb
> +++ b/meta/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bb
> @@ -20,6 +20,7 @@ RDEPENDS_${PN} = "\
>       nativesdk-libtool \
>       nativesdk-autoconf \
>       nativesdk-automake \
> +    ${@base_contains('DISTRO_FEATURES', 'pam', 'nativesdk-shadow', '', d)} \
>       "
>
>   RDEPENDS_${PN}_darwin = "\
> diff --git a/meta/recipes-extended/shadow/nativesdk-shadow_4.1.4.3.bb b/meta/recipes-extended/shadow/nativesdk-shadow_4.1.4.3.bb
> new file mode 100644
> index 0000000..22f4cf3
> --- /dev/null
> +++ b/meta/recipes-extended/shadow/nativesdk-shadow_4.1.4.3.bb
> @@ -0,0 +1,62 @@
> +SUMMARY = "Tools to change and administer password and group data"
> +DESCRIPTION = "Tools to change and administer password and group data"
> +HOMEPAGE = "http://pkg-shadow.alioth.debian.org"
> +BUGTRACKER = "https://alioth.debian.org/tracker/?group_id=30580"
> +SECTION = "base utils"
> +LICENSE = "BSD | Artistic-1.0"
> +LIC_FILES_CHKSUM = "file://COPYING;md5=08c553a87d4e51bbed50b20e0adcaede \
> +                    file://src/passwd.c;beginline=8;endline=30;md5=d83888ea14ae61951982d77125947661"
> +
> +PR = "r8"
> +
> +inherit autotools gettext nativesdk
> +
> +SRC_URI = "http://pkg-shadow.alioth.debian.org/releases/shadow-${PV}.tar.bz2 \
> +           file://shadow.automake-1.11.patch \
> +           file://shadow-4.1.3-dots-in-usernames.patch \
> +           file://shadow-4.1.4.2-env-reset-keep-locale.patch \
> +           file://add_root_cmd_options.patch \
> +           file://disable-syslog.patch \
> +           file://useradd.patch \
> +           file://shadow_fix_for_automake-1.12.patch \
> +           file://add_root_cmd_groupmems.patch \
> +           "
> +
> +SRC_URI[md5sum] = "b8608d8294ac88974f27b20f991c0e79"
> +SRC_URI[sha256sum] = "633f5bb4ea0c88c55f3642c97f9d25cbef74f82e0b4cf8d54e7ad6f9f9caa778"
> +
> +S = "${WORKDIR}/shadow-${PV}"
> +
> +EXTRA_OECONF += "--without-audit \
> +                 --without-libcrack \
> +                 --without-libpam \
> +                 --without-selinux \
> +                 --without-nscd"
> +
> +do_install() {
> +	oe_runmake DESTDIR="${D}" sbindir="${base_sbindir}" usbindir="${sbindir}" install
> +
> +	# Info dir listing isn't interesting at this point so remove it if it exists.
> +	if [ -e "${D}${infodir}/dir" ]; then
> +		rm -f ${D}${infodir}/dir
> +	fi
> +
> +	# Enable CREATE_HOME by default.
> +	sed -i 's/#CREATE_HOME/CREATE_HOME/g' ${D}${sysconfdir}/login.defs
> +
> +	# As we are on an embedded system, ensure the users mailbox is in
> +	# ~/ not /var/spool/mail by default, as who knows where or how big
> +	# /var is. The system MDA will set this later anyway.
> +	sed -i 's/MAIL_DIR/#MAIL_DIR/g' ${D}${sysconfdir}/login.defs
> +	sed -i 's/#MAIL_FILE/MAIL_FILE/g' ${D}${sysconfdir}/login.defs
> +
> +	# Disable checking emails.
> +	sed -i 's/MAIL_CHECK_ENAB/#MAIL_CHECK_ENAB/g' ${D}${sysconfdir}/login.defs
> +
> +	# Now we don't have a mail system. Disable mail creation for now.
> +	sed -i 's:/bin/bash:/bin/sh:g' ${D}${sysconfdir}/default/useradd
> +	sed -i '/^CREATE_MAIL_SPOOL/ s:^:#:' ${D}${sysconfdir}/default/useradd
> +
> +	# Use users group by default
> +	sed -i 's,^GROUP=1000,GROUP=100,g' ${D}${sysconfdir}/default/useradd
> +}
>
David Nyström - Sept. 23, 2013, 7:01 p.m.
On Sep 23, 2013 8:01 PM, "Mark Hatle" <mark.hatle@windriver.com> wrote:
>
> This looks to be the same as the 'native' package, but I don't think you
can just add a BBCLASSEXTEND = "nativesdk"

