1 dnl Process this file with autoconf to produce a configure script.
3 AM_INIT_AUTOMAKE(shadow, 4.1.5)
4 AC_CONFIG_HEADERS([config.h])
7 test "$prefix" = "NONE" && prefix="/usr"
8 test "$prefix" = "/usr" && exec_prefix=""
17 dnl Checks for programs.
25 dnl Checks for libraries.
27 dnl Checks for header files.
33 AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
34 utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \
35 utime.h ulimit.h sys/resource.h gshadow.h lastlog.h \
36 locale.h rpc/key_prot.h netdb.h acl/libacl.h attr/libattr.h \
39 dnl shadow now uses the libc's shadow implementation
40 AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])])
42 AC_CHECK_FUNCS(l64a fchmod fchown fsync futimes getgroups gethostname getspnam \
43 gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \
44 lutimes memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \
45 getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getaddrinfo)
48 dnl Checks for typedefs, structures, and compiler characteristics.
55 AC_CHECK_MEMBERS([struct stat.st_rdev])
56 AC_CHECK_MEMBERS([struct stat.st_atim])
57 AC_CHECK_MEMBERS([struct stat.st_atimensec])
58 AC_CHECK_MEMBERS([struct stat.st_mtim])
59 AC_CHECK_MEMBERS([struct stat.st_mtimensec])
63 AC_CHECK_MEMBERS([struct utmp.ut_type,
68 struct utmp.ut_syslen,
70 struct utmp.ut_addr_v6,
73 struct utmp.ut_tv],,,[[#include <utmp.h>]])
74 dnl There are dependencies:
75 dnl If UTMPX has to be used, the utmp structure shall have a ut_id field.
76 if test "$ac_cv_header_utmpx_h" = "yes" &&
77 test "$ac_cv_member_struct_utmp_ut_id" != "yes"; then
78 AC_MSG_ERROR(Systems with UTMPX and no ut_id field in the utmp structure are not supported)
81 AC_CHECK_MEMBERS([struct utmpx.ut_name,
83 struct utmpx.ut_syslen,
85 struct utmpx.ut_addr_v6,
87 struct utmpx.ut_xtime],,,[[#include <utmpx.h>]])
89 if test "$ac_cv_header_lastlog_h" = "yes"; then
90 AC_CACHE_CHECK(for ll_host in struct lastlog,
91 ac_cv_struct_lastlog_ll_host,
92 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <lastlog.h>],
93 [struct lastlog ll; char *cp = ll.ll_host;]
95 [ac_cv_struct_lastlog_ll_host=yes],
96 [ac_cv_struct_lastlog_ll_host=no]
100 if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then
101 AC_DEFINE(HAVE_LL_HOST, 1,
102 [Define if struct lastlog has ll_host])
106 dnl Checks for library functions.
111 AC_REPLACE_FUNCS(mkdir putgrent putpwent putspent rename rmdir)
112 AC_REPLACE_FUNCS(sgetgrent sgetpwent sgetspent)
113 AC_REPLACE_FUNCS(snprintf strcasecmp strdup strerror strstr)
115 AC_CHECK_FUNC(setpgrp)
117 if test "$ac_cv_header_shadow_h" = "yes"; then
118 AC_CACHE_CHECK(for working shadow group support,
119 ac_cv_libc_shadowgrp,
120 AC_RUN_IFELSE([AC_LANG_SOURCE([
124 struct sgrp *sg = sgetsgent("test:x::");
125 /* NYS libc on Red Hat 3.0.3 has broken shadow group support */
126 return !sg || !sg->sg_adm || !sg->sg_mem;
129 [ac_cv_libc_shadowgrp=yes],
130 [ac_cv_libc_shadowgrp=no],
131 [ac_cv_libc_shadowgrp=no]
135 if test "$ac_cv_libc_shadowgrp" = "yes"; then
136 AC_DEFINE(HAVE_SHADOWGRP, 1, [Have working shadow group support in libc])
140 AC_CACHE_CHECK([location of shared mail directory], shadow_cv_maildir,
141 [for shadow_cv_maildir in /var/mail /var/spool/mail /usr/spool/mail /usr/mail none; do
142 if test -d $shadow_cv_maildir; then
146 if test $shadow_cv_maildir != none; then
147 AC_DEFINE_UNQUOTED(MAIL_SPOOL_DIR, "$shadow_cv_maildir",
148 [Location of system mail spool directory.])
