12 files changed, 518 insertions, 516 deletions
diff --git a/source/a/shadow/adduser b/source/a/shadow/adduser
index 02385e33..038a0a94 100644
--- a/source/a/shadow/adduser
+++ b/source/a/shadow/adduser
@@ -1,8 +1,8 @@
 #!/bin/bash
 #
 # Copyright 1995  Hrvoje Dogan, Croatia.
-# Copyright 2002, 2003, 2004, 2008, 2009  Stuart Winter, Surrey, England, UK.
-# Copyright 2004, 2008, 2009  Slackware Linux, Inc., Concord, CA, USA
+# Copyright 2002-2004, 2008, 2009, 2010  Stuart Winter, Surrey, England, UK.
+# Copyright 2004, 2008-2010  Slackware Linux, Inc., Concord, CA, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -29,12 +29,15 @@
 # Author : Stuart Winter <mozes@slackware.com>
 #          Based on the original Slackware adduser by Hrvoje Dogan
 #          with modifications by Patrick Volkerding
-# Version: 1.12
+# Version: 1.13
 ##########################################################################
 # Usage..: adduser [<new_user_name>]
 ##########################################################################
 # History #
 ###########
+# v1.13 - 13/01/10
+#       * Fix bug that removed underscore characters from group names.
+#         Thanks to mRgOBLIN for the report and Jim Hawkins for the fix. <sw>
 # v1.12 - 21/07/09
 #       * Adjusted the search of /etc/passwd to exclude the NIS inclusion
 #        string.  Thanks to Dominik L. Borkowski.
@@ -282,8 +285,8 @@ while [ ! -z "$needinput" ]; do
   history -c
   history -s "$AGID"
   echo "Press ENTER to continue without adding any additional groups"
-  echo "Or press the UP arrow to add/select/edit additional groups"
-  AGID="$(get_input ": " | tr -d '[:punct:]' | tr -s ' ' | sed 's?^ $??g' )"
+  echo "Or press the UP arrow key to add/select/edit additional groups"
+  AGID="$(get_input ": " | sed 's/[^A-Za-z0-9 _]//g;s/  */ /g;s/^ $//g' )"
   if [ ! -z "$AGID" ]; then
     check_group "$AGID" # check all groups at once (treated as N # of params)
     if [ $? -gt 0 ]; then
diff --git a/source/a/shadow/doinst.sh b/source/a/shadow/doinst.sh
new file mode 100644
index 00000000..88fefb3a
--- /dev/null
+++ b/source/a/shadow/doinst.sh
@@ -0,0 +1,17 @@
+config() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  # If there's no config file by that name, mv it over:
+  if [ ! -r $OLD ]; then
+    mv $NEW $OLD
+  elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy
+    rm $NEW
+  fi
+  # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+config etc/login.access.new
+config etc/login.defs.new
+config var/log/faillog.new
+rm -f var/log/faillog.new
+
diff --git a/source/a/shadow/login.defs b/source/a/shadow/login.defs
new file mode 100644
index 00000000..dde37c97
--- /dev/null
+++ b/source/a/shadow/login.defs
@@ -0,0 +1,387 @@
+#
+# /etc/login.defs - Configuration control definitions for the shadow package.
+#
+#	$Id: login.defs 3038 2009-07-23 20:41:35Z nekral-guest $
+#
+
+#
+# Delay in seconds before being allowed another attempt after a login failure
+#
+FAIL_DELAY		3
+
+#
+# Enable logging and display of /var/log/faillog login failure info.
+#
+FAILLOG_ENAB		yes
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+LOG_UNKFAIL_ENAB	no
+
+#
+# Enable logging of successful logins
+#
+LOG_OK_LOGINS		no
+
+#
+# Enable logging and display of /var/log/lastlog login time info.
+#
+LASTLOG_ENAB		yes
+
+#
+# Enable checking and display of mailbox status upon login.
+#
+# Disable if the shell startup files already check for mail
+# ("mailx -e" or equivalent).
+#
+MAIL_CHECK_ENAB		yes
+
+#
+# Enable additional checks upon password changes.
+#
+OBSCURE_CHECKS_ENAB	yes
+
+#
+# Enable checking of time restrictions specified in /etc/porttime.
+#
+PORTTIME_CHECKS_ENAB	yes
+
+#
+# Enable setting of ulimit, umask, and niceness from passwd gecos field.
+#
+QUOTAS_ENAB		yes
+
+#
+# Enable "syslog" logging of su activity - in addition to sulog file logging.
+# SYSLOG_SG_ENAB does the same for newgrp and sg.
+#
+SYSLOG_SU_ENAB		yes
+SYSLOG_SG_ENAB		yes
+
+#
+# If defined, either full pathname of a file containing device names or
+# a ":" delimited list of device names.  Root logins will be allowed only
+# upon these devices.
+#
+CONSOLE		/etc/securetty
+#CONSOLE	console:tty01:tty02:tty03:tty04
+
+#
+# If defined, all su activity is logged to this file.
+#
+#SULOG_FILE	/var/log/sulog
+
+#
+# If defined, ":" delimited list of "message of the day" files to
+# be displayed upon login.
+#
+MOTD_FILE	/etc/motd
+#MOTD_FILE	/etc/motd:/usr/lib/news/news-motd
+
+#
+# If defined, this file will be output before each login prompt.
