OBS-URL: https://build.opensuse.org/package/show/Base:System/shadow?expand=0&rev=82

2019-12-17 12:46:08 +00:00 · 2019-12-17 12:46:08 +00:00 · 9b62b0468b
commit 9b62b0468b
parent 93639b1c76
2 changed files with 0 additions and 390 deletions
--- a/libeconf.patch
+++ b/libeconf.patch
@ -1,362 +0,0 @@
-From b52ce71c276d6dafceac6b942b534af77b647f48 Mon Sep 17 00:00:00 2001
-From: Thorsten Kukuk <kukuk@suse.com>
-Date: Fri, 20 Sep 2019 10:27:31 +0200
-Subject: [PATCH] Add support for a vendor directory and libeconf
-
-With this, it is possible for Linux distributors to store their
-supplied default configuration files somewhere below /usr, while
-/etc only contains the changes made by the user. The new option
--enable-vendordir defines where the shadow suite should additional
-look for login.defs if this file is not in /etc.
-libeconf is a key/value configuration file reading library, which
-handles the split of configuration files in different locations
-and merges them transparently for the application.
---
- configure.ac          | 13 +++++++-
- lib/Makefile.am       |  4 +++
- lib/getdef.c          | 76 +++++++++++++++++++++++++++++++++++++++++++
- libmisc/Makefile.am   |  2 +-
- libmisc/prefix_flag.c | 18 ++++++----
- src/Makefile.am       | 55 ++++++++++++++++---------------
- 6 files changed, 132 insertions(+), 36 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 1907afbd..6a273766 100644
--- a/configure.ac
-+++ b/configure.ac
-@@ -247,7 +247,7 @@ AC_ARG_ENABLE(subordinate-ids,
- 	[enable_subids="maybe"]
- )
- 
-AC_ARG_WITH(audit, 
-+AC_ARG_WITH(audit,
- 	[AC_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])],
- 	[with_audit=$withval], [with_audit=maybe])
- AC_ARG_WITH(libpam,
-@@ -321,6 +321,17 @@ AC_SEARCH_LIBS(inet_ntoa, inet)
- AC_SEARCH_LIBS(socket, socket)
- AC_SEARCH_LIBS(gethostbyname, nsl)
- 
-+AC_CHECK_LIB([econf],[econf_readDirs],[LIBECONF="-leconf"],[LIBECONF=""])
-+if test -n "$LIBECONF"; then
-+	ECONF_CPPFLAGS="-DUSE_ECONF=1"
-+	AC_ARG_ENABLE([vendordir],
-+		AS_HELP_STRING([--enable-vendordir=DIR], [Directory for distribution provided configuration files]),,[])
-+fi
-+AC_SUBST(ECONF_CPPFLAGS)
-+AC_SUBST(LIBECONF)
-+AC_SUBST([VENDORDIR], [$enable_vendordir])
-+AM_CONDITIONAL([HAVE_VENDORDIR], [test "x$enable_vendordir" != x])
-+
- if test "$enable_shadowgrp" = "yes"; then
- 	AC_DEFINE(SHADOWGRP, 1, [Define to support the shadow group file.])
- fi
-diff --git a/lib/Makefile.am b/lib/Makefile.am
-index fd634542..a40c08a1 100644
--- a/lib/Makefile.am
-+++ b/lib/Makefile.am
-@@ -6,6 +6,10 @@ DEFS =
- noinst_LTLIBRARIES = libshadow.la
- 
- libshadow_la_LDFLAGS = -version-info 0:0:0
-+libshadow_la_CPPFLAGS = $(ECONF_CPPFLAGS)
-+if HAVE_VENDORDIR
-+libshadow_la_CPPFLAGS += -DVENDORDIR=\"$(VENDORDIR)\"
-+endif
- 
- libshadow_la_SOURCES = \
- 	commonio.c \
-diff --git a/lib/getdef.c b/lib/getdef.c
-index ece33a78..939aea29 100644
--- a/lib/getdef.c
-+++ b/lib/getdef.c
-@@ -40,6 +40,9 @@
- #include <stdlib.h>
- #include <ctype.h>
- #include <errno.h>
-+#ifdef USE_ECONF
-+#include <libeconf.h>
-+#endif
- #include "getdef.h"
- /*
-  * A configuration item definition.
