1 dnl Process this file with autoconf to produce a configure script.
3 AM_INIT_AUTOMAKE(shadow, 4.1.4.3)
4 AC_CONFIG_HEADERS([config.h])
7 test "$prefix" = "NONE" && prefix="/usr"
8 test "$prefix" = "/usr" && exec_prefix=""
17 dnl Checks for programs.
25 dnl Checks for libraries.
27 dnl Checks for header files.
33 AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
34 utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \
35 utime.h ulimit.h sys/resource.h gshadow.h lastlog.h \
36 locale.h rpc/key_prot.h netdb.h)
38 dnl shadow now uses the libc's shadow implementation
39 AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])])
41 AC_CHECK_FUNCS(l64a fchmod fchown fsync futimes getgroups gethostname getspnam \
42 gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \
43 lutimes memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \
44 getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getaddrinfo)
47 dnl Checks for typedefs, structures, and compiler characteristics.
54 AC_CHECK_MEMBERS([struct stat.st_rdev])
55 AC_CHECK_MEMBERS([struct stat.st_atim])
56 AC_CHECK_MEMBERS([struct stat.st_atimensec])
57 AC_CHECK_MEMBERS([struct stat.st_mtim])
58 AC_CHECK_MEMBERS([struct stat.st_mtimensec])
62 AC_CHECK_MEMBERS([struct utmp.ut_type,
67 struct utmp.ut_syslen,
69 struct utmp.ut_addr_v6,
72 struct utmp.ut_tv],,,[[#include <utmp.h>]])
73 dnl There are dependencies:
74 dnl If UTMPX has to be used, the utmp structure shall have a ut_id field.
75 if test "$ac_cv_header_utmpx_h" = "yes" &&
76 test "$ac_cv_member_struct_utmp_ut_id" != "yes"; then
77 AC_MSG_ERROR(Systems with UTMPX and no ut_id field in the utmp structure are not supported)
80 AC_CHECK_MEMBERS([struct utmpx.ut_name,
82 struct utmpx.ut_syslen,
84 struct utmpx.ut_addr_v6,
86 struct utmpx.ut_xtime],,,[[#include <utmpx.h>]])
88 if test "$ac_cv_header_lastlog_h" = "yes"; then
89 AC_CACHE_CHECK(for ll_host in struct lastlog,
90 ac_cv_struct_lastlog_ll_host,
91 AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <lastlog.h>],
92 [struct lastlog ll; char *cp = ll.ll_host;]
94 [ac_cv_struct_lastlog_ll_host=yes],
95 [ac_cv_struct_lastlog_ll_host=no]
99 if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then
100 AC_DEFINE(HAVE_LL_HOST, 1,
101 [Define if struct lastlog has ll_host])
105 dnl Checks for library functions.
110 AC_REPLACE_FUNCS(mkdir putgrent putpwent putspent rename rmdir)
111 AC_REPLACE_FUNCS(sgetgrent sgetpwent sgetspent)
112 AC_REPLACE_FUNCS(snprintf strcasecmp strdup strerror strstr)
114 AC_CHECK_FUNC(setpgrp)
117 if test "$ac_cv_header_shadow_h" = "yes"; then
118 AC_CACHE_CHECK(for working shadow group support,
119 ac_cv_libc_shadowgrp,
120 AC_RUN_IFELSE([AC_LANG_SOURCE([
124 struct sgrp *sg = sgetsgent("test:x::");
125 /* NYS libc on Red Hat 3.0.3 has broken shadow group support */
126 return !sg || !sg->sg_adm || !sg->sg_mem;
129 [ac_cv_libc_shadowgrp=yes],
130 [ac_cv_libc_shadowgrp=no],
131 [ac_cv_libc_shadowgrp=no]
135 if test "$ac_cv_libc_shadowgrp" = "yes"; then
136 AC_DEFINE(HAVE_SHADOWGRP, 1, [Have working shadow group support in libc])
140 AC_CACHE_CHECK([location of shared mail directory], shadow_cv_maildir,
141 [for shadow_cv_maildir in /var/mail /var/spool/mail /usr/spool/mail /usr/mail none; do
142 if test -d $shadow_cv_maildir; then
146 if test $shadow_cv_maildir != none; then
147 AC_DEFINE_UNQUOTED(MAIL_SPOOL_DIR, "$shadow_cv_maildir",
148 [Location of system mail spool directory.])
