Accepting request 400383 from Base:System
Automatic submission by obs-autosubmit OBS-URL: https://build.opensuse.org/request/show/400383 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/shadow?expand=0&rev=14
This commit is contained in:
commit
974d43b11f
42
Fix-user-busy-errors-at-userdel.patch
Normal file
42
Fix-user-busy-errors-at-userdel.patch
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
From 546e2ae44955510b06a922647796ec54744f10ce Mon Sep 17 00:00:00 2001
|
||||||
|
From: Bastian Blank <bastian.blank@credativ.de>
|
||||||
|
Date: Tue, 17 Nov 2015 10:52:24 -0600
|
||||||
|
Subject: [PATCH 17/17] Fix user busy errors at userdel
|
||||||
|
|
||||||
|
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
|
||||||
|
---
|
||||||
|
libmisc/user_busy.c | 9 +++++++++
|
||||||
|
1 file changed, 9 insertions(+)
|
||||||
|
|
||||||
|
--- libmisc/user_busy.c
|
||||||
|
+++ libmisc/user_busy.c
|
||||||
|
@@ -175,6 +175,9 @@ static int user_busy_processes (const char *name, uid_t uid)
|
||||||
|
if (stat ("/", &sbroot) != 0) {
|
||||||
|
perror ("stat (\"/\")");
|
||||||
|
(void) closedir (proc);
|
||||||
|
+#ifdef ENABLE_SUBIDS
|
||||||
|
+ sub_uid_close();
|
||||||
|
+#endif
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -212,6 +215,9 @@ static int user_busy_processes (const char *name, uid_t uid)
|
||||||
|
|
||||||
|
if (check_status (name, tmp_d_name, uid) != 0) {
|
||||||
|
(void) closedir (proc);
|
||||||
|
+#ifdef ENABLE_SUBIDS
|
||||||
|
+ sub_uid_close();
|
||||||
|
+#endif
|
||||||
|
fprintf (stderr,
|
||||||
|
_("%s: user %s is currently used by process %d\n"),
|
||||||
|
Prog, name, pid);
|
||||||
|
@@ -232,6 +238,9 @@ static int user_busy_processes (const char *name, uid_t uid)
|
||||||
|
}
|
||||||
|
if (check_status (name, task_path+6, uid) != 0) {
|
||||||
|
(void) closedir (proc);
|
||||||
|
+#ifdef ENABLE_SUBIDS
|
||||||
|
+ sub_uid_close();
|
||||||
|
+#endif
|
||||||
|
fprintf (stderr,
|
||||||
|
_("%s: user %s is currently used by process %d\n"),
|
||||||
|
Prog, name, pid);
|
@ -1,91 +0,0 @@
|
|||||||
--- lib/getdef.c
|
|
||||||
+++ lib/getdef.c 2012/09/26 14:14:15
|
|
||||||
@@ -51,6 +51,7 @@
|
|
||||||
|
|
||||||
#define NUMDEFS (sizeof(def_table)/sizeof(def_table[0]))
|
|
||||||
static struct itemdef def_table[] = {
|
|
||||||
+ {"CHARACTER_CLASS", NULL},
|
|
||||||
{"CHFN_RESTRICT", NULL},
|
|
||||||
{"CONSOLE_GROUPS", NULL},
|
|
||||||
{"CONSOLE", NULL},
|
|
||||||
--- libmisc/chkname.c
|
|
||||||
+++ libmisc/chkname.c 2012/09/27 12:32:18
|
|
||||||
@@ -43,31 +43,55 @@
|
|
||||||
#ident "$Id: chkname.c 2828 2009-04-28 19:14:05Z nekral-guest $"
|
|
||||||
|
|
||||||
#include <ctype.h>
|
|
||||||
+#include <regex.h>
|
|
||||||
#include "defines.h"
|
|
||||||
#include "chkname.h"
|
|
||||||
+#include "getdef.h"
|
|
||||||
+#include <stdio.h>
|
|
||||||
|
|
||||||
static bool is_valid_name (const char *name)
|
|
||||||
{
|
|
||||||
- /*
|
|
||||||
- * User/group names must match [a-z_][a-z0-9_-]*[$]
|
|
||||||
- */
|
|
||||||
- if (('\0' == *name) ||
|
|
||||||
- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
|
|
||||||
- return false;
|
|
||||||
- }
|
|
||||||
+ const char *class;
|
|
||||||
+ regex_t reg;
|
|
||||||
+ int result;
|
|
||||||
+ char *buf;
|
|
||||||
+
|
|
||||||
+ /* User/group names must match [A-Za-z_][A-Za-z0-9_-.]*[A-Za-z0-9_-.$]?.
|
|
||||||
+ This is the POSIX portable character class. The $ at the end is
|
|
||||||
+ needed for SAMBA. But user can also specify something else in
|
|
||||||
+ /etc/login.defs. */
|
|
||||||
+ class = getdef_str ("CHARACTER_CLASS");
|
|
||||||
+ if (!class)
|
|
||||||
+ class = "[a-z_][a-z0-9_.-]*[a-z0-9_.$-]\\?";
|
|
||||||
+
|
|
||||||
+ if (asprintf (&buf, "^%s$", class) < 0)
|
|
||||||
+ return -1;
|
|
||||||
+
|
|
||||||
+ memset (®, 0, sizeof (regex_t));
|
|
||||||
+ result = regcomp (®, buf, 0);
|
|
||||||
+ free (buf);
|
|
||||||
+
|
|
||||||
+ if (result)
|
|
||||||
+ {
|
|
||||||
+ size_t length = regerror (result, ®, NULL, 0);
|
|
||||||
+ char *buffer = malloc (length);
|
|
||||||
+ if (buffer == NULL)
|
|
||||||
+ fputs ("running out of memory!\n", stderr);
|
|
||||||
+
|
|
||||||
+ /* else
|
|
||||||
+ {
|
|
||||||
+ regerror (result, ®, buffer, length);
|
|
||||||
+ fprintf (stderr, _("Can't compile regular expression: %s\n"),
|
|
||||||
+ buffer);
|
|
||||||
+ } */
|
|
||||||
|
|
||||||
- while ('\0' != *++name) {
|
|
||||||
- if (!(( ('a' <= *name) && ('z' >= *name) ) ||
|
|
||||||
- ( ('0' <= *name) && ('9' >= *name) ) ||
|
|
||||||
- ('_' == *name) ||
|
|
||||||
- ('-' == *name) ||
|
|
||||||
- ( ('$' == *name) && ('\0' == *(name + 1)) )
|
|
||||||
- )) {
|
|
||||||
- return false;
|
|
||||||
- }
|
|
||||||
- }
|
|
||||||
+ return false;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (regexec (®, name, 0, NULL, 0) != 0)
|
|
||||||
+ return false;
|
|
||||||
|
|
||||||
- return true;
|
|
||||||
+ return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
bool is_valid_user_name (const char *name)
|
|
||||||
@@ -96,4 +120,3 @@
|
|
||||||
|
|
||||||
return is_valid_name (name);
|
|
||||||
}
|
|
||||||
-
|