-@@ -152,11 +155,20 @@ static struct itemdef knowndef_table[] = {
- 	{NULL, NULL}
- };
- 
-+#ifdef USE_ECONF
-+#ifdef VENDORDIR
-+static const char* vendordir = VENDORDIR;
-+#else
-+static const char* vendordir = NULL;
-+#endif
-+static const char* sysconfdir = "/etc";
-+#else
- #ifndef LOGINDEFS
- #define LOGINDEFS "/etc/login.defs"
- #endif
- 
- static const char* def_fname = LOGINDEFS;	/* login config defs file       */
-+#endif
- static bool def_loaded = false;		/* are defs already loaded?     */
- 
- /* local function prototypes */
-@@ -433,7 +445,27 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
- 
- void setdef_config_file (const char* file)
- {
-+#ifdef USE_ECONF
-+	size_t len;
-+	char* cp;
-+
-+	len = strlen(file) + strlen(sysconfdir) + 2;
-+	cp = malloc(len);
-+	if (cp == NULL)
-+		exit (13);
-+	snprintf(cp, len, "%s/%s", file, sysconfdir);
-+	sysconfdir = cp;
-+#ifdef VENDORDIR
-+	len = strlen(file) + strlen(vendordir) + 2;
-+	cp = malloc(len);
-+	if (cp == NULL)
-+		exit (13);
-+	snprintf(cp, len, "%s/%s", file, vendordir);
-+	vendordir = cp;
-+#endif
-+#else
- 	def_fname = file;
-+#endif
- }
- 
- /*
-@@ -444,9 +476,16 @@ void setdef_config_file (const char* file)
- 
- static void def_load (void)
- {
-+#ifdef USE_ECONF
-+	econf_file *defs_file = NULL;
-+	econf_err error;
-+	char **keys;
-+	size_t key_number;
-+#else
- 	int i;
- 	FILE *fp;
- 	char buf[1024], *name, *value, *s;
-+#endif
- 
- 	/*
- 	 * Set the initialized flag.
-@@ -454,6 +493,42 @@ static void def_load (void)
- 	 */
- 	def_loaded = true;
- 
-+#ifdef USE_ECONF
-+
-+	error = econf_readDirs (&defs_file, vendordir, sysconfdir, "login", "defs", " \t", "#");
-+	if (error) {
-+		if (error == ECONF_NOFILE)
-+			return;
-+
-+		SYSLOG ((LOG_CRIT, "cannot open login definitions [%s]",
-+			econf_errString(error)));
-+		exit (EXIT_FAILURE);
-+	}
-+
-+	if ((error = econf_getKeys(defs_file, NULL, &key_number, &keys))) {
-+		SYSLOG ((LOG_CRIT, "cannot read login definitions [%s]",
-+			econf_errString(error)));
-+		exit (EXIT_FAILURE);
-+	}
-+
-+	for (size_t i = 0; i < key_number; i++) {
-+		char *value;
-+
-+		econf_getStringValue(defs_file, NULL, keys[i], &value);
-+
-+		/*
-+		 * Store the value in def_table.
-+		 *
-+		 * Ignore failures to load the login.defs file.
-+		 * The error was already reported to the user and to
-+		 * syslog. The tools will just use their default values.
-+		 */
-+		(void)putdef_str (keys[i], value);
-+	}
-+
-+	econf_free (keys);
-+	econf_free (defs_file);
-+#else
- 	/*
- 	 * Open the configuration definitions file.
