- Add shadow-4.15.0-fix-definition.patch:

Fix error messages about config options.
  See gh/shadow-maint/shadow#967

OBS-URL: https://build.opensuse.org/package/show/Base:System/shadow?expand=0&rev=172
This commit is contained in:
Michael Vetter 2024-03-21 06:39:57 +00:00 committed by Git OBS Bridge
parent 413dcfbcf9
commit 0f42921987
3 changed files with 144 additions and 0 deletions

View File

@ -0,0 +1,134 @@
From ead55e9ba8958504e23e29545f90c4dd925c7462 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge@hallyn.com>
Date: Wed, 20 Mar 2024 17:39:46 -0500
Subject: [PATCH] getdef: avoid spurious error messages about unknown
configuration options
def_find can return NULL for unset, not just unknown, config options. So
move the decision of whether to log an error message about an unknown config
option back into def_find, which knows the difference. Only putdef_str()
will pass a char* srcfile to def_find, so only calls from putdef_str will
cause the message, which was the original intent of fa68441bc4be8.
closes #967
fixes: fa68441bc4be8 ("Improve the login.defs unknown item error message")
Signed-off-by: Serge Hallyn <serge@hallyn.com>
---
lib/getdef.c | 30 ++++++++++++++++--------------
1 file changed, 16 insertions(+), 14 deletions(-)
diff --git a/lib/getdef.c b/lib/getdef.c
index 4d4d4e194..ef2ae1f08 100644
--- a/lib/getdef.c
+++ b/lib/getdef.c
@@ -176,7 +176,7 @@ static const char* def_fname = LOGINDEFS; /* login config defs file */
static bool def_loaded = false; /* are defs already loaded? */
/* local function prototypes */
-static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *);
+static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *, const char *);
static void def_load (void);
@@ -195,7 +195,7 @@ static void def_load (void);
def_load ();
}
- d = def_find (item);
+ d = def_find (item, NULL);
return (NULL == d) ? NULL : d->value;
}
@@ -214,7 +214,7 @@ bool getdef_bool (const char *item)
def_load ();
}
- d = def_find (item);
+ d = def_find (item, NULL);
if ((NULL == d) || (NULL == d->value)) {
return false;
}
@@ -240,7 +240,7 @@ int getdef_num (const char *item, int dflt)
def_load ();
}
- d = def_find (item);
+ d = def_find (item, NULL);
if ((NULL == d) || (NULL == d->value)) {
return dflt;
}
@@ -275,7 +275,7 @@ unsigned int getdef_unum (const char *item, unsigned int dflt)
def_load ();
}
- d = def_find (item);
+ d = def_find (item, NULL);
if ((NULL == d) || (NULL == d->value)) {
return dflt;
}
@@ -310,7 +310,7 @@ long getdef_long (const char *item, long dflt)
def_load ();
}
- d = def_find (item);
+ d = def_find (item, NULL);
if ((NULL == d) || (NULL == d->value)) {
return dflt;
}
@@ -342,7 +342,7 @@ unsigned long getdef_ulong (const char *item, unsigned long dflt)
def_load ();
}
- d = def_find (item);
+ d = def_find (item, NULL);
if ((NULL == d) || (NULL == d->value)) {
return dflt;
}
@@ -375,12 +375,9 @@ int putdef_str (const char *name, const char *value, const char *srcfile)
* Locate the slot to save the value. If this parameter
* is unknown then "def_find" will print an err message.
*/
- d = def_find (name);
- if (NULL == d) {
- if (NULL != srcfile)
- SYSLOG ((LOG_CRIT, "shadow: unknown configuration item '%s' in '%s'", name, srcfile));
+ d = def_find (name, srcfile);
+ if (NULL == d)
return -1;
- }
/*
* Save off the value.
@@ -404,9 +401,12 @@ int putdef_str (const char *name, const char *value, const char *srcfile)
*
* Search through a table of configurable items to locate the
* specified configuration option.
+ *
+ * If srcfile is not NULL, and the item is not found, then report an error saying
+ * the unknown item was used in this file.
*/
-static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
+static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name, const char *srcfile)
{
struct itemdef *ptr;
@@ -432,6 +432,8 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
fprintf (shadow_logfd,
_("configuration error - unknown item '%s' (notify administrator)\n"),
name);
+ if (srcfile != NULL)
+ SYSLOG ((LOG_CRIT, "shadow: unknown configuration item '%s' in '%s'", name, srcfile));
out:
return NULL;
@@ -610,7 +612,7 @@ int main (int argc, char **argv)
def_load ();
for (i = 0; i < NUMDEFS; ++i) {
- d = def_find (def_table[i].name);
+ d = def_find (def_table[i].name, NULL);
if (NULL == d) {
printf ("error - lookup '%s' failed\n",
def_table[i].name);

View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Thu Mar 21 06:37:27 UTC 2024 - Michael Vetter <mvetter@suse.com>
- Add shadow-4.15.0-fix-definition.patch:
Fix error messages about config options.
See gh/shadow-maint/shadow#967
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Mar 10 07:02:35 UTC 2024 - Michael Vetter <mvetter@suse.com> Sun Mar 10 07:02:35 UTC 2024 - Michael Vetter <mvetter@suse.com>

View File

@ -48,6 +48,8 @@ Patch3: shadow-login_defs-comments.patch
Patch4: shadow-login_defs-suse.patch Patch4: shadow-login_defs-suse.patch
# PATCH-FIX-SUSE disable_new_audit_function.patch adam.majer@suse.de -- Disable newer libaudit functionality for older distributions. # PATCH-FIX-SUSE disable_new_audit_function.patch adam.majer@suse.de -- Disable newer libaudit functionality for older distributions.
Patch5: disable_new_audit_function.patch Patch5: disable_new_audit_function.patch
# PATCH-FIX-UPSTREAM mvetter@suse.com -- Fix config options gh/shadow-maint/shadow#967
Patch6: shadow-4.15.0-fix-definition.patch
BuildRequires: audit-devel > 2.3 BuildRequires: audit-devel > 2.3
BuildRequires: autoconf BuildRequires: autoconf
BuildRequires: automake BuildRequires: automake
@ -116,6 +118,7 @@ Development files for libsubid4.
%if 0%{?suse_version} < 1330 %if 0%{?suse_version} < 1330
%patch -P 5 -p1 %patch -P 5 -p1
%endif %endif
%patch -P 6 -p1
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
mv -v doc/HOWTO.utf8 doc/HOWTO mv -v doc/HOWTO.utf8 doc/HOWTO