forked from pool/shadow
Accepting request 872327 from Base:System
OBS-URL: https://build.opensuse.org/request/show/872327 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/shadow?expand=0&rev=42
This commit is contained in:
commit
c2abc15313
@ -1,3 +1,29 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 28 22:28:02 UTC 2021 - Stanislav Brabec <sbrabec@suse.com>
|
||||
|
||||
- Do not require libeconf-devel on products without /usr/etc.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 21 06:52:30 UTC 2021 - Thorsten Kukuk <kukuk@suse.com>
|
||||
|
||||
- Split login.defs configuration file into own sub-package, which
|
||||
allows to install util-linux or pam on small embedded/edge
|
||||
systems or container without the need to pull in the full shadow
|
||||
suite.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Nov 11 14:38:13 UTC 2020 - Fabian Vogt <fvogt@suse.com>
|
||||
|
||||
- Amend patches/useradd-userkeleton.patch to also write into
|
||||
existing directories and prefer files from /etc
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Nov 11 11:28:09 UTC 2020 - Dr. Werner Fink <werner@suse.de>
|
||||
|
||||
- Add patch useradd-userkeleton.patch to extend original C code
|
||||
of useradd to handle /usr/etc/skel (boo#1173321)
|
||||
- Remove /usr/etc/skel support in useradd.local script
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Nov 2 15:54:02 UTC 2020 - Dr. Werner Fink <werner@suse.de>
|
||||
|
||||
@ -169,7 +195,7 @@ Fri Jun 14 06:20:46 UTC 2019 - mvetter@suse.com
|
||||
* Usermod: guard against unsafe chown of homedir contents (Tomas Mraz)
|
||||
* Add LASTLOG_UID_MAX to login.defs (Tomas Mraz)
|
||||
* new[ug]idmap file capabilities support (Giuseppe Scrivano and Christian Brauner)
|
||||
* Fix segfault in useradd (Tomas Mraz)
|
||||
* Fix segfault in useradd (bsc#1141113, Tomas Mraz)
|
||||
* Coverity issues (Tomas Mraz)
|
||||
* Flush sssd caches (Jakub Hrozek)
|
||||
* Log UID in nologin (Vladimir Ivanov)
|
||||
@ -186,6 +212,9 @@ Fri Jun 14 06:20:46 UTC 2019 - mvetter@suse.com
|
||||
upstreamed https://github.com/shadow-maint/shadow/pull/112
|
||||
- Remove shadow-4.6.0-fix-usermod-prefix-crash.patch
|
||||
upstreamed https://github.com/shadow-maint/shadow/issues/110
|
||||
- Remove shadow-4.6-bsc1141113-useradd-segfault.patch
|
||||
(SLE15 SP3 and openSUSE Leap 15.3 only)
|
||||
upstreamed https://github.com/shadow-maint/shadow/issues/125
|
||||
- Rebase userdel-script.patch
|
||||
- Rebase useradd-script.patch
|
||||
- Rebase shadow-util-linux.patch
|
||||
|
57
shadow.spec
57
shadow.spec
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package shadow
|
||||
#
|
||||
# Copyright (c) 2020 SUSE LLC
|
||||
# Copyright (c) 2021 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -61,6 +61,8 @@ Patch7: shadow-4.1.5.1-logmsg.patch
|
||||
Patch13: shadow-login_defs-comments.patch
|
||||
# PATCH-FEATURE-SUSE shadow-login_defs-suse.patch kukuk@suse.com -- Customize login.defs.
|
||||
Patch14: shadow-login_defs-suse.patch
|
||||
# PATCH-FEATURE-SUSE Copy also skeleton files from /usr/etc/skel (boo#1173321)
|
||||
Patch15: useradd-userkeleton.patch
|
||||
# PATCH-FIX-SUSE disable_new_audit_function.patch adam.majer@suse.de -- Disable newer libaudit functionality for older distributions.