151 AC_CACHE_CHECK([location of user mail file], shadow_cv_mailfile,
152 [for shadow_cv_mailfile in Mailbox mailbox Mail mail .mail none; do
153 if test -f $HOME/$shadow_cv_mailfile; then
157 if test $shadow_cv_mailfile != none; then
158 AC_DEFINE_UNQUOTED(MAIL_SPOOL_FILE, "$shadow_cv_mailfile",
159 [Name of user's mail spool file if stored in user's home directory.])
162 AC_CACHE_CHECK([location of utmp], shadow_cv_utmpdir,
163 [for shadow_cv_utmpdir in /var/run /var/adm /usr/adm /etc none; do
164 if test -f $shadow_cv_utmpdir/utmp; then
168 if test "$shadow_cv_utmpdir" = "none"; then
169 AC_MSG_WARN(utmp file not found)
171 AC_DEFINE_UNQUOTED(_UTMP_FILE, "$shadow_cv_utmpdir/utmp",
172 [Path for utmp file.])
174 AC_CACHE_CHECK([location of faillog/lastlog/wtmp], shadow_cv_logdir,
175 [for shadow_cv_logdir in /var/log /var/adm /usr/adm /etc; do
176 if test -d $shadow_cv_logdir; then
180 AC_DEFINE_UNQUOTED(_WTMP_FILE, "$shadow_cv_logdir/wtmp",
181 [Path for wtmp file.])
182 AC_DEFINE_UNQUOTED(LASTLOG_FILE, "$shadow_cv_logdir/lastlog",
183 [Path for lastlog file.])
184 AC_DEFINE_UNQUOTED(FAILLOG_FILE, "$shadow_cv_logdir/faillog",
185 [Path for faillog file.])
187 AC_CACHE_CHECK([location of the passwd program], shadow_cv_passwd_dir,
188 [if test -f /usr/bin/passwd; then
189 shadow_cv_passwd_dir=/usr/bin
191 shadow_cv_passwd_dir=/bin
193 AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
194 [Path to passwd program.])
196 dnl XXX - quick hack, should disappear before anyone notices :).
197 AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().])
198 AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
199 AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).])
201 AC_ARG_ENABLE(shadowgrp,
202 [AC_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])],
203 [case "${enableval}" in
204 yes) enable_shadowgrp="yes" ;;
205 no) enable_shadowgrp="no" ;;
206 *) AC_MSG_ERROR(bad value ${enableval} for --enable-shadowgrp) ;;
208 [enable_shadowgrp="yes"]
212 [AC_HELP_STRING([--enable-man],
213 [regenerate roff man pages from Docbook @<:@default=no@:>@])],
214 [enable_man="${enableval}"],
218 AC_ARG_ENABLE(account-tools-setuid,
219 [AC_HELP_STRING([--enable-account-tools-setuid],
220 [Install the user and group management tools setuid and authenticate the callers. This requires --with-pam.])],
221 [case "${enableval}" in
222 yes) enable_acct_tools_setuid="yes" ;;
223 no) enable_acct_tools_setuid="no" ;;
224 *) AC_MSG_ERROR(bad value ${enableval} for --enable-account-tools-setuid)
227 [enable_acct_tools_setuid="maybe"]
231 [AC_HELP_STRING([--enable-utmpx],
232 [enable loggin in utmpx / wtmpx @<:@default=no@:>@])],
233 [case "${enableval}" in
234 yes) enable_utmpx="yes" ;;
235 no) enable_utmpx="no" ;;
236 *) AC_MSG_ERROR(bad value ${enableval} for --enable-utmpx) ;;
242 [AC_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])],
243 [with_audit=$withval], [with_audit=maybe])
