Sync from SUSE:SLFO:Main util-linux revision 470711136a26e23d5390e781ae4f5dfd

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

0001-Revert-libblkid-try-LUKS2-first-when-probing.patch

@@ -0,0 +1,44 @@
+From 93ba7961779789217a1f814ce3110ff8c040c8c3 Mon Sep 17 00:00:00 2001
+From: Fabian Vogt <fvogt@suse.de>
+Date: Wed, 12 Jul 2023 15:48:27 +0200
+Subject: [PATCH] Revert "libblkid: try LUKS2 first when probing"
+References: https://github.com/util-linux/util-linux/pull/2373
+
+mdadm superblocks before 1.1 are placed at the end of the device, which
+means that the data contained inside the array starts at offset 0. For
+LUKS inside MD, blkid falsely detects this as plain LUKS instead of a
+linux_raid_member. This causes e.g. dracut to not assemble the array
+during boot and system startup fails.
+
+This reverts commit b8889c0a214aeb3dd47bf1ab280fe5534b64d2aa.
+---
+ libblkid/src/superblocks/superblocks.c | 6 +-----
+ 1 file changed, 1 insertion(+), 5 deletions(-)
+
+diff --git a/libblkid/src/superblocks/superblocks.c b/libblkid/src/superblocks/superblocks.c
+index fb0392707..c7789a15b 100644
+--- a/libblkid/src/superblocks/superblocks.c
++++ b/libblkid/src/superblocks/superblocks.c
+@@ -94,11 +94,6 @@ static int blkid_probe_set_usage(blkid_probe pr, int usage);
+  */
+ static const struct blkid_idinfo *idinfos[] =
+ {
+-	/* In case the volume is locked with OPAL we are going to get
+-	 * an I/O error when reading past the LUKS header, so try it
+-	 * first. */
+-	&luks_idinfo,
+-
+ 	/* RAIDs */
+ 	&linuxraid_idinfo,
+ 	&ddfraid_idinfo,
+@@ -124,6 +119,7 @@ static const struct blkid_idinfo *idinfos[] =
+ 	&snapcow_idinfo,
+ 	&verity_hash_idinfo,
+ 	&integrity_idinfo,
++	&luks_idinfo,
+ 	&vmfs_volume_idinfo,
+ 	&ubi_idinfo,
+ 	&vdo_idinfo,
+-- 
+2.41.0
+

Add-documentation-on-blacklisted-modules-to-mount-8-.patch

@@ -0,0 +1,52 @@
+From 1ade50a36f23fc35abb465aa5b7cfc73b2476328 Mon Sep 17 00:00:00 2001
+From: Martin Wilck <mwilck@suse.com>
+Date: Fri, 1 Feb 2019 12:09:11 +0100
+Subject: [PATCH] Add documentation on blacklisted modules to mount(8) man page
+
+Signed-off-by: Martin Wilck <mwilck@suse.com>
+---
+ sys-utils/mount.8 |   28 +++++++++++++++++++++++++++-
+ 1 file changed, 27 insertions(+), 1 deletion(-)
+
+--- a/sys-utils/mount.8
++++ b/sys-utils/mount.8
+@@ -205,6 +205,32 @@ Since util\-linux 2.35, \fBmount\fP does
+ For more details, see \fBfstab\fP(5). Only the user that mounted a filesystem can unmount it again. If any user should be able to unmount it, then use \fBusers\fP instead of \fBuser\fP in the \fIfstab\fP line. The \fBowner\fP option is similar to the \fBuser\fP option, with the restriction that the user must be the owner of the special file. This may be useful e.g. for \fI/dev/fd\fP if a login script makes the console user owner of this device. The \fBgroup\fP option is similar, with the restriction that the user must be a member of the group of the special file.
+ .sp
+ The \fBuser\fP mount option is accepted if no username is specified. If used in the format \fBuser=someone\fP, the option is silently ignored and visible only for external mount helpers (/sbin/mount.<type>) for compatibility with some network filesystems.
++.SS Blacklisted file systems
++In the Linux kernel, file system types are implemented as kernel
++modules. While many of these file systems are well maintained,
++some of the older and less frequently used ones are not. This
++poses a security risk, because maliciously crafted file system
++images might open security holes when mounted either automatically
++or by an inadvertent user. The
++.B mount
++command prints "unsupported file system type 'somefs'" in this case,
++because it can't distinguish between a really unsupported file system
++(kernel module non-existent) and a blacklisted file system.
++
++Users who need the blacklisted file systems and therefore want
++to override the blacklisting can either load the blacklisted module
++directly:
++.RS
++
++.br
++.BI "modprobe -v" " somefs"
++.br
++
++.RE
++or override the blacklist configuration by editing files under the
++.I /etc/modprobe.d
++directory.
++
+ .SS "Bind mount operation"
+ .sp
+ Remount part of the file hierarchy somewhere else. The call is:
+@@ -2571,4 +2597,4 @@ For bug reports, use the issue tracker a
+ .SH "AVAILABILITY"
+ .sp
+ The \fBmount\fP command is part of the util\-linux package which can be downloaded from \c
+-.URL "https://www.kernel.org/pub/linux/utils/util\-linux/" "Linux Kernel Archive" "."
+\ No newline at end of file
++.URL "https://www.kernel.org/pub/linux/utils/util\-linux/" "Linux Kernel Archive" "."

_multibuild

@@ -0,0 +1,4 @@
+<multibuild>
+  <package>systemd</package>
+  <package>python</package>
+</multibuild>

baselibs.conf

@@ -0,0 +1,20 @@
+libblkid1
+libblkid-devel
+	requires -libblkid-<targettype>
+	requires "libblkid1-<targettype> = <version>"
+libfdisk1
+libfdisk-devel
+	requires -libfdisk-<targettype>
+	requires "libfdisk1-<targettype> = <version>"
+libmount1
+libmount-devel
+	requires -libmount-<targettype>
+	requires "libmount1-<targettype> = <version>"
+libsmartcols1
+libsmartcols-devel
+	requires -libsmartcols-<targettype>
+	requires "libsmartcols1-<targettype> = <version>"
+libuuid1
+libuuid-devel
+	requires -libuuid-<targettype>
+	requires "libuuid1-<targettype> = <version>"

blkid.conf

@@ -0,0 +1,5 @@
+# do not keep cache file across reboots
+CACHE_FILE=/dev/.blkid.tab
+
+# never try to sequentially scan all devices in /dev
+EVALUATE=udev

