pool/shadow
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 497756 from Base:System

Browse Source 
- New upstream version 4.5
- Refreshed patches:
  * shadow-login_defs.patch
  * chkname-regex.patch
  * getdef-new-defs.patch
  * useradd-mkdirs.patch
- Upstreamed patches:
  * shadow-4.1.5.1-manfix.patch
  * shadow-4.1.5.1-errmsg.patch
  * shadow-4.1.5.1-backup-mode.patch
  * shadow-4.1.5.1-audit-owner.patch
  * shadow-4.2.1-defs-chroot.patch
  * shadow-4.2.1-merge-group.patch
  * Fix-user-busy-errors-at-userdel.patch
  * useradd-clear-tallylog.patch
- shadow-4.1.5.1-pam_group.patch
  dynamically added users via pam_group are not listed in groups
  databases but are still valid
- shadow.keyring: update keyring with current maintainer's keyid
  only - Serge Hallyn 'F1D08DB778185BF784002DFFE9FEEA06A85E3F9D'
- disable_new_audit_function.patch:
  Disable newer libaudit functionality for older distributions

OBS-URL: https://build.opensuse.org/request/show/497756
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/shadow?expand=0&rev=19
This commit is contained in:
Dominique Leuenberger 2017-06-02 08:29:42 +00:00 committed by Git OBS Bridge
commit b87ae2ad63
21 changed files with 219 additions and 24661 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
Fix-user-busy-errors-at-userdel.patch
View File

@ -1,42 +0,0 @@
From 546e2ae44955510b06a922647796ec54744f10ce Mon Sep 17 00:00:00 2001
From: Bastian Blank <bastian.blank@credativ.de>
Date: Tue, 17 Nov 2015 10:52:24 -0600
Subject: [PATCH 17/17] Fix user busy errors at userdel
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
---
libmisc/user_busy.c | 9 +++++++++
1 file changed, 9 insertions(+)
--- libmisc/user_busy.c
+++ libmisc/user_busy.c
@@ -175,6 +175,9 @@ static int user_busy_processes (const char *name, uid_t uid)
if (stat ("/", &sbroot) != 0) {
perror ("stat (\"/\")");
(void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+ sub_uid_close();
+#endif
return 0;
}
@@ -212,6 +215,9 @@ static int user_busy_processes (const char *name, uid_t uid)
if (check_status (name, tmp_d_name, uid) != 0) {
(void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+ sub_uid_close();
+#endif
fprintf (stderr,
_("%s: user %s is currently used by process %d\n"),
Prog, name, pid);
@@ -232,6 +238,9 @@ static int user_busy_processes (const char *name, uid_t uid)
}
if (check_status (name, task_path+6, uid) != 0) {
(void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+ sub_uid_close();
+#endif
fprintf (stderr,
_("%s: user %s is currently used by process %d\n"),
Prog, name, pid);

11
chkname-regex.patch
View File

@ -1,6 +1,8 @@
--- lib/getdef.c Index: lib/getdef.c
===================================================================
--- lib/getdef.c.orig
+++ lib/getdef.c +++ lib/getdef.c
@@ -51,6 +51,7 @@ struct itemdef { @@ -77,6 +77,7 @@ struct itemdef {
#define NUMDEFS (sizeof(def_table)/sizeof(def_table[0])) #define NUMDEFS (sizeof(def_table)/sizeof(def_table[0]))
static struct itemdef def_table[] = { static struct itemdef def_table[] = {
@ -8,7 +10,9 @@
{"CHFN_RESTRICT", NULL}, {"CHFN_RESTRICT", NULL},
{"CONSOLE_GROUPS", NULL}, {"CONSOLE_GROUPS", NULL},
{"CONSOLE", NULL}, {"CONSOLE", NULL},
--- libmisc/chkname.c Index: libmisc/chkname.c
===================================================================
--- libmisc/chkname.c.orig
+++ libmisc/chkname.c +++ libmisc/chkname.c
@@ -43,30 +43,57 @@ @@ -43,30 +43,57 @@
#ident "$Id$" #ident "$Id$"
@ -81,3 +85,4 @@
+ regfree(&reg); + regfree(&reg);
return true; return true;
} }