- 	 */
-@@ -517,6 +592,7 @@ static void def_load (void)
- 	}
- 
- 	(void) fclose (fp);
-+#endif
- }
- 
- 
-diff --git a/libmisc/Makefile.am b/libmisc/Makefile.am
-index 9aed980f..7f43161f 100644
--- a/libmisc/Makefile.am
-+++ b/libmisc/Makefile.am
-@@ -1,7 +1,7 @@
- 
- EXTRA_DIST = .indent.pro xgetXXbyYY.c
- 
-AM_CPPFLAGS = -I$(top_srcdir)/lib
-+AM_CPPFLAGS = -I$(top_srcdir)/lib $(ECONF_CPPFLAGS)
- 
- noinst_LIBRARIES = libmisc.a
- 
-diff --git a/libmisc/prefix_flag.c b/libmisc/prefix_flag.c
-index cd1eec47..4fe6d195 100644
--- a/libmisc/prefix_flag.c
-+++ b/libmisc/prefix_flag.c
-@@ -96,7 +96,7 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
- 		}
- 	}
- 
-	
-+
- 
- 	if (prefix != NULL) {
- 		if ( prefix[0] == '\0' || !strcmp(prefix, "/"))
-@@ -113,7 +113,7 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
- 		group_db_file = xmalloc(len);
- 		snprintf(group_db_file, len, "%s/%s", prefix, GROUP_FILE);
- 		gr_setdbname(group_db_file);
-	
-+
- #ifdef  SHADOWGRP
- 		len = strlen(prefix) + strlen(SGROUP_FILE) + 2;
- 		sgroup_db_file = xmalloc(len);
-@@ -128,7 +128,7 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
- 		spw_db_file = xmalloc(len);
- 		snprintf(spw_db_file, len, "%s/%s", prefix, SHADOW_FILE);
- 		spw_setdbname(spw_db_file);
-		
-+
- #ifdef ENABLE_SUBIDS
- 		len = strlen(prefix) + strlen("/etc/subuid") + 2;
- 		suid_db_file = xmalloc(len);
-@@ -141,11 +141,15 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
- 		sub_gid_setdbname(sgid_db_file);
- #endif
- 
-+#ifdef USE_ECONF
-+		setdef_config_file(prefix);
-+#else
- 		len = strlen(prefix) + strlen("/etc/login.defs") + 2;
- 		def_conf_file = xmalloc(len);
- 		snprintf(def_conf_file, len, "%s/%s", prefix, "/etc/login.defs");
- 		setdef_config_file(def_conf_file);
-	}	
-+#endif
-+	}
- 
- 	if (prefix == NULL)
- 		return "";
-@@ -169,7 +173,7 @@ extern struct group *prefix_getgrnam(const char *name)
- 		fclose(fg);
- 		return grp;
- 	}
-	
-+
- 	return getgrnam(name);
- }
- 
-@@ -262,7 +266,7 @@ extern void prefix_setpwent()
- 	}
- 	if (fp_pwent)
- 		fclose (fp_pwent);
-	
-+
- 	fp_pwent = fopen(passwd_db_file, "rt");
- 	if(!fp_pwent)
- 		return;
-@@ -293,7 +297,7 @@ extern void prefix_setgrent()
- 	}
- 	if (fp_grent)
- 		fclose (fp_grent);
-	
-+
- 	fp_grent = fopen(group_db_file, "rt");
- 	if(!fp_grent)
- 		return;
-diff --git a/src/Makefile.am b/src/Makefile.am
-index f7f132ee..451816d7 100644
--- a/src/Makefile.am
-+++ b/src/Makefile.am
-@@ -88,42 +88,43 @@ else
- LIBCRYPT_NOPAM = $(LIBCRYPT)
- endif
- 
-chage_LDADD    = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
-+chage_LDADD    = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
- newuidmap_LDADD    = $(LDADD) $(LIBSELINUX) $(LIBCAP)
- newgidmap_LDADD    = $(LDADD) $(LIBSELINUX) $(LIBCAP)
-chfn_LDADD     = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
-chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT)
-chsh_LDADD     = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
-chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT)
-gpasswd_LDADD  = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT)
-groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
-groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
-groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX)
-groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
-grpck_LDADD    = $(LDADD) $(LIBSELINUX)
-grpconv_LDADD  = $(LDADD) $(LIBSELINUX)
-grpunconv_LDADD = $(LDADD) $(LIBSELINUX)
-lastlog_LDADD   = $(LDADD) $(LIBAUDIT)
