pool/shadow
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1104351 from Base:System

Browse Source 
- Remove dependency on libbsd:
  On Tumbleweed we have glibc 2.38 already thus string functions
  like strlcpy will be present and won't be needed from libbsd.
  `readpassphrase()` is then the only function from libbsd not present.
  Upstream shadow has an in tree copy of it, that is used when the
  `--without-libbsd` flag is passed along.
  By relying on glibc 2.38 we don't need to add libbsd and libmd
  to our ring0 but can't easily upgrade on SLE.

- Update to 4.14.0:
  * configure: add with-libbsd option
  * Code cleanup
  * Replace utmp interface #757 
  * new option enable-logind #674
  * shadow userdel: add the adaptation to the busybox ps in 01-kill_user_procs.sh
  * chsh: warn if root sets a shell not listed in /etc/shells #535
  * newgrp: fix potential string injection
  * lastlog: fix alignment of Latest header
  * Fix yescrypt support #748
  * chgpasswd: Fix segfault in command-line options
  * gpasswd: Fix password leak
  * Add --prefix to passwd, chpasswd and chage #714 (bsc#1206627)
  * usermod: fix off-by-one issues #701
  * ch(g)passwd: Check selinux permissions upon startup #675
  * sub_[ug]id_{add,remove}: fix return values
  * chsh: Verify that login shell path is absolute #730
  * process_prefix_flag: Drop privileges
  * run_parts for groupadd and groupdel #706
  * newgrp/useradd: always set SIGCHLD to default
  * useradd/usermod: add --selinux-range argument #698

OBS-URL: https://build.opensuse.org/request/show/1104351
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/shadow?expand=0&rev=58
This commit is contained in:
Ana Guerrero 2023-08-18 17:26:58 +00:00 committed by Git OBS Bridge
commit 89460a18ea
11 changed files with 84 additions and 329 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
shadow-4.13.tar.xz (Stored with Git LFS)
View File

Binary file not shown.

11
shadow-4.13.tar.xz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEqb0/8XByttt4D8+UNXDaFycKziQFAmNqhwIACgkQNXDaFycK
ziTcAQgAuB+Q+bbDHqzcW50by/t/7WYiV9XRMroS51FglzrMl3w+W1m4dR3weGj5
2n0n+J+SOFrqz+j8VGcdI9jsdjNVRau/ZXfzRRZHm9jmGXIKXXxtPKgAN6tK1lK6
P8qUULJIK8fwreU6pqD4vm6hw2IbfUwG2wP6fEpwFwYW9hq9LWzbiyo5+V9d49zL
xJTYx64GbYekUi71GO+UoxWIbuoHqqtkwK213/dq34Ukk+gOTRGyTI7JJKv510+9
tZSDDRS+zVXxttWQTng+3hTzdQZ6dYtnigxZGUPjyJieIOFvKljQdRsm3tOInK9D
AVM6K2qPqt6RmGRZ+i5FPryk/2JEeA==
=33BL
-----END PGP SIGNATURE-----

3
shadow-4.14.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:87e1c5cc10109536132f1b4e29b6df6edc99b70f36f71ff042c2783f2fa01d4f
size 1787892

11
shadow-4.14.0.tar.xz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEqb0/8XByttt4D8+UNXDaFycKziQFAmTcOGUACgkQNXDaFycK
ziRQVwgAyUZhhaLuXEHU6D3OwiK7frZa1qYMFpmJw/+jDr4T25TDRqXz331qSjiQ
WkDxcLECImPmpL9zvLn+lIvfzXZRdxOAwBRV9wvOqma4gOgE5av+g7b4MvBVdoiT
1JmDxjg/N9wdXz8plvD8Kwv9IGLBpe2e0ZuIazIVtxkY9A0xUVuz4kqBEsznVCdn
C+x5iFpLahFg18U6DivTPvF7dMV30l1s+hkIDkiMxStmb6OtIezmu1GsTxJyIMnT
+PNQw5crHccfCfLQRH+eKHIGTqaibIawJWUS0lAzbQqq1J/kGo8aKg46JgEm7WtU
0T14PVza1VqVNXAK8f0GlrVL82+iow==
=blJ0
-----END PGP SIGNATURE-----