28
disable_new_audit_function.patch Normal file
View File

@ -0,0 +1,28 @@
Index: shadow-4.5/src/lastlog.c
===================================================================
--- shadow-4.5.orig/src/lastlog.c
+++ shadow-4.5/src/lastlog.c
@@ -221,12 +221,15 @@ static void update_one (/*@null@*/const
strcpy (ll.ll_host, "localhost");
#endif
strcpy (ll.ll_line, "lastlog");
+/*
#ifdef WITH_AUDIT
audit_logger (AUDIT_ACCT_UNLOCK, Prog,
"clearing-lastlog",
pw->pw_name, (unsigned int) pw->pw_uid, SHADOW_AUDIT_SUCCESS);
#endif
+*/
}
+/*
#ifdef WITH_AUDIT
else {
audit_logger (AUDIT_ACCT_UNLOCK, Prog,
@@ -234,6 +237,7 @@ static void update_one (/*@null@*/const
pw->pw_name, (unsigned int) pw->pw_uid, SHADOW_AUDIT_SUCCESS);
}
#endif
+*/
if (fwrite (&ll, sizeof(ll), 1, lastlogfile) != 1) {
fprintf (stderr,

16
getdef-new-defs.patch
View File

@ -1,6 +1,8 @@
--- lib/getdef.c Index: lib/getdef.c
===================================================================
--- lib/getdef.c.orig
+++ lib/getdef.c +++ lib/getdef.c
@@ -65,6 +65,7 @@ static struct itemdef def_table[] = { @@ -91,6 +91,7 @@ static struct itemdef def_table[] = {
{"FAKE_SHELL", NULL}, {"FAKE_SHELL", NULL},
{"GID_MAX", NULL}, {"GID_MAX", NULL},
{"GID_MIN", NULL}, {"GID_MIN", NULL},
@ -8,7 +10,7 @@
{"HUSHLOGIN_FILE", NULL}, {"HUSHLOGIN_FILE", NULL},
{"KILLCHAR", NULL}, {"KILLCHAR", NULL},
{"LOGIN_RETRIES", NULL}, {"LOGIN_RETRIES", NULL},
@@ -100,7 +101,10 @@ static struct itemdef def_table[] = { @@ -126,7 +127,10 @@ static struct itemdef def_table[] = {
{"UID_MAX", NULL}, {"UID_MAX", NULL},
{"UID_MIN", NULL}, {"UID_MIN", NULL},
{"UMASK", NULL}, {"UMASK", NULL},
@ -18,10 +20,10 @@
+ {"USERDEL_POSTCMD", NULL}, + {"USERDEL_POSTCMD", NULL},
{"USERGROUPS_ENAB", NULL}, {"USERGROUPS_ENAB", NULL},
#ifndef USE_PAM #ifndef USE_PAM
{"CHFN_AUTH", NULL}, PAMDEFS
@@ -136,6 +140,10 @@ static struct itemdef def_table[] = { @@ -149,6 +153,10 @@ static struct itemdef knowndef_table[] =
{"TCB_SYMLINKS", NULL}, #ifdef USE_PAM
{"USE_TCB", NULL}, PAMDEFS
#endif #endif
+ /* Used by /bin/login */ + /* Used by /bin/login */
+ {"MOTD_FILE", NULL}, + {"MOTD_FILE", NULL},