+#
+#ISSUE_FILE	/etc/issue
+
+#
+# If defined, file which maps tty line to TERM environment parameter.
+# Each line of the file is in a format something like "vt100  tty01".
+#
+#TTYTYPE_FILE	/etc/ttytype
+
+#
+# If defined, login failures will be logged here in a utmp format.
+# last, when invoked as lastb, will read /var/log/btmp, so...
+#
+FTMP_FILE	/var/log/btmp
+
+#
+# If defined, name of file whose presence which will inhibit non-root
+# logins.  The contents of this file should be a message indicating
+# why logins are inhibited.
+#
+NOLOGINS_FILE	/etc/nologin
+
+#
+# If defined, the command name to display when running "su -".  For
+# example, if this is defined as "su" then a "ps" will display the
+# command is "-su".  If not defined, then "ps" would display the
+# name of the shell actually being run, e.g. something like "-sh".
+#
+SU_NAME		su
+
+#
+# *REQUIRED*
+#   Directory where mailboxes reside, _or_ name of file, relative to the
+#   home directory.  If you _do_ define both, MAIL_DIR takes precedence.
+#
+MAIL_DIR	/var/spool/mail
+#MAIL_FILE	.mail
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence.  If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file.  If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+HUSHLOGIN_FILE	.hushlogin
+#HUSHLOGIN_FILE	/etc/hushlogins
+
+#
+# If defined, either a TZ environment parameter spec or the
+# fully-rooted pathname of a file containing such a spec.
+#
+#ENV_TZ		TZ=CST6CDT
+#ENV_TZ		/etc/tzname
+
+#
+# If defined, an HZ environment parameter spec.
+#
+# for Linux/x86
+ENV_HZ		HZ=100
+# For Linux/Alpha...
+#ENV_HZ		HZ=1024
+
+#
+# *REQUIRED*  The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+ENV_SUPATH     PATH=/usr/local/sbin:/usr/local/bin:/sbin:/usr/sbin:/bin:/usr/bin
+ENV_PATH       PATH=/usr/local/bin:/bin:/usr/bin
+
+#
+# Terminal permissions
+#
+#	TTYGROUP	Login tty will be assigned this group ownership.
+#	TTYPERM		Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+TTYGROUP	tty
+TTYPERM		0620
+
+#
+# Login configuration initializations:
+#
+#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
+#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
+#	ULIMIT		Default "ulimit" value.
+#
+# The ERASECHAR and KILLCHAR are used only on System V machines.
+# The ULIMIT is used only if the system supports it.
+# (now it works with setrlimit too; ulimit is in 512-byte units)
+#
+# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
+#
+ERASECHAR	0177
+KILLCHAR	025
+#ULIMIT		2097152
+
+# Default initial "umask" value.
+# UMASK is also used by useradd and newusers to set the mode of new home
+# directories.
+# 022 is the default value, but 027, or even 077, could be considered
+# better for privacy. There is no One True Answer here: each sysadmin
+# must make up her mind.
+UMASK		022
+
+#
+# Password aging controls:
+#
+#	PASS_MAX_DAYS	Maximum number of days a password may be used.
+#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
+#	PASS_MIN_LEN	Minimum acceptable password length.
+#	PASS_WARN_AGE	Number of days warning given before a password expires.
+#
+PASS_MAX_DAYS	99999
+PASS_MIN_DAYS	0
+PASS_MIN_LEN	5
+PASS_WARN_AGE	7
+
+#
+# If "yes", the user must be listed as a member of the first gid 0 group
+# in /etc/group (called "root" on most Linux systems) to be able to "su"
+# to uid 0 accounts.  If the group doesn't exist or is empty, no one
+# will be able to "su" to uid 0.
+#
+SU_WHEEL_ONLY	no
+
+#
+# If compiled with cracklib support, where are the dictionaries
+#
+#CRACKLIB_DICTPATH	/var/cache/cracklib/cracklib_dict
+
+#
+# Min/max values for automatic uid selection in useradd
+#
+UID_MIN			 1000
+UID_MAX			60000
+# System accounts
+SYS_UID_MIN		  101
+SYS_UID_MAX		  999
+
+#
+# Min/max values for automatic gid selection in groupadd
+#
+GID_MIN			 1000
+GID_MAX			60000
+# System accounts
+SYS_GID_MIN		  101
+SYS_GID_MAX		  999
+
+#
+# Max number of login retries if password is bad
+#
+LOGIN_RETRIES		5
+
+#
+# Max time in seconds for login
+#
+LOGIN_TIMEOUT		60
+
+#
+# Maximum number of attempts to change password if rejected (too easy)
+#
+PASS_CHANGE_TRIES	5
+
+#
+# Warn about weak passwords (but still allow them) if you are root.
+#
+PASS_ALWAYS_WARN	yes
+
+#
+# Number of significant characters in the password for crypt().
+# Default is 8, don't change unless your crypt() is better.
+# Ignored if MD5_CRYPT_ENAB set to "yes".
+#
+#PASS_MAX_LEN		8
+
+#
+# Require password before chfn/chsh can make any changes.
+#
+CHFN_AUTH		yes
+
+#
+# Which fields may be changed by regular users using chfn - use
+# any combination of letters "frwh" (full name, room number, work
+# phone, home phone).  If not defined, no changes are allowed.
+# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
+# 
+CHFN_RESTRICT		frwh
+
+#
+# Password prompt (%s will be replaced by user name).
+#
+# XXX - it doesn't work correctly yet, for now leave it commented out
+# to use the default which is just "Password: ".
+#LOGIN_STRING		"%s's Password: "
+
+#
+# Only works if compiled with MD5_CRYPT defined:
+# If set to "yes", new passwords will be encrypted using the MD5-based
+# algorithm compatible with the one used by recent releases of FreeBSD.
+# It supports passwords of unlimited length and longer salt strings.
+# Set to "no" if you need to copy encrypted passwords to other systems
+# which don't understand the new algorithm.  Default is "no".
+#
+# This variable is deprecated. You should use ENCRYPT_METHOD.
+#
+#MD5_CRYPT_ENAB	no
+
+#
+# Only works if compiled with ENCRYPTMETHOD_SELECT defined:
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+ENCRYPT_METHOD MD5
+
+#
+# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+#
+# List of groups to add to the user's supplementary group set
+# when logging in on the console (as determined by the CONSOLE
+# setting).  Default is none.
+#
+# Use with caution - it is possible for users to gain permanent
+# access to these groups, even when not logged in on the console.
+# How to do it is left as an exercise for the reader...
+#
+# Most of these groups are self-explanatory.
+#
+# Note that users are added to these default groups only when
+# logging into a shell with /bin/login, not when using a login
+# manager such as kdm.  In that case, users who should have
+# hardware access must be added to the appropriate groups
+# when the user is added with adduser or useradd, or by editing
+# /etc/group directly, preferably using "vigr"
+#
+CONSOLE_GROUPS         floppy:audio:cdrom:video:scanner
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+DEFAULT_HOME	yes
+
+#
+# If this file exists and is readable, login environment will be
+# read from it.  Every line should be in the form name=value.
+#
+ENVIRON_FILE	/etc/environment
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+#USERDEL_CMD	/usr/sbin/userdel_local
+
+#
+# Enable setting of the umask group bits to be the same as owner bits
+# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
+# the same as gid, and username is the same as the primary group name.
+#
+# This also enables userdel to remove user groups if no members exist.
+#
+USERGROUPS_ENAB yes
+
+#
+# If set to a non-nul number, the shadow utilities will make sure that
+# groups never have more than this number of users on one line.
+# This permit to support split groups (groups split into multiple lines,
+# with the same group ID, to avoid limitation of the line length in the
+# group file).
+#
+# 0 is the default value and disables this feature.
+#
+#MAX_MEMBERS_PER_GROUP	0
+
+#
+# If useradd should create home directories for users by default (non
+# system users only)
+# This option is overridden with the -M or -m flags on the useradd command
+# line.
+#
+#CREATE_HOME     yes
+
diff --git a/source/a/shadow/shadow-4.0.3.x86_64.diff b/source/a/shadow/shadow-4.0.3.x86_64.diff
deleted file mode 100644
index 15d16c7c..00000000
--- a/source/a/shadow/shadow-4.0.3.x86_64.diff
+++ /dev/null
@@ -1,166 +0,0 @@
---- shadow-4.0.3/libmisc/failure.h.orig	2004-01-02 18:47:01.000000000 -0800
-+++ shadow-4.0.3/libmisc/failure.h	2004-01-02 18:52:38.000000000 -0800
-@@ -4,7 +4,12 @@
- 
- #include "defines.h"
- #include "faillog.h"
-+
-+#if HAVE_UTMPX_H
-+#include <utmpx.h>
-+#else
- #include <utmp.h>
-+#endif
- 
- /*
-  * failure - make failure entry
-@@ -38,7 +43,11 @@
-  *	failtmp updates the (struct utmp) formatted failure log which
-  *	maintains a record of all login failures.
-  */
-+#if HAVE_UTMPX_H
-+extern void failtmp(const struct utmpx *);
-+#else
- extern void failtmp(const struct utmp *);
-+#endif
- 
- #endif
- 
---- shadow-4.0.3/libmisc/failure.c.orig	2004-01-02 18:47:06.000000000 -0800
-+++ shadow-4.0.3/libmisc/failure.c	2004-01-02 18:53:37.000000000 -0800
-@@ -39,7 +39,11 @@
- #include "getdef.h"
- #include "failure.h"
- 
-+#if HAVE_UTMPX_H
-+#include <utmpx.h>
-+#else
- #include <utmp.h>
-+#endif
- 
- #define	YEAR	(365L*DAY)
- 
-@@ -248,7 +252,11 @@
-  */
- 
- void
-+#if HAVE_UTMPX_H
-+failtmp(const struct utmpx *failent)
-+#else
- failtmp(const struct utmp *failent)
-+#endif
- {
- 	char *ftmp;
- 	int fd;
---- shadow-4.0.3/libmisc/log.c.orig	2004-01-02 18:58:04.000000000 -0800
-+++ shadow-4.0.3/libmisc/log.c	2004-01-02 18:58:51.000000000 -0800
-@@ -57,6 +57,7 @@
- 	int	fd;
- 	off_t	offset;
- 	struct	lastlog	newlog;
-+	time_t  ll_time;
- 
- 	/*
- 	 * If the file does not exist, don't create it.