|
83
chkname-regex.patch
Normal file
83
chkname-regex.patch
Normal file
@ -0,0 +1,83 @@
|
|||||||
|
--- lib/getdef.c
|
||||||
|
+++ lib/getdef.c
|
||||||
|
@@ -51,6 +51,7 @@ struct itemdef {
|
||||||
|
|
||||||
|
#define NUMDEFS (sizeof(def_table)/sizeof(def_table[0]))
|
||||||
|
static struct itemdef def_table[] = {
|
||||||
|
+ {"CHARACTER_CLASS", NULL},
|
||||||
|
{"CHFN_RESTRICT", NULL},
|
||||||
|
{"CONSOLE_GROUPS", NULL},
|
||||||
|
{"CONSOLE", NULL},
|
||||||
|
--- libmisc/chkname.c
|
||||||
|
+++ libmisc/chkname.c
|
||||||
|
@@ -43,30 +43,57 @@
|
||||||
|
#ident "$Id$"
|
||||||
|
|
||||||
|
#include <ctype.h>
|
||||||
|
+#include <regex.h>
|
||||||
|
#include "defines.h"
|
||||||
|
#include "chkname.h"
|
||||||
|
+#include "getdef.h"
|
||||||
|
+#include <stdio.h>
|
||||||
|
|
||||||
|
static bool is_valid_name (const char *name)
|
||||||
|
{
|
||||||
|
- /*
|
||||||
|
- * User/group names must match [a-z_][a-z0-9_-]*[$]
|
||||||
|
- */
|
||||||
|
- if (('\0' == *name) ||
|
||||||
|
- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
|
||||||
|
+ const char *class;
|
||||||
|
+ regex_t reg;
|
||||||
|
+ int result;
|
||||||
|
+ char *buf;
|
||||||
|
+
|
||||||
|
+ /* User/group names must match [A-Za-z_][A-Za-z0-9_-.]*[A-Za-z0-9_-.$]?.
|
||||||
|
+ This is the POSIX portable character class. The $ at the end is
|
||||||
|
+ needed for SAMBA. But user can also specify something else in
|
||||||
|
+ /etc/login.defs. */
|
||||||
|
+ class = getdef_str ("CHARACTER_CLASS");
|
||||||
|
+ if (!class)
|
||||||
|
+ class = "[a-z_][a-z0-9_.-]*[a-z0-9_.$-]\\?";
|
||||||
|
+
|
||||||
|
+ if (asprintf (&buf, "^%s$", class) < 0)
|
||||||
|
+ return -1;
|
||||||
|
+
|
||||||
|
+ memset (®, 0, sizeof (regex_t));
|
||||||
|
+ result = regcomp (®, buf, 0);
|
||||||
|
+ free (buf);
|
||||||
|
+
|
||||||
|
+ if (result) {
|
||||||
|
+ size_t length = regerror (result, ®, NULL, 0);
|
||||||
|
+ char *buffer = malloc (length);
|
||||||
|
+ if (buffer == NULL)
|
||||||
|
+ fputs ("running out of memory!\n", stderr);
|
||||||
|
+
|
||||||
|
+ /* else
|
||||||
|
+ {
|
||||||
|
+ regerror (result, ®, buffer, length);
|
||||||
|
+ fprintf (stderr, _("Can't compile regular expression: %s\n"),
|
||||||
|
+ buffer);
|
||||||
|
+ } */
|
||||||
|
+
|
||||||
|
+ regfree(®);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
- while ('\0' != *++name) {
|
||||||
|
- if (!(( ('a' <= *name) && ('z' >= *name) ) ||
|
||||||
|
- ( ('0' <= *name) && ('9' >= *name) ) ||
|
||||||
|
- ('_' == *name) ||
|
||||||
|
- ('-' == *name) ||
|
||||||
|
- ( ('$' == *name) && ('\0' == *(name + 1)) )
|
||||||
|
- )) {
|
||||||
|
- return false;
|
||||||
|
- }
|
||||||
|
+ if (regexec (®, name, 0, NULL, 0) != 0) {
|
||||||
|
+ regfree(®);
|
||||||
|
+ return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ regfree(®);
|
||||||
|
return true;
|
||||||
|
}
|
@ -1,6 +1,6 @@
|
|||||||
--- lib/getdef.c
|
--- lib/getdef.c
|
||||||
+++ lib/getdef.c 2013/11/12 13:44:01
|
+++ lib/getdef.c
|
||||||
@@ -57,6 +57,7 @@
|
@@ -58,6 +58,7 @@ static struct itemdef def_table[] = {
|
||||||
{"CREATE_HOME", NULL},
|
{"CREATE_HOME", NULL},
|
||||||
{"DEFAULT_HOME", NULL},
|
{"DEFAULT_HOME", NULL},
|
||||||
{"ENCRYPT_METHOD", NULL},
|
{"ENCRYPT_METHOD", NULL},
|
@ -1,6 +1,6 @@
|
|||||||
--- lib/getdef.c
|
--- lib/getdef.c
|
||||||
+++ lib/getdef.c 2012/11/13 16:26:34
|
+++ lib/getdef.c
|
||||||
@@ -64,6 +64,7 @@
|
@@ -65,6 +65,7 @@ static struct itemdef def_table[] = {
|
||||||
{"FAKE_SHELL", NULL},
|
{"FAKE_SHELL", NULL},
|
||||||
{"GID_MAX", NULL},
|
{"GID_MAX", NULL},
|
||||||
{"GID_MIN", NULL},
|
{"GID_MIN", NULL},
|
||||||
@ -8,7 +8,7 @@
|
|||||||
{"HUSHLOGIN_FILE", NULL},
|
{"HUSHLOGIN_FILE", NULL},
|
||||||
{"KILLCHAR", NULL},
|
{"KILLCHAR", NULL},
|
||||||
{"LOGIN_RETRIES", NULL},
|
{"LOGIN_RETRIES", NULL},
|
||||||
@@ -93,7 +94,10 @@
|
@@ -100,7 +101,10 @@ static struct itemdef def_table[] = {
|
||||||
{"UID_MAX", NULL},
|
{"UID_MAX", NULL},
|
||||||
{"UID_MIN", NULL},
|
{"UID_MIN", NULL},
|
||||||
{"UMASK", NULL},
|
{"UMASK", NULL},
|
||||||
@ -19,7 +19,7 @@
|
|||||||
{"USERGROUPS_ENAB", NULL},
|
{"USERGROUPS_ENAB", NULL},
|
||||||
#ifndef USE_PAM
|
#ifndef USE_PAM
|
||||||
{"CHFN_AUTH", NULL},
|
{"CHFN_AUTH", NULL},
|
||||||
@@ -129,6 +133,10 @@
|
@@ -136,6 +140,10 @@ static struct itemdef def_table[] = {
|
||||||
{"TCB_SYMLINKS", NULL},
|
{"TCB_SYMLINKS", NULL},
|
||||||
{"USE_TCB", NULL},
|
{"USE_TCB", NULL},
|
||||||
#endif
|
#endif
|
31
shadow-4.1.5.1-audit-owner.patch
Normal file
31
shadow-4.1.5.1-audit-owner.patch
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
--- src/usermod.c
|
||||||
|
+++ src/usermod.c
|
||||||
|
@@ -1808,6 +1808,14 @@ static void move_home (void)
|
||||||
|
fail_exit (E_HOMEDIR);
|
||||||
|
}
|
||||||
|
|
||||||
|
+#ifdef WITH_AUDIT
|
||||||
|
+ if (uflg || gflg) {
|
||||||
|
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
||||||
|
+ "changing home directory owner",
|
||||||
|
+ user_newname, (unsigned int) user_newid, 1);
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
if (rename (user_home, user_newhome) == 0) {
|
||||||