151 AC_CACHE_CHECK([location of user mail file], shadow_cv_mailfile,
152 [for shadow_cv_mailfile in Mailbox mailbox Mail mail .mail none; do
153 if test -f $HOME/$shadow_cv_mailfile; then
157 if test $shadow_cv_mailfile != none; then
158 AC_DEFINE_UNQUOTED(MAIL_SPOOL_FILE, "$shadow_cv_mailfile",
159 [Name of user's mail spool file if stored in user's home directory.])
162 AC_CACHE_CHECK([location of utmp], shadow_cv_utmpdir,
163 [for shadow_cv_utmpdir in /var/run /var/adm /usr/adm /etc none; do
164 if test -f $shadow_cv_utmpdir/utmp; then
168 if test "$shadow_cv_utmpdir" = "none"; then
169 AC_MSG_WARN(utmp file not found)
171 AC_DEFINE_UNQUOTED(_UTMP_FILE, "$shadow_cv_utmpdir/utmp",
172 [Path for utmp file.])
174 AC_CACHE_CHECK([location of faillog/lastlog/wtmp], shadow_cv_logdir,
175 [for shadow_cv_logdir in /var/log /var/adm /usr/adm /etc; do
176 if test -d $shadow_cv_logdir; then
180 AC_DEFINE_UNQUOTED(_WTMP_FILE, "$shadow_cv_logdir/wtmp",
181 [Path for wtmp file.])
182 AC_DEFINE_UNQUOTED(LASTLOG_FILE, "$shadow_cv_logdir/lastlog",
183 [Path for lastlog file.])
184 AC_DEFINE_UNQUOTED(FAILLOG_FILE, "$shadow_cv_logdir/faillog",
185 [Path for faillog file.])
187 AC_CACHE_CHECK([location of the passwd program], shadow_cv_passwd_dir,
188 [if test -f /usr/bin/passwd; then
189 shadow_cv_passwd_dir=/usr/bin
191 shadow_cv_passwd_dir=/bin
193 AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
194 [Path to passwd program.])
196 dnl XXX - quick hack, should disappear before anyone notices :).
197 AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().])
198 AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
199 AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).])
201 AC_ARG_ENABLE(shadowgrp,
202 [AC_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])],
203 [case "${enableval}" in
204 yes) enable_shadowgrp="yes" ;;
205 no) enable_shadowgrp="no" ;;
206 *) AC_MSG_ERROR(bad value ${enableval} for --enable-shadowgrp) ;;
208 [enable_shadowgrp="yes"]
212 [AC_HELP_STRING([--enable-man],
213 [regenerate roff man pages from Docbook @<:@default=no@:>@])],
214 [enable_man="${enableval}"],
218 AC_ARG_ENABLE(account-tools-setuid,
219 [AC_HELP_STRING([--enable-account-tools-setuid],
220 [Install the user and group management tools setuid and authenticate the callers. This requires --with-pam.])],
221 [case "${enableval}" in
222 yes) enable_acct_tools_setuid="yes" ;;
223 no) enable_acct_tools_setuid="no" ;;
224 *) AC_MSG_ERROR(bad value ${enableval} for --enable-account-tools-setuid)
227 [enable_acct_tools_setuid="maybe"]
231 [AC_HELP_STRING([--enable-utmpx],
232 [enable loggin in utmpx / wtmpx @<:@default=no@:>@])],
233 [case "${enableval}" in
234 yes) enable_utmpx="yes" ;;