31
shadow-4.1.5.1-audit-owner.patch
View File

@ -1,31 +0,0 @@
--- src/usermod.c
+++ src/usermod.c
@@ -1808,6 +1808,14 @@ static void move_home (void)
fail_exit (E_HOMEDIR);
}
+#ifdef WITH_AUDIT
+ if (uflg || gflg) {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing home directory owner",
+ user_newname, (unsigned int) user_newid, 1);
+ }
+#endif
+
if (rename (user_home, user_newhome) == 0) {
/* FIXME: rename above may have broken symlinks
* pointing to the user's home directory
@@ -2254,6 +2262,13 @@ int main (int argc, char **argv)
* ownership.
*
*/
+#ifdef WITH_AUDIT
+ if (uflg || gflg) {
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing home directory owner",
+ user_newname, (unsigned int) user_newid, 1);
+ }
+#endif
if (chown_tree (dflg ? user_newhome : user_home,
user_id,
uflg ? user_newid : (uid_t)-1,

19
shadow-4.1.5.1-backup-mode.patch
View File

@ -1,19 +0,0 @@
--- lib/commonio.c
+++ lib/commonio.c
@@ -301,15 +301,12 @@ static int create_backup (const char *backup, FILE * fp)
struct utimbuf ub;
FILE *bkfp;
int c;
- mode_t mask;
if (fstat (fileno (fp), &sb) != 0) {
return -1;
}
- mask = umask (077);
- bkfp = fopen (backup, "w");
- (void) umask (mask);
+ bkfp = fopen_set_perms (backup, "w", &sb);
if (NULL == bkfp) {
return -1;
}

22
shadow-4.1.5.1-errmsg.patch
View File

@ -1,22 +0,0 @@
--- src/useradd.c
+++ src/useradd.c
@@ -1896,6 +1896,9 @@ static void create_home (void)
if (access (user_home, F_OK) != 0) {
#ifdef WITH_SELINUX
if (set_selinux_file_context (user_home) != 0) {
+ fprintf (stderr,
+ _("%s: cannot set SELinux context for home directory %s\n"),
+ Prog, user_home);
fail_exit (E_HOMEDIR);
}
#endif
@@ -1925,6 +1928,9 @@ static void create_home (void)
#ifdef WITH_SELINUX
/* Reset SELinux to create files with default contexts */
if (reset_selinux_file_context () != 0) {
+ fprintf (stderr,
+ _("%s: cannot reset SELinux file creation context\n"),
+ Prog);
fail_exit (E_HOMEDIR);
}
#endif

11
shadow-4.1.5.1-manfix.patch
View File

@ -1,11 +0,0 @@
--- man/useradd.8.xml
+++ man/useradd.8.xml
@@ -351,7 +351,7 @@
</varlistentry>
<varlistentry>
<term>
- <option>-M</option>
+ <option>-M</option>, <option>--no-create-home</option>
</term>
<listitem>
<para>

50
shadow-4.1.5.1-pam_group.patch Normal file
View File

@ -0,0 +1,50 @@
Date: Thu Apr 6 16:04:17 CEST 2017
Bug: bnc#1031643
Upstream: https://github.com/shadow-maint/shadow/pull/74
dynamically added users via pam_group are not listed in groups
databases but are still valid.
Index: shadow-4.1.5.1/src/newgrp.c
===================================================================
--- shadow-4.1.5.1.orig/src/newgrp.c
+++ shadow-4.1.5.1/src/newgrp.c
@@ -372,6 +372,7 @@ int main (int argc, char **argv)
{
bool initflag = false;
int i;
+ bool is_member = false;
bool cflag = false;
int err = 0;
gid_t gid;
@@ -610,6 +611,18 @@ int main (int argc, char **argv)
goto failure;
}
+#ifdef HAVE_SETGROUPS
+ /* when using pam_group, she will not be listed in the groups
+ * database. However getgroups() will return the group. So
+ * if she is listed there already it is ok to grant membership.
+ */
+ for (i = 0; i < ngroups; i++) {
+ if (grp->gr_gid == grouplist[i]) {
+ is_member = true;
+ break;
+ }
+ }
+#endif /* HAVE_SETGROUPS */
/*
* For splitted groups (due to limitations of NIS), check all
* groups of the same GID like the requested group for
@@ -638,7 +651,9 @@ int main (int argc, char **argv)
/*
* Check if the user is allowed to access this group.
*/
- check_perms (grp, pwd, group);
+ if (!is_member) {
+ check_perms (grp, pwd, group);
+ }
/*
* all successful validations pass through this point. The group id