|
||||
Patch20: disable_new_audit_function.patch
|
||||
BuildRequires: audit-devel > 2.3
|
||||
@ -68,7 +70,10 @@ BuildRequires: autoconf
|
||||
BuildRequires: automake
|
||||
BuildRequires: libacl-devel
|
||||
BuildRequires: libattr-devel
|
||||
# It should be %%if %%{defined no_config}, but OBS cannot handle it:
|
||||
%if 0%{?suse_version} >= 1550
|
||||
BuildRequires: libeconf-devel
|
||||
%endif
|
||||
BuildRequires: libselinux-devel
|
||||
BuildRequires: libsemanage-devel
|
||||
BuildRequires: libtool
|
||||
@ -80,6 +85,18 @@ Requires(pre): permissions
|
||||
Requires(pre): user(root)
|
||||
Provides: pwdutils = 3.2.20
|
||||
Obsoletes: pwdutils <= 3.2.19
|
||||
Requires: login_defs >= %{version}
|
||||
Provides: useradd_or_adduser_dep
|
||||
|
||||
%description
|
||||
This package includes the necessary programs for converting plain
|
||||
password files to the shadow password format and to manage user and
|
||||
group accounts.
|
||||
|
||||
%package -n login_defs
|
||||
Summary: login.defs configuration file
|
||||
Group: System/Base
|
||||
BuildArch: noarch
|
||||
# Virtual provides for supported variables in login.defs.
|
||||
# It prevents references to unknown variables.
|
||||
# Upgrade them only if shadow-util-linux.patch or
|
||||
@ -87,12 +104,10 @@ Obsoletes: pwdutils <= 3.2.19
|
||||
# Call shadow-login_defs-check.sh before!
|
||||
Provides: login_defs-support-for-pam = 1.3.1
|
||||
Provides: login_defs-support-for-util-linux = 2.36
|
||||
Provides: useradd_or_adduser_dep
|
||||
|
||||
%description
|
||||
This package includes the necessary programs for converting plain
|
||||
password files to the shadow password format and to manage user and
|
||||
group accounts.
|
||||
%description -n login_defs
|
||||
This package contains the default login.defs configuration file
|
||||
as used by util-linux, pam and shadow.
|
||||
|
||||
%prep
|
||||
%setup -q -a 1
|
||||
@ -106,6 +121,7 @@ group accounts.
|
||||
%patch7
|
||||
%patch13
|
||||
%patch14
|
||||
%patch15
|
||||
%if 0%{?suse_version} < 1330
|
||||
%patch20 -p1
|
||||
%endif
|
||||
@ -215,10 +231,13 @@ fi
|
||||
|
||||
%pre
|
||||
%service_add_pre shadow.service shadow.timer
|
||||
for i in login.defs pam.d/chage pam.d/chfn pam.d/chpasswd pam.d/chsh pam.d/groupadd pam.d/groupdel pam.d/groupmod pam.d/newusers pam.d/passwd pam.d/useradd pam.d/userdel pam.d/usermod; do
|
||||
for i in pam.d/chage pam.d/chfn pam.d/chpasswd pam.d/chsh pam.d/groupadd pam.d/groupdel pam.d/groupmod pam.d/newusers pam.d/passwd pam.d/useradd pam.d/userdel pam.d/usermod; do
|
||||
test -f /etc/${i}.rpmsave && mv -v /etc/${i}.rpmsave /etc/${i}.rpmsave.old ||:
|
||||
done
|
||||
|
||||
%pre -n login_defs
|
||||
test -f /etc/login.defs.rpmsave && mv -v /etc/login.defs.rpmsave /etc/login.defs.rpmsave.old ||:
|
||||
|
||||
%post
|
||||
%set_permissions %{_bindir}/chage
|
||||
%set_permissions %{_bindir}/chfn
|
||||
@ -250,19 +269,22 @@ done
|
||||
%service_del_postun shadow.service shadow.timer