235 no) enable_utmpx="no" ;;
236 *) AC_MSG_ERROR(bad value ${enableval} for --enable-utmpx) ;;
242 [AC_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])],
243 [with_audit=$withval], [with_audit=maybe])
245 [AC_HELP_STRING([--with-libpam], [use libpam for PAM support @<:@default=yes if found@:>@])],
246 [with_libpam=$withval], [with_libpam=maybe])
248 [AC_HELP_STRING([--with-selinux], [use SELinux support @<:@default=yes if found@:>@])],
249 [with_selinux=$withval], [with_selinux=maybe])
251 [AC_HELP_STRING([--with-skey], [use S/Key support @<:@default=no@:>@])],
252 [with_skey=$withval], [with_skey=no])
253 AC_ARG_WITH(libcrack,
254 [AC_HELP_STRING([--with-libcrack], [use libcrack @<:@default=yes if found and if PAM not enabled@:>@])],
255 [with_libcrack=$withval], [with_libcrack=no])
256 AC_ARG_WITH(sha-crypt,
257 [AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
258 [with_sha_crypt=$withval], [with_sha_crypt=yes])
260 [AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])],
261 [with_nscd=$withval], [with_nscd=yes])
262 AC_ARG_WITH(group-name-max-length,
263 [AC_HELP_STRING([--with-group-name-max-length], [set max group name length @<:@default=16@:>@])],
264 [with_group_name_max_length=$withval], [with_group_name_max_length=yes])
266 if test "$with_group_name_max_length" = "no" ; then
267 with_group_name_max_length=0
268 elif test "$with_group_name_max_length" = "yes" ; then
269 with_group_name_max_length=16
271 AC_DEFINE_UNQUOTED(GROUP_NAME_MAX_LENGTH, $with_group_name_max_length, [max group name length])
272 AC_SUBST(GROUP_NAME_MAX_LENGTH)
273 GROUP_NAME_MAX_LENGTH="$with_group_name_max_length"
275 AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes")
276 if test "$with_sha_crypt" = "yes"; then
277 AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
280 if test "$with_nscd" = "yes"; then
281 AC_CHECK_FUNC(posix_spawn,
282 [AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches])],
283 [AC_MSG_ERROR([posix_spawn is needed for nscd support])])
286 dnl Check for some functions in libc first, only if not found check for
287 dnl other libraries. This should prevent linking libnsl if not really
288 dnl needed (Linux glibc, Irix), but still link it if needed (Solaris).
290 AC_SEARCH_LIBS(inet_ntoa, inet)
291 AC_SEARCH_LIBS(socket, socket)
292 AC_SEARCH_LIBS(gethostbyname, nsl)
294 if test "$enable_shadowgrp" = "yes"; then
295 AC_DEFINE(SHADOWGRP, 1, [Define to support the shadow group file.])
297 AM_CONDITIONAL(SHADOWGRP, test "x$enable_shadowgrp" = "xyes")
299 if test "$enable_man" = "yes"; then
301 dnl Check for xsltproc
303 AC_PATH_PROG([XSLTPROC], [xsltproc])
304 if test -z "$XSLTPROC"; then
308 dnl check for DocBook DTD and stylesheets in the local catalog.