-@@ -88,7 +89,8 @@
- 	if (ll)
- 		*ll = newlog;
- 
--	time(&newlog.ll_time);
-+        ll_time = newlog.ll_time;
-+	time(&ll_time);
- 	strncpy(newlog.ll_line, line, sizeof newlog.ll_line);
- #if HAVE_LL_HOST
- 	strncpy(newlog.ll_host, host, sizeof newlog.ll_host);
---- shadow-4.0.3/libmisc/utmp.c.orig	2004-01-02 18:59:04.000000000 -0800
-+++ shadow-4.0.3/libmisc/utmp.c	2004-01-02 19:05:34.000000000 -0800
-@@ -79,6 +79,8 @@
- {
- 	char *line;
- 	struct utmp *ut;
-+	time_t uttime;
-+
- 	pid_t pid = getpid();
- 
- 	setutent();
-@@ -111,7 +113,8 @@
- 		/* XXX - assumes /dev/tty?? */
- 		strncpy(utent.ut_id, utent.ut_line + 3, sizeof utent.ut_id);
- 		strcpy(utent.ut_user, "LOGIN");
--		time(&utent.ut_time);
-+		time(&uttime);
-+		utent.ut_time = uttime;
- 	}
- }
- 
-@@ -284,9 +287,14 @@
- void
- setutmp(const char *name, const char *line, const char *host)
- {
-+        time_t uttime;
-+
- 	utent.ut_type = USER_PROCESS;
- 	strncpy(utent.ut_user, name, sizeof utent.ut_user);
--	time(&utent.ut_time);
-+	
-+	time(&uttime);
-+	utent.ut_time = uttime;
-+
- 	/* other fields already filled in by checkutmp above */
- 	setutent();
- 	pututline(&utent);
---- shadow-4.0.3/src/lastlog.c.orig	2004-01-02 18:06:09.000000000 -0800
-+++ shadow-4.0.3/src/lastlog.c	2004-01-02 18:29:57.000000000 -0800
-@@ -167,6 +167,7 @@
- 	static int once;
- 	char *cp;
- 	struct tm *tm;
-+	time_t ll_time;
- 
- #ifdef HAVE_STRFTIME
- 	char ptime[80];
-@@ -184,7 +185,9 @@
- #endif
- 		once++;
- 	}
--	tm = localtime (&lastlog.ll_time);
-+	ll_time = lastlog.ll_time; 
-+	tm = localtime (&ll_time);
-+
- #ifdef HAVE_STRFTIME
- 	strftime (ptime, sizeof (ptime), "%a %b %e %H:%M:%S %z %Y", tm);
- 	cp = ptime;
---- shadow-4.0.3/src/login.c.orig	2004-01-02 18:33:13.000000000 -0800
-+++ shadow-4.0.3/src/login.c	2004-01-02 18:40:17.000000000 -0800
-@@ -1019,8 +1019,12 @@
- 			const char *failent_user;
- 
- #if HAVE_UTMPX_H
-+			struct timeval ut_tv;
-+			ut_tv.tv_sec = failent.ut_tv.tv_sec;
-+			ut_tv.tv_usec = failent.ut_tv.tv_usec;
-+
- 			failent = utxent;
--			gettimeofday (&(failent.ut_tv), NULL);
-+			gettimeofday (&ut_tv, NULL);
- #else
- 			failent = utent;
- 			time (&failent.ut_time);
-@@ -1271,15 +1275,16 @@
- 		}
- 		if (getdef_bool ("LASTLOG_ENAB")
- 		    && lastlog.ll_time != 0) {
-+			time_t ll_time= lastlog.ll_time;
- #ifdef HAVE_STRFTIME
- 			strftime (ptime, sizeof (ptime),
- 				  "%a %b %e %H:%M:%S %z %Y",
--				  localtime (&lastlog.ll_time));
-+				  localtime (&ll_time));
- 			printf (_("Last login: %s on %s"),
- 				ptime, lastlog.ll_line);
- #else
- 			printf (_("Last login: %.19s on %s"),
--				ctime (&lastlog.ll_time),
-+				ctime (&ll_time),
- 				lastlog.ll_line);
- #endif
- #ifdef HAVE_LL_HOST		/* SVR4 || __linux__ || SUN4 */
diff --git a/source/a/shadow/shadow.SlackBuild b/source/a/shadow/shadow.SlackBuild
index 2f0e1178..77e34089 100755
--- a/source/a/shadow/shadow.SlackBuild
+++ b/source/a/shadow/shadow.SlackBuild
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-# Copyright 2005-2009  Patrick J. Volkerding, Sebeka, Minnesota, USA