|
/* FIXME: rename above may have broken symlinks
|
||||||
|
* pointing to the user's home directory
|
||||||
|
@@ -2254,6 +2262,13 @@ int main (int argc, char **argv)
|
||||||
|
* ownership.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
+#ifdef WITH_AUDIT
|
||||||
|
+ if (uflg || gflg) {
|
||||||
|
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
||||||
|
+ "changing home directory owner",
|
||||||
|
+ user_newname, (unsigned int) user_newid, 1);
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
if (chown_tree (dflg ? user_newhome : user_home,
|
||||||
|
user_id,
|
||||||
|
uflg ? user_newid : (uid_t)-1,
|
@ -1,7 +1,6 @@
|
|||||||
diff -up shadow-4.1.5.1/lib/commonio.c.backup-mode shadow-4.1.5.1/lib/commonio.c
|
--- lib/commonio.c
|
||||||
--- shadow-4.1.5.1/lib/commonio.c.backup-mode 2012-05-18 21:44:54.000000000 +0200
|
+++ lib/commonio.c
|
||||||
+++ shadow-4.1.5.1/lib/commonio.c 2012-09-19 20:27:16.089444234 +0200
|
@@ -301,15 +301,12 @@ static int create_backup (const char *backup, FILE * fp)
|
||||||
@@ -301,15 +301,12 @@ static int create_backup (const char *ba
|
|
||||||
struct utimbuf ub;
|
struct utimbuf ub;
|
||||||
FILE *bkfp;
|
FILE *bkfp;
|
||||||
int c;
|
int c;
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
--- src/useradd.c
|
--- src/useradd.c
|
||||||
+++ src/useradd.c 2013/09/17 12:30:31
|
+++ src/useradd.c
|
||||||
@@ -1759,6 +1759,9 @@
|
@@ -1896,6 +1896,9 @@ static void create_home (void)
|
||||||
if (access (user_home, F_OK) != 0) {
|
if (access (user_home, F_OK) != 0) {
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
if (set_selinux_file_context (user_home) != 0) {
|
if (set_selinux_file_context (user_home) != 0) {
|
||||||
@ -10,7 +10,7 @@
|
|||||||
fail_exit (E_HOMEDIR);
|
fail_exit (E_HOMEDIR);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@@ -1788,6 +1791,9 @@
|
@@ -1925,6 +1928,9 @@ static void create_home (void)
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
/* Reset SELinux to create files with default contexts */
|
/* Reset SELinux to create files with default contexts */
|
||||||
if (reset_selinux_file_context () != 0) {
|
if (reset_selinux_file_context () != 0) {
|
||||||
|
@ -1,7 +1,6 @@
|
|||||||
diff -up shadow-4.1.5.1/src/useradd.c.logmsg shadow-4.1.5.1/src/useradd.c
|
--- src/useradd.c
|
||||||
--- shadow-4.1.5.1/src/useradd.c.logmsg 2013-02-20 15:41:44.000000000 +0100
|
+++ src/useradd.c
|
||||||
+++ shadow-4.1.5.1/src/useradd.c 2013-03-19 18:40:04.908292810 +0100
|
@@ -320,7 +320,7 @@ static void fail_exit (int code)
|
||||||
@@ -275,7 +275,7 @@ static void fail_exit (int code)
|
|
||||||
user_name, AUDIT_NO_ID,
|
user_name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
#endif
|
#endif
|
||||||
|
@ -1,16 +1,6 @@
|
|||||||
diff -up shadow-4.1.5.1/man/useradd.8.xml.manfix shadow-4.1.5.1/man/useradd.8.xml
|
--- man/useradd.8.xml
|
||||||
--- shadow-4.1.5.1/man/useradd.8.xml.manfix 2013-06-14 15:25:44.000000000 +0200
|
+++ man/useradd.8.xml
|
||||||
+++ shadow-4.1.5.1/man/useradd.8.xml 2013-07-19 07:33:53.768619759 +0200
|
@@ -351,7 +351,7 @@
|
||||||
@@ -161,7 +161,7 @@
|
|
||||||
</varlistentry>
|
|
||||||
<varlistentry>
|
|
||||||
<term>
|
|
||||||
- <option>-d</option>, <option>--home</option>
|
|
||||||
+ <option>-d</option>, <option>--home-dir</option>
|
|
||||||
<replaceable>HOME_DIR</replaceable>
|
|
||||||
</term>
|
|
||||||
<listitem>
|
|
||||||
@@ -362,7 +362,7 @@
|
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term>
|
<term>
|
||||||
|
14
shadow-4.1.5.1-userdel-helpfix.patch
Normal file
14
shadow-4.1.5.1-userdel-helpfix.patch
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
--- src/userdel.c
|
||||||
|
+++ src/userdel.c
|
||||||
|
@@ -143,8 +143,9 @@ static void usage (int status)
|
||||||
|
"\n"
|
||||||
|
"Options:\n"),
|
||||||
|
Prog);
|
||||||
|
- (void) fputs (_(" -f, --force force removal of files,\n"
|
||||||
|
- " even if not owned by user\n"),
|
||||||
|
+ (void) fputs (_(" -f, --force force some actions that would fail otherwise\n"
|
||||||
|
+ " e.g. removal of user still logged in\n"
|
||||||
|
+ " or files, even if not owned by the user\n"),
|
||||||
|
usageout);
|
||||||
|
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
|
||||||
|
(void) fputs (_(" -r, --remove remove home directory and mail spool\n"), usageout);
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:aa32333748d68b58ed3a83625f0165e0f6b9dc4639e6377c9300c6bf4fe978fb
|
|
||||||
size 2193325
|
|
23
shadow-4.2.1-defs-chroot.patch
Normal file
23
shadow-4.2.1-defs-chroot.patch
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
--- src/useradd.c
|
||||||
|
+++ src/useradd.c
|
||||||
|
@@ -2054,8 +2054,8 @@ int main (int argc, char **argv)
|
||||||
|
#endif /* ACCT_TOOLS_SETUID */
|
||||||
|
|
||||||
|
/* Needed for userns check */
|
||||||
|
- uid_t uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
|
||||||
|
- uid_t uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
|
||||||
|
+ uid_t uid_min;
|
||||||
|
+ uid_t uid_max;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Get my name so that I can use it to report errors.