309 JH_CHECK_XML_CATALOG([-//OASIS//DTD DocBook XML V4.1.2//EN],
310 [DocBook XML DTD V4.1.2], [], enable_man=no)
311 JH_CHECK_XML_CATALOG([http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl],
312 [DocBook XSL Stylesheets >= 1.70.1], [], enable_man=no)
314 AM_CONDITIONAL(ENABLE_REGENERATE_MAN, test "x$enable_man" != "xno")
317 AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt],
318 [AC_MSG_ERROR([crypt() not found])])
321 if test "$with_audit" != "no"; then
322 AC_CHECK_HEADER(libaudit.h, [audit_header="yes"], [audit_header="no"])
323 if test "$audit_header$with_audit" = "noyes" ; then
324 AC_MSG_ERROR([libaudit.h is missing])
325 elif test "$audit_header" = "yes"; then
326 AC_CHECK_DECL(AUDIT_ADD_USER,,[audit_header="no"],[#include <libaudit.h>])
327 AC_CHECK_DECL(AUDIT_DEL_USER,,[audit_header="no"],[#include <libaudit.h>])
328 AC_CHECK_DECL(AUDIT_ADD_GROUP,,[audit_header="no"],[#include <libaudit.h>])
329 AC_CHECK_DECL(AUDIT_DEL_GROUP,,[audit_header="no"],[#include <libaudit.h>])
330 if test "$audit_header$with_audit" = "noyes" ; then
331 AC_MSG_ERROR([AUDIT_ADD_USER AUDIT_DEL_USER AUDIT_ADD_GROUP or AUDIT_DEL_GROUP missing from libaudit.h])
334 if test "$audit_header" = "yes"; then
335 AC_CHECK_LIB(audit, audit_log_acct_message,
336 [audit_lib="yes"], [audit_lib="no"])
337 if test "$audit_lib$with_audit" = "noyes" ; then
338 AC_MSG_ERROR([libaudit not found])
339 elif test "$audit_lib" = "no" ; then
342 AC_DEFINE(WITH_AUDIT, 1,
343 [Define if you want to enable Audit messages])
353 if test "$with_libcrack" = "yes"; then
354 echo "checking cracklib flavour, don't be surprised by the results"
355 AC_CHECK_LIB(crack, FascistCheck,
356 [LIBCRACK=-lcrack AC_DEFINE(HAVE_LIBCRACK, 1, [Defined if you have libcrack.])])
357 AC_CHECK_LIB(crack, FascistHistory,
358 AC_DEFINE(HAVE_LIBCRACK_HIST, 1, [Defined if you have the ts&szs cracklib.]))
359 AC_CHECK_LIB(crack, FascistHistoryPw,
360 AC_DEFINE(HAVE_LIBCRACK_PW, 1, [Defined if it includes *Pw functions.]))
364 if test "$with_selinux" != "no"; then
365 AC_CHECK_HEADERS(selinux/selinux.h, [selinux_header="yes"], [selinux_header="no"])
366 if test "$selinux_header$with_selinux" = "noyes" ; then
367 AC_MSG_ERROR([selinux/selinux.h is missing])
368 elif test "$selinux_header" = "yes" ; then
369 AC_CHECK_LIB(selinux, is_selinux_enabled,
370 [selinux_lib="yes"], [selinux_lib="no"])
371 if test "$selinux_lib$with_selinux" = "noyes" ; then
372 AC_MSG_ERROR([libselinux not found])
373 elif test "$selinux_lib" = "no" ; then
376 AC_DEFINE(WITH_SELINUX, 1,
377 [Build shadow with SELinux support])
378 LIBSELINUX="-lselinux"
387 if test "$with_libpam" != "no"; then
388 AC_CHECK_LIB(pam, pam_start,
389 [pam_lib="yes"], [pam_lib="no"])
390 if test "$pam_lib$with_libpam" = "noyes" ; then
391 AC_MSG_ERROR(libpam not found)
395 pam_conv_function="no"
397 AC_CHECK_LIB(pam, openpam_ttyconv,
398 [pam_conv_function="openpam_ttyconv"],
399 AC_CHECK_LIB(pam_misc, misc_conv,
400 [pam_conv_function="misc_conv"; LIBPAM="$LIBPAM -lpam_misc"])
403 if test "$pam_conv_function$with_libpam" = "noyes" ; then
404 AC_MSG_ERROR(PAM conversation function not found)