23
shadow-4.2.1-defs-chroot.patch
View File

@ -1,23 +0,0 @@
--- src/useradd.c
+++ src/useradd.c
@@ -2054,8 +2054,8 @@ int main (int argc, char **argv)
#endif /* ACCT_TOOLS_SETUID */
/* Needed for userns check */
- uid_t uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
- uid_t uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
+ uid_t uid_min;
+ uid_t uid_max;
/*
* Get my name so that I can use it to report errors.
@@ -2073,6 +2073,9 @@ int main (int argc, char **argv)
audit_help_open ();
#endif
+ uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
+ uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
+
sys_ngroups = sysconf (_SC_NGROUPS_MAX);
user_groups = (char **) xmalloc ((1 + sys_ngroups) * sizeof (char *));
/*

12
shadow-4.2.1-merge-group.patch
View File

@ -1,12 +0,0 @@
--- lib/groupio.c
+++ lib/groupio.c
@@ -335,8 +335,7 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
errno = ENOMEM;
return NULL;
}
- snprintf(new_line, new_line_len, "%s\n%s", gr1->line, gr2->line);
- new_line[new_line_len] = '\0';
+ snprintf(new_line, new_line_len + 1, "%s\n%s", gr1->line, gr2->line);
/* Concatenate the 2 list of members */
for (i=0; NULL != gptr1->gr_mem[i]; i++);

3
shadow-4.2.1.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3b0893d1476766868cd88920f4f1231c4795652aa407569faff802bcda0f3d41
size 1594536

17
shadow-4.2.1.tar.xz.sig
View File

@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIVAwUAU21C6YcvcCxNbiWoAQIQRxAAl0Z2MtGkjKax2n7GVtexbvlNMK9VI/bo
N9mdKOwfDEJt0ZUZ5ZP9JOBFPbn87nO/EtufQSVjlMQivuY2n7o4y3kXAQlEy1UA
oAaD0FUDku5beKS+SJoPZUj4l60giFV8wM+njsz3K+BD/skIr+VpMPxikhMRfVA5
NPV0tMId03iClDpONfVSOu83BwJoiURG6amJRyq+skzEA4JIIPMkr2Ach65HNBmv
zwhb1Xyi1IQ75TyAI0qL1NiFNasoosWIndmBYwbsu+F+nn0Tvwn2LZ5Ah6i918Vz
+eJl2cD9KAyacMlLF/kQ3fd5jDuZ95ep+psxU/CvlENb2HVIVpBrGqi9D1mJvAc1
zzMt3SJVxt3Qyn5mlF6q6M/Hi3XmwC9otxxUF0DRgb9BlrIvwzdcwXEscrb0Z9T6
uu7JPadUiubmmmgKpZawc5DEDoDsW8a3l807dfEjQ64mFZZL1Yihzt3apeEd8NbL
34yBWBI7jAOHeYBocZ2FK4FJeyyLojTic9a5UZrE/8RmzEfJHR2/3Sb4DMG/OKcf
xvNG3Kp5ku5GCDEjfZgtW+ffI9hnQ/HknGUUMRfDopInBNpmDf6t2qt5eNLvRYzN
ACQRUS9YpUhGu3tYGcJgmtmHze1t8Y6/QkxEvjV7NbIi6T6h7BJG8XVVbM9WayfJ
KdnV8qS2bxQ=
=sUFz
-----END PGP SIGNATURE-----

3
shadow-4.5.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:fc8c858381ad577a5c25ff5beb6ee60a34f8719c73e4e7c61e74188b4e54b741
size 1626704