245 [AC_HELP_STRING([--with-libpam], [use libpam for PAM support @<:@default=yes if found@:>@])],
246 [with_libpam=$withval], [with_libpam=maybe])
248 [AC_HELP_STRING([--with-selinux], [use SELinux support @<:@default=yes if found@:>@])],
249 [with_selinux=$withval], [with_selinux=maybe])
251 [AC_HELP_STRING([--with-acl], [use ACL support @<:@default=yes if found@:>@])],
252 [with_acl=$withval], [with_acl=maybe])
254 [AC_HELP_STRING([--with-attr], [use Extended Attribute support @<:@default=yes if found@:>@])],
255 [with_attr=$withval], [with_attr=maybe])
257 [AC_HELP_STRING([--with-skey], [use S/Key support @<:@default=no@:>@])],
258 [with_skey=$withval], [with_skey=no])
260 [AC_HELP_STRING([--with-tcb], [use tcb support (incomplete) @<:@default=yes if found@:>@])],
261 [with_tcb=$withval], [with_tcb=maybe])
262 AC_ARG_WITH(libcrack,
263 [AC_HELP_STRING([--with-libcrack], [use libcrack @<:@default=no@:>@])],
264 [with_libcrack=$withval], [with_libcrack=no])
265 AC_ARG_WITH(sha-crypt,
266 [AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
267 [with_sha_crypt=$withval], [with_sha_crypt=yes])
269 [AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])],
270 [with_nscd=$withval], [with_nscd=yes])
271 AC_ARG_WITH(group-name-max-length,
272 [AC_HELP_STRING([--with-group-name-max-length], [set max group name length @<:@default=16@:>@])],
273 [with_group_name_max_length=$withval], [with_group_name_max_length=yes])
275 if test "$with_group_name_max_length" = "no" ; then
276 with_group_name_max_length=0
277 elif test "$with_group_name_max_length" = "yes" ; then
278 with_group_name_max_length=16
280 AC_DEFINE_UNQUOTED(GROUP_NAME_MAX_LENGTH, $with_group_name_max_length, [max group name length])
281 AC_SUBST(GROUP_NAME_MAX_LENGTH)
282 GROUP_NAME_MAX_LENGTH="$with_group_name_max_length"
284 AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes")
285 if test "$with_sha_crypt" = "yes"; then
286 AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
289 if test "$with_nscd" = "yes"; then
290 AC_CHECK_FUNC(posix_spawn,
291 [AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches])],
292 [AC_MSG_ERROR([posix_spawn is needed for nscd support])])
295 dnl Check for some functions in libc first, only if not found check for
296 dnl other libraries. This should prevent linking libnsl if not really
297 dnl needed (Linux glibc, Irix), but still link it if needed (Solaris).
299 AC_SEARCH_LIBS(inet_ntoa, inet)
300 AC_SEARCH_LIBS(socket, socket)
301 AC_SEARCH_LIBS(gethostbyname, nsl)
303 if test "$enable_shadowgrp" = "yes"; then
304 AC_DEFINE(SHADOWGRP, 1, [Define to support the shadow group file.])
306 AM_CONDITIONAL(SHADOWGRP, test "x$enable_shadowgrp" = "xyes")
308 if test "$enable_man" = "yes"; then
310 dnl Check for xsltproc
312 AC_PATH_PROG([XSLTPROC], [xsltproc])
313 if test -z "$XSLTPROC"; then
317 dnl check for DocBook DTD and stylesheets in the local catalog.