libmount-print-a-blacklist-hint-for-unknown-filesyst.patch

@@ -0,0 +1,78 @@
+From 199ae08b4df09ec4ce9d82584664e61bcb7ab91a Mon Sep 17 00:00:00 2001
+From: Martin Wilck <mwilck@suse.com>
+Date: Fri, 1 Feb 2019 11:36:42 +0100
+Subject: [PATCH 1/2] libmount: print a blacklist hint for "unknown filesystem
+ type"
+
+SUSE blacklists kernel modules for some old, poorly maintained
+file systems by default for security reasons. Provide a hopefully
+helpful message to users if mounting a possibly blacklisted file
+system fails.
+
+Signed-off-by: Martin Wilck <mwilck@suse.com>
+---
+ libmount/src/context_mount.c | 41 ++++++++++++++++++++++++++++++++----
+ 1 file changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/libmount/src/context_mount.c b/libmount/src/context_mount.c
+index f914c9b..a48483f 100644
+--- a/libmount/src/context_mount.c
++++ b/libmount/src/context_mount.c
+@@ -1423,6 +1423,32 @@ done:
+ 	return rc;
+ }
+ 
++/*
++ * SUSE blacklists kernel modules for some old, poorly maintained
++ * file systems by default for security reasons.
++ * A set of blacklist files is maintained under /etc/modprobe.d,
++ * in the suse-module-tools package.
++ * Blacklisted file system modules will cause mount(2) to fail
++ * with -ENODEV.
++ * If this happens for one of the blacklisted file systems, provide
++ * a hint to the user where to look.
++ */
++static int is_maybe_blacklisted(const char *fstype)
++{
++	static const char *const fs_blacklist[] = {
++		"adfs", "affs", "bfs", "befs", "cramfs", "efs", "erofs",
++		"exofs", "freevxfs", "f2fs", "hfs", "hpfs",
++		"jfs", "minix", "nilfs2", "ntfs", "omfs", "qnx4", "qnx6",
++		"sysv", "ufs"
++	};
++	size_t i;
++
++	for (i = 0; i < sizeof(fs_blacklist)/sizeof(*fs_blacklist); i++)
++		if (!strcmp(fs_blacklist[i], fstype))
++			return 1;
++	return 0;
++}
++
+ int mnt_context_get_mount_excode(
+ 			struct libmnt_context *cxt,
+ 			int rc,
+@@ -1670,10 +1696,17 @@ int mnt_context_get_mount_excode(
+ 	case ENODEV:
+ 		if (!buf)
+ 			break;
+-		if (mnt_context_get_fstype(cxt))
+-			snprintf(buf, bufsz, _("unknown filesystem type '%s'"),
+-					mnt_context_get_fstype(cxt));
+-		else
++		if (mnt_context_get_fstype(cxt)) {
++			size_t n;
++
++			n = snprintf(buf, bufsz,
++				     _("unknown filesystem type '%s'"),
++				     mnt_context_get_fstype(cxt));
++			if (n < bufsz &&
++			    is_maybe_blacklisted(mnt_context_get_fstype(cxt)))
++				snprintf(buf + n, bufsz - n,
++					 " (hint: possibly blacklisted, see mount(8))");
++		} else
+ 			snprintf(buf, bufsz, _("unknown filesystem type"));
+ 		break;
+ 
+-- 
+2.19.2
+

login.pamd

@@ -0,0 +1,14 @@
+#%PAM-1.0
+auth      requisite  pam_nologin.so
+auth      substack   common-auth
+auth      include    postlogin-auth
+account   substack   common-account
+account   include    postlogin-account
+password  substack   common-password
+password  include    postlogin-password
+session   required   pam_loginuid.so
+session   optional   pam_keyinit.so force revoke
+session   substack   common-session
+session   include    postlogin-session
+session   optional   pam_motd.so
+session   optional   pam_mail.so standard

make-sure-sbin-resp-usr-sbin-are-in-PATH.diff

@@ -0,0 +1,149 @@
+From: Werner Fink <werner@suse.de>
+Date: 2013-06-06 08:27:43+0000
+Subject: let `su' handle /sbin and /usr/sbin in path
+
+Index: util-linux-2.31/login-utils/su-common.c
+===================================================================
+--- util-linux-2.31.orig/login-utils/su-common.c
++++ util-linux-2.31/login-utils/su-common.c
+@@ -944,6 +944,117 @@ static void setenv_path(const struct pas
+ 		err(EXIT_FAILURE, _("failed to set the PATH environment variable"));
+ }
+ 
++/* Add or clear /sbin and /usr/sbin for the su command
++   used without `-'.  */
++
++/* Set if /sbin is found in path.  */
++#define SBIN_MASK      0x01
++/* Set if /usr/sbin is found in path.  */
++#define USBIN_MASK     0x02
++
++static char *
++addsbin (const char *const path)
++{
++  unsigned char smask = 0;
++  char *ptr, *tmp, *cur, *ret = NULL;
++  size_t len;
++
++  if (!path || *path == 0)
++    return NULL;
++
++  tmp = xstrdup (path);
++  cur = tmp;
++  for (ptr = strsep (&cur, ":"); ptr != NULL; ptr = strsep (&cur, ":"))
++    {
++      if (!strcmp (ptr, "/sbin"))
++	smask |= SBIN_MASK;
++      if (!strcmp (ptr, "/usr/sbin"))
++	smask |= USBIN_MASK;
++    }
++
++  if ((smask & (USBIN_MASK|SBIN_MASK)) == (USBIN_MASK|SBIN_MASK))
++    {
++      free (tmp);
++      return NULL;
++    }
++
++  len = strlen (path);
++  if (!(smask & USBIN_MASK))
++    len += strlen ("/usr/sbin:");
++
++  if (!(smask & SBIN_MASK))
++    len += strlen (":/sbin");
++
++  ret = xmalloc (len + 1);
++  strcpy (tmp, path);
++
++  *ret = 0;
++  cur = tmp;
++  for (ptr = strsep (&cur, ":"); ptr; ptr = strsep (&cur, ":"))
++    {
++      if (!strcmp (ptr, "."))
++	continue;
++      if (*ret)
++	strcat (ret, ":");
++      if (!(smask & USBIN_MASK) && !strcmp (ptr, "/bin"))
++	{
++	  strcat (ret, "/usr/sbin:");
++	  strcat (ret, ptr);
++	  smask |= USBIN_MASK;
++	  continue;
++	}
++      if (!(smask & SBIN_MASK) && !strcmp (ptr, "/usr/bin"))
++	{
++	  strcat (ret, ptr);
++	  strcat (ret, ":/sbin");
++	  smask |= SBIN_MASK;
++	  continue;
++	}
++      strcat (ret, ptr);
++    }
++  free (tmp);
++
++  if (!(smask & USBIN_MASK))
++    strcat (ret, ":/usr/sbin");
++
++  if (!(smask & SBIN_MASK))
++    strcat (ret, ":/sbin");
++
++  return ret;
++}
++
++static char *
++clearsbin (const char *const path)
++{
++  char *ptr, *tmp, *cur, *ret = NULL;
++
++  if (!path || *path == 0)
++    return NULL;
++
++  tmp = strdup (path);
++  if (!tmp)
++    return NULL;
++
++  ret = xmalloc (strlen (path) + 1);
++  *ret = 0;
++  cur = tmp;
++  for (ptr = strsep (&cur, ":"); ptr; ptr = strsep (&cur, ":"))
++    {
++      if (!strcmp (ptr, "/sbin"))
++	continue;
++      if (!strcmp (ptr, "/usr/sbin"))
++	continue;
++      if (!strcmp (ptr, "/usr/local/sbin"))
++	continue;
++      if (*ret)
++	strcat (ret, ":");
++      strcat (ret, ptr);
++    }
++  free (tmp);
++
++  return ret;
++}
++
+ static void modify_environment(struct su_context *su, const char *shell)
+ {
+ 	const struct passwd *pw = su->pwd;
+@@ -982,6 +1093,22 @@ static void modify_environment(struct su
+ 
+ 		if (getlogindefs_bool("ALWAYS_SET_PATH", 0))
+ 			setenv_path(pw);
++		else
++		{
++			char const *path = getenv ("PATH");
++			char *new = NULL;
++
++			if (pw->pw_uid)
++				new = clearsbin (path);
++			else
++				new = addsbin (path);
++
++			if (new)
++			{
++				xsetenv ("PATH", new, 1);
++				free (new);
++			}
++		}
+ 
+ 		if (pw->pw_uid) {
+ 			xsetenv("USER", pw->pw_name, 1);