+# Copyright 2005-2010  Patrick J. Volkerding, Sebeka, Minnesota, USA
 # All rights reserved.
 #
 # Redistribution and use of this script, with or without modification, is
@@ -20,24 +20,40 @@
 #  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 #  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-VERSION=4.0.3
-ARCH=${ARCH:-x86_64}
-BUILD=${BUILD:-18}
+VERSION=4.1.4.2
+BUILD=${BUILD:-3}
+
+NUMJOBS=${NUMJOBS:--j6}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+  case "$( uname -m )" in
+    i?86) export ARCH=i486 ;;
+    arm*) export ARCH=arm ;;
+    # Unless $ARCH is already set, use uname -m for all other archs:
+       *) export ARCH=$( uname -m ) ;;
+  esac
+fi
 
 CWD=$(pwd)
 TMP=${TMP:-/tmp}
 PKG=$TMP/package-shadow
 
+if [ "$ARCH" = "i486" ]; then
+  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+elif [ "$ARCH" = "s390" ]; then
+  SLKCFLAGS="-O2"
+elif [ "$ARCH" = "x86_64" ]; then
+  SLKCFLAGS="-O2 -fPIC"
+else
+  SLKCFLAGS="-O2"
+fi
+
 rm -rf $PKG
 mkdir -p $TMP $PKG
-
-# Explode the package framework:
-cd $PKG
-explodepkg $CWD/_shadow.tar.gz
-
 cd $TMP
 rm -rf shadow-$VERSION
-tar xjvf $CWD/shadow-$VERSION.tar.bz2
+tar xvf $CWD/shadow-$VERSION.tar.?z* || exit 1
 cd shadow-$VERSION
 
 chown -R root:root .
@@ -47,110 +63,91 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \;
 
-zcat $CWD/shadow.shadowconfig.diff.gz | patch -p1 --verbose --backup || exit 1
-zcat $CWD/shadow.newgrp.nopam.gz | patch -p0 --verbose --backup || exit 1
-zcat $CWD/shadow.login.defs.diff.gz | patch -p0 --verbose --backup || exit 1
-zcat $CWD/shadow.newgrp.getlogin.gz | patch -p1 --verbose --backup || exit 1
-zcat $CWD/shadow.gcc34.diff.gz | patch -p1 --verbose --backup || exit 1
-zcat $CWD/shadow.remove.obsolete.options.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1
-if [ "$ARCH" = "x86_64" ]; then
-  zcat $CWD/shadow-4.0.3.x86_64.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1
-fi
-
+CFLAGS="$SLKCFLAGS" \
 ./configure \
   --prefix=/usr \
+  --sysconfdir=/etc \
+  --mandir=/usr/man \
+  --docdir=/usr/doc/shadow-$VERSION \
   --disable-shared \
-  --disable-desrpc \
+  --without-libcrack \
   --build=$ARCH-slackware-linux
 
-make -j6 || exit 1
-cat etc/login.defs.linux > $PKG/etc/login.defs.new
-cat etc/login.access > $PKG/etc/login.access.new
+#  --enable-utmpx   # defaults to 'no'
+
+make $NUMJOBS || make || exit 1
+make install DESTDIR=$PKG || exit 1
+
+# Fix user group = 100:
+zcat $CWD/useradd.gz > $PKG/etc/default/useradd
+
+# /bin/groups is provided by coreutils.
+rm -f $PKG/bin/groups
+find $PKG -name groups.1 -exec rm {} \;
+
+# Install a login.defs with unsurprising defaults:
+rm -f $PKG/etc/login.defs
+zcat $CWD/login.defs.gz > $PKG/etc/login.defs.new
+
+mv $PKG/etc/login.access $PKG/etc/login.access.new
+
+# I don't think this works well enough to recommend it.
+#mv $PKG/etc/limits $PKG/etc/limits.new
+rm -f $PKG/etc/limits
+
+# Add the friendly 'adduser' script:
 cat $CWD/adduser > $PKG/usr/sbin/adduser
+chmod 0755 $PKG/usr/sbin/adduser
+
+# Add sulogin to the package:
+cp -a src/sulogin $PKG/sbin
+( cd $PKG/bin ; ln -s ../sbin/sulogin )
+
+# Add the empty faillog log file:
+mkdir -p $PKG/var/log
+touch $PKG/var/log/faillog.new
+
+# Put some stuff back in "old" locations and make symlinks for compat
+( cd $PKG/usr/bin
+  mv faillog ../sbin
+  mv lastlog ../sbin
+  ln -s ../sbin/faillog
+  ln -s ../sbin/lastlog
+)
+
+# Fixup a few permissions:
+chmod 4711 $PKG/bin/su
+chmod 4711 $PKG/usr/bin/*
+
+# Compress and if needed symlink the man pages:
+if [ -d $PKG/usr/man ]; then
+  ( cd $PKG/usr/man
+    for manpagedir in $(find . -type d -name "man*") ; do
+      ( cd $manpagedir
+        for eachpage in $( find . -type l -maxdepth 1) ; do
+          ln -s $( readlink $eachpage ).gz $eachpage.gz
+          rm $eachpage
+        done
+        gzip -9 *.?
+      )
+    done
+  )
+fi
 
-# These things aren't needed when using glibc, as it
-# supplies its own shadow functions:
-#cat lib/libshadow.a > $PKG/usr/lib/libshadow.a
-#cp -a lib/pwauth.h $PKG/usr/include/shadow/pwauth.h
-#cp -a lib/shadow_.h $PKG/usr/include/shadow/shadow.h
-#chmod 644 $PKG/usr/include/shadow/*
-#chown root.root $PKG/usr/include/shadow/*
-
-cd po
-for file in *.gmo ; do
-  mkdir -p $PKG/usr/share/locale/$(basename $file .gmo)/LC_MESSAGES
-  cat $file > $PKG/usr/share/locale/$(basename $file .gmo)/LC_MESSAGES/shadow.mo
-done
-cd ../src
-cat login > $PKG/bin/login
-cat su > $PKG/bin/su
-cat sulogin > $PKG/sbin/sulogin
-cat ../debian/shadowconfig.sh > $PKG/usr/sbin/shadowconfig
-for file in chpasswd dpasswd faillog groupadd groupdel groupmod grpck \
-lastlog logoutd mkpasswd newusers pwck useradd userdel usermod \
-pwconv pwunconv grpconv grpunconv vipw ; do
-  cat $file > $PKG/usr/sbin/$file
-done
-for file in chage chfn chsh expiry gpasswd newgrp passwd ; do
-  cat $file > $PKG/usr/bin/$file
-done
-cd ..