|
||||||
|
@@ -2073,6 +2073,9 @@ int main (int argc, char **argv)
|
||||||
|
audit_help_open ();
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+ uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
|
||||||
|
+ uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
|
||||||
|
+
|
||||||
|
sys_ngroups = sysconf (_SC_NGROUPS_MAX);
|
||||||
|
user_groups = (char **) xmalloc ((1 + sys_ngroups) * sizeof (char *));
|
||||||
|
/*
|
12
shadow-4.2.1-merge-group.patch
Normal file
12
shadow-4.2.1-merge-group.patch
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
--- lib/groupio.c
|
||||||
|
+++ lib/groupio.c
|
||||||
|
@@ -335,8 +335,7 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
|
||||||
|
errno = ENOMEM;
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
- snprintf(new_line, new_line_len, "%s\n%s", gr1->line, gr2->line);
|
||||||
|
- new_line[new_line_len] = '\0';
|
||||||
|
+ snprintf(new_line, new_line_len + 1, "%s\n%s", gr1->line, gr2->line);
|
||||||
|
|
||||||
|
/* Concatenate the 2 list of members */
|
||||||
|
for (i=0; NULL != gptr1->gr_mem[i]; i++);
|
3
shadow-4.2.1.tar.xz
Normal file
3
shadow-4.2.1.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:3b0893d1476766868cd88920f4f1231c4795652aa407569faff802bcda0f3d41
|
||||||
|
size 1594536
|
@ -1,31 +1,31 @@
|
|||||||
--- etc/login.defs
|
--- etc/login.defs
|
||||||
+++ etc/login.defs 2013/02/05 12:16:54
|
+++ etc/login.defs
|
||||||
@@ -1,8 +1,6 @@
|
@@ -1,8 +1,5 @@
|
||||||
#
|
#
|
||||||
# /etc/login.defs - Configuration control definitions for the shadow package.
|
# /etc/login.defs - Configuration control definitions for the shadow package.
|
||||||
#
|
-#
|
||||||
-# $Id: login.defs 3189 2010-03-26 11:53:06Z nekral-guest $
|
-# $Id$
|
||||||
-#
|
-#
|
||||||
|
|
||||||
#
|
#
|
||||||
# Delay in seconds before being allowed another attempt after a login failure
|
# Delay in seconds before being allowed another attempt after a login failure
|
||||||
@@ -12,11 +10,6 @@
|
@@ -12,11 +9,6 @@
|
||||||
FAIL_DELAY 3
|
FAIL_DELAY 3
|
||||||
|
|
||||||
#
|
#
|
||||||
-# Enable logging and display of /var/log/faillog login failure info.
|
-# Enable logging and display of /var/log/faillog login(1) failure info.
|
||||||
-#
|
-#
|
||||||
-FAILLOG_ENAB yes
|
-FAILLOG_ENAB yes
|
||||||
-
|
-
|
||||||
-#
|
-#
|
||||||
# Enable display of unknown usernames when login failures are recorded.
|
# Enable display of unknown usernames when login(1) failures are recorded.
|
||||||
#
|
#
|
||||||
LOG_UNKFAIL_ENAB no
|
LOG_UNKFAIL_ENAB no
|
||||||
@@ -27,34 +20,6 @@
|
@@ -27,34 +19,6 @@ LOG_UNKFAIL_ENAB no
|
||||||
LOG_OK_LOGINS no
|
LOG_OK_LOGINS no
|
||||||
|
|
||||||
#
|
#
|
||||||
-# Enable logging and display of /var/log/lastlog login time info.
|
-# Enable logging and display of /var/log/lastlog login(1) time info.
|
||||||
-#
|
-#
|
||||||
-LASTLOG_ENAB yes
|
-LASTLOG_ENAB yes
|
||||||
-
|
-
|
||||||
@ -48,45 +48,45 @@
|
|||||||
-PORTTIME_CHECKS_ENAB yes
|
-PORTTIME_CHECKS_ENAB yes
|
||||||
-
|
-
|
||||||
-#
|
-#
|
||||||
-# Enable setting of ulimit, umask, and niceness from passwd gecos field.
|
-# Enable setting of ulimit, umask, and niceness from passwd(5) gecos field.
|
||||||
-#
|
-#
|
||||||
-QUOTAS_ENAB yes
|
-QUOTAS_ENAB yes
|
||||||
-
|
-
|
||||||
-#
|
-#
|
||||||
# Enable "syslog" logging of su activity - in addition to sulog file logging.
|
# Enable "syslog" logging of su(1) activity - in addition to sulog file logging.
|
||||||
# SYSLOG_SG_ENAB does the same for newgrp and sg.
|
# SYSLOG_SG_ENAB does the same for newgrp(1) and sg(1).
|
||||||
#
|
#
|
||||||
@@ -82,75 +47,31 @@
|
@@ -82,75 +46,31 @@ MOTD_FILE /etc/motd
|
||||||
#MOTD_FILE /etc/motd:/usr/lib/news/news-motd
|
#MOTD_FILE /etc/motd:/usr/lib/news/news-motd
|
||||||
|
|
||||||
#
|
#
|
||||||
-# If defined, this file will be output before each login prompt.
|
-# If defined, this file will be output before each login(1) prompt.
|
||||||
-#
|
-#
|
||||||
-#ISSUE_FILE /etc/issue
|
-#ISSUE_FILE /etc/issue
|
||||||
-
|
-
|
||||||
-#
|
-#
|
||||||
# If defined, file which maps tty line to TERM environment parameter.
|
# If defined, file which maps tty line to TERM environment parameter.
|
||||||
# Each line of the file is in a format something like "vt100 tty01".
|
# Each line of the file is in a format similar to "vt100 tty01".
|
||||||
#
|
#
|
||||||
#TTYTYPE_FILE /etc/ttytype
|
#TTYTYPE_FILE /etc/ttytype
|
||||||
|
|
||||||
#
|
#
|
||||||
-# If defined, login failures will be logged here in a utmp format.
|
-# If defined, login(1) failures will be logged here in a utmp format.