remote.pamd

@@ -0,0 +1,16 @@
+#%PAM-1.0
+# This file is used by /bin/login in case of remote logins (means where
+# the -h option is used).
+auth      requisite  pam_nologin.so
+auth      [user_unknown=ignore success=ok ignore=ignore auth_err=die default=bad]  pam_securetty.so
+auth      substack   common-auth
+auth      include    postlogin-auth
+account   substack   common-account
+account   include    postlogin-account
+password  substack   common-password
+password  include    postlogin-password
+session   required   pam_loginuid.so
+session   optional   pam_keyinit.so force revoke
+session   substack   common-session
+session   include    postlogin-session
+session   optional   pam_mail.so standard

runuser-l.pamd

@@ -0,0 +1,7 @@
+#%PAM-1.0
+# Note that runuser requires only "session" setting (and for example
+# "auth sufficient pam_rootok.so" dummy line).
+auth     sufficient  pam_rootok.so
+session  optional    pam_keyinit.so force revoke
+session  include     common-session
+session  optional    pam_xauth.so

runuser.pamd

@@ -0,0 +1,7 @@
+#%PAM-1.0
+# Note that runuser requires only "session" setting (and for example
+# "auth sufficient pam_rootok.so" dummy line).
+auth     sufficient  pam_rootok.so
+session  optional    pam_keyinit.so revoke
+session  include     common-session-nonlogin
+session  optional    pam_xauth.so

su-l.pamd

@@ -0,0 +1,9 @@
+#%PAM-1.0
+auth      sufficient  pam_rootok.so
+auth      include     common-auth
+account   sufficient  pam_rootok.so
+account   include     common-account
+password  include     common-password
+session   optional    pam_keyinit.so force revoke
+session   include     common-session
+session   optional    pam_xauth.so

su.default

@@ -0,0 +1,6 @@
+# /etc/default/su is an override of /etc/login.defs for su.
+# See /etc/login.defs and su(1) for more.
+#
+# List of supported variables:
+# ALWAYS_SET_PATH, ENV_PATH, ENV_ROOTPATH, ENV_SUPATH, FAIL_DELAY
+#

su.pamd

@@ -0,0 +1,8 @@
+#%PAM-1.0
+auth      sufficient  pam_rootok.so
+auth      include     common-auth
+account   sufficient  pam_rootok.so
+account   include     common-account
+password  include     common-password
+session   include     common-session-nonlogin
+session   optional    pam_xauth.so

tests-increase-delay-for-waitpid-test.patch

@@ -0,0 +1,36 @@
+From 4524f5d6b7d90684f2b205e472cd65a682d5fab5 Mon Sep 17 00:00:00 2001
+From: Goldwyn Rodrigues <rgoldwyn@suse.de>
+Date: Wed, 29 Nov 2023 11:36:23 -0600
+Subject: [PATCH] tests: increase delay for waitpid test
+References: bsc#1217651
+
+In some test executions on s390x, the waitpid test fails because 1
+gets printed before 2.
+
+[  557s] --- /home/abuild/rpmbuild/BUILD/util-linux-2.39.2/tests/expected/misc/waitpid-normal	2023-06-14 09:11:15.910887765 +0000
+[  557s] +++ /home/abuild/rpmbuild/BUILD/util-linux-2.39.2/tests/output/misc/waitpid-normal	2023-11-27 23:30:30.406675022 +0000
+[  557s] @@ -1,4 +1,4 @@
+[  557s]  3
+[  557s] -2
+[  557s]  1
+[  557s] +2
+[  557s]  4
+
+Increase the time to print 1, so the test numbers are printed in
+expected order.
+
+Signed-off-by: Goldwyn Rodrigues <rgoldwyn@suse.com>
+
+diff --git a/tests/ts/misc/waitpid b/tests/ts/misc/waitpid
+index daed74fe0..904222c05 100755
+--- a/tests/ts/misc/waitpid
++++ b/tests/ts/misc/waitpid
+@@ -24,7 +24,7 @@ ts_check_test_command "$TS_CMD_WAITPID"
+ 
+ ts_init_subtest normal
+ 
+-(sleep 0.2; echo 1 >> "$TS_OUTPUT") &
++(sleep 0.5; echo 1 >> "$TS_OUTPUT") &
+ BG1="$!"
+ 
+ (sleep 0.1; echo 2 >> "$TS_OUTPUT") &

