1 dnl Process this file with autoconf to produce a configure script.
3 AM_INIT_AUTOMAKE(shadow, 4.1.3.1)
4 AC_CONFIG_HEADERS([config.h])
7 test "$prefix" = "NONE" && prefix="/usr"
8 test "$prefix" = "/usr" && exec_prefix=""
17 dnl Checks for programs.
25 dnl Checks for libraries.
27 dnl Checks for header files.
33 AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
34 utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \
35 utime.h ulimit.h sys/resource.h gshadow.h lastlog.h \
36 locale.h rpc/key_prot.h netdb.h)
38 dnl shadow now uses the libc's shadow implementation
39 AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])])
41 AC_CHECK_FUNCS(l64a fchmod fchown fsync futimes getgroups gethostname getspnam \
42 gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \
43 lutimes memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \
44 getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getaddrinfo)
47 dnl Checks for typedefs, structures, and compiler characteristics.
54 AC_CHECK_MEMBERS([struct stat.st_rdev])
55 AC_CHECK_MEMBERS([struct stat.st_atim])
56 AC_CHECK_MEMBERS([struct stat.st_atimensec])
57 AC_CHECK_MEMBERS([struct stat.st_mtim])
58 AC_CHECK_MEMBERS([struct stat.st_mtimensec])
62 AC_CHECK_MEMBERS([struct utmp.ut_type,
67 struct utmp.ut_syslen,
69 struct utmp.ut_addr_v6,
72 struct utmp.ut_tv],,,[[#include <utmp.h>]])
73 dnl There are dependencies:
74 dnl If UTMPX has to be used, the utmp structure shall have a ut_id field.
75 if test "$ac_cv_header_utmpx_h" = "yes" &&
76 test "$ac_cv_member_struct_utmp_ut_id" != "yes"; then
77 AC_MSG_ERROR(Systems with UTMPX and no ut_id field in the utmp structure are not supported)
80 AC_CHECK_MEMBERS([struct utmpx.ut_name,
82 struct utmpx.ut_syslen,
84 struct utmpx.ut_addr_v6,
86 struct utmpx.ut_xtime],,,[[#include <utmpx.h>]])
88 if test "$ac_cv_header_lastlog_h" = "yes"; then
89 AC_CACHE_CHECK(for ll_host in struct lastlog,
90 ac_cv_struct_lastlog_ll_host,
91 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <lastlog.h>],
92 [struct lastlog ll; char *cp = ll.ll_host;]
94 [ac_cv_struct_lastlog_ll_host=yes],
95 [ac_cv_struct_lastlog_ll_host=no]
99 if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then
100 AC_DEFINE(HAVE_LL_HOST, 1,
101 [Define if struct lastlog has ll_host])
105 dnl Checks for library functions.
110 AC_REPLACE_FUNCS(mkdir putgrent putpwent putspent rename rmdir)
111 AC_REPLACE_FUNCS(sgetgrent sgetpwent sgetspent)
112 AC_REPLACE_FUNCS(snprintf strcasecmp strdup strerror strstr)
114 AC_CHECK_FUNC(setpgrp)
117 if test "$ac_cv_header_shadow_h" = "yes"; then
118 AC_CACHE_CHECK(for working shadow group support,
119 ac_cv_libc_shadowgrp,
120 AC_RUN_IFELSE([AC_LANG_SOURCE([
124 struct sgrp *sg = sgetsgent("test:x::");
125 /* NYS libc on Red Hat 3.0.3 has broken shadow group support */
126 return !sg || !sg->sg_adm || !sg->sg_mem;
129 [ac_cv_libc_shadowgrp=yes],
130 [ac_cv_libc_shadowgrp=no],
131 [ac_cv_libc_shadowgrp=no]
135 if test "$ac_cv_libc_shadowgrp" = "yes"; then
136 AC_DEFINE(HAVE_SHADOWGRP, 1, [Have working shadow group support in libc])
140 AC_CACHE_CHECK([location of shared mail directory], shadow_cv_maildir,
141 [for shadow_cv_maildir in /var/mail /var/spool/mail /usr/spool/mail /usr/mail none; do
142 if test -d $shadow_cv_maildir; then
146 if test $shadow_cv_maildir != none; then
147 AC_DEFINE_UNQUOTED(MAIL_SPOOL_DIR, "$shadow_cv_maildir",
148 [Location of system mail spool directory.])
151 AC_CACHE_CHECK([location of user mail file], shadow_cv_mailfile,
152 [for shadow_cv_mailfile in Mailbox mailbox Mail mail .mail none; do
153 if test -f $HOME/$shadow_cv_mailfile; then
157 if test $shadow_cv_mailfile != none; then
158 AC_DEFINE_UNQUOTED(MAIL_SPOOL_FILE, "$shadow_cv_mailfile",
159 [Name of user's mail spool file if stored in user's home directory.])
