212
217
AC_ARG_ENABLE(man,
213
218
[AC_HELP_STRING([--enable-man],
214
219
[regenerate roff man pages from Docbook @<:@default=no@:>@])],
220
[enable_man="${enableval}"],
224
AC_ARG_ENABLE(account-tools-setuid,
225
[AC_HELP_STRING([--enable-account-tools-setuid],
226
[Install the user and group management tools setuid and authenticate the callers. This requires --with-pam.])],
227
[case "${enableval}" in
228
yes) enable_acct_tools_setuid="yes" ;;
229
no) enable_acct_tools_setuid="no" ;;
230
*) AC_MSG_ERROR(bad value ${enableval} for --enable-account-tools-setuid)
233
[enable_acct_tools_setuid="maybe"]
219
236
AC_ARG_WITH(audit,
220
237
[AC_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])],
221
[with_audit=$withval], [with_audit=yes])
238
[with_audit=$withval], [with_audit=maybe])
222
239
AC_ARG_WITH(libpam,
223
240
[AC_HELP_STRING([--with-libpam], [use libpam for PAM support @<:@default=yes if found@:>@])],
224
[with_libpam=$withval], [with_libpam=yes])
241
[with_libpam=$withval], [with_libpam=maybe])
225
242
AC_ARG_WITH(selinux,
226
[AC_HELP_STRING([--with-selinux], [use SELinux support @<:@default=autodetect@:>@])],
227
[with_selinux=$withval], [with_selinux=yes])
243
[AC_HELP_STRING([--with-selinux], [use SELinux support @<:@default=yes if found@:>@])],
244
[with_selinux=$withval], [with_selinux=maybe])
228
245
AC_ARG_WITH(skey,
229
246
[AC_HELP_STRING([--with-skey], [use S/Key support @<:@default=no@:>@])],
230
247
[with_skey=$withval], [with_skey=no])
234
251
AC_ARG_WITH(sha-crypt,
235
252
[AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
236
253
[with_sha_crypt=$withval], [with_sha_crypt=yes])
255
[AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])],
256
[with_nscd=$withval], [with_nscd=yes])
257
AC_ARG_WITH(group-name-max-length,
258
[AC_HELP_STRING([--with-group-name-max-length], [set max group name length @<:@default=16@:>@])],
259
[with_group_name_max_length=$withval], [with_group_name_max_length=yes])
261
if test "$with_group_name_max_length" = "no" ; then
262
with_group_name_max_length=0
263
elif test "$with_group_name_max_length" = "yes" ; then
264
with_group_name_max_length=16
266
AC_DEFINE_UNQUOTED(GROUP_NAME_MAX_LENGTH, $with_group_name_max_length, [max group name length])
267
AC_SUBST(GROUP_NAME_MAX_LENGTH)
268
GROUP_NAME_MAX_LENGTH="$with_group_name_max_length"
238
270
AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes")
239
271
if test "$with_sha_crypt" = "yes"; then
240
AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
272
AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
275
if test "$with_nscd" = "yes"; then
276
AC_CHECK_FUNC(posix_spawn,
277
[AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches])],
278
[AC_MSG_ERROR([posix_spawn is needed for nscd support])])
243
281
dnl Check for some functions in libc first, only if not found check for
268
306
JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl],
269
307
[DocBook XSL Stylesheets >= 1.70.1], [], enable_man=no)
271
AM_CONDITIONAL(ENABLE_REGENERATE_MAN, test x$enable_man != xno)
309
AM_CONDITIONAL(ENABLE_REGENERATE_MAN, test "x$enable_man" != "xno")
273
311
AC_SUBST(LIBCRYPT)
274
312
AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt],
275
313
[AC_MSG_ERROR([crypt() not found])])
277
315
AC_SUBST(LIBAUDIT)
278
if test "$with_audit" = "yes"; then
316
if test "$with_audit" != "no"; then
279
317
AC_CHECK_HEADER(libaudit.h, [audit_header="yes"], [audit_header="no"])
318
if test "$audit_header$with_audit" = "noyes" ; then
319
AC_MSG_ERROR([libaudit.h is missing])
320
elif test "$audit_header" = "yes"; then
321
AC_CHECK_DECL(AUDIT_ADD_USER,,[audit_header="no"],[#include <libaudit.h>])
322
AC_CHECK_DECL(AUDIT_DEL_USER,,[audit_header="no"],[#include <libaudit.h>])
323
AC_CHECK_DECL(AUDIT_ADD_GROUP,,[audit_header="no"],[#include <libaudit.h>])
324
AC_CHECK_DECL(AUDIT_DEL_GROUP,,[audit_header="no"],[#include <libaudit.h>])
325
if test "$audit_header$with_audit" = "noyes" ; then
326
AC_MSG_ERROR([AUDIT_ADD_USER AUDIT_DEL_USER AUDIT_ADD_GROUP or AUDIT_DEL_GROUP missing from libaudit.h])
280
329
if test "$audit_header" = "yes"; then
281
330
AC_CHECK_LIB(audit, audit_log_acct_message,
282
[AC_DEFINE(WITH_AUDIT, 1, [Define if you want to enable Audit messages])
331
[audit_lib="yes"], [audit_lib="no"])
332
if test "$audit_lib$with_audit" = "noyes" ; then
333
AC_MSG_ERROR([libaudit not found])
334
elif test "$audit_lib" = "no" ; then
337
AC_DEFINE(WITH_AUDIT, 1,
338
[Define if you want to enable Audit messages])
295
355
AC_DEFINE(HAVE_LIBCRACK_PW, 1, [Defined if it includes *Pw functions.]))