318 JH_CHECK_XML_CATALOG([-//OASIS//DTD DocBook XML V4.1.2//EN],
319 [DocBook XML DTD V4.1.2], [], enable_man=no)
320 JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl],
321 [DocBook XSL Stylesheets >= 1.70.1], [], enable_man=no)
323 AM_CONDITIONAL(ENABLE_REGENERATE_MAN, test "x$enable_man" != "xno")
326 AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt],
327 [AC_MSG_ERROR([crypt() not found])])
330 if test "$with_acl" != "no"; then
331 AC_CHECK_HEADERS(acl/libacl.h attr/error_context.h, [acl_header="yes"], [acl_header="no"])
332 if test "$acl_header$with_acl" = "noyes" ; then
333 AC_MSG_ERROR([acl/libacl.h or attr/error_context.h is missing])
334 elif test "$acl_header" = "yes" ; then
335 AC_CHECK_LIB(acl, perm_copy_file,
336 [AC_CHECK_LIB(acl, perm_copy_fd,
340 if test "$acl_lib$with_acl" = "noyes" ; then
341 AC_MSG_ERROR([libacl not found])
342 elif test "$acl_lib" = "no" ; then
345 AC_DEFINE(WITH_ACL, 1,
346 [Build shadow with ACL support])
356 if test "$with_attr" != "no"; then
357 AC_CHECK_HEADERS(attr/libattr.h attr/error_context.h, [attr_header="yes"], [attr_header="no"])
358 if test "$attr_header$with_attr" = "noyes" ; then
359 AC_MSG_ERROR([attr/libattr.h or attr/error_context.h is missing])
360 elif test "$attr_header" = "yes" ; then
361 AC_CHECK_LIB(attr, attr_copy_file,
362 [AC_CHECK_LIB(attr, attr_copy_fd,
366 if test "$attr_lib$with_attr" = "noyes" ; then
367 AC_MSG_ERROR([libattr not found])
368 elif test "$attr_lib" = "no" ; then
371 AC_DEFINE(WITH_ATTR, 1,
372 [Build shadow with Extended Attributes support])
382 if test "$with_audit" != "no"; then
383 AC_CHECK_HEADER(libaudit.h, [audit_header="yes"], [audit_header="no"])
384 if test "$audit_header$with_audit" = "noyes" ; then
385 AC_MSG_ERROR([libaudit.h is missing])
386 elif test "$audit_header" = "yes"; then
387 AC_CHECK_DECL(AUDIT_ADD_USER,,[audit_header="no"],[#include <libaudit.h>])
388 AC_CHECK_DECL(AUDIT_DEL_USER,,[audit_header="no"],[#include <libaudit.h>])
389 AC_CHECK_DECL(AUDIT_ADD_GROUP,,[audit_header="no"],[#include <libaudit.h>])
390 AC_CHECK_DECL(AUDIT_DEL_GROUP,,[audit_header="no"],[#include <libaudit.h>])
391 if test "$audit_header$with_audit" = "noyes" ; then
392 AC_MSG_ERROR([AUDIT_ADD_USER AUDIT_DEL_USER AUDIT_ADD_GROUP or AUDIT_DEL_GROUP missing from libaudit.h])
395 if test "$audit_header" = "yes"; then
396 AC_CHECK_LIB(audit, audit_log_acct_message,
397 [audit_lib="yes"], [audit_lib="no"])
398 if test "$audit_lib$with_audit" = "noyes" ; then
399 AC_MSG_ERROR([libaudit not found])
400 elif test "$audit_lib" = "no" ; then
403 AC_DEFINE(WITH_AUDIT, 1,
404 [Define if you want to enable Audit messages])
414 if test "$with_libcrack" = "yes"; then
415 echo "checking cracklib flavour, don't be surprised by the results"
416 AC_CHECK_LIB(crack, FascistCheck,
417 [LIBCRACK=-lcrack AC_DEFINE(HAVE_LIBCRACK, 1, [Defined if you have libcrack.])])