11
shadow-4.5.tar.xz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABCgAGBQJZHKsTAAoJEOn+6gaoXj+dIT8H/2UNtVDHrtXk4Z6d5RGZPKvs
eBOiK03Mk89jtD1YFBLu4kk2tkFP86lylfRdnQisqAovLwsOF36gAoZUK/0X71x3
AcyYUEno2Go8Sf+Ol432+Tj6FdBG3n/yXzroh7PmxG58PBMV1PBm95RLZ/uVp7hz
WLtrd8FL4QC4fe0rt00BOb2bW6Bbcx+XiXI6QCvLwtQi2bnJt2DcIYxiqZPni4YT
FUAClxYB/hHbjChg3EMFn8JZkaf8SLMuiyLGYKNbqLaXu88/El80QYATSuCNH14y
ywMYEXxKHIiaJ+KnNfjUb3fXHlWyaeWDltguIr0EMfIjF5VrtN4fKxsJy8ZJtMc=
=G9lG
-----END PGP SIGNATURE-----

16
shadow-login_defs.patch
View File

@ -1,4 +1,6 @@
--- etc/login.defs Index: etc/login.defs
===================================================================
--- etc/login.defs.orig
+++ etc/login.defs +++ etc/login.defs
@@ -1,8 +1,5 @@ @@ -1,8 +1,5 @@
# #
@ -333,12 +335,19 @@
# #
# If set to a non-zero number, the shadow utilities will make sure that # If set to a non-zero number, the shadow utilities will make sure that
@@ -391,5 +255,40 @@ USERGROUPS_ENAB yes @@ -391,10 +255,47 @@ USERGROUPS_ENAB yes
# This option is overridden with the -M or -m flags on the useradd(8) # This option is overridden with the -M or -m flags on the useradd(8)
# command-line. # command-line.
# #
-#CREATE_HOME yes -#CREATE_HOME yes
+CREATE_HOME no +CREATE_HOME no
#
# Force use shadow, even if shadow passwd & shadow group files are
# missing.
#
-#FORCE_SHADOW yes
+FORCE_SHADOW no
+ +
+# +#
+# User/group names must match the following regex expression. +# User/group names must match the following regex expression.
@ -347,7 +356,7 @@
+# +#
+#CHARACTER_CLASS [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\? +#CHARACTER_CLASS [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\?
+CHARACTER_CLASS [ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_][ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-]*[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.$-]\? +CHARACTER_CLASS [ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_][ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-]*[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.$-]\?
+
+# +#
+# If defined, this command is run when adding a group. +# If defined, this command is run when adding a group.
+# It should rebuild any NIS database etc. to add the +# It should rebuild any NIS database etc. to add the
@ -375,3 +384,4 @@
+# account from it. +# account from it.
+# +#
+USERDEL_POSTCMD /usr/sbin/userdel-post.local +USERDEL_POSTCMD /usr/sbin/userdel-post.local
+

26
shadow.changes
View File

@ -1,3 +1,29 @@
-------------------------------------------------------------------
Mon May 22 13:31:25 UTC 2017 - adam.majer@suse.de
- New upstream version 4.5
- Refreshed patches:
* shadow-login_defs.patch
* chkname-regex.patch
* getdef-new-defs.patch
* useradd-mkdirs.patch
- Upstreamed patches:
* shadow-4.1.5.1-manfix.patch
* shadow-4.1.5.1-errmsg.patch
* shadow-4.1.5.1-backup-mode.patch
* shadow-4.1.5.1-audit-owner.patch
* shadow-4.2.1-defs-chroot.patch
* shadow-4.2.1-merge-group.patch
* Fix-user-busy-errors-at-userdel.patch
* useradd-clear-tallylog.patch
- shadow-4.1.5.1-pam_group.patch
dynamically added users via pam_group are not listed in groups
databases but are still valid
- shadow.keyring: update keyring with current maintainer's keyid
only - Serge Hallyn 'F1D08DB778185BF784002DFFE9FEEA06A85E3F9D'
- disable_new_audit_function.patch:
Disable newer libaudit functionality for older distributions
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Feb 20 07:28:24 UTC 2017 - josef.moellers@suse.com Mon Feb 20 07:28:24 UTC 2017 - josef.moellers@suse.com