|
||||||
-# last, when invoked as lastb, will read /var/log/btmp, so...
|
-# last(1), when invoked as lastb(1), will read /var/log/btmp, so...
|
||||||
-#
|
-#
|
||||||
-FTMP_FILE /var/log/btmp
|
-FTMP_FILE /var/log/btmp
|
||||||
-
|
-
|
||||||
-#
|
-#
|
||||||
-# If defined, name of file whose presence which will inhibit non-root
|
-# If defined, name of file whose presence will inhibit non-root
|
||||||
-# logins. The contents of this file should be a message indicating
|
-# logins. The content of this file should be a message indicating
|
||||||
-# why logins are inhibited.
|
-# why logins are inhibited.
|
||||||
-#
|
-#
|
||||||
-NOLOGINS_FILE /etc/nologin
|
-NOLOGINS_FILE /etc/nologin
|
||||||
-
|
-
|
||||||
-#
|
-#
|
||||||
-# If defined, the command name to display when running "su -". For
|
-# If defined, the command name to display when running "su -". For
|
||||||
-# example, if this is defined as "su" then a "ps" will display the
|
-# example, if this is defined as "su" then ps(1) will display the
|
||||||
-# command is "-su". If not defined, then "ps" would display the
|
-# command as "-su". If not defined, then ps(1) will display the
|
||||||
-# name of the shell actually being run, e.g. something like "-sh".
|
-# name of the shell actually being run, e.g. something like "-sh".
|
||||||
-#
|
-#
|
||||||
-SU_NAME su
|
-SU_NAME su
|
||||||
@ -122,7 +122,7 @@
|
|||||||
-ENV_HZ HZ=100
|
-ENV_HZ HZ=100
|
||||||
-# For Linux/Alpha...
|
-# For Linux/Alpha...
|
||||||
-#ENV_HZ HZ=1024
|
-#ENV_HZ HZ=1024
|
||||||
+#HUSHLOGIN_FILE .hushlogin
|
+# HUSHLOGIN_FILE .hushlogin
|
||||||
+HUSHLOGIN_FILE /etc/hushlogins
|
+HUSHLOGIN_FILE /etc/hushlogins
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -140,8 +140,8 @@
|
|||||||
|
|
||||||
#
|
#
|
||||||
# Terminal permissions
|
# Terminal permissions
|
||||||
@@ -164,24 +85,20 @@
|
@@ -164,24 +84,20 @@ ENV_PATH PATH=/bin:/usr/bin
|
||||||
# TTYPERM to either 622 or 600.
|
# set TTYPERM to either 622 or 600.
|
||||||
#
|
#
|
||||||
TTYGROUP tty
|
TTYGROUP tty
|
||||||
-TTYPERM 0600
|
-TTYPERM 0600
|
||||||
@ -164,9 +164,9 @@
|
|||||||
KILLCHAR 025
|
KILLCHAR 025
|
||||||
-#ULIMIT 2097152
|
-#ULIMIT 2097152
|
||||||
|
|
||||||
# Default initial "umask" value used by login on non-PAM enabled systems.
|
# Default initial "umask" value used by login(1) on non-PAM enabled systems.
|
||||||
# Default "umask" value for pam_umask on PAM enabled systems.
|
# Default "umask" value for pam_umask(8) on PAM enabled systems.
|
||||||
@@ -197,49 +114,44 @@
|
@@ -197,35 +113,25 @@ UMASK 022
|
||||||
#
|
#
|
||||||
# PASS_MAX_DAYS Maximum number of days a password may be used.
|
# PASS_MAX_DAYS Maximum number of days a password may be used.
|
||||||
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
|
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
|
||||||
@ -187,12 +187,12 @@
|
|||||||
-SU_WHEEL_ONLY no
|
-SU_WHEEL_ONLY no
|
||||||
-
|
-
|
||||||
-#
|
-#
|
||||||
-# If compiled with cracklib support, where are the dictionaries
|
-# If compiled with cracklib support, sets the path to the dictionaries
|
||||||
-#
|
-#
|
||||||
-CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict
|
-CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict
|
||||||
-
|
-
|
||||||
-#
|
-#
|
||||||
# Min/max values for automatic uid selection in useradd
|
# Min/max values for automatic uid selection in useradd(8)
|
||||||
#
|
#
|
||||||
+# SYS_UID_MIN to SYS_UID_MAX inclusive is the range for
|
+# SYS_UID_MIN to SYS_UID_MAX inclusive is the range for
|
||||||
+# UIDs for dynamically allocated administrative and system accounts.
|
+# UIDs for dynamically allocated administrative and system accounts.
|
||||||
@ -206,9 +206,12 @@
|
|||||||
-SYS_UID_MAX 999
|
-SYS_UID_MAX 999
|
||||||
+SYS_UID_MIN 100
|
+SYS_UID_MIN 100
|
||||||
+SYS_UID_MAX 499
|
+SYS_UID_MAX 499
|
||||||
|
# Extra per user uids
|
||||||
|
SUB_UID_MIN 100000
|
||||||
|
SUB_UID_MAX 600100000
|
||||||
|
@@ -234,11 +140,16 @@ SUB_UID_COUNT 65536
|
||||||
#
|
#
|
||||||
# Min/max values for automatic gid selection in groupadd
|
# Min/max values for automatic gid selection in groupadd(8)
|
||||||
#
|
#
|
||||||
+# SYS_GID_MIN to SYS_GID_MAX inclusive is the range for
|
+# SYS_GID_MIN to SYS_GID_MAX inclusive is the range for
|
||||||
+# GIDs for dynamically allocated administrative and system groups.
|
+# GIDs for dynamically allocated administrative and system groups.
|
||||||
@ -222,16 +225,19 @@
|
|||||||
-SYS_GID_MAX 999
|
-SYS_GID_MAX 999
|
||||||
+SYS_GID_MIN 100
|
+SYS_GID_MIN 100
|
||||||
+SYS_GID_MAX 499
|
+SYS_GID_MAX 499
|
||||||
|
# Extra per user group ids
|
||||||
|
SUB_GID_MIN 100000
|
||||||
|
SUB_GID_MAX 600100000
|
||||||
|
@@ -247,7 +158,7 @@ SUB_GID_COUNT 65536
|
||||||
#
|
#
|
||||||
# Max number of login retries if password is bad
|
# Max number of login(1) retries if password is bad
|
||||||
#
|
#
|
||||||
-LOGIN_RETRIES 5
|
-LOGIN_RETRIES 5
|
||||||
+LOGIN_RETRIES 3
|
+LOGIN_RETRIES 3
|
||||||
|
|
||||||
#
|
#
|
||||||
# Max time in seconds for login
|
# Max time in seconds for login(1)
|
||||||
@@ -247,28 +159,6 @@
|
@@ -255,28 +166,6 @@ LOGIN_RETRIES 5
|
||||||
LOGIN_TIMEOUT 60
|
LOGIN_TIMEOUT 60
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -252,15 +258,15 @@
|
|||||||
-#PASS_MAX_LEN 8
|
-#PASS_MAX_LEN 8
|
||||||
-
|
-
|
||||||
-#
|
-#
|
||||||
-# Require password before chfn/chsh can make any changes.