408 AC_CHECK_HEADERS( [security/openpam.h security/pam_misc.h],
409 [ pam_headers_found=yes ; break ], [],
410 [ #include <security/pam_appl.h> ] )
411 if test "$pam_headers_found$with_libpam" = "noyes" ; then
412 AC_MSG_ERROR(PAM headers not found)
416 if test "$pam_lib$pam_headers_found" = "yesyes" -a "$pam_conv_function" != "no" ; then
423 dnl Now with_libpam is either yes or no
424 if test "$with_libpam" = "yes"; then
425 AC_CHECK_DECLS([PAM_ESTABLISH_CRED,
427 PAM_NEW_AUTHTOK_REQD,
429 [], [], [#include <security/pam_appl.h>])
434 # We do not use AC_CHECK_FUNCS to avoid duplicated definition with
436 AC_CHECK_FUNC(pam_fail_delay, [AC_DEFINE(HAS_PAM_FAIL_DELAY, 1, [Define to 1 if you have the declaration of 'pam_fail_delay'])])
439 AC_DEFINE(USE_PAM, 1, [Define to support Pluggable Authentication Modules])
440 AC_DEFINE_UNQUOTED(SHADOW_PAM_CONVERSATION, [$pam_conv_function],[PAM converstation to use])
441 AM_CONDITIONAL(USE_PAM, [true])
443 AC_MSG_CHECKING(use login and su access checking if PAM not used)
446 AC_DEFINE(SU_ACCESS, 1, [Define to support /etc/suauth su access control.])
447 AM_CONDITIONAL(USE_PAM, [false])
448 AC_MSG_CHECKING(use login and su access checking if PAM not used)
452 if test "$enable_acct_tools_setuid" != "no"; then
453 if test "$with_libpam" != "yes"; then
454 if test "$enable_acct_tools_setuid" = "yes"; then
455 AC_MSG_ERROR(PAM support is required for --enable-account-tools-setuid)
457 enable_acct_tools_setuid="no"
460 enable_acct_tools_setuid="yes"
462 if test "$enable_acct_tools_setuid" = "yes"; then
463 AC_DEFINE(ACCT_TOOLS_SETUID,
465 [Define if account management tools should be installed setuid and authenticate the callers])
468 AM_CONDITIONAL(ACCT_TOOLS_SETUID, test "x$enable_acct_tools_setuid" = "xyes")
472 if test "$with_skey" = "yes"; then
473 AC_CHECK_LIB(md, MD5Init, [LIBMD=-lmd])
474 AC_CHECK_LIB(skey, skeychallenge, [LIBSKEY=-lskey],
475 [AC_MSG_ERROR([liskey missing. You can download S/Key source code from http://rsync1.it.gentoo.org/gentoo/distfiles/skey-1.1.5.tar.bz2])])
476 AC_DEFINE(SKEY, 1, [Define to support S/Key logins.])
481 skeychallenge((void*)0, (void*)0, (void*)0, 0);
482 ],[AC_DEFINE(SKEY_BSD_STYLE, 1, [Define to support newer BSD S/Key API])])
485 if test "$enable_utmpx" = "yes"; then
486 if test "$ac_cv_header_utmpx_h" != "yes"; then
487 AC_MSG_ERROR([The utmpx.h header file is required for utmpx support.])
491 [Define if utmpx should be used])
494 AC_DEFINE_UNQUOTED(SHELL, ["$SHELL"], [The default shell.])
496 AM_GNU_GETTEXT_VERSION(0.16)
497 AM_GNU_GETTEXT([external], [need-ngettext])
498 AM_CONDITIONAL(USE_NLS, test "x$USE_NLS" = "xyes")
535 echo "shadow will be compiled with the following features:"
537 echo " auditing support: $with_audit"
538 echo " CrackLib support: $with_libcrack"
539 echo " PAM support: $with_libpam"
540 if test "$with_libpam" = "yes"; then
541 echo " suid account management tools: $enable_acct_tools_setuid"
543 echo " SELinux support: $with_selinux"
544 echo " shadow group support: $enable_shadowgrp"
545 echo " S/Key support: $with_skey"
546 echo " SHA passwords encryption: $with_sha_crypt"
547 echo " nscd support: $with_nscd"