It mostly is and I cant, your right.

> Perhaps (in 1.6) someone should look at merging the three back together.

Agree, the merged recipe will also get a bit messy, but probably easier to
maintain than in its current state.

> If this is the same as the native version, I'd suggest adding a comment
stating as much so we can hopefully keep them in sync.

Will do, will return with v2
Richard Purdie - Sept. 23, 2013, 9:14 p.m.
On Mon, 2013-09-23 at 21:01 +0200, David Nystrom wrote:
> 
> On Sep 23, 2013 8:01 PM, "Mark Hatle" <mark.hatle@windriver.com>
> wrote:
> >
> > This looks to be the same as the 'native' package, but I don't think
> you can just add a BBCLASSEXTEND = "nativesdk"
> 
> It mostly is and I cant, your right.

Why not? Just the SRC_URI or other issues?

> > Perhaps (in 1.6) someone should look at merging the three back
> together.
> 
> Agree, the merged recipe will also get a bit messy, but probably
> easier to maintain than in its current state.
> 
> > If this is the same as the native version, I'd suggest adding a
> comment stating as much so we can hopefully keep them in sync.
> 
> Will do, will return with v2
> 
Well, I'm not happy with the idea of duplicating all this code.
shadow-native shouldn't exist and this makes things worse. With a few
minutes, I could write this patch:

http://git.yoctoproject.org/cgit.cgi/poky-contrib/commit/?h=rpurdie/t2&id=0730423fcda165a12112182b093d2f6df2f9c5eb

which at least makes the situation a bit less ugly. I guess I did spend
years doing these kinds of patches back when we had 50 versions of
everything and BBCLASSEXTEND didn't yet exist. With a few more minutes
perhaps I can get rid of the separate -native, now the differences are
clear. meld is a nice too for this kind of work btw.

Cheers,

Richard
Richard Purdie - Sept. 24, 2013, 8:25 a.m.
On Mon, 2013-09-23 at 22:14 +0100, Richard Purdie wrote:
> On Mon, 2013-09-23 at 21:01 +0200, David Nystrom wrote:
> > 
> > On Sep 23, 2013 8:01 PM, "Mark Hatle" <mark.hatle@windriver.com>
> > wrote:
> > >
> > > This looks to be the same as the 'native' package, but I don't think
> > you can just add a BBCLASSEXTEND = "nativesdk"
> > 
> > It mostly is and I cant, your right.
> 
> Why not? Just the SRC_URI or other issues?
> 
> > > Perhaps (in 1.6) someone should look at merging the three back
> > together.
> > 
> > Agree, the merged recipe will also get a bit messy, but probably
> > easier to maintain than in its current state.
> > 
> > > If this is the same as the native version, I'd suggest adding a
> > comment stating as much so we can hopefully keep them in sync.
> > 
> > Will do, will return with v2
> > 
> Well, I'm not happy with the idea of duplicating all this code.
> shadow-native shouldn't exist and this makes things worse. With a few
> minutes, I could write this patch:
> 
> http://git.yoctoproject.org/cgit.cgi/poky-contrib/commit/?h=rpurdie/t2&id=0730423fcda165a12112182b093d2f6df2f9c5eb
> 
> which at least makes the situation a bit less ugly. I guess I did spend
> years doing these kinds of patches back when we had 50 versions of
> everything and BBCLASSEXTEND didn't yet exist. With a few more minutes
> perhaps I can get rid of the separate -native, now the differences are
> clear. meld is a nice too for this kind of work btw.