use-logind-not-utmp.patch

@@ -0,0 +1,357 @@
+From: Thorsten Kukuk <kukuk@suse.com>
+Date: 2023-08-17 08:03:09+0000
+References: https://github.com/util-linux/util-linux/pull/2100
+
+diff --git a/configure.ac b/configure.ac
+index d631b062d2..17d3ab703b 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -2491,6 +2491,7 @@ AS_IF([test "x$with_systemd" != xno], [
+     [*:yes],
+        AC_DEFINE([HAVE_LIBSYSTEMD], [1], [Define if libsystemd is available])
+        AC_DEFINE([USE_SYSTEMD], [1], [Define if systemd support is wanted ])
++       AC_CHECK_DECLS([sd_session_get_username], [], [], [#include <systemd/sd-login.h>])
+   )
+ ])
+ AM_CONDITIONAL([HAVE_SYSTEMD], [test "x$have_systemd" = xyes])
+diff --git a/term-utils/Makemodule.am b/term-utils/Makemodule.am
+index 07004d43ca..1542320422 100644
+--- a/term-utils/Makemodule.am
++++ b/term-utils/Makemodule.am
+@@ -98,6 +98,10 @@ dist_noinst_DATA += term-utils/wall.1.adoc
+ wall_CFLAGS = $(SUID_CFLAGS) $(AM_CFLAGS)
+ wall_LDFLAGS = $(SUID_LDFLAGS) $(AM_LDFLAGS)
+ wall_LDADD = $(LDADD) libcommon.la
++if HAVE_SYSTEMD
++wall_LDADD += $(SYSTEMD_LIBS)
++wall_CFLAGS += $(SYSTEMD_CFLAGS)
++endif
+ if USE_TTY_GROUP
+ if MAKEINSTALL_DO_CHOWN
+ install-exec-hook-wall::
+diff --git a/term-utils/wall.c b/term-utils/wall.c
+index c601d3e5b7..313b1bdee5 100644
+--- a/term-utils/wall.c
++++ b/term-utils/wall.c
+@@ -61,6 +61,11 @@
+ #include <sys/types.h>
+ #include <grp.h>
+ 
++#if defined(USE_SYSTEMD) && HAVE_DECL_SD_SESSION_GET_USERNAME == 1
++# include <systemd/sd-login.h>
++# include <systemd/sd-daemon.h>
++#endif
++
+ #include "nls.h"
+ #include "xalloc.h"
+ #include "strutils.h"
+@@ -246,6 +251,37 @@ int main(int argc, char **argv)
+ 
+ 	iov.iov_base = mbuf;
+ 	iov.iov_len = mbufsize;
++#if defined(USE_SYSTEMD) && HAVE_DECL_SD_SESSION_GET_USERNAME == 1
++	if (sd_booted() > 0) {
++		char **sessions_list;
++		int sessions;
++
++		sessions = sd_get_sessions(&sessions_list);
++		if (sessions < 0)
++			errx(EXIT_FAILURE, _("error getting sessions: %s"),
++	             		strerror(-sessions));
++
++		for (int i = 0; i < sessions; i++) {
++			char *name, *tty;
++			int r;
++
++			if ((r = sd_session_get_username(sessions_list[i], &name)) < 0)
++				errx(EXIT_FAILURE, _("get user name failed: %s"), strerror (-r));
++
++			if (!(group_buf && !is_gr_member(name, group_buf))) {
++				if (sd_session_get_tty(sessions_list[i], &tty) >= 0) {
++					if ((p = ttymsg(&iov, 1, tty, timeout)) != NULL)
++						warnx("%s", p);
++
++					free(tty);
++				}
++			}
++			free(name);
++			free(sessions_list[i]);
++		}
++		free(sessions_list);
++	} else {
++#endif
+ 	while((utmpptr = getutxent())) {
+ 		if (!utmpptr->ut_user[0])
+ 			continue;
+@@ -269,6 +305,9 @@ int main(int argc, char **argv)
+ 			warnx("%s", p);
+ 	}
+ 	endutxent();
++#if defined(USE_SYSTEMD) && HAVE_DECL_SD_SESSION_GET_USERNAME == 1
++	}
++#endif
+ 	free(mbuf);
+ 	free_group_workspace(group_buf);
+ 	exit(EXIT_SUCCESS);
+
+From e915e6baeba3cbce154336a4f1f24a8be93e85ae Mon Sep 17 00:00:00 2001
+From: Thorsten Kukuk <kukuk@suse.com>
+Date: Wed, 31 May 2023 08:57:01 +0200
+Subject: [PATCH 2/3] agetty: use sd_get_sessions() for number of users (#2088)
+
+---
+ term-utils/Makemodule.am |  4 ++++
+ term-utils/agetty.c      | 28 ++++++++++++++++++++++------
+ 2 files changed, 26 insertions(+), 6 deletions(-)
+
+diff --git a/term-utils/Makemodule.am b/term-utils/Makemodule.am
+index 1542320422..b7037fb116 100644
+--- a/term-utils/Makemodule.am
++++ b/term-utils/Makemodule.am
+@@ -58,6 +58,10 @@ endif
+ if HAVE_ECONF
+ agetty_LDADD += -leconf
+ endif
++if HAVE_SYSTEMD
++agetty_LDADD += $(SYSTEMD_LIBS)
++agetty_CFLAGS = $(SYSTEMD_CFLAGS)
++endif
+ endif # BUILD_AGETTY
+ 
+ 
+diff --git a/term-utils/agetty.c b/term-utils/agetty.c
+index cf8725537b..6bc3e5b5a8 100644
+--- a/term-utils/agetty.c
++++ b/term-utils/agetty.c
+@@ -73,6 +73,11 @@
+ # endif
+ #endif
+ 
++#ifdef USE_SYSTEMD
++# include <systemd/sd-daemon.h>
++# include <systemd/sd-login.h>
++#endif
++
+ #ifdef __linux__
+ #  include <sys/kd.h>
+ #  define USE_SYSLOG
+@@ -2864,12 +2869,23 @@ static void output_special_char(struct issue *ie,
+ 	case 'U':
+ 	{
+ 		int users = 0;
+-		struct utmpx *ut;
+-		setutxent();
+-		while ((ut = getutxent()))
+-			if (ut->ut_type == USER_PROCESS)
+-				users++;
+-		endutxent();
++#ifdef USE_SYSTEMD
++		if (sd_booted() > 0) {
++			users = sd_get_sessions(NULL);
++			if (users < 0)
++				users = 0;
++		} else {
++#endif
++			users = 0;
++			struct utmpx *ut;
++			setutxent();
++			while ((ut = getutxent()))
++				if (ut->ut_type == USER_PROCESS)
++					users++;
++			endutxent();
++#ifdef USE_SYSTEMD
++		}
++#endif
+ 		if (c == 'U')
+ 			fprintf(ie->output, P_("%d user", "%d users", users), users);
+ 		else
+
+From 5c62c27001467f3ef0baaa66ae4e3bb80a0298a6 Mon Sep 17 00:00:00 2001
+From: Thorsten Kukuk <kukuk@suse.com>
+Date: Wed, 31 May 2023 09:00:09 +0200
+Subject: [PATCH 3/3] write: query logind for list of users with tty (#2088)
+
+---
+ term-utils/Makemodule.am |   4 ++
+ term-utils/write.c       | 130 +++++++++++++++++++++++++++++++++++----
+ 2 files changed, 123 insertions(+), 11 deletions(-)
+
+diff --git a/term-utils/Makemodule.am b/term-utils/Makemodule.am
+index b7037fb116..1efe1c57e3 100644
+--- a/term-utils/Makemodule.am
++++ b/term-utils/Makemodule.am
+@@ -126,6 +126,10 @@ write_SOURCES = term-utils/write.c
+ write_CFLAGS = $(SUID_CFLAGS) $(AM_CFLAGS)
+ write_LDFLAGS = $(SUID_LDFLAGS) $(AM_LDFLAGS)
+ write_LDADD = $(LDADD) libcommon.la
++if HAVE_SYSTEMD
++write_LDADD += $(SYSTEMD_LIBS)
++write_CFLAGS += $(SYSTEMD_CFLAGS)
++endif
+ 
+ if USE_TTY_GROUP
+ if MAKEINSTALL_DO_CHOWN
+diff --git a/term-utils/write.c b/term-utils/write.c
+index 8b86e9a9d5..8aa450d563 100644
+--- a/term-utils/write.c
++++ b/term-utils/write.c
+@@ -59,6 +59,11 @@
+ #include <unistd.h>
+ #include <utmpx.h>
+ 
++#if defined(USE_SYSTEMD) && HAVE_DECL_SD_SESSION_GET_USERNAME == 1
++# include <systemd/sd-login.h>
++# include <systemd/sd-daemon.h>
++#endif
++
+ #include "c.h"
+ #include "carefulputc.h"
+ #include "closestream.h"
+@@ -131,19 +136,56 @@ static int check_utmp(const struct write_control *ctl)
+ {
+ 	struct utmpx *u;
+ 	int res = 1;
+-
+-	utmpxname(_PATH_UTMP);
+-	setutxent();
+-
+-	while ((u = getutxent())) {
+-		if (strncmp(ctl->dst_login, u->ut_user, sizeof(u->ut_user)) == 0 &&
+-		    strncmp(ctl->dst_tty_name, u->ut_line, sizeof(u->ut_line)) == 0) {
+-			res = 0;
+-			break;
++#if defined(USE_SYSTEMD) && HAVE_DECL_SD_SESSION_GET_USERNAME == 1
++	if (sd_booted() > 0) {
++		char **sessions_list;
++		int sessions = sd_get_sessions(&sessions_list);
++		if (sessions < 0)
++			errx(EXIT_FAILURE, _("error getting sessions: %s"),
++				strerror(-sessions));
++
++		for (int i = 0; i < sessions; i++) {
++
++			char *name, *tty;
++			int r;
++
++			if ((r = sd_session_get_username(sessions_list[i], &name)) < 0)
++				errx(EXIT_FAILURE, _("get user name failed: %s"), strerror (-r));
++			if (sd_session_get_tty(sessions_list[i], &tty) < 0) {
++				free(name);
++				continue;
++			}
++
++			if  (strcmp(ctl->dst_login, name) == 0 &&
++					strcmp(ctl->dst_tty_name, tty) == 0) {
++				free(name);
++				free(tty);
++				res = 0;
++				break;
++			}
++			free(name);
++			free(tty);
++		}
++		for (int i = 0; i < sessions; i++)
++			free(sessions_list[i]);
++		free(sessions_list);
++	} else {
++#endif
++		utmpxname(_PATH_UTMP);
++		setutxent();
++
++		while ((u = getutxent())) {
++			if (strncmp(ctl->dst_login, u->ut_user, sizeof(u->ut_user)) == 0 &&
++		    		strncmp(ctl->dst_tty_name, u->ut_line, sizeof(u->ut_line)) == 0) {
++				res = 0;
++				break;
++			}
+ 		}
+-	}
+ 
+-	endutxent();
++		endutxent();
++#if defined(USE_SYSTEMD) && HAVE_DECL_SD_SESSION_GET_USERNAME == 1
++	}
++#endif
+ 	return res;
+ }
+ 
+@@ -163,6 +205,69 @@ static void search_utmp(struct write_control *ctl)
+ 	struct utmpx *u;
+ 	time_t best_atime = 0, tty_atime;
+ 	int num_ttys = 0, valid_ttys = 0, tty_writeable = 0, user_is_me = 0;
++
++#if defined(USE_SYSTEMD) && HAVE_DECL_SD_SESSION_GET_USERNAME == 1
++	if (sd_booted() > 0) {
++		char path[256];
++		char **sessions_list;
++		int sessions = sd_get_sessions(&sessions_list);
++		if (sessions < 0)
++			errx(EXIT_FAILURE, _("error getting sessions: %s"),
++			     strerror(-sessions));
++
++		for (int i = 0; i < sessions; i++) {
++			char *name, *tty;
++			int r;
++
++			if ((r = sd_session_get_username(sessions_list[i], &name)) < 0)
++				errx(EXIT_FAILURE, _("get user name failed: %s"), strerror (-r));
++
++			if  (strcmp(ctl->dst_login, name) != 0) {
++				free(name);
++				continue;
++			}
++
++			if (sd_session_get_tty(sessions_list[i], &tty) < 0) {
++				free(name);
++				continue;
++			}
++
++			num_ttys++;
++			snprintf(path, sizeof(path), "/dev/%s", tty);
++			if (check_tty(path, &tty_writeable, &tty_atime, 0)) {
++				/* bad term? skip */
++				free(name);
++				free(tty);
++				continue;
++			}
++			if (ctl->src_uid && !tty_writeable) {
++				/* skip ttys with msgs off */
++				free(name);
++				free(tty);
++				continue;
++			}
++			if (strcmp(tty, ctl->src_tty_name) == 0) {
++				user_is_me = 1;
++				free(name);
++				free(tty);
++				/* don't write to yourself */
++				continue;
++			}
++			valid_ttys++;
++			if (best_atime < tty_atime) {
++				best_atime = tty_atime;
++				free(ctl->dst_tty_path);
++				ctl->dst_tty_path = xstrdup(path);
++				ctl->dst_tty_name = ctl->dst_tty_path + 5;
++			}
++			free(name);
++			free(tty);
++		}
++		for (int i = 0; i < sessions; i++)
++			free(sessions_list[i]);
++		free(sessions_list);
++	} else {
++#endif
+ 	char path[sizeof(u->ut_line) + 6];
+ 
+ 	utmpxname(_PATH_UTMP);
+@@ -197,6 +302,9 @@ static void search_utmp(struct write_control *ctl)
+ 	}
+ 
+ 	endutxent();
++#if defined(USE_SYSTEMD) && HAVE_DECL_SD_SESSION_GET_USERNAME == 1
++	}
++#endif
+ 	if (num_ttys == 0)
+ 		errx(EXIT_FAILURE, _("%s is not logged in"), ctl->dst_login);
+ 	if (valid_ttys == 0) {