-cp contrib/adduser.sh /sbin/adduser
 mkdir -p $PKG/usr/doc/shadow-$VERSION
 cp -a \
-  ABOUT-NLS ChangeLog NEWS README TODO doc/* \
+  COPYING ChangeLog NEWS README TODO doc/{README*,HOWTO,WISHLIST,*.txt} \
   $PKG/usr/doc/shadow-$VERSION
-chmod 644 $PKG/usr/doc/shadow-$VERSION/*
-
-install_man_pages() {
-for file in chage.1 chfn.1 chsh.1 gpasswd.1 groups.1 login.1 newgrp.1 \
-passwd.1 su.1 ; do
-  if [ -r $file ]; then
-    mkdir -p $1/man1
-    gzip -9c $file > $1/man1/$file.gz
-  fi
-done
-for file in pw_auth.3 shadow.3 ; do
-  if [ -r $file ]; then
-    mkdir -p $1/man3
-    gzip -9c $file > $1/man3/$file.gz
-  fi
-done
-for file in faillog.5 limits.5 login.access.5 login.defs.5 passwd.5 \
-porttime.5 shadow.5 suauth.5 ; do
-  if [ -r $file ]; then
-    mkdir -p $1/man5
-    gzip -9c $file > $1/man5/$file.gz
-  fi
-done
-for file in chpasswd.8 dpasswd.8 faillog.8 groupadd.8 groupdel.8 groupmod.8 \
-grpck.8 lastlog.8 logoutd.8 mkpasswd.8 newusers.8 pwauth.8 pwck.8 pwconv.8 \
-shadowconfig.8 sulogin.8 useradd.8 userdel.8 usermod.8 vipw.8 ; do
-  if [ -r $file ]; then
-    mkdir -p $1/man8
-    gzip -9c $file > $1/man8/$file.gz
-  fi
-done
-}
-
-cd man
-  install_man_pages $PKG/usr/man
-  for dir in * ; do
-    if [ -d $dir ] ; then
-      ( cd $dir ; install_man_pages $PKG/usr/man/$dir )
-    fi
-  done
-cd ..
+#chmod 0644 $PKG/usr/doc/shadow-$VERSION/*
+
+# The entire ChangeLog is excessive for most users:
+cat $PKG/usr/doc/shadow-$VERSION/ChangeLog | head -n 2000 > $PKG/usr/doc/shadow-$VERSION/CL
+mv $PKG/usr/doc/shadow-$VERSION/CL $PKG/usr/doc/shadow-$VERSION/ChangeLog
 
 mkdir -p $PKG/install
 cat $CWD/slack-desc > $PKG/install/slack-desc
+zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
 
-# Build the package:
 cd $PKG
-makepkg -l y -c n $TMP/shadow-$VERSION-$ARCH-$BUILD.txz
+/sbin/makepkg -l y -c n $TMP/shadow-$VERSION-$ARCH-$BUILD.txz
 
-# Clean up the extra stuff:
-if [ "$1" = "--cleanup" ]; then
-  rm -rf $TMP/shadow-$VERSION
-  rm -rf $PKG
-fi
diff --git a/source/a/shadow/shadow.gcc34.diff b/source/a/shadow/shadow.gcc34.diff
deleted file mode 100644
index 71dff4c8..00000000
--- a/source/a/shadow/shadow.gcc34.diff
+++ /dev/null
@@ -1,11 +0,0 @@
---- ./libmisc/xmalloc.c.orig	1998-12-28 14:34:56.000000000 -0600
-+++ ./libmisc/xmalloc.c	2006-08-12 19:02:51.000000000 -0500
-@@ -16,8 +16,6 @@
- 
- #include "defines.h"
- 
--extern char *malloc();
--
- char *
- xmalloc(size_t size)
- {
diff --git a/source/a/shadow/shadow.login.defs.diff b/source/a/shadow/shadow.login.defs.diff
deleted file mode 100644
index bfed463a..00000000
--- a/source/a/shadow/shadow.login.defs.diff
+++ /dev/null
@@ -1,67 +0,0 @@
---- ./etc/login.defs.linux.orig	2000-08-26 13:27:10.000000000 -0500
-+++ ./etc/login.defs.linux	2008-03-24 15:10:09.000000000 -0500
-@@ -170,8 +170,8 @@
- # *REQUIRED*  The default PATH settings, for superuser and normal users.