162 AC_CACHE_CHECK([location of utmp], shadow_cv_utmpdir,
163 [for shadow_cv_utmpdir in /var/run /var/adm /usr/adm /etc none; do
164 if test -f $shadow_cv_utmpdir/utmp; then
168 if test "$shadow_cv_utmpdir" = "none"; then
169 AC_MSG_WARN(utmp file not found)
171 AC_DEFINE_UNQUOTED(_UTMP_FILE, "$shadow_cv_utmpdir/utmp",
172 [Path for utmp file.])
174 AC_CACHE_CHECK([location of faillog/lastlog/wtmp], shadow_cv_logdir,
175 [for shadow_cv_logdir in /var/log /var/adm /usr/adm /etc; do
176 if test -d $shadow_cv_logdir; then
180 AC_DEFINE_UNQUOTED(_WTMP_FILE, "$shadow_cv_logdir/wtmp",
181 [Path for wtmp file.])
182 AC_DEFINE_UNQUOTED(LASTLOG_FILE, "$shadow_cv_logdir/lastlog",
183 [Path for lastlog file.])
184 AC_DEFINE_UNQUOTED(FAILLOG_FILE, "$shadow_cv_logdir/faillog",
185 [Path for faillog file.])
187 AC_CACHE_CHECK([location of the passwd program], shadow_cv_passwd_dir,
188 [if test -f /usr/bin/passwd; then
189 shadow_cv_passwd_dir=/usr/bin
191 shadow_cv_passwd_dir=/bin
193 AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
194 [Path to passwd program.])
196 dnl XXX - quick hack, should disappear before anyone notices :).
197 AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().])
198 AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
199 AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).])
201 AC_ARG_ENABLE(shadowgrp,
202 [AC_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])],
203 [case "${enableval}" in
204 yes) enable_shadowgrp="yes" ;;
205 no) enable_shadowgrp="no" ;;
206 *) AC_MSG_ERROR(bad value ${enableval} for --enable-shadowgrp) ;;
208 [enable_shadowgrp="yes"]
212 [AC_HELP_STRING([--enable-man],
213 [regenerate roff man pages from Docbook @<:@default=no@:>@])],
214 [enable_man="${enableval}"],
218 AC_ARG_ENABLE(account-tools-setuid,
219 [AC_HELP_STRING([--enable-account-tools-setuid],
220 [Install the user and group management tools setuid and authenticate the callers. This requires --with-pam.])],
221 [case "${enableval}" in
222 yes) enable_acct_tools_setuid="yes" ;;
223 no) enable_acct_tools_setuid="no" ;;
224 *) AC_MSG_ERROR(bad value ${enableval} for --enable-account-tools-setuid)
227 [enable_acct_tools_setuid="maybe"]
231 [AC_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])],
232 [with_audit=$withval], [with_audit=maybe])
234 [AC_HELP_STRING([--with-libpam], [use libpam for PAM support @<:@default=yes if found@:>@])],
235 [with_libpam=$withval], [with_libpam=maybe])
237 [AC_HELP_STRING([--with-selinux], [use SELinux support @<:@default=yes if found@:>@])],
238 [with_selinux=$withval], [with_selinux=maybe])
240 [AC_HELP_STRING([--with-skey], [use S/Key support @<:@default=no@:>@])],
241 [with_skey=$withval], [with_skey=no])
242 AC_ARG_WITH(libcrack,
243 [AC_HELP_STRING([--with-libcrack], [use libcrack @<:@default=yes if found and if PAM not enabled@:>@])],
244 [with_libcrack=$withval], [with_libcrack=no])
245 AC_ARG_WITH(sha-crypt,
246 [AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
247 [with_sha_crypt=$withval], [with_sha_crypt=yes])
249 [AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])],
250 [with_nscd=$withval], [with_nscd=yes])
251 AC_ARG_WITH(group-name-max-length,
252 [AC_HELP_STRING([--with-group-name-max-length], [set max group name length @<:@default=16@:>@])],
253 [with_group_name_max_length=$withval], [with_group_name_max_length=yes])
255 if test "$with_group_name_max_length" = "no" ; then
256 with_group_name_max_length=0
257 elif test "$with_group_name_max_length" = "yes" ; then
258 with_group_name_max_length=16
260 AC_DEFINE_UNQUOTED(GROUP_NAME_MAX_LENGTH, $with_group_name_max_length, [max group name length])
261 AC_SUBST(GROUP_NAME_MAX_LENGTH)
262 GROUP_NAME_MAX_LENGTH="$with_group_name_max_length"
264 AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes")
265 if test "$with_sha_crypt" = "yes"; then
266 AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
269 if test "$with_nscd" = "yes"; then
270 AC_CHECK_FUNC(posix_spawn,
271 [AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches])],
272 [AC_MSG_ERROR([posix_spawn is needed for nscd support])])
275 dnl Check for some functions in libc first, only if not found check for
276 dnl other libraries. This should prevent linking libnsl if not really
277 dnl needed (Linux glibc, Irix), but still link it if needed (Solaris).