util-linux-2.39.3.tar.sign

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCAAdFiEEsMZNFDAcxu+u32Dk5LcdXuw5woQFAmVuLVMACgkQ5LcdXuw5
+woTWRg/+KBoZc5EjgFEUQMGzblNyuqrvcFqCbhEcoaEEMtEKPrQGVZgwgs+SZcel
+n0ygCOes7M/nNmAvn4dVM8sZRvEPKjdRFErmghNuWKfZLbE9szadNcnPunmzZ1Nc
+Cd2E1R6bo0B5X3tZ4ISW3keAnWKlnRucPIrW2qZiWT36LfJT4s9vZ/dyAnJ3eAtQ
+aFgUVMWRwDFYYr79iXq6Wq60bHbxw1HT+KrpoLEkjIXN+DmuSffVQfjmCpamT1UH
+oGgUGDhrUFr8XRUC0q07n1CxxgirjlR+KeLDiNAXuzGTWK2naBYCtCwGJpxM5Dvd
+cyKenmCC1Ie+cl9m3w7MfP7WgtoPogpttEiZ1lsLJcDEbeuAu1z+O/B52YwOi7O3
+WLpe6bqW/dQsAljC6q2UMZrwnRjK7Zr5CwkTlV/o0DuCmAidcoXEZAcVQDvY1H6k
+uYD9NFtQotS0ufOFH08AJxBYWVznbmiNG7NdGeMm/ysfe807fQYD25FYhP4/r4jt
+k6qWnfDrt9OooFNx6e7s2cBZSkTmJzJ8nxGv0a4WgOhZ6hnLpx/Cv2RIpux5DeMq
+wOuWuMDF9lOVWiv6iWiuy8shQ+hGF4+riFy8LfqJZf94wqZmp0tA8CHKFSDI99iC
+ci4tz2MEpQqeVeEx1sd18DRjkXycs5Wmy7ZAUtqnR1rUxKbhVLo=
+=4wcm
+-----END PGP SIGNATURE-----