- #
- # (they are minimal, add the rest in the shell startup files)
--ENV_SUPATH	PATH=/sbin:/bin:/usr/sbin:/usr/bin
--ENV_PATH	PATH=/bin:/usr/bin
-+ENV_SUPATH	PATH=/usr/local/sbin:/usr/local/bin:/sbin:/usr/sbin:/bin:/usr/bin
-+ENV_PATH	PATH=/usr/local/bin:/bin:/usr/bin
- 
- #
- # Terminal permissions
-@@ -185,7 +185,7 @@
- # TTYPERM to either 622 or 600.
- #
- TTYGROUP	tty
--TTYPERM		0600
-+TTYPERM		0620
- 
- #
- # Login configuration initializations:
-@@ -230,7 +230,7 @@
- #
- # If compiled with cracklib support, where are the dictionaries
- #
--CRACKLIB_DICTPATH	/var/cache/cracklib/cracklib_dict
-+#CRACKLIB_DICTPATH	/var/cache/cracklib/cracklib_dict
- 
- #
- # Min/max values for automatic uid selection in useradd
-@@ -282,7 +282,7 @@
- # phone, home phone).  If not defined, no changes are allowed.
- # For backward compatibility, "yes" = "rwh" and "no" = "frwh".
- # 
--CHFN_RESTRICT		rwh
-+CHFN_RESTRICT		frwh
- 
- #
- # Password prompt (%s will be replaced by user name).
-@@ -299,7 +299,7 @@
- # Set to "no" if you need to copy encrypted passwords to other systems
- # which don't understand the new algorithm.  Default is "no".
- #
--#MD5_CRYPT_ENAB	no
-+MD5_CRYPT_ENAB	yes
- 
- #
- # List of groups to add to the user's supplementary group set
-@@ -310,7 +310,16 @@
- # access to these groups, even when not logged in on the console.
- # How to do it is left as an exercise for the reader...
- #
--#CONSOLE_GROUPS		floppy:audio:cdrom
-+# Most of these groups are self-explanatory.
-+#
-+# Note that users are added to these default groups only when
-+# logging into a shell with /bin/login, not when using a login
-+# manager such as kdm.  In that case, users who should have
-+# hardware access must be added to the appropriate groups
-+# when the user is added with adduser or useradd, or by editing
-+# /etc/group directly.
-+#
-+CONSOLE_GROUPS		floppy:audio:cdrom:video
- 
- #
- # Should login be allowed if we can't cd to the home directory?
diff --git a/source/a/shadow/shadow.newgrp.getlogin b/source/a/shadow/shadow.newgrp.getlogin
deleted file mode 100644
index 5d032f15..00000000
--- a/source/a/shadow/shadow.newgrp.getlogin
+++ /dev/null
@@ -1,21 +0,0 @@
---- ./src/newgrp.c.orig	2003-05-31 21:19:39.000000000 -0700
-+++ ./src/newgrp.c	2003-05-31 21:21:32.000000000 -0700
-@@ -76,6 +76,7 @@
- 	gid_t gid;
- 	char *cp;
- 	const char *cpasswd, *name, *prog;
-+	char *loginname = NULL;
- 	char *group = NULL;
- 	char *command = NULL;
- 	char **envp = environ;
-@@ -386,7 +387,9 @@
- 		SYSLOG ((LOG_INFO, "user `%s' switched to group `%s'",
- 			 name, group));
- 	if (getdef_bool ("SYSLOG_SG_ENAB")) {
--		char *loginname = xstrdup (getlogin ());
-+                char *user = getlogin ();
-+                if (user != NULL)
-+                        loginname = xstrdup (user);
- 		char *tty = xstrdup (ttyname (0));
- 
- 		if (loginname == NULL)
diff --git a/source/a/shadow/shadow.newgrp.nopam b/source/a/shadow/shadow.newgrp.nopam
deleted file mode 100644
index 7920dde0..00000000
--- a/source/a/shadow/shadow.newgrp.nopam
+++ /dev/null
@@ -1,18 +0,0 @@
---- src/newgrp.c.orig	2002-10-12 14:15:34.000000000 +0100
-+++ src/newgrp.c	2002-10-12 14:15:42.000000000 +0100
-@@ -398,6 +398,7 @@
- 		SYSLOG ((LOG_INFO,
- 			 "user `%s' (login `%s' on %s) switched to group `%s'",
- 			 name, loginname, tty, group));
-+#ifdef USE_PAM
- 		if (getdef_bool ("CLOSE_SESSIONS")) {
- 			/*
- 			 * We want to fork and exec the new shell in the child, leaving the
-@@ -450,6 +451,7 @@
- 			signal (SIGTTIN, SIG_DFL);
- 			signal (SIGTTOU, SIG_DFL);
- 		}
-+#endif // USE_PAM
- 	}
- #endif				/* USE_SYSLOG */
- 
diff --git a/source/a/shadow/shadow.remove.obsolete.options.diff b/source/a/shadow/shadow.remove.obsolete.options.diff
deleted file mode 100644
index 100fe2a8..00000000
--- a/source/a/shadow/shadow.remove.obsolete.options.diff
+++ /dev/null
@@ -1,78 +0,0 @@
---- ./man/passwd.1.orig	2002-03-13 11:52:15.000000000 -0600
-+++ ./man/passwd.1	2006-08-20 18:29:58.000000000 -0500
-@@ -29,26 +29,17 @@
- .SH NAME
- passwd \- change user password
- .SH SYNOPSIS
--\fBpasswd\fR [\fB-f\fR|\fB-s\fR] [\fIname\fR]
--.br
--\fBpasswd\fR [\fB-g\fR] [\fB-r\fR|\fB-R\fR] \fIgroup\fR
-+\fBpasswd\fR [\fIname\fR]
- .br
- \fBpasswd\fR [\fB-x \fImax\fR] [\fB-n \fImin\fR]
- [\fB-w \fIwarn\fR] [\fB-i \fIinact\fR] \fIlogin\fR
- .br
- \fBpasswd\fR {\fB-l\fR|\fB-u\fR|\fB-d\fR|\fB-S\fR|\fB-e\fR} \fIlogin\fR
- .SH DESCRIPTION
--\fBpasswd\fR changes passwords for user and group accounts.