Better still, a conversion to BBCLASSEXTEND:

http://git.yoctoproject.org/cgit.cgi/poky-contrib/commit/?h=rpurdie/t2&id=142d11b9b61bf18567cdb0527b7e63683c5afa1a

Cheers,

Richard
David Nyström - Sept. 24, 2013, 2:30 p.m.
On 09/24/2013 10:25 AM, Richard Purdie wrote:
> On Mon, 2013-09-23 at 22:14 +0100, Richard Purdie wrote:
>> On Mon, 2013-09-23 at 21:01 +0200, David Nystrom wrote:
>>>
>>> On Sep 23, 2013 8:01 PM, "Mark Hatle" <mark.hatle@windriver.com>
>>> wrote:
>>>>
>>>> This looks to be the same as the 'native' package, but I don't think
>>> you can just add a BBCLASSEXTEND = "nativesdk"
>>>
>>> It mostly is and I cant, your right.
>>
>> Why not? Just the SRC_URI or other issues?
>>
>>>> Perhaps (in 1.6) someone should look at merging the three back
>>> together.
>>>
>>> Agree, the merged recipe will also get a bit messy, but probably
>>> easier to maintain than in its current state.
>>>
>>>> If this is the same as the native version, I'd suggest adding a
>>> comment stating as much so we can hopefully keep them in sync.
>>>
>>> Will do, will return with v2
>>>
>> Well, I'm not happy with the idea of duplicating all this code.
>> shadow-native shouldn't exist and this makes things worse. With a few
>> minutes, I could write this patch:
>>
>> http://git.yoctoproject.org/cgit.cgi/poky-contrib/commit/?h=rpurdie/t2&id=0730423fcda165a12112182b093d2f6df2f9c5eb
>>
>> which at least makes the situation a bit less ugly. I guess I did spend
>> years doing these kinds of patches back when we had 50 versions of
>> everything and BBCLASSEXTEND didn't yet exist. With a few more minutes
>> perhaps I can get rid of the separate -native, now the differences are
>> clear. meld is a nice too for this kind of work btw.
>
> Better still, a conversion to BBCLASSEXTEND:
>
> http://git.yoctoproject.org/cgit.cgi/poky-contrib/commit/?h=rpurdie/t2&id=142d11b9b61bf18567cdb0527b7e63683c5afa1a

Thanks for that,  I'll take above as a learning experience.


I'm have a question about this though.

diff --git a/meta/recipes-extended/shadow/shadow.inc 
b/meta/recipes-extended/shadow/shadow.inc
index 4df5e5e..75b0afc 100644
--- a/meta/recipes-extended/shadow/shadow.inc
+++ b/meta/recipes-extended/shadow/shadow.inc
<snip>
+pkg_postinst_${PN} () {
+	if [ "x$D" != "x" ]; then
+	  rootarg="--root=$D"
+	else
+	  rootarg=""
+	fi
+
+	pwconv $rootarg
+	grpconv $rootarg
+}
<snip>

This will introduce the postinstall hook for both ${BPN}-native and 
${BPN} ?. Before the change, the postinstall hook was activated only by 
${BPN} afaict. Tried removing it from native* through 
pkg_postinst_${BPN}, but that does not seem to work.