279 AC_SEARCH_LIBS(inet_ntoa, inet)
280 AC_SEARCH_LIBS(socket, socket)
281 AC_SEARCH_LIBS(gethostbyname, nsl)
283 if test "$enable_shadowgrp" = "yes"; then
284 AC_DEFINE(SHADOWGRP, 1, [Define to support the shadow group file.])
286 AM_CONDITIONAL(SHADOWGRP, test "x$enable_shadowgrp" = "xyes")
288 if test "$enable_man" = "yes"; then
290 dnl Check for xsltproc
292 AC_PATH_PROG([XSLTPROC], [xsltproc])
293 if test -z "$XSLTPROC"; then
297 dnl check for DocBook DTD and stylesheets in the local catalog.
298 JH_CHECK_XML_CATALOG([-//OASIS//DTD DocBook XML V4.1.2//EN],
299 [DocBook XML DTD V4.1.2], [], enable_man=no)
300 JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl],
301 [DocBook XSL Stylesheets >= 1.70.1], [], enable_man=no)
303 AM_CONDITIONAL(ENABLE_REGENERATE_MAN, test "x$enable_man" != "xno")
306 AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt],
307 [AC_MSG_ERROR([crypt() not found])])
310 if test "$with_audit" != "no"; then
311 AC_CHECK_HEADER(libaudit.h, [audit_header="yes"], [audit_header="no"])
312 if test "$audit_header$with_audit" = "noyes" ; then
313 AC_MSG_ERROR([libaudit.h is missing])
314 elif test "$audit_header" = "yes"; then
315 AC_CHECK_DECL(AUDIT_ADD_USER,,[audit_header="no"],[#include <libaudit.h>])
316 AC_CHECK_DECL(AUDIT_DEL_USER,,[audit_header="no"],[#include <libaudit.h>])
317 AC_CHECK_DECL(AUDIT_ADD_GROUP,,[audit_header="no"],[#include <libaudit.h>])
318 AC_CHECK_DECL(AUDIT_DEL_GROUP,,[audit_header="no"],[#include <libaudit.h>])
319 if test "$audit_header$with_audit" = "noyes" ; then
320 AC_MSG_ERROR([AUDIT_ADD_USER AUDIT_DEL_USER AUDIT_ADD_GROUP or AUDIT_DEL_GROUP missing from libaudit.h])
323 if test "$audit_header" = "yes"; then
324 AC_CHECK_LIB(audit, audit_log_acct_message,
325 [audit_lib="yes"], [audit_lib="no"])
326 if test "$audit_lib$with_audit" = "noyes" ; then
327 AC_MSG_ERROR([libaudit not found])
328 elif test "$audit_lib" = "no" ; then
331 AC_DEFINE(WITH_AUDIT, 1,
332 [Define if you want to enable Audit messages])
342 if test "$with_libcrack" = "yes"; then
343 echo "checking cracklib flavour, don't be surprised by the results"
344 AC_CHECK_LIB(crack, FascistCheck,
345 [LIBCRACK=-lcrack AC_DEFINE(HAVE_LIBCRACK, 1, [Defined if you have libcrack.])])