24401
shadow.keyring
View File

File diff suppressed because it is too large Load Diff

37
shadow.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package shadow # spec file for package shadow
# #
# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -20,11 +20,11 @@ Summary: Utilities to Manage User and Group Accounts
License: BSD-3-Clause and GPL-2.0+ License: BSD-3-Clause and GPL-2.0+
Group: System/Base Group: System/Base
Name: shadow Name: shadow
Version: 4.2.1 Version: 4.5
Release: 0 Release: 0
Url: http://pkg-shadow.alioth.debian.org/ Url: https://github.com/shadow-maint/shadow
Source: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.xz Source: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz
Source42: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.xz.sig Source42: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz.asc
Source43: %name.keyring Source43: %name.keyring
Source1: pamd.tar.bz2 Source1: pamd.tar.bz2
Source2: README.changes-pwdutils Source2: README.changes-pwdutils
@ -39,26 +39,21 @@ Patch2: useradd-script.patch
Patch3: chkname-regex.patch Patch3: chkname-regex.patch
Patch4: useradd-default.patch Patch4: useradd-default.patch
Patch5: getdef-new-defs.patch Patch5: getdef-new-defs.patch
Patch6: shadow-4.1.5.1-manfix.patch Patch6: shadow-4.1.5.1-userdel-helpfix.patch
Patch7: shadow-4.1.5.1-logmsg.patch Patch7: shadow-4.1.5.1-logmsg.patch
Patch8: shadow-4.1.5.1-errmsg.patch
Patch9: shadow-4.1.5.1-backup-mode.patch
Patch10: encryption_method_nis.patch Patch10: encryption_method_nis.patch
Patch11: useradd-mkdirs.patch Patch11: useradd-mkdirs.patch
Patch12: shadow-4.1.5.1-audit-owner.patch Patch18: shadow-4.1.5.1-pam_group.patch
Patch13: shadow-4.1.5.1-userdel-helpfix.patch Patch20: disable_new_audit_function.patch
Patch14: shadow-4.2.1-defs-chroot.patch
Patch15: shadow-4.2.1-merge-group.patch
Patch16: Fix-user-busy-errors-at-userdel.patch
Patch17: useradd-clear-tallylog.patch
Requires: aaa_base Requires: aaa_base
BuildRequires: audit-devel BuildRequires: audit-devel > 2.3
BuildRequires: libacl-devel BuildRequires: libacl-devel
BuildRequires: libattr-devel BuildRequires: libattr-devel
BuildRequires: libselinux-devel BuildRequires: libselinux-devel
BuildRequires: libsemanage-devel BuildRequires: libsemanage-devel
BuildRequires: pam-devel BuildRequires: pam-devel
BuildRequires: xz
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: permissions PreReq: permissions
Provides: pwdutils = 3.2.20 Provides: pwdutils = 3.2.20
@ -79,16 +74,12 @@ group accounts.
%patch5 -p0 %patch5 -p0
%patch6 -p0 %patch6 -p0
%patch7 -p0 %patch7 -p0
%patch8 -p0
%patch9 -p0
%patch10 -p0 %patch10 -p0
%patch11 -p0 %patch11 -p0
%patch12 -p0 %patch18 -p1
%patch13 -p0 %if 0%{?suse_version} < 1330
%patch14 -p0 %patch20 -p1
%patch15 -p0 %endif
%patch16 -p0
%patch17 -p1
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
mv -v doc/HOWTO.utf8 doc/HOWTO mv -v doc/HOWTO.utf8 doc/HOWTO

