pool/shadow
SHA256
4
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: pool:factory
Branches Tags
pool:factory
pool:devel
testing:factory
testing:main
..
compare: testing:main
Branches Tags
testing:factory
testing:main
pool:factory
pool:devel

No commits in common. "factory" and "main" have entirely different histories.
factory ... main

7 changed files with 34 additions and 170 deletions
Show Stats Expand all files Collapse all files

3
shadow-4.16.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b78e3921a95d53282a38e90628880624736bf6235e36eea50c50835f59a3530b
size 2204832

16
shadow-4.16.0.tar.xz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEflbiwT+nfOMVWa3JfcJMNsM0HSAFAmZyBfQACgkQfcJMNsM0
HSA4PxAA57RSvccAbXTTmp2sHMZVPbzizydThuGgqY/4F9egRvywUUlNy0vz/QAA
e0u8ja+paKhLjXg4HvA/Ejy+gtAE5NuvNCr/ihL8Xii6s/GH6OaW8EDcL0509j7L
PchWYkHYSqwdqdjLoy6NroaaEEllAzVEeNp2UzN9F7jllteF8gDjqY2j8SLqrkmm
Xb15kzk6mbqk5BxAOoZmgoRRDw+YRCBA2EzN0ztwR0h1rjwoCjebQk3E/qV+fM1t
pKKYVTnLRmb9E2tvPR1Oibzercisi/+6Z7br+Xh1Gz/mfZ++4CiOQrJndUTBj9zU
v7GEHMEdV8qz/Qzvh1eyxA7KX5zZqbXT3I/+kRvX01CJtI64MVdEOOqSeup794fr
QlaptfoAfe+ZS6exe1SwY2tZkoX4qXeeUNQXRBo8GJlG9auMA46U2CjtRGgyK6BK
cf/YkzUr9aTWExL3d2tZJzvEX80AHSR+MF2kW8UzIQI8hch1Pncp8an6NfLFbmsl
nyz5+GqrSuc1gNe7wnz5Lkxk3q4epmvdPcyrb16XDr42k3dP0IWZE50c8Caf05Nq
9zJC+It75nX7PFbGcZnNgE6sjsc6MB28O2wUb4Z51IU+s8hzthk2P4v0gq30TgrZ
vKTXxIYwp+yLii1sSTWUdE8a6vNK93cQki5uuB3R6VeNVBMZJA0=
=bB1D
-----END PGP SIGNATURE-----

3
shadow-4.17.3.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:09e896c7b01c97ba4be2d6be332c55a3e478b4893cd3c3466d8224e622bd4943
size 2327984

11
shadow-4.17.3.tar.xz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEqb0/8XByttt4D8+UNXDaFycKziQFAme8gVkACgkQNXDaFycK
ziRkVwf6Ahy0Da0tlS1sUFes+5I9Vx0VVbjTZVMF7rTmhIDPE+3iCDSeXzeD2I+O
zOdZFfsQndWLowIcaRap6qmvq0HltH5+eQYKAuRulYS914DCoXJ4R14+e+SCVmMs
Zy/yRTu45vIp6PkM2tcGS/QCFpu883L3LrAJIHoq+uoccLC6NqfI68Hhxm5RhQHZ
NwdGEDTJrfaR+f8G57oFjCWkIfCh1hFKJPFzwIOWWLjwUG3Glp4LYCSmq9BYacOq
JMjCgLeJUwGZ/Kj1xttO19LO6+imUgL01Tz73rNcQSEg98JiPF9pa467BcXf8Yd5
I2aRTr9TncOHyd9SO8cToeeGwoPI9A==
=/pR6
-----END PGP SIGNATURE-----

4
shadow-login_defs-suse.patch
View File

@ -82,7 +82,7 @@ Index: etc/login.defs
# System accounts # System accounts
-SYS_UID_MIN 101 -SYS_UID_MIN 101
-SYS_UID_MAX 999 -SYS_UID_MAX 999
+SYS_UID_MIN 201 +SYS_UID_MIN 100
+SYS_UID_MAX 499 +SYS_UID_MAX 499
# Extra per user uids # Extra per user uids
SUB_UID_MIN 100000 SUB_UID_MIN 100000
@ -93,7 +93,7 @@ Index: etc/login.defs
# System accounts # System accounts
-SYS_GID_MIN 101 -SYS_GID_MIN 101
-SYS_GID_MAX 999 -SYS_GID_MAX 999
+SYS_GID_MIN 201 +SYS_GID_MIN 100
+SYS_GID_MAX 499 +SYS_GID_MAX 499
# Extra per user group ids # Extra per user group ids
SUB_GID_MIN 100000 SUB_GID_MIN 100000