-+chfn_LDADD     = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
-+chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF)
-+chsh_LDADD     = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
-+chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF)
-+expiry_LDADD = $(LDADD) $(LIBECONF)
-+gpasswd_LDADD  = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF)
-+groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
-+groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
-+groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBECONF)
-+groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
-+grpck_LDADD    = $(LDADD) $(LIBSELINUX) $(LIBECONF)
-+grpconv_LDADD  = $(LDADD) $(LIBSELINUX) $(LIBECONF)
-+grpunconv_LDADD = $(LDADD) $(LIBSELINUX) $(LIBECONF)
-+lastlog_LDADD   = $(LDADD) $(LIBAUDIT) $(LIBECONF)
- login_SOURCES  = \
- 	login.c \
- 	login_nopam.c
-login_LDADD    = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
-newgrp_LDADD   = $(LDADD) $(LIBAUDIT) $(LIBCRYPT)
-newusers_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT)
-+login_LDADD    = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
-+newgrp_LDADD   = $(LDADD) $(LIBAUDIT) $(LIBCRYPT) $(LIBECONF)
-+newusers_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF)
- nologin_LDADD  =
-passwd_LDADD   = $(LDADD) $(LIBPAM) $(LIBCRACK) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM)
-pwck_LDADD     = $(LDADD) $(LIBSELINUX)
-pwconv_LDADD   = $(LDADD) $(LIBSELINUX)
-pwunconv_LDADD = $(LDADD) $(LIBSELINUX)
-+passwd_LDADD   = $(LDADD) $(LIBPAM) $(LIBCRACK) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBECONF)
-+pwck_LDADD     = $(LDADD) $(LIBSELINUX) $(LIBECONF)
-+pwconv_LDADD   = $(LDADD) $(LIBSELINUX) $(LIBECONF)
-+pwunconv_LDADD = $(LDADD) $(LIBSELINUX) $(LIBECONF)
- su_SOURCES     = \
- 	su.c \
- 	suauth.c
-su_LDADD       = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
-sulogin_LDADD  = $(LDADD) $(LIBCRYPT)
-useradd_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR)
-userdel_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE)
-usermod_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR)
-vipw_LDADD     = $(LDADD) $(LIBSELINUX)
-+su_LDADD       = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
-+sulogin_LDADD  = $(LDADD) $(LIBCRYPT) $(LIBECONF)
-+useradd_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF)
-+userdel_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBECONF)
-+usermod_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF)
-+vipw_LDADD     = $(LDADD) $(LIBSELINUX) $(LIBECONF)
- 
- install-am: all-am
- 	$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
--- a/shadow-usermod-variable.patch
+++ b/shadow-usermod-variable.patch
@ -1,28 +0,0 @@
-From fc0ed79e5d700b4a730235fe88e60951717edc6e Mon Sep 17 00:00:00 2001
-From: Stanislav Brabec <sbrabec@suse.cz>
-Date: Fri, 26 Jul 2019 21:39:42 +0200
-Subject: [PATCH] usermod.c: Fix invalid variable name
-
-Fix invalid LASTLOG_MAX_UID variable name to correct LASTLOG_UID_MAX.
-
-Signed-off-by: Stanislav Brabec <sbrabec@suse.cz>
---
- src/usermod.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/usermod.c b/src/usermod.c
-index c3718864..0ae50e34 100644
--- a/src/usermod.c
-+++ b/src/usermod.c
-@@ -1879,7 +1879,7 @@ static void update_lastlog (void)
- 		return;
- 	}
- 
-	max_uid = (uid_t) getdef_ulong ("LASTLOG_MAX_UID", 0xFFFFFFFFUL);
-+	max_uid = (uid_t) getdef_ulong ("LASTLOG_UID_MAX", 0xFFFFFFFFUL);
- 	if (user_newid > max_uid) {
- 		/* do not touch lastlog for large uids */
- 		return;
-- 
-2.22.0
-