51
shadow-CVE-2023-29383.patch
View File

@ -1,51 +0,0 @@
Index: shadow-4.13/lib/fields.c
===================================================================
--- shadow-4.13.orig/lib/fields.c
+++ shadow-4.13/lib/fields.c
@@ -21,9 +21,9 @@
*
* The supplied field is scanned for non-printable and other illegal
* characters.
- * + -1 is returned if an illegal character is present.
- * + 1 is returned if no illegal characters are present, but the field
- * contains a non-printable character.
+ * + -1 is returned if an illegal or control character is present.
+ * + 1 is returned if no illegal or control characters are present,
+ * but the field contains a non-printable character.
* + 0 is returned otherwise.
*/
int valid_field (const char *field, const char *illegal)
@@ -37,23 +37,22 @@ int valid_field (const char *field, cons
/* For each character of field, search if it appears in the list
* of illegal characters. */
+ if (illegal && NULL != strpbrk (field, illegal)) {
+ return -1;
+ }
+
+ /* Search if there are non-printable or control characters */
for (cp = field; '\0' != *cp; cp++) {
- if (strchr (illegal, *cp) != NULL) {
+ unsigned char c = *cp;
+ if (!isprint (c)) {
+ err = 1;
+ }
+ if (iscntrl (c)) {
err = -1;
break;
}
}
- if (0 == err) {
- /* Search if there are some non-printable characters */
- for (cp = field; '\0' != *cp; cp++) {
- if (!isprint (*cp)) {
- err = 1;
- break;
- }
- }
- }
-
return err;
}

36
shadow-audit-no-id.patch
View File

@ -1,36 +0,0 @@
From 3cfc7955b33c85472a7cf11a0ecf1c6851db7c26 Mon Sep 17 00:00:00 2001
From: Michael Vetter <jubalh@iodoru.org>
Date: Thu, 15 Dec 2022 11:52:58 +0100
Subject: [PATCH] Fix useradd audit event logging of ID field
When useradd sends its ADD_USER event, it is filling in the id field. This is not yet written to disk. When auditd sees the event and the log format is enriched, auditd tries to lookup the user name but it does not exist. This causes the event to never be resolvable since ausearch relies on the lookup information attached by auditd.
The fix is to not send the id information for any event until after close_files() is called. Just the acct field is all that is
Patch by Steve Grubb (afaik).
Reported at https://bugzilla.redhat.com/show_bug.cgi?id=1713432
---
src/useradd.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/useradd.c b/src/useradd.c
index e59e47681..87abd6e33 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -2225,9 +2225,14 @@ static void usr_update (unsigned long subuid_count, unsigned long subgid_count)
#endif /* ENABLE_SUBIDS */
#ifdef WITH_AUDIT
+ /*
+ * Even though we have the ID of the user, we won't send it now
+ * because its not written to disk yet. After close_files it is
+ * and we can use the real ID thereafter.
+ */
audit_logger (AUDIT_ADD_USER, Prog,
"adding user",
- user_name, (unsigned int) user_id,
+ user_name, AUDIT_NO_ID,
SHADOW_AUDIT_SUCCESS);
#endif
/*