418 AC_CHECK_LIB(crack, FascistHistory,
419 AC_DEFINE(HAVE_LIBCRACK_HIST, 1, [Defined if you have the ts&szs cracklib.]))
420 AC_CHECK_LIB(crack, FascistHistoryPw,
421 AC_DEFINE(HAVE_LIBCRACK_PW, 1, [Defined if it includes *Pw functions.]))
425 AC_SUBST(LIBSEMANAGE)
426 if test "$with_selinux" != "no"; then
427 AC_CHECK_HEADERS(selinux/selinux.h, [selinux_header="yes"], [selinux_header="no"])
428 if test "$selinux_header$with_selinux" = "noyes" ; then
429 AC_MSG_ERROR([selinux/selinux.h is missing])
432 AC_CHECK_HEADERS(semanage/semanage.h, [semanage_header="yes"], [semanage_header="no"])
433 if test "$semanage_header$with_selinux" = "noyes" ; then
434 AC_MSG_ERROR([semanage/semanage.h is missing])
437 if test "$selinux_header$semanage_header" = "yesyes" ; then
438 AC_CHECK_LIB(selinux, is_selinux_enabled, [selinux_lib="yes"], [selinux_lib="no"])
439 if test "$selinux_lib$with_selinux" = "noyes" ; then
440 AC_MSG_ERROR([libselinux not found])
443 AC_CHECK_LIB(semanage, semanage_connect, [semanage_lib="yes"], [semanage_lib="no"])
444 if test "$semanage_lib$with_selinux" = "noyes" ; then
445 AC_MSG_ERROR([libsemanage not found])
448 if test "$selinux_lib$semanage_lib" == "yesyes" ; then
449 AC_DEFINE(WITH_SELINUX, 1,
450 [Build shadow with SELinux support])
451 LIBSELINUX="-lselinux"
452 LIBSEMANAGE="-lsemanage"
463 if test "$with_tcb" != "no"; then
464 AC_CHECK_HEADERS(tcb.h, [tcb_header="yes"], [tcb_header="no"])
465 if test "$tcb_header$with_tcb" = "noyes" ; then
466 AC_MSG_ERROR([tcb.h is missing])
467 elif test "$tcb_header" = "yes" ; then
468 AC_CHECK_LIB(tcb, tcb_is_suspect, [tcb_lib="yes"], [tcb_lib="no"])
469 if test "$tcb_lib$with_tcb" = "noyes" ; then
470 AC_MSG_ERROR([libtcb not found])
471 elif test "$tcb_lib" = "no" ; then
474 AC_DEFINE(WITH_TCB, 1, [Build shadow with tcb support (incomplete)])
482 AM_CONDITIONAL(WITH_TCB, test x$with_tcb = xyes)
485 if test "$with_libpam" != "no"; then
486 AC_CHECK_LIB(pam, pam_start,
487 [pam_lib="yes"], [pam_lib="no"])
488 if test "$pam_lib$with_libpam" = "noyes" ; then
489 AC_MSG_ERROR(libpam not found)
493 pam_conv_function="no"
495 AC_CHECK_LIB(pam, openpam_ttyconv,
496 [pam_conv_function="openpam_ttyconv"],
497 AC_CHECK_LIB(pam_misc, misc_conv,
498 [pam_conv_function="misc_conv"; LIBPAM="$LIBPAM -lpam_misc"])
501 if test "$pam_conv_function$with_libpam" = "noyes" ; then
502 AC_MSG_ERROR(PAM conversation function not found)
506 AC_CHECK_HEADERS( [security/openpam.h security/pam_misc.h],
507 [ pam_headers_found=yes ; break ], [],
508 [ #include <security/pam_appl.h> ] )
509 if test "$pam_headers_found$with_libpam" = "noyes" ; then
510 AC_MSG_ERROR(PAM headers not found)
514 if test "$pam_lib$pam_headers_found" = "yesyes" -a "$pam_conv_function" != "no" ; then
521 dnl Now with_libpam is either yes or no
522 if test "$with_libpam" = "yes"; then
523 AC_CHECK_DECLS([PAM_ESTABLISH_CRED,
525 PAM_NEW_AUTHTOK_REQD,
527 [], [], [#include <security/pam_appl.h>])
532 # We do not use AC_CHECK_FUNCS to avoid duplicated definition with
534 AC_CHECK_FUNC(pam_fail_delay, [AC_DEFINE(HAS_PAM_FAIL_DELAY, 1, [Define to 1 if you have the declaration of 'pam_fail_delay'])])