-+\fBpasswd\fR changes passwords for user accounts.
- A normal user may only change the password for his/her own account,
- the super user may change the password for any account.
--The administrator of a group may change the password for the group.
--\fBpasswd\fR also changes account information, such as the full name
--of the user, user's login shell, or password expiry date and interval.
--.PP
--The \fB-s\fR option makes passwd call chsh to change the user's shell. The
--\fB-f\fR option makes passwd call chfn to change the user's gecos
--information. These two options are only meant for compatiblity, since the
--other programs can be called directly.
-+.PP
- .SS Password Changes
- The user is first prompted for his/her old password, if one is present.
- This password is then encrypted and compared against the
-@@ -86,17 +77,6 @@
- against the first.
- Both entries are required to match in order for the password
- to be changed.
--.SS Group passwords
--When the \fB-g\fR option is used, the password for the named
--group is changed.
--The user must either be the super user, or a group administrator
--for the named group.
--The current group password is not prompted for.
--The \fB-r\fR option is used with the \fB-g\fR option to remove
--the current password from the named group.
--This allows group access to all members.
--The \fB-R\fR option is used with the \fB-g\fR option to restrict
--the named group for all users.
- .SS Password expiry information
- The password aging information may be changed by the super
- user with the \fB-x\fR, \fB-n\fR, \fB-w\fR, and \fB-i\fR options.
-@@ -191,6 +171,9 @@
- .br
- /etc/shadow \- encrypted user passwords
- .SH "SEE ALSO"
-+.BR chfn (1),
-+.BR chsh (1),
-+.BR gpasswd (1),
- .BR group (5),
- .BR passwd (5)
- .SH AUTHOR
---- ./src/passwd.c.orig	2002-01-05 09:41:43.000000000 -0600
-+++ ./src/passwd.c	2006-08-20 18:31:50.000000000 -0500
-@@ -955,6 +955,7 @@
- 	 * Please run these programs directly.  --marekm
- 	 */
- 
-+#ifdef I_LIKE_OBSOLETE_OPTIONS
- 	if (argc > 1 && argv[1][0] == '-' && strchr ("gfs", argv[1][1])) {
- 		char buf[200];
- 
-@@ -980,6 +981,7 @@
- 		closelog ();
- 		exit (E_FAILURE);
- 	}
-+#endif
- 
- 	/* 
- 	 * The remaining arguments will be processed one by one and executed
diff --git a/source/a/shadow/shadow.shadowconfig.diff b/source/a/shadow/shadow.shadowconfig.diff
deleted file mode 100644
index 7dc9286e..00000000
--- a/source/a/shadow/shadow.shadowconfig.diff
+++ /dev/null
@@ -1,49 +0,0 @@
---- ./debian/shadowconfig.sh.orig	2001-05-29 23:20:22.000000000 -0700
-+++ ./debian/shadowconfig.sh	2003-06-23 16:35:38.000000000 -0700
-@@ -1,23 +1,28 @@
- #!/bin/bash
--# turn shadow passwords on or off on a Debian system
-+#
-+#       'shadowconfig on' will turn shadow passwords on;
-+#       'shadowconfig off' will turn shadow passwords off.
-+#
-+#       shadowconfig will print an error message and exit with
-+#       a nonzero code if it finds anything awry.  If that happens,
-+#       you should correct the error and run it again.
-+#
-+#       Turning shadow passwords on when they are already on, or
-+#       off when they are already off, is harmless.
-+#
-+#       Be aware that account expiration dates are only supported
-+#       by shadow passwords -- these dates will be lost when converting
-+#       from shadow to non-shadow passwords.  If you need to save this
-+#       information, back up your /etc/shadow before turning off
-+#       shadow passwords.
-+#       
- 
--set -e
- 
--permfix () {
--    [ -f $1 ] || return 0
--    chown root:shadow $1
--    chmod 2755 $1
--}
--export -f permfix
-+set -e
- 
- shadowon () {
- bash<<- EOF
-     set -e
--
--    permfix /usr/X11R6/bin/xlock
--    permfix /usr/X11R6/bin/xtrlock
--    permfix /bin/vlock
--
-     pwck -q
-     grpck
-     pwconv
-@@ -65,3 +70,4 @@
- 	echo Usage: $0 on \| off
- 	;;
- esac
-+
diff --git a/source/a/shadow/useradd b/source/a/shadow/useradd
new file mode 100644
index 00000000..f3205e49
--- /dev/null
+++ b/source/a/shadow/useradd
@@ -0,0 +1,8 @@
+# useradd defaults file
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SHELL=/bin/bash
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=yes