|
-# Require password before chfn(1)/chsh(1) can make any changes.
|
||||||
-#
|
-#
|
||||||
-CHFN_AUTH yes
|
-CHFN_AUTH yes
|
||||||
-
|
-
|
||||||
-#
|
-#
|
||||||
# Which fields may be changed by regular users using chfn - use
|
# Which fields may be changed by regular users using chfn(1) - use
|
||||||
# any combination of letters "frwh" (full name, room number, work
|
# any combination of letters "frwh" (full name, room number, work
|
||||||
# phone, home phone). If not defined, no changes are allowed.
|
# phone, home phone). If not defined, no changes are allowed.
|
||||||
@@ -277,29 +167,6 @@
|
@@ -285,28 +174,6 @@ CHFN_AUTH yes
|
||||||
CHFN_RESTRICT rwh
|
CHFN_RESTRICT rwh
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -281,16 +287,15 @@
|
|||||||
-# Note: If you use PAM, it is recommended to use a value consistent with
|
-# Note: If you use PAM, it is recommended to use a value consistent with
|
||||||
-# the PAM modules configuration.
|
-# the PAM modules configuration.
|
||||||
-#
|
-#
|
||||||
-# This variable is deprecated. You should use ENCRYPT_METHOD.
|
-# This variable is deprecated. You should use ENCRYPT_METHOD instead.
|
||||||
-#
|
-#
|
||||||
-#MD5_CRYPT_ENAB no
|
-#MD5_CRYPT_ENAB no
|
||||||
-
|
-
|
||||||
-#
|
-#
|
||||||
-# Only works if compiled with ENCRYPTMETHOD_SELECT defined:
|
# Only works if compiled with ENCRYPTMETHOD_SELECT defined:
|
||||||
# If set to MD5 , MD5-based algorithm will be used for encrypting password
|
# If set to MD5, MD5-based algorithm will be used for encrypting password
|
||||||
# If set to SHA256, SHA256-based algorithm will be used for encrypting password
|
# If set to SHA256, SHA256-based algorithm will be used for encrypting password
|
||||||
# If set to SHA512, SHA512-based algorithm will be used for encrypting password
|
@@ -317,7 +184,8 @@ CHFN_RESTRICT rwh
|
||||||
@@ -309,7 +176,8 @@
|
|
||||||
# Note: If you use PAM, it is recommended to use a value consistent with
|
# Note: If you use PAM, it is recommended to use a value consistent with
|
||||||
# the PAM modules configuration.
|
# the PAM modules configuration.
|
||||||
#
|
#
|
||||||
@ -300,7 +305,7 @@
|
|||||||
|
|
||||||
#
|
#
|
||||||
# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
|
# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
|
||||||
@@ -345,16 +212,12 @@
|
@@ -353,16 +221,12 @@ CHFN_RESTRICT rwh
|
||||||
DEFAULT_HOME yes
|
DEFAULT_HOME yes
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -319,18 +324,18 @@
|
|||||||
#USERDEL_CMD /usr/sbin/userdel_local
|
#USERDEL_CMD /usr/sbin/userdel_local
|
||||||
|
|
||||||
#
|
#
|
||||||
@@ -364,7 +227,7 @@
|
@@ -372,7 +236,7 @@ ENVIRON_FILE /etc/environment
|
||||||
#
|
#
|
||||||
# This also enables userdel to remove user groups if no members exist.
|
# This also enables userdel(8) to remove user groups if no members exist.
|
||||||
#
|
#
|
||||||
-USERGROUPS_ENAB yes
|
-USERGROUPS_ENAB yes
|
||||||
+USERGROUPS_ENAB no
|
+USERGROUPS_ENAB no
|
||||||
|
|
||||||
#
|
#
|
||||||
# If set to a non-nul number, the shadow utilities will make sure that
|
# If set to a non-zero number, the shadow utilities will make sure that
|
||||||
@@ -383,5 +246,41 @@
|
@@ -391,5 +255,40 @@ USERGROUPS_ENAB yes
|
||||||
# This option is overridden with the -M or -m flags on the useradd command
|
# This option is overridden with the -M or -m flags on the useradd(8)
|
||||||
# line.
|
# command-line.
|
||||||
#
|
#
|
||||||
-#CREATE_HOME yes
|
-#CREATE_HOME yes
|
||||||
+CREATE_HOME no
|
+CREATE_HOME no
|
||||||
@ -342,7 +347,7 @@
|
|||||||
+#
|
+#
|
||||||
+#CHARACTER_CLASS [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\?
|
+#CHARACTER_CLASS [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\?
|
||||||
+CHARACTER_CLASS [ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_][ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-]*[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.$-]\?
|
+CHARACTER_CLASS [ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_][ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-]*[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.$-]\?
|
||||||
+
|
|
||||||
+#
|
+#
|
||||||
+# If defined, this command is run when adding a group.
|
+# If defined, this command is run when adding a group.
|
||||||
+# It should rebuild any NIS database etc. to add the
|
+# It should rebuild any NIS database etc. to add the
|
||||||
@ -370,4 +375,3 @@
|
|||||||
+# account from it.
|
+# account from it.
|
||||||
+#
|
+#
|
||||||
+USERDEL_POSTCMD /usr/sbin/userdel-post.local
|
+USERDEL_POSTCMD /usr/sbin/userdel-post.local
|
||||||
|
|
@ -1,3 +1,49 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue May 31 06:48:41 UTC 2016 - mvetter@suse.com
|
||||||
|
|
||||||
|
- Add package dependency for aaa_base, fixing bnc#899409
|
||||||
|
(was done by tbehrens@suse.com but not submitted to Factory)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon May 30 09:41:55 UTC 2016 - mvetter@suse.com
|
||||||
|
|
||||||
|
- shadow 4.2.1 requested by fate#320422
|
||||||
|
- bsc#979069: Dont include shadow-4.1.5.1-bug935203-manpage.patch
|
||||||
|
- Dont set SUID bit yet. Once bsc#979282 is through, which will adapt the permissions package, we can enable the SUID bits.
|
||||||
|
Remove the files used to circumvent the check.