41
shadow-fix-print-login-timeout.patch
View File

@ -1,41 +0,0 @@
From 670cae834827a8f794e6f7464fa57790d911b63c Mon Sep 17 00:00:00 2001
From: SoumyaWind <121475834+SoumyaWind@users.noreply.github.com>
Date: Tue, 27 Dec 2022 17:40:17 +0530
Subject: [PATCH] shadow: Fix can not print full login timeout message
Login timed out message prints only first few bytes when write is immediately followed by exit.
Calling exit from new handler provides enough time to display full message.
---
src/login.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/login.c b/src/login.c
index 116e2cb36..c55f4de0a 100644
--- a/src/login.c
+++ b/src/login.c
@@ -120,6 +120,7 @@ static void get_pam_user (char **ptr_pam_user);
static void init_env (void);
static void alarm_handler (int);
+static void exit_handler (int);
/*
* usage - print login command usage and exit
@@ -391,11 +392,16 @@ static void init_env (void)
#endif /* !USE_PAM */
}
+static void exit_handler (unused int sig)
+{
+ _exit (0);
+}
static void alarm_handler (unused int sig)
{
write (STDERR_FILENO, tmsg, strlen (tmsg));
- _exit (0);
+ signal(SIGALRM, exit_handler);
+ alarm(2);
}
#ifdef USE_PAM

62
shadow.changes
View File

@ -1,3 +1,65 @@
-------------------------------------------------------------------
Thu Aug 17 10:14:14 UTC 2023 - Michael Vetter <mvetter@suse.com>
- Remove dependency on libbsd:
On Tumbleweed we have glibc 2.38 already thus string functions
like strlcpy will be present and won't be needed from libbsd.
`readpassphrase()` is then the only function from libbsd not present.
Upstream shadow has an in tree copy of it, that is used when the
`--without-libbsd` flag is passed along.
By relying on glibc 2.38 we don't need to add libbsd and libmd
to our ring0 but can't easily upgrade on SLE.
-------------------------------------------------------------------
Thu Aug 17 06:43:38 UTC 2023 - Michael Vetter <mvetter@suse.com>
- Update to 4.14.0:
* configure: add with-libbsd option
* Code cleanup
* Replace utmp interface #757
* new option enable-logind #674
* shadow userdel: add the adaptation to the busybox ps in 01-kill_user_procs.sh
* chsh: warn if root sets a shell not listed in /etc/shells #535
* newgrp: fix potential string injection
* lastlog: fix alignment of Latest header
* Fix yescrypt support #748
* chgpasswd: Fix segfault in command-line options
* gpasswd: Fix password leak
* Add --prefix to passwd, chpasswd and chage #714 (bsc#1206627)
* usermod: fix off-by-one issues #701
* ch(g)passwd: Check selinux permissions upon startup #675
* sub_[ug]id_{add,remove}: fix return values
* chsh: Verify that login shell path is absolute #730
* process_prefix_flag: Drop privileges
* run_parts for groupadd and groupdel #706
* newgrp/useradd: always set SIGCHLD to default
* useradd/usermod: add --selinux-range argument #698
* sssd: skip flushing if executable does not exist #699
* semanage: Do not set default SELinux range #676
* Add control character check #687
* usermod: respect --prefix for --gid option
* Fix null dereference in basename
* newuidmap and newgidmap: support passing pid as fd
* Prevent out of boundary access #633
* Explicitly override only newlines #633
* Correctly handle illegal system file in tz #633
* Supporting vendor given -shells- configuration file #599
* Warn if failed to read existing /etc/nsswitch.conf
* chfn: new_fields: fix wrong fields printed
* Allow supplementary groups to be added via config file #586
* useradd: check if subid range exists for user #592 (rh#2012929)
- Refresh useradd-default.patch
- Remove upstreamed patches:
* useradd-userkeleton.patch
* shadow-audit-no-id.patch
* shadow-fix-print-login-timeout.patch
* shadow-CVE-2023-29383.patch
- Dont build lastlog (lastlog.legacy) anymore since we
use lastlog2 by default now.
- This release depends either on libbsd or on glibc >= 2.38
which only recently got released. libbsd (and libmd) would be
new packages in our ring0
-------------------------------------------------------------------
Tue Apr 18 15:39:47 UTC 2023 - Michael Vetter <mvetter@suse.com>