298
if test "$with_selinux" = "yes"; then
299
AC_CHECK_LIB(selinux, is_selinux_enabled,
300
[LIBSELINUX="-lselinux"
302
AC_CHECK_HEADERS(selinux/selinux.h, [],
303
[AC_MSG_ERROR([selinux/selinux.h is missing])])
304
AC_DEFINE(WITH_SELINUX, 1, [Build shadow with SELinux support])
306
[AC_MSG_ERROR([libselinux not found])])
359
if test "$with_selinux" != "no"; then
360
AC_CHECK_HEADERS(selinux/selinux.h, [selinux_header="yes"], [selinux_header="no"])
361
if test "$selinux_header$with_selinux" = "noyes" ; then
362
AC_MSG_ERROR([selinux/selinux.h is missing])
363
elif test "$selinux_header" = "yes" ; then
364
AC_CHECK_LIB(selinux, is_selinux_enabled,
365
[selinux_lib="yes"], [selinux_lib="no"])
366
if test "$selinux_lib$with_selinux" = "noyes" ; then
367
AC_MSG_ERROR([libselinux not found])
368
elif test "$selinux_lib" = "no" ; then
371
AC_DEFINE(WITH_SELINUX, 1,
372
[Build shadow with SELinux support])
373
LIBSELINUX="-lselinux"
310
if test "$with_libpam" = "yes"; then
382
if test "$with_libpam" != "no"; then
311
383
AC_CHECK_LIB(pam, pam_start,
312
[AC_DEFINE(USE_PAM, 1, [Define to support Pluggable Authentication Modules])
313
AM_CONDITIONAL(USE_PAM, [true])
315
AC_CHECK_LIB(pam_misc, main,
316
[LIBPAM="$LIBPAM -lpam_misc"],
317
AC_MSG_ERROR(libpam_misc is missing for enable PAM support)
319
[AC_MSG_CHECKING(use login access checking if PAM not used)
320
AM_CONDITIONAL(USE_PAM, [false])
384
[pam_lib="yes"], [pam_lib="no"])
385
if test "$pam_lib$with_libpam" = "noyes" ; then
386
AC_MSG_ERROR(libpam not found)
390
pam_conv_function="no"
392
AC_CHECK_LIB(pam, openpam_ttyconv,
393
[pam_conv_function="openpam_ttyconv"],
394
AC_CHECK_LIB(pam_misc, misc_conv,
395
[pam_conv_function="misc_conv"; LIBPAM="$LIBPAM -lpam_misc"])
398
if test "$pam_conv_function$with_libpam" = "noyes" ; then
399
AC_MSG_ERROR(PAM conversation function not found)
403
AC_CHECK_HEADERS( [security/openpam.h security/pam_misc.h],
404
[ pam_headers_found=yes ; break ], [],
405
[ #include <security/pam_appl.h> ] )
406
if test "$pam_headers_found$with_libpam" = "noyes" ; then
407
AC_MSG_ERROR(PAM headers not found)
411
if test "$pam_lib$pam_headers_found" = "yesyes" -a "$pam_conv_function" != "no" ; then
417
dnl Now with_libpam is either yes or no
418
if test "$with_libpam" = "yes"; then
419
AC_CHECK_DECLS([PAM_ESTABLISH_CRED,
421
PAM_NEW_AUTHTOK_REQD,
423
[], [], [#include <security/pam_appl.h>])
428
# We do not use AC_CHECK_FUNCS to avoid duplicated definition with
430
AC_CHECK_FUNC(pam_fail_delay, [AC_DEFINE(HAS_PAM_FAIL_DELAY, 1, [Define to 1 if you have the declaration of 'pam_fail_delay'])])
433
AC_DEFINE(USE_PAM, 1, [Define to support Pluggable Authentication Modules])
434
AC_DEFINE_UNQUOTED(SHADOW_PAM_CONVERSATION, [$pam_conv_function],[PAM converstation to use])
435
AM_CONDITIONAL(USE_PAM, [true])
323
437
AC_MSG_CHECKING(use login and su access checking if PAM not used)
324
438
AC_MSG_RESULT(no)
326
AC_MSG_CHECKING(use login and su access checking if PAM not used)
327
440
AC_DEFINE(SU_ACCESS, 1, [Define to support /etc/suauth su access control.])
441
AM_CONDITIONAL(USE_PAM, [false])
442
AC_MSG_CHECKING(use login and su access checking if PAM not used)
328
443
AC_MSG_RESULT(yes)
329
AM_CONDITIONAL(USE_PAM, [false])
446
if test "$enable_acct_tools_setuid" != "no"; then
447
if test "$with_libpam" != "yes"; then
448
if test "$enable_acct_tools_setuid" = "yes"; then
449
AC_MSG_ERROR(PAM support is required for --enable-account-tools-setuid)
451
enable_acct_tools_setuid="no"
454
if test "$enable_acct_tools_setuid" = "yes"; then
455
AC_DEFINE(ACCT_TOOLS_SETUID,
457
[Define if account management tools should be installed setuid and authenticate the callers])
460
AM_CONDITIONAL(ACCT_TOOLS_SETUID, test "x$enable_acct_tools_setuid" = "xyes")
332
462
AC_SUBST(LIBSKEY)