91
useradd-clear-tallylog.patch
View File

@ -1,91 +0,0 @@
Index: shadow-4.2.1/src/useradd.c
===================================================================
--- shadow-4.2.1.orig/src/useradd.c
+++ shadow-4.2.1/src/useradd.c
@@ -51,7 +51,9 @@
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
+#include <sys/wait.h>
#include <time.h>
+#include <unistd.h>
#include "chkname.h"
#include "defines.h"
#include "faillog.h"
@@ -213,6 +215,7 @@ static void open_files (void);
static void open_shadow (void);
static void faillog_reset (uid_t);
static void lastlog_reset (uid_t);
+static void tallylog_reset (char *);
static void usr_update (void);
static void create_home (void);
static void create_mail (void);
@@ -1789,6 +1792,52 @@ static void lastlog_reset (uid_t uid)
}
}
+static void tallylog_reset (char *user_name)
+{
+ static const char pam_tally2[] = "/sbin/pam_tally2";
+ const char *pname;
+ pid_t childpid;
+ int failed;
+ int status;
+
+ if (access(pam_tally2, X_OK) == -1)
+ return;
+
+ failed = 0;
+ switch (childpid = fork())
+ {
+ case -1: /* error */
+ failed = 1;
+ break;
+ case 0: /* child */
+ pname = strrchr(pam_tally2, '/');
+ if (pname == NULL)
+ pname = pam_tally2;
+ else
+ pname++; /* Skip the '/' */
+ execl(pam_tally2, pname, "--user", user_name, "--reset", "--quiet", NULL);
+ /* If we come here, something has gone terribly wrong */
+ perror(pam_tally2);
+ exit(42); /* don't continue, we now have 2 processe running! */
+ /* NOTREACHED */
+ break;
+ default: /* parent */
+ if (waitpid(childpid, &status, 0) == -1 || !WIFEXITED(status) || WEXITSTATUS(status) != 0)
+ failed = 3;
+ break;
+ }
+
+ if (failed)
+ {
+ fprintf (stderr,
+ _("%s: failed to reset the tallylog entry of user \"%s\"\n"),
+ Prog, user_name);
+ SYSLOG ((LOG_WARN, "failed to reset the tallylog entry of user \"%s\"", user_name));
+ }
+
+ return;
+}
+
/*
* usr_update - create the user entries
*
@@ -2286,6 +2335,15 @@ int main (int argc, char **argv)
close_files ();
+ /*
+ * tallylog_reset needs to be able to lookup
+ * a valid existing user name,
+ * so we canot call it before close_files()
+ */
+ if ((!lflg) && (getpwuid (user_id) != NULL)) {
+ tallylog_reset (user_name);
+ }
+
#ifdef WITH_SELINUX
if (Zflg) {
if (set_seuser (user_name, user_selinux) != 0) {

8
useradd-mkdirs.patch
View File

@ -1,6 +1,8 @@
--- src/useradd.c Index: src/useradd.c
===================================================================
--- src/useradd.c.orig
+++ src/useradd.c +++ src/useradd.c
@@ -1894,6 +1894,13 @@ static void usr_update (void) @@ -1943,6 +1943,13 @@ static void usr_update (void)
static void create_home (void) static void create_home (void)
{ {
if (access (user_home, F_OK) != 0) { if (access (user_home, F_OK) != 0) {
@ -14,7 +16,7 @@
#ifdef WITH_SELINUX #ifdef WITH_SELINUX
if (set_selinux_file_context (user_home) != 0) { if (set_selinux_file_context (user_home) != 0) {
fprintf (stderr, fprintf (stderr,
@@ -1902,19 +1909,42 @@ static void create_home (void) @@ -1951,19 +1958,42 @@ static void create_home (void)
fail_exit (E_HOMEDIR); fail_exit (E_HOMEDIR);
} }
#endif #endif