537 AC_DEFINE(USE_PAM, 1, [Define to support Pluggable Authentication Modules])
538 AC_DEFINE_UNQUOTED(SHADOW_PAM_CONVERSATION, [$pam_conv_function],[PAM converstation to use])
539 AM_CONDITIONAL(USE_PAM, [true])
541 AC_MSG_CHECKING(use login and su access checking if PAM not used)
544 AC_DEFINE(SU_ACCESS, 1, [Define to support /etc/suauth su access control.])
545 AM_CONDITIONAL(USE_PAM, [false])
546 AC_MSG_CHECKING(use login and su access checking if PAM not used)
550 if test "$enable_acct_tools_setuid" != "no"; then
551 if test "$with_libpam" != "yes"; then
552 if test "$enable_acct_tools_setuid" = "yes"; then
553 AC_MSG_ERROR(PAM support is required for --enable-account-tools-setuid)
555 enable_acct_tools_setuid="no"
558 enable_acct_tools_setuid="yes"
560 if test "$enable_acct_tools_setuid" = "yes"; then
561 AC_DEFINE(ACCT_TOOLS_SETUID,
563 [Define if account management tools should be installed setuid and authenticate the callers])
566 AM_CONDITIONAL(ACCT_TOOLS_SETUID, test "x$enable_acct_tools_setuid" = "xyes")
570 if test "$with_skey" = "yes"; then
571 AC_CHECK_LIB(md, MD5Init, [LIBMD=-lmd])
572 AC_CHECK_LIB(skey, skeychallenge, [LIBSKEY=-lskey],
573 [AC_MSG_ERROR([liskey missing. You can download S/Key source code from http://rsync1.it.gentoo.org/gentoo/distfiles/skey-1.1.5.tar.bz2])])
574 AC_DEFINE(SKEY, 1, [Define to support S/Key logins.])
579 skeychallenge((void*)0, (void*)0, (void*)0, 0);
580 ],[AC_DEFINE(SKEY_BSD_STYLE, 1, [Define to support newer BSD S/Key API])])
583 if test "$enable_utmpx" = "yes"; then
584 if test "$ac_cv_header_utmpx_h" != "yes"; then
585 AC_MSG_ERROR([The utmpx.h header file is required for utmpx support.])
589 [Define if utmpx should be used])
592 AC_DEFINE_UNQUOTED(SHELL, ["$SHELL"], [The default shell.])
594 AM_GNU_GETTEXT_VERSION(0.16)
595 AM_GNU_GETTEXT([external], [need-ngettext])
596 AM_CONDITIONAL(USE_NLS, test "x$USE_NLS" = "xyes")
633 echo "shadow will be compiled with the following features:"
635 echo " auditing support: $with_audit"
636 echo " CrackLib support: $with_libcrack"
637 echo " PAM support: $with_libpam"
638 if test "$with_libpam" = "yes"; then
639 echo " suid account management tools: $enable_acct_tools_setuid"
641 echo " SELinux support: $with_selinux"
642 echo " ACL support: $with_acl"
643 echo " Extended Attributes support: $with_attr"
644 echo " tcb support (incomplete): $with_tcb"
645 echo " shadow group support: $enable_shadowgrp"
646 echo " S/Key support: $with_skey"
647 echo " SHA passwords encryption: $with_sha_crypt"
648 echo " nscd support: $with_nscd"
projects / shadow / blob