|
||||
|
||||
%posttrans
|
||||
%if %{defined no_config}
|
||||
# Migration to /usr/etc
|
||||
for i in login.defs pam.d/chage pam.d/chfn pam.d/chpasswd pam.d/chsh pam.d/groupadd pam.d/groupdel pam.d/groupmod pam.d/newusers pam.d/passwd pam.d/useradd pam.d/userdel pam.d/usermod; do
|
||||
for i in pam.d/chage pam.d/chfn pam.d/chpasswd pam.d/chsh pam.d/groupadd pam.d/groupdel pam.d/groupmod pam.d/newusers pam.d/passwd pam.d/useradd pam.d/userdel pam.d/usermod; do
|
||||
test -f /etc/${i}.rpmsave && mv -v /etc/${i}.rpmsave /etc/${i} ||:
|
||||
done
|
||||
%endif
|
||||
|
||||
%posttrans -n login_defs
|
||||
# rpmsave file can be created by
|
||||
# - change of owning package (SLE15 SP2->SP3, Leap 15.2->15.3)
|
||||
# - Migration to /usr/etc (after SLE15 and Leap 15)
|
||||
test -f /etc/login.defs.rpmsave && mv -v /etc/login.defs.rpmsave /etc/login.defs ||:
|
||||
|
||||
%files -f shadow.lang
|
||||
%license COPYING
|
||||
%doc NEWS doc/HOWTO README README.changes-pwdutils
|
||||
%if %{defined no_config}
|
||||
%attr(0644,root,root) %{_distconfdir}/login.defs
|
||||
%else
|
||||
%attr(0644,root,root) %config %{_sysconfdir}/login.defs
|
||||
%endif
|
||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/default/useradd
|
||||
%verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/subuid
|
||||
%verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/subgid
|
||||
@ -332,7 +354,6 @@ done
|
||||
%{_mandir}/man1/passwd.1%{?ext_man}
|
||||
%{_mandir}/man1/sg.1%{?ext_man}
|
||||
%{_mandir}/man3/shadow.3%{?ext_man}
|
||||
%{_mandir}/man5/login.defs.5%{?ext_man}
|
||||
%{_mandir}/man5/shadow.5%{?ext_man}
|
||||
%{_mandir}/man8/chpasswd.8%{?ext_man}
|
||||
%{_mandir}/man8/groupadd.8%{?ext_man}
|
||||
@ -356,4 +377,12 @@ done
|
||||
|
||||
%{_unitdir}/*
|
||||
|
||||
%files -n login_defs
|
||||
%if %{defined no_config}
|
||||
%attr(0644,root,root) %{_distconfdir}/login.defs
|
||||
%else
|
||||
%attr(0644,root,root) %config %{_sysconfdir}/login.defs
|
||||
%endif
|
||||
%{_mandir}/man5/login.defs.5%{?ext_man}
|
||||
|
||||
%changelog
|
||||
|
165
useradd-userkeleton.patch
Normal file
165
useradd-userkeleton.patch
Normal file
@ -0,0 +1,165 @@
|
||||
Copy also skeleton files from /usr/etc/skel (boo#1173321)
|
||||
|
||||
---
|
||||
etc/useradd | 1 +
|
||||
src/useradd.c | 37 +++++++++++++++++++++++++++++++++++++
|
||||
2 files changed, 38 insertions(+)
|
||||
|
||||
Index: etc/useradd
|
||||
===================================================================
|
||||
--- etc/useradd.orig
|
||||
+++ etc/useradd
|
||||
@@ -5,4 +5,5 @@ INACTIVE=-1
|
||||
EXPIRE=
|
||||
SHELL=/bin/bash
|
||||
SKEL=/etc/skel
|
||||
+USRSKEL=/usr/etc/skel
|
||||
CREATE_MAIL_SPOOL=yes
|
||||
Index: src/useradd.c
|
||||
===================================================================
|
||||
--- src/useradd.c.orig
|
||||
+++ src/useradd.c
|
||||
@@ -78,6 +78,9 @@
|
||||
#ifndef SKEL_DIR
|
||||
#define SKEL_DIR "/etc/skel"
|