37
shadow.spec
View File

@ -22,7 +22,7 @@
%define no_config 1
%endif
Name: shadow
Version: 4.13
Version: 4.14.0
Release: 0
Summary: Utilities to Manage User and Group Accounts
License: BSD-3-Clause AND GPL-2.0-or-later
@ -46,16 +46,8 @@ Patch2: shadow-util-linux.patch
Patch3: shadow-login_defs-comments.patch
# PATCH-FEATURE-SUSE shadow-login_defs-suse.patch kukuk@suse.com -- Customize login.defs.
Patch4: shadow-login_defs-suse.patch
# PATCH-FEATURE-SUSE Copy also skeleton files from /usr/etc/skel (boo#1173321) (gh/shadow-maint/shadow#591)
Patch5: useradd-userkeleton.patch
# PATCH-FIX-SUSE disable_new_audit_function.patch adam.majer@suse.de -- Disable newer libaudit functionality for older distributions.
Patch6: disable_new_audit_function.patch
# PATCH-FIX-UPSTREAM shadow-audit-no-id.patch mvetter@suse.com -- Fix useradd audit event logging of ID field (bsc#1205502) (gh/shadow-maint/shadow#606)
Patch7: shadow-audit-no-id.patch
# PATCH-FIX-UPSTREAM shadow-fix-print-login-timeout.patch mvetter@suse.com -- Fix print full login timeout message (gh/shadow-maint/shadow#621)
Patch8: shadow-fix-print-login-timeout.patch
# PATCH-FIX-UPSTREAM shadow-CVE-2023-29383.patch mvetter@suse.com -- Check control chracters in chfn (bsc#1210507)
Patch9: shadow-CVE-2023-29383.patch
Patch5: disable_new_audit_function.patch
BuildRequires: audit-devel > 2.3
BuildRequires: autoconf
BuildRequires: automake
@ -66,6 +58,8 @@ BuildRequires: libsemanage-devel
BuildRequires: libtool
BuildRequires: pam-devel
BuildRequires: xz
# we depend on libbsd or glibc >= 2.38 for the strlcpy() (and readpassphrase()) functions
BuildRequires: glibc-devel >= 2.38
Requires: login_defs >= %{version}
Requires(pre): group(root)
Requires(pre): group(shadow)
@ -119,13 +113,9 @@ Development files for libsubid4.
%patch2
%patch3
%patch4
%patch5
%if 0%{?suse_version} < 1330
%patch6 -p1
%patch5 -p1
%endif
%patch7 -p1
%patch8 -p1
%patch9 -p1
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
mv -v doc/HOWTO.utf8 doc/HOWTO
@ -146,6 +136,7 @@ autoreconf -fvi
--with-nscd \
--with-selinux \
--without-libcrack \
--without-libbsd \
--with-group-name-max-length=32 \
--enable-vendordir=%{_distconfdir}
%make_build
@ -230,12 +221,6 @@ if [ ! -d %{buildroot}%{_distconfdir} ]; then
fi
mkdir -p %{buildroot}%{_sysconfdir}/login.defs.d
%if 0%{?suse_version} >= 1599
# Rename lastlog to lastlog.legacy, as it got replaced by lastlog2
mv %{buildroot}/%{_bindir}/lastlog %{buildroot}/%{_bindir}/lastlog.legacy
mv %{buildroot}/%{_mandir}/man8/lastlog.8 %{buildroot}/%{_mandir}/man8/lastlog.legacy.8
%endif
%find_lang shadow
%pre
@ -335,11 +320,6 @@ test -f %{_sysconfdir}/login.defs.rpmsave && mv -v %{_sysconfdir}/login.defs.rpm
%verify(not mode) %attr(4755,root,shadow) %{_bindir}/passwd
%verify(not mode) %attr(4755,root,shadow) %{_bindir}/newgidmap
%verify(not mode) %attr(4755,root,shadow) %{_bindir}/newuidmap
%if 0%{?suse_version} >= 1599
%{_bindir}/lastlog.legacy
%else
%{_bindir}/lastlog
%endif
%{_bindir}/sg
%{_bindir}/getsubids
%attr(0755,root,root) %{_sbindir}/groupadd
@ -371,11 +351,6 @@ test -f %{_sysconfdir}/login.defs.rpmsave && mv -v %{_sysconfdir}/login.defs.rpm
%{_mandir}/man8/groupdel.8%{?ext_man}
%{_mandir}/man8/groupmod.8%{?ext_man}
%{_mandir}/man8/grpck.8%{?ext_man}
%if 0%{?suse_version} >= 1599
%{_mandir}/man8/lastlog.legacy.8%{?ext_man}
%else
%{_mandir}/man8/lastlog.8%{?ext_man}
%endif
%{_mandir}/man8/newusers.8%{?ext_man}
%{_mandir}/man8/pwck.8%{?ext_man}
%{_mandir}/man8/pwconv.8%{?ext_man}