|
||||||
|
- Remove:
|
||||||
|
* shadow-rpmlintrc
|
||||||
|
* shadow-subids
|
||||||
|
* shadow-subids.easy
|
||||||
|
* shadow-subids.secure
|
||||||
|
* shadow-subids.paranoid
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu May 19 12:28:47 UTC 2016 - christian.brauner@mailbox.org
|
||||||
|
|
||||||
|
- Update to shadow-4.2.1:
|
||||||
|
- add support for subuids/subgids via newuidmap/newgidmap
|
||||||
|
- Rename chkname-regex.diff to chkname-regex.patch
|
||||||
|
- Rename encryption_method_nis.diff to encryption_method_nis.patch
|
||||||
|
- Rename getdef-new-defs.diff to getdef-new-defs.patch
|
||||||
|
- Rename shadow-login_defs.diff to shadow-login_defs.patch
|
||||||
|
- Rename userdel-scripts.diff to userdel-script.patch
|
||||||
|
- Rename useradd-script.diff to useradd-script.patch
|
||||||
|
- Rename useradd-default.diff to useradd-default.patch
|
||||||
|
- Rename useradd-mkdirs.diff to useradd-mkdirs.patch
|
||||||
|
- Add fixes from Red Hat/Fedora:
|
||||||
|
- shadow-4.1.5.1-audit-owner.patch.patch:
|
||||||
|
- log owner changes for home directory
|
||||||
|
- shadow-4.1.5.1-userdel-helpfix.patch.patch:
|
||||||
|
- give a hint about what happens when you force the removal of a user
|
||||||
|
- shadow-4.2.1-defs-chroot.patch.patch:
|
||||||
|
- initialize uid_t uid_min and uid_t uid_max not before we need them
|
||||||
|
- shadow-4.2.1-merge-group.patch.patch:
|
||||||
|
- simplify by using a single call to snprintf()
|
||||||
|
- Add upstream fix
|
||||||
|
- Fix-user-busy-errors-at-userdel.patch:
|
||||||
|
- call sub_uid_close()
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Jan 15 11:08:29 UTC 2016 - fvogt@suse.com
|
Fri Jan 15 11:08:29 UTC 2016 - fvogt@suse.com
|
||||||
|
|
||||||
|
49
shadow.spec
49
shadow.spec
@ -20,10 +20,10 @@ Summary: Utilities to Manage User and Group Accounts
|
|||||||
License: BSD-3-Clause and GPL-2.0+
|
License: BSD-3-Clause and GPL-2.0+
|
||||||
Group: System/Base
|
Group: System/Base
|
||||||
Name: shadow
|
Name: shadow
|
||||||
Version: 4.1.5.1
|
Version: 4.2.1
|
||||||
Release: 0
|
Release: 0
|
||||||
Url: http://pkg-shadow.alioth.debian.org/
|
Url: http://pkg-shadow.alioth.debian.org/
|
||||||
Source: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2
|
Source: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.xz
|
||||||
Source1: pamd.tar.bz2
|
Source1: pamd.tar.bz2
|
||||||
Source2: README.changes-pwdutils
|
Source2: README.changes-pwdutils
|
||||||
Source3: useradd.local
|
Source3: useradd.local
|
||||||
@ -31,18 +31,24 @@ Source4: userdel-pre.local
|
|||||||
Source5: userdel-post.local
|
Source5: userdel-post.local
|
||||||
Source6: shadow.service
|
Source6: shadow.service
|
||||||
Source7: shadow.timer
|
Source7: shadow.timer
|
||||||
Patch: shadow-login_defs.diff
|
Patch: shadow-login_defs.patch
|
||||||
Patch1: userdel-scripts.diff
|
Patch1: userdel-script.patch
|
||||||
Patch2: useradd-script.diff
|
Patch2: useradd-script.patch
|
||||||
Patch3: chkname-regex.diff
|
Patch3: chkname-regex.patch
|
||||||
Patch4: useradd-default.diff
|
Patch4: useradd-default.patch
|
||||||
Patch5: getdef-new-defs.diff
|
Patch5: getdef-new-defs.patch
|
||||||
Patch6: shadow-4.1.5.1-manfix.patch
|
Patch6: shadow-4.1.5.1-manfix.patch
|
||||||
Patch7: shadow-4.1.5.1-logmsg.patch
|
Patch7: shadow-4.1.5.1-logmsg.patch
|
||||||
Patch8: shadow-4.1.5.1-errmsg.patch
|
Patch8: shadow-4.1.5.1-errmsg.patch
|
||||||
Patch9: shadow-4.1.5.1-backup-mode.patch
|
Patch9: shadow-4.1.5.1-backup-mode.patch
|
||||||
Patch10: encryption_method_nis.diff
|
Patch10: encryption_method_nis.patch
|
||||||
Patch11: useradd-mkdirs.diff
|
Patch11: useradd-mkdirs.patch
|
||||||
|
Patch12: shadow-4.1.5.1-audit-owner.patch
|
||||||
|
Patch13: shadow-4.1.5.1-userdel-helpfix.patch
|
||||||
|
Patch14: shadow-4.2.1-defs-chroot.patch
|
||||||
|
Patch15: shadow-4.2.1-merge-group.patch
|
||||||
|
Patch16: Fix-user-busy-errors-at-userdel.patch
|
||||||
|
Requires: aaa_base
|
||||||
BuildRequires: audit-devel
|
BuildRequires: audit-devel
|
||||||
BuildRequires: libacl-devel
|
BuildRequires: libacl-devel
|
||||||
BuildRequires: libattr-devel
|
BuildRequires: libattr-devel
|
||||||
@ -67,12 +73,17 @@ group accounts.