||||
#endif
|
||||
+#ifndef USRSKELDIR
|
||||
+#define USRSKELDIR "/usr/etc/skel"
|
||||
+#endif
|
||||
#ifndef USER_DEFAULTS_FILE
|
||||
#define USER_DEFAULTS_FILE "/etc/default/useradd"
|
||||
#define NEW_USER_FILE "/etc/default/nuaddXXXXXX"
|
||||
@@ -101,6 +104,7 @@ static const char *def_gname = "other";
|
||||
static const char *def_home = "/home";
|
||||
static const char *def_shell = "";
|
||||
static const char *def_template = SKEL_DIR;
|
||||
+static const char *def_usrtemplate = USRSKELDIR;
|
||||
static const char *def_create_mail_spool = "no";
|
||||
|
||||
static long def_inactive = -1;
|
||||
@@ -202,6 +206,7 @@ static bool home_added = false;
|
||||
#define DINACT "INACTIVE="
|
||||
#define DEXPIRE "EXPIRE="
|
||||
#define DSKEL "SKEL="
|
||||
+#define DUSRSKEL "USRSKEL="
|
||||
#define DCREATE_MAIL_SPOOL "CREATE_MAIL_SPOOL="
|
||||
|
||||
/* local function prototypes */
|
||||
@@ -469,6 +474,29 @@ static void get_defaults (void)
|
||||
}
|
||||
|
||||
/*
|
||||
+ * Default Usr Skeleton information
|
||||
+ */
|
||||
+ else if (MATCH (buf, DUSRSKEL)) {
|
||||
+ if ('\0' == *cp) {
|
||||
+ cp = USRSKELDIR; /* XXX warning: const */
|
||||
+ }
|
||||
+
|
||||
+ if(prefix[0]) {
|
||||
+ size_t len;
|
||||
+ int wlen;
|
||||
+ char* _def_usrtemplate; /* avoid const warning */
|
||||
+
|
||||
+ len = strlen(prefix) + strlen(cp) + 2;
|
||||
+ _def_usrtemplate = xmalloc(len);
|
||||
+ wlen = snprintf(_def_usrtemplate, len, "%s/%s", prefix, cp);
|
||||
+ assert (wlen == (int) len -1);
|
||||
+ def_usrtemplate = _def_usrtemplate;
|
||||
+ }
|
||||
+ else {
|
||||
+ def_usrtemplate = xstrdup (cp);
|
||||
+ }
|
||||
+ }
|
||||
+ /*
|
||||
* Create by default user mail spool or not ?
|
||||
*/
|
||||
else if (MATCH (buf, DCREATE_MAIL_SPOOL)) {
|
||||
@@ -500,6 +528,7 @@ static void show_defaults (void)
|
||||
printf ("EXPIRE=%s\n", def_expire);
|
||||
printf ("SHELL=%s\n", def_shell);
|
||||
printf ("SKEL=%s\n", def_template);
|
||||
+ printf ("USRSKEL=%s\n", def_usrtemplate);
|
||||
printf ("CREATE_MAIL_SPOOL=%s\n", def_create_mail_spool);
|
||||
}
|
||||
|
||||
@@ -526,6 +555,7 @@ static int set_defaults (void)
|
||||
bool out_expire = false;
|
||||
bool out_shell = false;
|
||||
bool out_skel = false;
|
||||
+ bool out_usrskel = false;
|
||||
bool out_create_mail_spool = false;
|
||||
size_t len;
|
||||
int ret = -1;
|
||||
@@ -620,6 +650,9 @@ static int set_defaults (void)
|
||||
} else if (!out_skel && MATCH (buf, DSKEL)) {
|
||||
fprintf (ofp, DSKEL "%s\n", def_template);
|
||||
out_skel = true;
|
||||
+ } else if (!out_usrskel && MATCH (buf, DUSRSKEL)) {
|
||||
+ fprintf (ofp, DUSRSKEL "%s\n", def_usrtemplate);
|
||||
+ out_usrskel = true;
|
||||
} else if (!out_create_mail_spool
|
||||
&& MATCH (buf, DCREATE_MAIL_SPOOL)) {
|
||||
fprintf (ofp,
|
||||
@@ -649,6 +682,8 @@ static int set_defaults (void)
|
||||
fprintf (ofp, DSHELL "%s\n", def_shell);
|
||||
if (!out_skel)
|
||||
fprintf (ofp, DSKEL "%s\n", def_template);