Hmm, slightly off-topic, but when looking at the postinstalls:

shadow:
cat /tmp/opkg-extract-574/CONTROL/postinst
	if [ "x$D" != "x" ]; then
	  rootarg="--root=$D"
	else
	  rootarg=""
	fi

	pwconv $rootarg
	grpconv $rootarg
	update-alternatives --install /usr/bin/passwd passwd 
/usr/bin/passwd.shadow 200
	update-alternatives --install /usr/bin/chfn chfn /usr/bin/chfn.shadow 200
	update-alternatives --install /usr/bin/newgrp newgrp 
/usr/bin/newgrp.shadow 200

Above is not a problem since OPKG_OFFLINE_ROOT in update-alternatives 
can be used to redirect symlink creation when creating a from a package 
repo.

nativesdk-shadow:
if [ "x$D" != "x" ]; then
	  rootarg="--root=$D"
	else
	  rootarg=""
	fi

	pwconv $rootarg
	grpconv $rootarg
	update-alternatives --install 
/opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/passwd 
passwd 
/opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/passwd.shadow 
200
	update-alternatives --install 
/opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/chfn chfn 
/opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/chfn.shadow 200
	update-alternatives --install 
/opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/newgrp 
newgrp 
/opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/newgrp.shadow 
200
	update-alternatives --install 
/opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/chsh chsh 
/opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/chsh.shadow 200

Could we not add a "--root" option to update-alternatives like done to 
update-rc.d instead of hardcoding paths or using envs.

Also, seems like ${sysconfdir} in the nativesdk-opkg postinstall expands to:

chmod 0755 $D${sysconfdir}/rcS.d/S${POSTINSTALL_INITPOSITION}run-postinsts
chmod 0755 
$D/opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/etc/rcS.d/S98run-postinsts

Is this really expected behaviour ?

Br,
David
Richard Purdie - Sept. 25, 2013, 10:03 a.m.
On Tue, 2013-09-24 at 16:30 +0200, David Nyström wrote:
> I'm have a question about this though.
> 
> diff --git a/meta/recipes-extended/shadow/shadow.inc 
> b/meta/recipes-extended/shadow/shadow.inc
> index 4df5e5e..75b0afc 100644
> --- a/meta/recipes-extended/shadow/shadow.inc
> +++ b/meta/recipes-extended/shadow/shadow.inc
> <snip>
> +pkg_postinst_${PN} () {
> +	if [ "x$D" != "x" ]; then
> +	  rootarg="--root=$D"
> +	else
> +	  rootarg=""
> +	fi
> +
> +	pwconv $rootarg
> +	grpconv $rootarg
> +}
> <snip>
> 
> This will introduce the postinstall hook for both ${BPN}-native and 
> ${BPN} ?. Before the change, the postinstall hook was activated only by 
> ${BPN} afaict. Tried removing it from native* through 
> pkg_postinst_${BPN}, but that does not seem to work.

Basically the postinst is ignored for the -native version. It never gets
packaged so isn't relevant. Adding in special cases for native for each
and every recipe would get ugly very quickly.

> Hmm, slightly off-topic, but when looking at the postinstalls:
> 
> shadow:
> cat /tmp/opkg-extract-574/CONTROL/postinst
> 	if [ "x$D" != "x" ]; then
> 	  rootarg="--root=$D"
> 	else
> 	  rootarg=""
> 	fi
> 
> 	pwconv $rootarg
> 	grpconv $rootarg
> 	update-alternatives --install /usr/bin/passwd passwd 
> /usr/bin/passwd.shadow 200
> 	update-alternatives --install /usr/bin/chfn chfn /usr/bin/chfn.shadow 200
> 	update-alternatives --install /usr/bin/newgrp newgrp 
> /usr/bin/newgrp.shadow 200
> 
> Above is not a problem since OPKG_OFFLINE_ROOT in update-alternatives 
> can be used to redirect symlink creation when creating a from a package 
> repo.
> 
> nativesdk-shadow:
> if [ "x$D" != "x" ]; then
> 	  rootarg="--root=$D"
> 	else
> 	  rootarg=""
> 	fi
> 
> 	pwconv $rootarg
> 	grpconv $rootarg
> 	update-alternatives --install 
> /opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/passwd 
> passwd 
> /opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/passwd.shadow 
> 200
> 	update-alternatives --install 
> /opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/chfn chfn 
> /opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/chfn.shadow 200
> 	update-alternatives --install 
> /opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/newgrp 
> newgrp 
> /opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/newgrp.shadow 
> 200
> 	update-alternatives --install 
> /opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/chsh chsh 
> /opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/usr/bin/chsh.shadow 200
> 
> Could we not add a "--root" option to update-alternatives like done to 
> update-rc.d instead of hardcoding paths or using envs.