util-linux-bash-completion-su-chsh-l.patch

@@ -0,0 +1,21 @@
+From: Stanislav Brabec <sbrabec@suse.com>
+Date: 2022-03-03 03:22:45+0000
+References: bugzilla.suse.com/1172427
+Subject: Fix "su -s" bash completion.
+
+su -s <TAB> completion depends on "chsh -l" present in the
+util-linux implementation of chsh. But SUSE uses chsh from shadow
+package that does not include this feature. Use /etc/shells
+instead.
+
+--- util-linux/bash-completion/su
++++ util-linux/bash-completion/su
+@@ -14,7 +14,7 @@ _su_module()
+ 			return 0
+ 			;;
+ 		'-s'|'--shell')
+-			COMPREPLY=( $(compgen -W "$(chsh -l)" -- $cur) )
++			COMPREPLY=( $(compgen -W "$(</etc/shells)" -- $cur) )
+ 			return 0
+ 			;;
+ 		'-h'|'--help'|'-V'|'--version')

util-linux-fix-tests-with-64k-pagesize.patch

@@ -0,0 +1,276 @@
+From 8b36444f447949c3ab477f2c43b45a94c30ee7bf Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= <thomas@t-8ch.de>
+Date: Sun, 21 May 2023 21:42:14 +0200
+Subject: [PATCH 1/4] fadvise: (test) dynamically calculate expected test
+ values
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
+---
+ tests/ts/fadvise/drop | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/tests/ts/fadvise/drop b/tests/ts/fadvise/drop
+index 7c7eee5dc..86c0d5b0a 100755
+--- a/tests/ts/fadvise/drop
++++ b/tests/ts/fadvise/drop
+@@ -16,7 +16,7 @@ ts_check_prog "sleep"
+ ts_cd "$TS_OUTDIR"
+ 
+ FILE="ddtest"
+-BS=4k
++BS=4096
+ COUNT=8
+ 
+ FILE_FS="$("$TS_CMD_FINDMNT" -nr -o FSTYPE -T "$PWD")"
+@@ -41,22 +41,22 @@ create_file() {
+     echo
+ 
+     create_file
+-    echo "offset: 8192"
+-    "$TS_CMD_FADVISE" -o 8192 "$FILE"
++    echo "offset: $(( 2 * $BS ))"
++    "$TS_CMD_FADVISE" -o $(( 2 * $BS )) "$FILE"
+     echo status: $?
+     "$TS_CMD_FINCORE" "$FILE"
+     echo
+ 
+     create_file
+-    echo "length: 16384"
+-    "$TS_CMD_FADVISE" -l 16384 "$FILE"
++    echo "length: $(( 4 * $BS ))"
++    "$TS_CMD_FADVISE" -l $(( 4 * $BS )) "$FILE"
+     echo status: $?
+     "$TS_CMD_FINCORE" "$FILE"
+     echo
+ 
+     create_file
+-    echo "offset: 8192, length: 16384 fd: 42"
+-    "$TS_CMD_FADVISE" -o 8192 -l 16384 --fd 42 42<"$FILE"
++    echo "offset: $(( 2 * $BS )), length: $(( 4 * $BS )) fd: 42"
++    "$TS_CMD_FADVISE" -o $(( 2 * $BS )) -l $(( 4 * $BS )) --fd 42 42<"$FILE"
+     echo status: $?
+     "$TS_CMD_FINCORE" "$FILE"
+     echo
+-- 
+2.40.0
+
+
+From e5009e773fc801eca887dd43b721cd1b1aa327be Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= <thomas@t-8ch.de>
+Date: Sun, 21 May 2023 21:43:38 +0200
+Subject: [PATCH 2/4] fadvise: (tests) factor out calls to "fincore"
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This will make it easier to pass argument later.
+
+Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
+---
+ tests/ts/fadvise/drop | 14 +++++++++-----
+ 1 file changed, 9 insertions(+), 5 deletions(-)
+
+diff --git a/tests/ts/fadvise/drop b/tests/ts/fadvise/drop
+index 86c0d5b0a..8869b7da4 100755
+--- a/tests/ts/fadvise/drop
++++ b/tests/ts/fadvise/drop
+@@ -28,37 +28,41 @@ create_file() {
+     dd if=/dev/zero of="$FILE" bs=$BS count=$COUNT conv=fsync >& /dev/null
+ }
+ 
++do_fincore() {
++    "$TS_CMD_FINCORE" "$FILE"
++}
++
+ {
+     create_file
+-    "$TS_CMD_FINCORE" "$FILE"
++    do_fincore
+     echo
+ 
+     create_file
+     echo "whole file"
+     "$TS_CMD_FADVISE" "$FILE"
+     echo status: $?
+-    "$TS_CMD_FINCORE" "$FILE"
++    do_fincore
+     echo
+ 
+     create_file
+     echo "offset: $(( 2 * $BS ))"
+     "$TS_CMD_FADVISE" -o $(( 2 * $BS )) "$FILE"
+     echo status: $?
+-    "$TS_CMD_FINCORE" "$FILE"
++    do_fincore
+     echo
+ 
+     create_file
+     echo "length: $(( 4 * $BS ))"
+     "$TS_CMD_FADVISE" -l $(( 4 * $BS )) "$FILE"
+     echo status: $?
+-    "$TS_CMD_FINCORE" "$FILE"
++    do_fincore
+     echo
+ 
+     create_file
+     echo "offset: $(( 2 * $BS )), length: $(( 4 * $BS )) fd: 42"
+     "$TS_CMD_FADVISE" -o $(( 2 * $BS )) -l $(( 4 * $BS )) --fd 42 42<"$FILE"
+     echo status: $?
+-    "$TS_CMD_FINCORE" "$FILE"
++    do_fincore
+     echo
+ 
+     rm "$FILE"
+-- 
+2.40.0
+
+
+From 33980996d0b429fc59c40f8352633c0a21a0f96a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= <thomas@t-8ch.de>
+Date: Sun, 21 May 2023 21:44:20 +0200
+Subject: [PATCH 3/4] fadvise: (test) don't compare fincore page counts
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+These depend on the machines pagesize and are therefore not a good
+comparision.
+
+Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
+---
+ tests/expected/fadvise/drop | 20 ++++++++++----------
+ tests/ts/fadvise/drop       |  2 +-
+ 2 files changed, 11 insertions(+), 11 deletions(-)
+
+diff --git a/tests/expected/fadvise/drop b/tests/expected/fadvise/drop
+index f2360b56f..25f23e050 100644
+--- a/tests/expected/fadvise/drop
++++ b/tests/expected/fadvise/drop
+@@ -1,23 +1,23 @@
+-  RES PAGES SIZE FILE
+-  32K     8  32K ddtest
++  RES SIZE FILE
++  32K  32K ddtest
+ 
+ whole file
+ status: 0
+-RES PAGES SIZE FILE
+- 0B     0  32K ddtest
++RES SIZE FILE
++ 0B  32K ddtest
+ 
+ offset: 8192
+ status: 0
+-RES PAGES SIZE FILE
+- 8K     2  32K ddtest
++RES SIZE FILE
++ 8K  32K ddtest
+ 
+ length: 16384
+ status: 0
+-  RES PAGES SIZE FILE
+-  16K     4  32K ddtest
++  RES SIZE FILE
++  16K  32K ddtest
+ 
+ offset: 8192, length: 16384 fd: 42
+ status: 0
+-  RES PAGES SIZE FILE
+-  16K     4  32K ddtest
++  RES SIZE FILE
++  16K  32K ddtest
+ 
+diff --git a/tests/ts/fadvise/drop b/tests/ts/fadvise/drop
+index 8869b7da4..6c4298e87 100755
+--- a/tests/ts/fadvise/drop
++++ b/tests/ts/fadvise/drop
+@@ -29,7 +29,7 @@ create_file() {
+ }
+ 
+ do_fincore() {
+-    "$TS_CMD_FINCORE" "$FILE"
++    "$TS_CMD_FINCORE" -o RES,SIZE,FILE "$FILE"
+ }
+ 
+ {
+-- 
+2.40.0
+
+
+From c0f31b79f5d1c665cdc057fb32f4d161d28aa5b2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= <thomas@t-8ch.de>
+Date: Sun, 21 May 2023 21:45:10 +0200
+Subject: [PATCH 4/4] fadvise: (test) test with 64k blocks
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This will allow the tests to also pass on systems with 64k pagesizes.
+
+Closes #2249
+Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
+---
+ tests/expected/fadvise/drop | 26 +++++++++++++-------------
+ tests/ts/fadvise/drop       |  2 +-
+ 2 files changed, 14 insertions(+), 14 deletions(-)
+
+diff --git a/tests/expected/fadvise/drop b/tests/expected/fadvise/drop
+index 25f23e050..e7bb26b6e 100644
+--- a/tests/expected/fadvise/drop
++++ b/tests/expected/fadvise/drop
+@@ -1,23 +1,23 @@
+-  RES SIZE FILE
+-  32K  32K ddtest
++  RES  SIZE FILE
++ 512K  512K ddtest
+ 
+ whole file
+ status: 0
+-RES SIZE FILE
+- 0B  32K ddtest
++RES  SIZE FILE
++ 0B  512K ddtest
+ 
+-offset: 8192
++offset: 131072
+ status: 0
+-RES SIZE FILE
+- 8K  32K ddtest
++  RES  SIZE FILE
++ 128K  512K ddtest
+ 
+-length: 16384
++length: 262144
+ status: 0
+-  RES SIZE FILE
+-  16K  32K ddtest
++  RES  SIZE FILE
++ 256K  512K ddtest
+ 
+-offset: 8192, length: 16384 fd: 42
++offset: 131072, length: 262144 fd: 42
+ status: 0
+-  RES SIZE FILE
+-  16K  32K ddtest
++  RES  SIZE FILE
++ 256K  512K ddtest
+ 
+diff --git a/tests/ts/fadvise/drop b/tests/ts/fadvise/drop
+index 6c4298e87..45dcb9110 100755
+--- a/tests/ts/fadvise/drop
++++ b/tests/ts/fadvise/drop
+@@ -16,7 +16,7 @@ ts_check_prog "sleep"
+ ts_cd "$TS_OUTDIR"
+ 
+ FILE="ddtest"
+-BS=4096
++BS=65536
+ COUNT=8
+ 
+ FILE_FS="$("$TS_CMD_FINDMNT" -nr -o FSTYPE -T "$PWD")"
+-- 
+2.40.0
+