150
shadow.changes
View File

@ -1,153 +1,3 @@
-------------------------------------------------------------------
Mon Feb 24 15:52:45 UTC 2025 - Michael Vetter <mvetter@suse.com>
- Update to 4.17.3:
* chsh: do not warn about blank shell
* lib/: Use strisdigit() instead of its pattern
* lib/string/ctype/strisascii/: strisdigit(): Add function
* lib/string/: Add comments expanding the letter-soup API names
* lib/basename.c: Basename(): Use stprcspn() instead of its pattern
* lib/string/strspn/, lib/, src/: stprspn(), strrspn_(): Split API into function and macro
* lib/string/strspn/, lib/, src/: Move *spn() APIs to separate subdir
* lib/string/strchr/: strrcspn(), stprcspn(): Add function and macro
* src/useradd.c: Use !strcaseeq() instead of its pattern
* lib/, src/: Use strcaseeq() instead of its pattern
* lib/string/strcmp/: strcaseeq(): Add function
* man/useradd.8.xml: Document new exit code 19 (E_BAD_NAME)
* src/useradd.c: E_BAD_NAME: Use a different error code for bad login names
* src/useradd.c: create_home(): Use !streq() instead of its pattern
* lib/chkname.c: is_valid_name(): Use streq() instead of its pattern
* configure.ac, lib/: Use __has_include(<gshadow.h>) instead of HAVE_GSHADOW_H
* configure.ac: Remove unused AC_CHECK_HEADERS() checks
* configure.ac, lib/: Use __has_include(<sys/capability.h>) instead of HAVE_SYS_CAPABILITY_H
* lib/idmapping.c: Unconditionally include <sys/prctl.h>
* lib/: Use __has_include(<security/openpam.h>) instead of HAVE_SECURITY_OPENPAM_H
* lib/: Use __has_include(<security/pam_misc.h>) instead of HAVE_SECURITY_PAM_MISC_H
* configure.ac, lib/: Use __has_include(<sys/random.h>) instead of HAVE_SYS_RANDOM_H
* configure.ac, lib/: Use __has_include(<crypt.h>) instead of HAVE_CRYPT_H
* lib/, src/: motd(): Report errors instead of exiting from library code
* lib/motd.c: motd(): Invert logic to reduce indentation
* lib/, src/, doc/: Remove pw_auth()'s $3 as dead code
* lib/pwauth.*: PW_{ADD,CHANGE,DELETE,FTP,REXEC}: Remove dead code
* lib/, src/, doc/: Remove dead code
* src/vipw.c: Restore the original terminal pgrp after editing
* lib/, src/: Use agetgroups() instead of its pattern
* lib/shadow/grp/: agetgroups(): Add function
* configure.ac, lib/, src/: Use gid_t instead of GETGROUPS_T
* lib/adds.h: addslN(): Use QSORT() instead of its pattern
* lib/search/sort/: QSORT(): Add macro
* lib/addgrps.c: add_groups(): Remove arbitrary limit
* lib/, src/: Rename variables
* lib/addgrps.c: add_groups(): Reallocate at once
* lib/string/strchr/: strchrscnt(): Add function
* lib/addgrps.c: add_groups(): Split variable to avoid sign-mismatch diagnostics
* lib/, src/: Use LSEARCH() instead of its pattern
* lib/search/l/: LSEARCH(): Add macro
* lib/, src/: Replace redundant checks by actual error handling
* lib/, src/: Unconditionally call setgroups(2)
* lib/addgrps.c: add_groups(): Simplify redundant code with a goto
* lib/addgrps.c: add_groups(): Allocate earlier
* lib/addgrps.c: add_groups(): Remove useless cast
* lib/, src/: Use LFIND() instead of open-coded search loops
* lib/search/l/: LFIND(): Add macro
* lib/search/cmp/, lib/, tests/: CMP(), cmp_*(): Add macro and functions
* lib/, src/: Simplify allocation of buffer
* lib/, src/: Un-spageticize code
* lib/, src/: Reduce scope of variables
* lib/gshadow_.h: Fix compatibility with libc's struct sgrp
* configure.ac, lib/gshadow.c: Presume working shadow group support in libc
* lib/: Include <gshadow.h> if it's available
* configure.ac, lib/: Assume initgroups(3) exists
* configure.ac, lib/, src/: Assume setgroups(2) exists
* lib/, src/: Turn error counters into flags
* src/gpasswd: Use correct preprocessor definition
* src/gpasswd: Clear password in more cases