nativesdk are built to run in that specific path. We're therefore not
installing them to some subdirectory where a root makes sense, the
prefix really was /opt/xxx. We then manipulate things later to make them
more relocatable.

> 
> Also, seems like ${sysconfdir} in the nativesdk-opkg postinstall expands to:
> 
> chmod 0755 $D${sysconfdir}/rcS.d/S${POSTINSTALL_INITPOSITION}run-postinsts
> chmod 0755 
> $D/opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/etc/rcS.d/S98run-postinsts
> 
> Is this really expected behaviour ?

nativesdk postinstalls are probably badly handled at the moment. I
suspect if things can run at rootfs creation time they work out, if they
can't run then, they never happen at all. We don't have a "first boot"
of the sdk...

Cheers,

Richard
David Nyström - Sept. 25, 2013, 12:24 p.m.
On 09/25/2013 12:03 PM, Richard Purdie wrote:
> On Tue, 2013-09-24 at 16:30 +0200, David Nyström wrote:
>> I'm have a question about this though.
>>
>> diff --git a/meta/recipes-extended/shadow/shadow.inc
>> b/meta/recipes-extended/shadow/shadow.inc
>> index 4df5e5e..75b0afc 100644
>> --- a/meta/recipes-extended/shadow/shadow.inc
>> +++ b/meta/recipes-extended/shadow/shadow.inc
>> <snip>
>> +pkg_postinst_${PN} () {
>> +	if [ "x$D" != "x" ]; then
>> +	  rootarg="--root=$D"
>> +	else
>> +	  rootarg=""
>> +	fi
>> +
>> +	pwconv $rootarg
>> +	grpconv $rootarg
>> +}
>> <snip>
>>
>> This will introduce the postinstall hook for both ${BPN}-native and
>> ${BPN} ?. Before the change, the postinstall hook was activated only by
>> ${BPN} afaict. Tried removing it from native* through
>> pkg_postinst_${BPN}, but that does not seem to work.
>
> Basically the postinst is ignored for the -native version. It never gets
> packaged so isn't relevant. Adding in special cases for native for each
> and every recipe would get ugly very quickly.
>

Sorry, bad wording on my end. I was worried about nativesdk 
post/prefuncs beeing added.

<snip>

>> Also, seems like ${sysconfdir} in the nativesdk-opkg postinstall expands to:
>>
>> chmod 0755 $D${sysconfdir}/rcS.d/S${POSTINSTALL_INITPOSITION}run-postinsts
>> chmod 0755
>> $D/opt/poky/1.4+snapshot/sysroots/x86_64-pokysdk-linux/etc/rcS.d/S98run-postinsts
>>
>> Is this really expected behaviour ?
>
> nativesdk postinstalls are probably badly handled at the moment.

I Agree, it would be good with a consistent handling between nativesdk 
and target pre/postinstall hooks.
I'll try to dive into this subject when I have more time.

> I suspect if things can run at rootfs creation time they work out, if they
> can't run then, they never happen at all. We don't have a "first boot"
> of the sdk...
> Cheers,
>
> Richard
>

Patch

diff --git a/meta/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bb b/meta/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bb
index 84fb95d..5a64934 100644
--- a/meta/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bb
+++ b/meta/recipes-core/packagegroups/nativesdk-packagegroup-sdk-host.bb
@@ -20,6 +20,7 @@  RDEPENDS_${PN} = "\
     nativesdk-libtool \
     nativesdk-autoconf \
     nativesdk-automake \
+    ${@base_contains('DISTRO_FEATURES', 'pam', 'nativesdk-shadow', '', d)} \
     "
 