346 AC_CHECK_LIB(crack, FascistHistory,
347 AC_DEFINE(HAVE_LIBCRACK_HIST, 1, [Defined if you have the ts&szs cracklib.]))
348 AC_CHECK_LIB(crack, FascistHistoryPw,
349 AC_DEFINE(HAVE_LIBCRACK_PW, 1, [Defined if it includes *Pw functions.]))
353 if test "$with_selinux" != "no"; then
354 AC_CHECK_HEADERS(selinux/selinux.h, [selinux_header="yes"], [selinux_header="no"])
355 if test "$selinux_header$with_selinux" = "noyes" ; then
356 AC_MSG_ERROR([selinux/selinux.h is missing])
357 elif test "$selinux_header" = "yes" ; then
358 AC_CHECK_LIB(selinux, is_selinux_enabled,
359 [selinux_lib="yes"], [selinux_lib="no"])
360 if test "$selinux_lib$with_selinux" = "noyes" ; then
361 AC_MSG_ERROR([libselinux not found])
362 elif test "$selinux_lib" = "no" ; then
365 AC_DEFINE(WITH_SELINUX, 1,
366 [Build shadow with SELinux support])
367 LIBSELINUX="-lselinux"
376 if test "$with_libpam" != "no"; then
377 AC_CHECK_LIB(pam, pam_start,
378 [pam_lib="yes"], [pam_lib="no"])
379 if test "$pam_lib$with_libpam" = "noyes" ; then
380 AC_MSG_ERROR(libpam not found)
384 pam_conv_function="no"
386 AC_CHECK_LIB(pam, openpam_ttyconv,
387 [pam_conv_function="openpam_ttyconv"],
388 AC_CHECK_LIB(pam_misc, misc_conv,
389 [pam_conv_function="misc_conv"; LIBPAM="$LIBPAM -lpam_misc"])
392 if test "$pam_conv_function$with_libpam" = "noyes" ; then
393 AC_MSG_ERROR(PAM conversation function not found)
397 AC_CHECK_HEADERS( [security/openpam.h security/pam_misc.h],
398 [ pam_headers_found=yes ; break ], [],
399 [ #include <security/pam_appl.h> ] )
400 if test "$pam_headers_found$with_libpam" = "noyes" ; then
401 AC_MSG_ERROR(PAM headers not found)
405 if test "$pam_lib$pam_headers_found" = "yesyes" -a "$pam_conv_function" != "no" ; then
411 dnl Now with_libpam is either yes or no
412 if test "$with_libpam" = "yes"; then
413 AC_CHECK_DECLS([PAM_ESTABLISH_CRED,
415 PAM_NEW_AUTHTOK_REQD,
417 [], [], [#include <security/pam_appl.h>])
422 # We do not use AC_CHECK_FUNCS to avoid duplicated definition with
424 AC_CHECK_FUNC(pam_fail_delay, [AC_DEFINE(HAS_PAM_FAIL_DELAY, 1, [Define to 1 if you have the declaration of 'pam_fail_delay'])])
427 AC_DEFINE(USE_PAM, 1, [Define to support Pluggable Authentication Modules])
428 AC_DEFINE_UNQUOTED(SHADOW_PAM_CONVERSATION, [$pam_conv_function],[PAM converstation to use])
429 AM_CONDITIONAL(USE_PAM, [true])
431 AC_MSG_CHECKING(use login and su access checking if PAM not used)
434 AC_DEFINE(SU_ACCESS, 1, [Define to support /etc/suauth su access control.])
435 AM_CONDITIONAL(USE_PAM, [false])
436 AC_MSG_CHECKING(use login and su access checking if PAM not used)
440 if test "$enable_acct_tools_setuid" != "no"; then
441 if test "$with_libpam" != "yes"; then
442 if test "$enable_acct_tools_setuid" = "yes"; then
443 AC_MSG_ERROR(PAM support is required for --enable-account-tools-setuid)
445 enable_acct_tools_setuid="no"
448 enable_acct_tools_setuid="yes"
450 if test "$enable_acct_tools_setuid" = "yes"; then
451 AC_DEFINE(ACCT_TOOLS_SETUID,
453 [Define if account management tools should be installed setuid and authenticate the callers])
456 AM_CONDITIONAL(ACCT_TOOLS_SETUID, test "x$enable_acct_tools_setuid" = "xyes")
460 if test "$with_skey" = "yes"; then
461 AC_CHECK_LIB(md, MD5Init, [LIBMD=-lmd])
462 AC_CHECK_LIB(skey, skeychallenge, [LIBSKEY=-lskey],
463 [AC_MSG_ERROR([liskey missing. You can download S/Key source code from http://rsync1.it.gentoo.org/gentoo/distfiles/skey-1.1.5.tar.bz2])])
464 AC_DEFINE(SKEY, 1, [Define to support S/Key logins.])
469 skeychallenge((void*)0, (void*)0, (void*)0, 0);
470 ],[AC_DEFINE(SKEY_BSD_STYLE, 1, [Define to support newer BSD S/Key API])])
473 AM_GNU_GETTEXT_VERSION(0.16)
474 AM_GNU_GETTEXT([external], [need-ngettext])
475 AM_CONDITIONAL(USE_NLS, test "x$USE_NLS" = "xyes")
512 echo "shadow will be compiled with the following features:"
514 echo " auditing support: $with_audit"
515 echo " CrackLib support: $with_libcrack"
516 echo " PAM support: $with_libpam"
517 if test "$with_libpam" = "yes"; then
518 echo " suid account management tools: $enable_acct_tools_setuid"
520 echo " SELinux support: $with_selinux"
521 echo " shadow group support: $enable_shadowgrp"
522 echo " S/Key support: $with_skey"
523 echo " SHA passwords encryption: $with_sha_crypt"
524 echo " nscd support: $with_nscd"