* lib/encrypt.c: Do not exit in error case
* man/useradd.8.xml: wfix
* src/login_nopam.c: list_match(): Use iteration instead of recursion
* src/login_nopam.c: list_match(): Remove local variable
* src/login_nopam.c: list_match(): Move code around
* src/login_nopam.c: list_match(): '(match)' is always true here
* src/login_nopam.c: list_match(): Add superfluous else
* src/login_nopam.c: list_match(): Refactor conditional
* man/passwd.1.xml: -P disables PAM support
* chage: Drop PAM support
* src/newusers.c: Turn nusers into size_t
* src/: Make line number overflows less likely
* man/: Install suauth.5 only if feature exists
* add and use a login.defs.test with CREATE_HOME set
* Revert "etc/login.defs: enable CREATE_HOME"
* etc/login.defs: enable CREATE_HOME
* Tests: implement system test framework
-------------------------------------------------------------------
Mon Jan 20 10:20:31 UTC 2025 - Michael Vetter <mvetter@suse.com>
- bsc#1235453: Set SYS_{UID,GID}_MIN to 201:
After repeated similar requests to change the ID ranges we set the
above mentioned value to 201. The max value will stay at 499.
This range should be sufficient and will give us leeway for the
future.
It's not straightforward to find out which static UIDs/GIDs are
used in all packages.
Update shadow-login_defs-suse.patch
-------------------------------------------------------------------
Sat Jan 11 16:37:07 UTC 2025 - Michael Vetter <mvetter@suse.com>
- Update to 4.17.2:
* src/login_nopam.c: Fix compiler warnings #1170
* lib/chkname.c: Put limits for LOGIN_NAME_MAX and sysconf(_SC_LOGIN_NAME_MAX) #1169
* Use HTTPS in link to Wikipedia article on password strength #1164
* lib/attr.h: use C23 attributes only with gcc >= 10 #1172
* login: Fix no-pam authorization regression #1174
* man: Add Portuguese translation #1178
* Update French translation #1177
* Add cheap defense mechanisms #1171
* Add Romanian translation #1176
-------------------------------------------------------------------
Tue Dec 31 19:41:57 UTC 2024 - Michael Vetter <mvetter@suse.com>
- Update to 4.17.1:
* Fix `su -` regression #1163
-------------------------------------------------------------------
Fri Dec 27 16:06:45 UTC 2024 - Michael Vetter <mvetter@suse.com>
- Update to 4.17.0:
* Fix the lower part of the domain of csrand_uniform()
* Fix use of volatile pointer
* Use 'dist-hook' to clean up <tests/unit/Makefile>
* Use str2[u]l() instead of atoi(3)
* Use a2i() in various places
* Fix const correctness
* Use uid_t for holding UIDs (and GIDs)
* Move all sprintf(3)-like APIs to a subdirectory
* Move all copying APIs to a subdirectory
* Fix forever loop on ENOMEM
* Fix REALLOC() nmemb calculation
* Remove id(1)
* Remove groups(1)
* Use local time for human-readable dates
* Use %F instead of %Y-%m-%d with strftime(3)
* is_valid{user,group}_name(): Set errno to distinguish the reasons
* Recommend --badname only if it is useful
* Add fmkomstemp() to fix mode of </etc/default/useradd>
* Fix use-after-free bug in sgetgrent()
* Update Catalan translation
* Remove references to cppw, cpgr
* groupadd, groupmod: Update gshadow file with -U
* Added option -a for listing active users only, optimized using if aflg,return
* Added information in lastlog man page for new option '-a'
* Plenty of code cleanup and clarifications
-------------------------------------------------------------------
Fri Dec 6 08:56:10 UTC 2024 - Michael Vetter <mvetter@suse.com>
- Update to 4.17.0 RC1:
Pre-release without changelog
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Jul 8 11:13:17 UTC 2024 - Samuel Cabrero <scabrero@suse.de> Mon Jul 8 11:13:17 UTC 2024 - Samuel Cabrero <scabrero@suse.de>