 RDEPENDS_${PN}_darwin = "\
diff --git a/meta/recipes-extended/shadow/nativesdk-shadow_4.1.4.3.bb b/meta/recipes-extended/shadow/nativesdk-shadow_4.1.4.3.bb
new file mode 100644
index 0000000..22f4cf3
--- /dev/null
+++ b/meta/recipes-extended/shadow/nativesdk-shadow_4.1.4.3.bb
@@ -0,0 +1,62 @@ 
+SUMMARY = "Tools to change and administer password and group data"
+DESCRIPTION = "Tools to change and administer password and group data"
+HOMEPAGE = "http://pkg-shadow.alioth.debian.org"
+BUGTRACKER = "https://alioth.debian.org/tracker/?group_id=30580"
+SECTION = "base utils"
+LICENSE = "BSD | Artistic-1.0"
+LIC_FILES_CHKSUM = "file://COPYING;md5=08c553a87d4e51bbed50b20e0adcaede \
+                    file://src/passwd.c;beginline=8;endline=30;md5=d83888ea14ae61951982d77125947661"
+
+PR = "r8"
+
+inherit autotools gettext nativesdk
+
+SRC_URI = "http://pkg-shadow.alioth.debian.org/releases/shadow-${PV}.tar.bz2 \
+           file://shadow.automake-1.11.patch \
+           file://shadow-4.1.3-dots-in-usernames.patch \
+           file://shadow-4.1.4.2-env-reset-keep-locale.patch \
+           file://add_root_cmd_options.patch \
+           file://disable-syslog.patch \
+           file://useradd.patch \
+           file://shadow_fix_for_automake-1.12.patch \
+           file://add_root_cmd_groupmems.patch \
+           "
+
+SRC_URI[md5sum] = "b8608d8294ac88974f27b20f991c0e79"
+SRC_URI[sha256sum] = "633f5bb4ea0c88c55f3642c97f9d25cbef74f82e0b4cf8d54e7ad6f9f9caa778" 
+
+S = "${WORKDIR}/shadow-${PV}"
+
+EXTRA_OECONF += "--without-audit \
+                 --without-libcrack \
+                 --without-libpam \
+                 --without-selinux \
+                 --without-nscd"
+
+do_install() {
+	oe_runmake DESTDIR="${D}" sbindir="${base_sbindir}" usbindir="${sbindir}" install
+
+	# Info dir listing isn't interesting at this point so remove it if it exists.
+	if [ -e "${D}${infodir}/dir" ]; then
+		rm -f ${D}${infodir}/dir
+	fi
+
+	# Enable CREATE_HOME by default.
+	sed -i 's/#CREATE_HOME/CREATE_HOME/g' ${D}${sysconfdir}/login.defs
+
+	# As we are on an embedded system, ensure the users mailbox is in
+	# ~/ not /var/spool/mail by default, as who knows where or how big
+	# /var is. The system MDA will set this later anyway.
+	sed -i 's/MAIL_DIR/#MAIL_DIR/g' ${D}${sysconfdir}/login.defs
+	sed -i 's/#MAIL_FILE/MAIL_FILE/g' ${D}${sysconfdir}/login.defs
+
+	# Disable checking emails.
+	sed -i 's/MAIL_CHECK_ENAB/#MAIL_CHECK_ENAB/g' ${D}${sysconfdir}/login.defs
+
+	# Now we don't have a mail system. Disable mail creation for now.
+	sed -i 's:/bin/bash:/bin/sh:g' ${D}${sysconfdir}/default/useradd
+	sed -i '/^CREATE_MAIL_SPOOL/ s:^:#:' ${D}${sysconfdir}/default/useradd
+
+	# Use users group by default
+	sed -i 's,^GROUP=1000,GROUP=100,g' ${D}${sysconfdir}/default/useradd
+}