|
|||||||
%patch3 -p0
|
%patch3 -p0
|
||||||
%patch4 -p0
|
%patch4 -p0
|
||||||
%patch5 -p0
|
%patch5 -p0
|
||||||
%patch6 -p1
|
%patch6 -p0
|
||||||
%patch7 -p1
|
%patch7 -p0
|
||||||
%patch8 -p0
|
%patch8 -p0
|
||||||
%patch9 -p1
|
%patch9 -p0
|
||||||
%patch10 -p0
|
%patch10 -p0
|
||||||
%patch11 -p1
|
%patch11 -p0
|
||||||
|
%patch12 -p0
|
||||||
|
%patch13 -p0
|
||||||
|
%patch14 -p0
|
||||||
|
%patch15 -p0
|
||||||
|
%patch16 -p0
|
||||||
|
|
||||||
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
|
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
|
||||||
mv -v doc/HOWTO.utf8 doc/HOWTO
|
mv -v doc/HOWTO.utf8 doc/HOWTO
|
||||||
@ -181,6 +192,8 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%set_permissions /usr/bin/gpasswd
|
%set_permissions /usr/bin/gpasswd
|
||||||
%set_permissions /usr/bin/newgrp
|
%set_permissions /usr/bin/newgrp
|
||||||
%set_permissions /usr/bin/passwd
|
%set_permissions /usr/bin/passwd
|
||||||
|
%set_permissions /usr/bin/newgidmap
|
||||||
|
%set_permissions /usr/bin/newuidmap
|
||||||
|
|
||||||
%service_add_post shadow.service shadow.timer
|
%service_add_post shadow.service shadow.timer
|
||||||
|
|
||||||
@ -192,6 +205,8 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%verify_permissions /usr/bin/gpasswd
|
%verify_permissions /usr/bin/gpasswd
|
||||||
%verify_permissions /usr/bin/newgrp
|
%verify_permissions /usr/bin/newgrp
|
||||||
%verify_permissions /usr/bin/passwd
|
%verify_permissions /usr/bin/passwd
|
||||||
|
%verify_permissions /usr/bin/newgidmap
|
||||||
|
%verify_permissions /usr/bin/newuidmap
|
||||||
|
|
||||||
%preun
|
%preun
|
||||||
%service_del_preun shadow.service shadow.timer
|
%service_del_preun shadow.service shadow.timer
|
||||||
@ -225,6 +240,8 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%{_bindir}/lastlog
|
%{_bindir}/lastlog
|
||||||
%attr(4755,root,root) %{_bindir}/newgrp
|
%attr(4755,root,root) %{_bindir}/newgrp
|
||||||
%attr(4755,root,shadow) %{_bindir}/passwd
|
%attr(4755,root,shadow) %{_bindir}/passwd
|
||||||
|
%attr(0755,root,shadow) %{_bindir}/newgidmap
|
||||||
|
%attr(0755,root,shadow) %{_bindir}/newuidmap
|
||||||
%{_bindir}/sg
|
%{_bindir}/sg
|
||||||
%{_sbindir}/groupadd
|
%{_sbindir}/groupadd
|
||||||
%{_sbindir}/groupdel
|
%{_sbindir}/groupdel
|
||||||
@ -268,6 +285,10 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%{_mandir}/man8/usermod.8*
|
%{_mandir}/man8/usermod.8*
|
||||||
%{_mandir}/man8/vigr.8*
|
%{_mandir}/man8/vigr.8*
|
||||||
%{_mandir}/man8/vipw.8*
|
%{_mandir}/man8/vipw.8*
|
||||||
|
%{_mandir}/man5/subuid.5*
|
||||||
|
%{_mandir}/man5/subgid.5*
|
||||||
|
%{_mandir}/man1/newgidmap.1*
|
||||||
|
%{_mandir}/man1/newuidmap.1*
|
||||||
|
|
||||||
%{_unitdir}/*
|
%{_unitdir}/*
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
--- etc/useradd
|
--- etc/useradd
|
||||||
+++ etc/useradd 2012/11/13 09:29:57
|
+++ etc/useradd
|
||||||
@@ -1,5 +1,5 @@
|
@@ -1,5 +1,5 @@
|
||||||
# useradd defaults file
|
# useradd defaults file
|
||||||
-GROUP=1000
|
-GROUP=1000
|
@ -1,8 +1,6 @@
|
|||||||
diff --git a/src/useradd.c b/src/useradd.c
|
--- src/useradd.c
|
||||||
index fa93853..a9f8caa 100644
|
+++ src/useradd.c
|
||||||
--- a/src/useradd.c
|
@@ -1894,6 +1894,13 @@ static void usr_update (void)
|
||||||
+++ b/src/useradd.c
|
|
||||||
@@ -1757,6 +1757,13 @@ static void usr_update (void)
|
|
||||||
static void create_home (void)
|
static void create_home (void)
|
||||||
{
|
{
|
||||||
if (access (user_home, F_OK) != 0) {
|
if (access (user_home, F_OK) != 0) {
|
||||||
@ -16,7 +14,7 @@ index fa93853..a9f8caa 100644
|
|||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
if (set_selinux_file_context (user_home) != 0) {
|
if (set_selinux_file_context (user_home) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (stderr,
|
||||||
@@ -1765,19 +1772,42 @@ static void create_home (void)
|
@@ -1902,19 +1909,42 @@ static void create_home (void)
|
||||||
fail_exit (E_HOMEDIR);
|
fail_exit (E_HOMEDIR);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
@ -1,6 +1,6 @@
|
|||||||
--- src/useradd.c
|
--- src/useradd.c
|
||||||
+++ src/useradd.c 2012/09/26 13:06:50
|
+++ src/useradd.c
|
||||||
@@ -1845,6 +1845,30 @@
|
@@ -1982,6 +1982,30 @@ static void create_mail (void)
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -31,7 +31,7 @@
|
|||||||
* main - useradd command
|
* main - useradd command
|
||||||
*/
|
*/
|
||||||
int main (int argc, char **argv)
|
int main (int argc, char **argv)
|
||||||
@@ -2076,6 +2100,7 @@
|
@@ -2242,6 +2266,7 @@ int main (int argc, char **argv)
|
||||||
nscd_flush_cache ("passwd");
|
nscd_flush_cache ("passwd");
|
||||||
nscd_flush_cache ("group");
|
nscd_flush_cache ("group");
|
||||||
|
|
@ -1,6 +1,6 @@
|
|||||||
--- src/userdel.c
|
--- src/userdel.c
|
||||||
+++ src/userdel.c 2012/09/25 13:46:38
|
+++ src/userdel.c
|
||||||
@@ -635,13 +635,13 @@
|
@@ -762,13 +762,13 @@ static void update_user (void)
|
||||||
* cron, at, or print jobs.
|
* cron, at, or print jobs.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
@ -16,7 +16,7 @@
|
|||||||
if (NULL == cmd) {
|
if (NULL == cmd) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -1032,9 +1032,10 @@
|
@@ -1163,9 +1163,10 @@ int main (int argc, char **argv)
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -29,7 +29,7 @@
|
|||||||
open_files ();
|
open_files ();
|
||||||
update_user ();
|
update_user ();
|
||||||
update_groups ();
|
update_groups ();
|
||||||
@@ -1137,7 +1138,7 @@
|
@@ -1268,7 +1269,7 @@ int main (int argc, char **argv)
|
||||||
* Cancel any crontabs or at jobs. Have to do this before we remove
|
* Cancel any crontabs or at jobs. Have to do this before we remove
|
||||||
* the entry from /etc/passwd.
|
* the entry from /etc/passwd.
|
||||||
*/
|
*/
|
||||||
@ -38,7 +38,7 @@
|
|||||||
close_files ();
|
close_files ();
|
||||||
|
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
@@ -1147,6 +1148,8 @@
|
@@ -1278,6 +1279,8 @@ int main (int argc, char **argv)
|
||||||
nscd_flush_cache ("passwd");
|
nscd_flush_cache ("passwd");
|
||||||
nscd_flush_cache ("group");
|
nscd_flush_cache ("group");
|
||||||
|
|
Loading…
Reference in New Issue
Block a user