17
shadow.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package shadow # spec file for package shadow
# #
# Copyright (c) 2025 SUSE LLC # Copyright (c) 2024 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -22,7 +22,7 @@
%define no_config 1 %define no_config 1
%endif %endif
Name: shadow Name: shadow
Version: 4.17.3 Version: 4.16.0
Release: 0 Release: 0
Summary: Utilities to Manage User and Group Accounts Summary: Utilities to Manage User and Group Accounts
License: BSD-3-Clause AND GPL-2.0-or-later License: BSD-3-Clause AND GPL-2.0-or-later
@ -158,6 +158,11 @@ install -Dm644 %{SOURCE5} %{buildroot}%{_unitdir}/shadow.timer
touch %{buildroot}/%{_sysconfdir}/subuid touch %{buildroot}/%{_sysconfdir}/subuid
touch %{buildroot}/%{_sysconfdir}/subgid touch %{buildroot}/%{_sysconfdir}/subgid
# Remove binaries we don't use.
rm %{buildroot}/%{_bindir}/groups
rm %{buildroot}/%{_mandir}/man1/groups.*
rm %{buildroot}/%{_mandir}/*/man1/groups.*
rm %{buildroot}/%{_sbindir}/grpconv rm %{buildroot}/%{_sbindir}/grpconv
rm %{buildroot}/%{_mandir}/man8/grpconv.* rm %{buildroot}/%{_mandir}/man8/grpconv.*
rm %{buildroot}/%{_mandir}/*/man8/grpconv.* rm %{buildroot}/%{_mandir}/*/man8/grpconv.*
@ -178,6 +183,8 @@ rm %{buildroot}%{_sysconfdir}/pam.d/login
rm %{buildroot}/%{_bindir}/su rm %{buildroot}/%{_bindir}/su
rm %{buildroot}/%{_mandir}/man1/su.* rm %{buildroot}/%{_mandir}/man1/su.*
rm %{buildroot}/%{_mandir}/*/man1/su.* rm %{buildroot}/%{_mandir}/*/man1/su.*
rm %{buildroot}/%{_mandir}/man5/suauth.*
rm %{buildroot}/%{_mandir}/*/man5/suauth.*
rm %{buildroot}%{_sysconfdir}/pam.d/su rm %{buildroot}%{_sysconfdir}/pam.d/su
rm %{buildroot}/%{_bindir}/faillog rm %{buildroot}/%{_bindir}/faillog
@ -222,7 +229,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/login.defs.d
%pre %pre
%service_add_pre shadow.service shadow.timer %service_add_pre shadow.service shadow.timer
for i in pam.d/chfn pam.d/chpasswd pam.d/chsh pam.d/groupadd pam.d/groupdel pam.d/groupmod pam.d/newusers pam.d/passwd pam.d/useradd pam.d/userdel pam.d/usermod; do for i in pam.d/chage pam.d/chfn pam.d/chpasswd pam.d/chsh pam.d/groupadd pam.d/groupdel pam.d/groupmod pam.d/newusers pam.d/passwd pam.d/useradd pam.d/userdel pam.d/usermod; do
test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i}.rpmsave.old ||: test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i}.rpmsave.old ||:
done done
@ -262,7 +269,7 @@ test -f %{_sysconfdir}/login.defs.rpmsave && mv -v %{_sysconfdir}/login.defs.rpm
%posttrans %posttrans
%if %{defined no_config} %if %{defined no_config}
# Migration to /usr/etc # Migration to /usr/etc
for i in pam.d/chfn pam.d/chpasswd pam.d/chsh pam.d/groupadd pam.d/groupdel pam.d/groupmod pam.d/newusers pam.d/passwd pam.d/useradd pam.d/userdel pam.d/usermod; do for i in pam.d/chage pam.d/chfn pam.d/chpasswd pam.d/chsh pam.d/groupadd pam.d/groupdel pam.d/groupmod pam.d/newusers pam.d/passwd pam.d/useradd pam.d/userdel pam.d/usermod; do
test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i} ||: test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i} ||:
done done
%endif %endif
@ -282,6 +289,7 @@ test -f %{_sysconfdir}/login.defs.rpmsave && mv -v %{_sysconfdir}/login.defs.rpm
%verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/subuid %verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/subuid
%verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/subgid %verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/subgid
%if %{defined no_config} %if %{defined no_config}
%{_pam_vendordir}/chage
%{_pam_vendordir}/chfn %{_pam_vendordir}/chfn
%{_pam_vendordir}/chsh %{_pam_vendordir}/chsh
%{_pam_vendordir}/passwd %{_pam_vendordir}/passwd
@ -294,6 +302,7 @@ test -f %{_sysconfdir}/login.defs.rpmsave && mv -v %{_sysconfdir}/login.defs.rpm
%{_pam_vendordir}/userdel %{_pam_vendordir}/userdel
%{_pam_vendordir}/usermod %{_pam_vendordir}/usermod
%else %else
%config %{_sysconfdir}/pam.d/chage
%config %{_sysconfdir}/pam.d/chfn %config %{_sysconfdir}/pam.d/chfn
%config %{_sysconfdir}/pam.d/chsh %config %{_sysconfdir}/pam.d/chsh
%config %{_sysconfdir}/pam.d/passwd %config %{_sysconfdir}/pam.d/passwd