4
useradd-default.patch
View File

@ -2,12 +2,12 @@ Index: src/useradd.c
===================================================================
--- src/useradd.c.orig
+++ src/useradd.c
@@ -101,7 +101,7 @@ FILE *shadow_logfd = NULL;
@@ -87,7 +87,7 @@ const char *Prog;
/*
* These defaults are used if there is no defaults file.
*/
-static gid_t def_group = 1000;
+static gid_t def_group = 100;
static const char *def_groups = "";
static const char *def_gname = "other";
static const char *def_home = "/home";
static const char *def_shell = "/bin/bash";

154
useradd-userkeleton.patch
View File

@ -1,154 +0,0 @@
Copy also skeleton files from /usr/etc/skel (boo#1173321)
---
etc/useradd | 1 +
src/useradd.c | 37 +++++++++++++++++++++++++++++++++++++
2 files changed, 38 insertions(+)
Index: src/useradd.c
===================================================================
--- src/useradd.c.orig
+++ src/useradd.c
@@ -61,6 +61,9 @@
#ifndef SKEL_DIR
#define SKEL_DIR "/etc/skel"
#endif
+#ifndef USRSKELDIR
+#define USRSKELDIR "/usr/etc/skel"
+#endif
#ifndef USER_DEFAULTS_FILE
#define USER_DEFAULTS_FILE "/etc/default/useradd"
#define NEW_USER_FILE "/etc/default/nuaddXXXXXX"
@@ -84,6 +87,7 @@ static const char *def_gname = "other";
static const char *def_home = "/home";
static const char *def_shell = "/bin/bash";
static const char *def_template = SKEL_DIR;
+static const char *def_usrtemplate = USRSKELDIR;
static const char *def_create_mail_spool = "yes";
static const char *def_log_init = "yes";
@@ -188,6 +192,7 @@ static bool home_added = false;
#define DINACT "INACTIVE="
#define DEXPIRE "EXPIRE="
#define DSKEL "SKEL="
+#define DUSRSKEL "USRSKEL="
#define DCREATE_MAIL_SPOOL "CREATE_MAIL_SPOOL="
#define DLOG_INIT "LOG_INIT="
@@ -461,6 +466,29 @@ static void get_defaults (void)
}
/*
+ * Default Usr Skeleton information
+ */
+ else if (MATCH (buf, DUSRSKEL)) {
+ if ('\0' == *cp) {
+ cp = USRSKELDIR; /* XXX warning: const */
+ }
+
+ if(prefix[0]) {
+ size_t len;
+ int wlen;
+ char* _def_usrtemplate; /* avoid const warning */
+
+ len = strlen(prefix) + strlen(cp) + 2;
+ _def_usrtemplate = xmalloc(len);
+ wlen = snprintf(_def_usrtemplate, len, "%s/%s", prefix, cp);
+ assert (wlen == (int) len -1);
+ def_usrtemplate = _def_usrtemplate;
+ }
+ else {
+ def_usrtemplate = xstrdup (cp);
+ }
+ }
+ /*
* Create by default user mail spool or not ?
*/
else if (MATCH (buf, DCREATE_MAIL_SPOOL)) {
@@ -502,6 +530,7 @@ static void show_defaults (void)
printf ("EXPIRE=%s\n", def_expire);
printf ("SHELL=%s\n", def_shell);
printf ("SKEL=%s\n", def_template);