util-linux-login_defs-check.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+# Extract list of variables supported by su/runuser.
+#
+# If you edit this file, you will probably need to edit
+# shadow-login_defs-check.sh from shadow sources in a similar way.
+
+set -o errexit
+
+echo -n "Checking login.defs variables in util-linux... " >&2
+(
+	grep -rh getlogindefs . |
+		sed -n 's/^.*getlogindefs[a-z_]*("\([A-Z0-9_]*\)".*$/\1/p'
+	grep -rh logindefs_setenv . |
+		sed -n 's/^.*logindefs_setenv*("[A-Z0-9_]*", "\([A-Z0-9_]*\)".*$/\1/p'
+) | LC_ALL=C sort -u >util-linux-login_defs-vars.lst
+
+if test $(sha1sum util-linux-login_defs-vars.lst | sed 's/ .*$//') != 8516ca34e059b2dee1d4421a3ab07e88331b1674 ; then
+
+	echo "does not match!" >&2
+	echo "Checksum is: $(sha1sum util-linux-login_defs-vars.lst | sed 's/ .*$//')" >&2
+
+cat >&2 <<EOF
+
+You have to perform following steps:
+
+Check whether the error is false positive (script failed to extract
+variables) or true positive (variable list changed).
+
+If it is false positive:
+- Fix this script.
+- The same fix is needed in shadow package in shadow-login_defs-check.sh.
+
+If it is true positive:
+- Check-out shadow package and call shadow-login_defs-check.sh.
+- Compare its output shadow-login_defs-check-util-linux.lst with
+  util-linux-login_defs-vars.lst in the util-linux build directory.
+- Update shadow shadow-login_defs-util-linux.patch, if needed.
+- If shadow-login_defs-util-linux.patch was updated, update
+  login_defs-support-for-util-linux symbol version in both shadow and
+  util-linux spec files accordingly.
+- Update checksum in this script.
+- Possibly update su.default with these new list of su/runuser specific
+  variables:
+EOF
+	echo -n "  " >&2
+	(
+		grep -rh getlogindefs login-utils/su-common.c |
+			sed -n 's/^.*getlogindefs[a-z_]*("\([A-Z0-9_]*\)".*$/\1/p'
+		grep -rh logindefs_setenv  login-utils/su-common.c |
+			sed -n 's/^.*logindefs_setenv*("[A-Z0-9_]*", "\([A-Z0-9_]*\)".*$/\1/p'
+	) | LC_ALL=C sort -u | tr '\n' ' ' | sed 's/ /, /g;s/, $//' >&2
+	echo -e '\n' >&2
+
+	exit 1
+else
+	echo "OK" >&2
+fi

util-linux-rpmlintrc

@@ -0,0 +1,7 @@
+# False positives. Libraries outside LD_LIBRARY_PATH use RPATH to find libraries, not ldconfig.
+addFilter("library-without-ldconfig-postin /usr/libexec/build/staging/.*")
+addFilter("library-without-ldconfig-postun /usr/libexec/build/staging/.*")
+# Not applicable for multi flavor build.
+addFilter("invalid-spec-name")
+# Not important, and it simplifies packaging.
+addFilter("non-etc-or-var-file-marked-as-conffile /usr/libexec/build/staging/.*")