|
||||
+ if (!out_usrskel)
|
||||
+ fprintf (ofp, DUSRSKEL "%s\n", def_usrtemplate);
|
||||
|
||||
if (!out_create_mail_spool)
|
||||
fprintf (ofp, DCREATE_MAIL_SPOOL "%s\n", def_create_mail_spool);
|
||||
@@ -2507,6 +2542,8 @@ int main (int argc, char **argv)
|
||||
if (home_added) {
|
||||
copy_tree (def_template, prefix_user_home, false, false,
|
||||
(uid_t)-1, user_id, (gid_t)-1, user_gid);
|
||||
+ copy_tree (def_usrtemplate, prefix_user_home, false, false,
|
||||
+ (uid_t)-1, user_id, (gid_t)-1, user_gid);
|
||||
} else {
|
||||
fprintf (stderr,
|
||||
_("%s: warning: the home directory %s already exists.\n"
|
||||
Index: libmisc/copydir.c
|
||||
===================================================================
|
||||
--- libmisc/copydir.c.orig
|
||||
+++ libmisc/copydir.c
|
||||
@@ -416,6 +416,14 @@ static int copy_entry (const char *src,
|
||||
old_uid, new_uid, old_gid, new_gid);
|
||||
}
|
||||
|
||||
+ /*
|
||||
+ * If the destination already exists do nothing.
|
||||
+ * This is after the copy_dir above to still iterate into subdirectories.
|
||||
+ */
|
||||
+ if (LSTAT (dst, &sb) != -1) {
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
#ifdef S_IFLNK
|
||||
/*
|
||||
* Copy any symbolic links
|
||||
@@ -477,6 +485,7 @@ static int copy_dir (const char *src, co
|
||||
gid_t old_gid, gid_t new_gid)
|
||||
{
|
||||
int err = 0;
|
||||
+ struct stat dst_sb;
|
||||
|
||||
/*
|
||||
* Create a new target directory, make it owned by
|
||||
@@ -488,6 +497,16 @@ static int copy_dir (const char *src, co
|
||||
return -1;
|
||||
}
|
||||
#endif /* WITH_SELINUX */
|
||||
+
|
||||
+ /*
|
||||
+ * If the destination is already a directory, don't change it
|
||||
+ * but copy into it (recursively).
|
||||
+ */
|
||||
+ if (LSTAT (dst, &dst_sb) == 0 && S_ISDIR(dst_sb.st_mode)) {
|
||||
+ return (copy_tree (src, dst, false, reset_selinux,
|
||||
+ old_uid, new_uid, old_gid, new_gid) != 0);
|
||||
+ }
|
||||
+
|
||||
if ( (mkdir (dst, statp->st_mode) != 0)
|
||||
|| (chown_if_needed (dst, statp,
|
||||
old_uid, new_uid, old_gid, new_gid) != 0)
|
@ -37,20 +37,6 @@ fi
|
||||
# Main useradd tool creates this if specified on command line
|
||||
[ -d $HOMEDIR ] || exit 0
|
||||
|
||||
#
|
||||
# Copy also skeleton files from /usr/etc/skel (boo#1173321)
|
||||
#
|
||||
USRSKELDIR=/usr/etc/skel
|
||||
if [ -d $USRSKELDIR ] ; then
|
||||
for file in $(ls -A $USRSKELDIR); do
|
||||
# Only copy if not exist yet, i.e. does *not* exist in /etc/skel, which is still
|
||||
# being preferred ...
|
||||
test -e $HOMEDIR/$file && continue
|
||||
cp -a $USRSKELDIR/$file $HOMEDIR
|
||||
chown -R $USER.$GID $HOMEDIR/$file
|
||||
done
|
||||
fi
|
||||
|
||||
# If SELinux is enabled, we have to run restorecon to assign
|
||||
# appropriate fcontexts to the respective $HOME and files under it
|
||||
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled ; then
|
||||
|
Loading…
Reference in New Issue
Block a user