+ printf ("USRSKEL=%s\n", def_usrtemplate);
printf ("CREATE_MAIL_SPOOL=%s\n", def_create_mail_spool);
printf ("LOG_INIT=%s\n", def_log_init);
}
@@ -530,6 +559,7 @@ static int set_defaults (void)
bool out_expire = false;
bool out_shell = false;
bool out_skel = false;
+ bool out_usrskel = false;
bool out_create_mail_spool = false;
bool out_log_init = false;
size_t len;
@@ -643,6 +673,9 @@ static int set_defaults (void)
} else if (!out_skel && MATCH (buf, DSKEL)) {
fprintf (ofp, DSKEL "%s\n", def_template);
out_skel = true;
+ } else if (!out_usrskel && MATCH (buf, DUSRSKEL)) {
+ fprintf (ofp, DUSRSKEL "%s\n", def_usrtemplate);
+ out_usrskel = true;
} else if (!out_create_mail_spool
&& MATCH (buf, DCREATE_MAIL_SPOOL)) {
fprintf (ofp,
@@ -678,6 +711,8 @@ static int set_defaults (void)
fprintf (ofp, DSHELL "%s\n", def_shell);
if (!out_skel)
fprintf (ofp, DSKEL "%s\n", def_template);
+ if (!out_usrskel)
+ fprintf (ofp, DUSRSKEL "%s\n", def_usrtemplate);
if (!out_create_mail_spool)
fprintf (ofp, DCREATE_MAIL_SPOOL "%s\n", def_create_mail_spool);
@@ -2758,6 +2793,8 @@ int main (int argc, char **argv)
if (home_added) {
copy_tree (def_template, prefix_user_home, false, true,
(uid_t)-1, user_id, (gid_t)-1, user_gid);
+ copy_tree (def_usrtemplate, prefix_user_home, false, false,
+ (uid_t)-1, user_id, (gid_t)-1, user_gid);
} else {
fprintf (stderr,
_("%s: warning: the home directory %s already exists.\n"
Index: libmisc/copydir.c
===================================================================
--- libmisc/copydir.c.orig
+++ libmisc/copydir.c
@@ -449,6 +449,14 @@ static int copy_entry (const struct path
}
/*
+ * If the destination already exists do nothing.
+ * This is after the copy_dir above to still iterate into subdirectories.
+ */
+ if (fstatat(dst->dirfd, dst->name, &sb, AT_SYMLINK_NOFOLLOW) != -1) {
+ return 0;
+ }
+
+ /*
* Copy any symbolic links
*/
@@ -507,6 +515,7 @@ static int copy_dir (const struct path_i
gid_t old_gid, gid_t new_gid)
{
int err = 0;
+ struct stat dst_sb;
/*
* Create a new target directory, make it owned by
@@ -518,6 +527,15 @@ static int copy_dir (const struct path_i
return -1;
}
#endif /* WITH_SELINUX */
+ /*
+ * If the destination is already a directory, don't change it
+ * but copy into it (recursively).
+ */
+ if (fstatat(dst->dirfd, dst->name, &dst_sb, AT_SYMLINK_NOFOLLOW) == 0 && S_ISDIR(dst_sb.st_mode)) {
+ return (copy_tree (src, dst, false, reset_selinux,
+ old_uid, new_uid, old_gid, new_gid) != 0);
+ }
+
if ( (mkdirat (dst->dirfd, dst->name, 0700) != 0)
|| (chownat_if_needed (dst, statp,
old_uid, new_uid, old_gid, new_gid) != 0)