util-linux.keyring

@@ -0,0 +1,56 @@
+pub   4096R/EC39C284 2011-10-10 [expires: 2016-10-08]
+uid                  Karel Zak <kzak@redhat.com>
+sub   4096R/7BA16CAC 2011-10-10 [expires: 2016-10-08]
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v2.0.20 (GNU/Linux)
+
+mQINBE6StA4BEACp9++Y+DgbBloJEuVhsDjDIvAR1n/aHPDyPQQzg/DkKtR3BXHn
+dGfTL9/DR8y9YzLNwUf2lWsEAvwHZ2XfUTp5S5nVbgpAB0/Q2ebP0TnkNYaRkxq7
+VJF+kvUcA6hxYKYcIos2kJyfVytPE6FpFBqlgTmjcCTx4HHwePkVTVRyotOoA2V/
+UUwixgkyG7aVfy4QBKHAkATpTPC4l+ISaOHKUiajxRoa99rpmBPl4FhIw3b5rPYA
+26q9Pz8q1AwbXA1PXxzwKVqqfwEkl6sxUVKiM8rUuhic2lnDMIXexNMvqznpFqtB
+v7n+z/5N8RbB1DQjWpy/Z7OW6yyYXW9e33c6IgU5n46rIyTPYyzq3mDfOsJdvoG/
+nhF7VUkGDPYWfmx9ejvpKdoNCQ2q+MVp20msntcETcOq1r9SJwNXcsx+I/3ptbtX
+Q+MQyA1L5FifkpA7+akITF5luOqUb2TToEBLiF/nn8y0sIUa/HGgcUrK2N9E1VNJ
+tcIt/z0sZJUHYC+EBh/G0UNt9tRwPdnUks5sua1sCquXnkd9IS0Kr3Kq/C6JOKzz
+UDGdFKVc6wExf70hX5h0g1kkypyjNwipGSdk+qVXO0IF/tKMToa8WZqoK3enzryI
+Kmdq7IQ0ThdTTTC1ctVk4367/30prpNHF4/642G0OOiQCzWBrb0V217HvQARAQAB
+tBtLYXJlbCBaYWsgPGt6YWtAcmVkaGF0LmNvbT6JAj4EEwECACgFAk6StA4CGwMF
+CQlmAYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEOS3HV7sOcKETI8QAI0U
+StG6dv1l9kqkmFpXPZJ75hf5SJA69+upcKeTg9BXKrEqjZLeyEn1OVPmfVGwWpz8
+SRbiYcHh8AhJaggAxKcIgQ/sAUBkmrTP6RyYEQUV6vFW5qv7dcEOs46d+LE/Wkxs
+ymC2FSXxYOFiw7z27gkXQYq/IkdwfhRLFD6aD5egxcBVl91ZlRyklvPPW7qo046B
+MWh2LaCVowYg+33GjS4A4JcF+tGkWZc0yqANwov93uhY0VXEdDsT4YWrTVdNDI3/
+lZ5u5k9sEUGR03oV336M/j0qNtMfAG5iDt2PFrzhJZcGcQPiGd/DeYuJeLVCd8Nl
+jAwsnfGqu9VITgaDOreLbpSTNSj8egPqOoUBAGncMSfdiQ2ZEhluPyCTwspDy5Pa
+dESyk0q2Z6tKG9ae01g/RzfTGCVN4GxkORPxcEHloa4XM3C9FBohM1LTWmsvnNXe
+cPdbPyCoiFKio/yFZDt1CYDkols4uf/0ztCSH6pI874sCmYJVkYev2W9RCxE4aYK
+KMb8XCUPec8L4C1mpmBiej0NT/d9GHQUnJUpRD4EG7UBxMwNWflhO4P4Q81uM0Kr
+RMht0lS0EylZXuQPPG5C1nMsa1+eN0wjSTpy7232PTCxu+bhxA1HzvWXYuueUmp2
+QuV8PyA1lsfYI7PEgk2skfAvbP5vJszorklo2hVGuQINBE6StA4BEADG5Hind61Y
+qoXXHotraJO2ejsPiy3BxSZTQet+IJO5tyURSXVIv+ZuV/MBRS/88fkBL2nHpK5b
+BtJT11D2ZESmziZWGgMtZRV4va3fh3GaMeVdi5pXpmPZp4fBc60F3iCKfd1V8/1a
+zwicZtdhTphkc6O7ETCr240OrJoOgvilbpv8WuVwhjfEOL2DwKITK6tzba1VScXi
+ehDhhTssP14RQiH/OcMFuiHCHJeHQOH9ku4fzqT2/lxxSo4kMWKR2VslW17f3Zr3
+Zvrbi/b8UE/3T/RsoaQn2ml9BfDiMgNwT4l2ILlE7HpZMfD2WAP6itGHolcdbhNa
+jxAMHdP5t64zSdwKmB8AbuIo7nbMKuJMiPdkOS/8x3YHRle4WEEeRWTEcqyzqkMq
+MCqKLxc4SCuSMv+ingDrHr+d5usuMlQjT8c71PIipl9OpM8Jkl8CI2ToVF20wijY
+Oof4T/jjObYiZk1KcqqKhQzMXEhKCt9hK5AaKMq5BiublS/Q5EXpzcRgVmG+SMHd
+hUNLN7gilFx5939Ev+36TNE/f66r9aiF+WbiI1V1JGs0LYVyFzwmFMCgQUsnyqyA
+RNREnLysdLE98PDSO2ESxu9BO7kTvlP0q5p+MKQiYj/s5wSqXw8EDCSBH9u0/FQi
+gyV0a+J70WZZNpdi5wq+qVZ16LENQdxtKwARAQABiQIlBBgBAgAPBQJOkrQOAhsM
+BQkJZgGAAAoJEOS3HV7sOcKEtCYP/3ji7Kt4+M0N6IOkh7wHfWk3HLqBa1XOD1Oz
+X+rp79L1cDK8J1XUHoW/84bsS8Y3NsXlIej1wLOcaH0HOpEsPzqoqP1JxGilRkAu
+Yazt3WhqdM2FcOQNEnuk66F8HnN/mD4vLzxdxuPlRtlCruUcDZlZlyzpywk6B7Gi
+cVfh1CvUJsDA++aOlgYIHB4Z6nSJWYp64z+5QAVToBHzI7ywVyWTJbjO1RCR5QsV
+fPD07p1deSW96QhqLSb2wQfk93I4YGshaVPwG01ZamxPEbspKqrEIG+5S6E4q/B+
+VF0zj5GU7jt/6M4qFzKbaY+vxsaqjgCOCPL5bCz5RFTHdtEmC/cmsvVbYuBD/5UY
+D3JbyXt7KSG/a5Oel4ynK1pRQbnS6eNcGQqZPUop4PBouRKnUqv8uzljaiL9Wm3G
+Hv9tn1L6ly86VcLt1ALTVuqwm5ci1fDVbddSliPv5atWNJ+So2MfEg3qbCzEC8Is
+JNsVd4N6fSctYfFvBxsPjy7fw1iEqKq7SzTlHMO5hiKpS+8HSRVv6djHlj3aWtgy
+u+BTXT/tRQ6c3TlZadqoyumX1U+Tflb6qMyJaZPsqv3bsOpXwjLAVfT4nPRXqbN6
+WWUhdompzuZufyCCL9Tc6lPDgVmuWyycHk4gbdfERodk4SEYJ0cEwFbl+GjL9XFZ
+VeljfCzq
+=8wc5
+-----END PGP PUBLIC KEY BLOCK-----