forked from pool/shadow
Accepting request 912915 from home:jubalh:branches:Base:System
- Update to 4.9: * Updated translations * Major salt updates * Various coverity and cleanup fixes * Consistently use 0 to disable PASS_MIN_DAYS in man * Implement NSS support for subids and a libsubid * setfcap: retain setfcap when mapping uid 0 * login.defs: include HMAC_CRYPTO_ALGO key * selinux fixes * Fix path prefix path handling * Manpage updates * Treat an empty passwd field as invalid(Haelwenn Monnier) * newxidmap: allow running under alternative gid * usermod: check that shell is executable * Add yescript support * useradd memleak fixes * useradd: use built-in settings by default * getdefs: add foreign * buffer overflow fixes * Adding run-parts style for pre and post useradd/del - Refresh: * shadow-login_defs-unused-by-pam.patch * userdel-script.patch * useradd-script.patch * chkname-regex.patch * useradd-default.patch: bbf4b79 stopped shipping default file. change group in code now. * shadow-login_defs-suse.patch * useradd-userkeleton.patch - Remove because upstreamed: OBS-URL: https://build.opensuse.org/request/show/912915 OBS-URL: https://build.opensuse.org/package/show/Base:System/shadow?expand=0&rev=106
This commit is contained in:
parent
e27cf8c34f
commit
3317029e04
@ -2,23 +2,25 @@ Index: etc/login.defs
|
|||||||
===================================================================
|
===================================================================
|
||||||
--- etc/login.defs.orig
|
--- etc/login.defs.orig
|
||||||
+++ etc/login.defs
|
+++ etc/login.defs
|
||||||
@@ -299,3 +299,11 @@ USERGROUPS_ENAB yes
|
@@ -329,6 +329,13 @@ USERGROUPS_ENAB yes
|
||||||
# missing.
|
|
||||||
#
|
#
|
||||||
#FORCE_SHADOW yes
|
#FORCE_SHADOW yes
|
||||||
+
|
|
||||||
+#
|
|
||||||
+# User/group names must match the following regex expression.
|
+# User/group names must match the following regex expression.
|
||||||
+# The default is [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\?,
|
+# The default is [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\?,
|
||||||
+# but be aware that the result could depend on the locale settings.
|
+# but be aware that the result could depend on the locale settings.
|
||||||
+#
|
+#
|
||||||
+#CHARACTER_CLASS [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\?
|
+#CHARACTER_CLASS [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\?
|
||||||
+CHARACTER_CLASS [ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_][ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-]*[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.$-]\?
|
+CHARACTER_CLASS [ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_][ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-]*[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.$-]\?
|
||||||
|
+
|
||||||
|
#
|
||||||
|
# Allow newuidmap and newgidmap when running under an alternative
|
||||||
|
# primary group.
|
||||||
Index: lib/getdef.c
|
Index: lib/getdef.c
|
||||||
===================================================================
|
===================================================================
|
||||||
--- lib/getdef.c.orig
|
--- lib/getdef.c.orig
|
||||||
+++ lib/getdef.c
|
+++ lib/getdef.c
|
||||||
@@ -80,6 +80,7 @@ struct itemdef {
|
@@ -91,6 +91,7 @@ struct itemdef {
|
||||||
|
|
||||||
#define NUMDEFS (sizeof(def_table)/sizeof(def_table[0]))
|
#define NUMDEFS (sizeof(def_table)/sizeof(def_table[0]))
|
||||||
static struct itemdef def_table[] = {
|
static struct itemdef def_table[] = {
|
||||||
|
123
libsubid-build-fix.patch
Normal file
123
libsubid-build-fix.patch
Normal file
@ -0,0 +1,123 @@
|
|||||||
|
Fix build fails for libsubid (libtool: error: cannot find name of link library for '../libsubid/libsubid.la').
|
||||||
|
Consisting of following upstream commits:
|
||||||
|
* f4a84efb468b8be21be124700ce35159c444e9d6
|
||||||
|
* 537b8cd90be7b47b45c45cfd27765ef85eb0ebf1
|
||||||
|
* fa986b1d73605ecca54a4f19249227aeab827bf6
|
||||||
|
Index: shadow-4.9/configure.ac
|
||||||
|
===================================================================
|
||||||
|
--- shadow-4.9.orig/configure.ac
|
||||||
|
+++ shadow-4.9/configure.ac
|
||||||
|
@@ -321,6 +321,8 @@ if test "$with_sha_crypt" = "yes"; then
|
||||||
|
AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
|
||||||
|
fi
|
||||||
|
|
||||||
|
+AM_CONDITIONAL(ENABLE_SHARED, test "x$enable_shared" = "xyes")
|
||||||
|
+
|
||||||
|
AM_CONDITIONAL(USE_BCRYPT, test "x$with_bcrypt" = "xyes")
|
||||||
|
if test "$with_bcrypt" = "yes"; then
|
||||||
|
AC_DEFINE(USE_BCRYPT, 1, [Define to allow the bcrypt password encryption algorithm])
|
||||||
|
Index: shadow-4.9/lib/Makefile.am
|
||||||
|
===================================================================
|
||||||
|
--- shadow-4.9.orig/lib/Makefile.am
|
||||||
|
+++ shadow-4.9/lib/Makefile.am
|
||||||
|
@@ -10,6 +10,8 @@ if HAVE_VENDORDIR
|
||||||
|
libshadow_la_CPPFLAGS += -DVENDORDIR=\"$(VENDORDIR)\"
|
||||||
|
endif
|
||||||
|
|
||||||
|
+libshadow_la_CPPFLAGS += -I$(top_srcdir)
|
||||||
|
+
|
||||||
|
libshadow_la_SOURCES = \
|
||||||
|
commonio.c \
|
||||||
|
commonio.h \
|
||||||
|
Index: shadow-4.9/libmisc/Makefile.am
|
||||||
|
===================================================================
|
||||||
|
--- shadow-4.9.orig/libmisc/Makefile.am
|
||||||
|
+++ shadow-4.9/libmisc/Makefile.am
|
||||||
|
@@ -1,7 +1,7 @@
|
||||||
|
|
||||||
|
EXTRA_DIST = .indent.pro xgetXXbyYY.c
|
||||||
|
|
||||||
|
-AM_CPPFLAGS = -I$(top_srcdir)/lib $(ECONF_CPPFLAGS)
|
||||||
|
+AM_CPPFLAGS = -I$(top_srcdir)/lib -I$(top_srcdir) $(ECONF_CPPFLAGS)
|
||||||
|
|
||||||
|
noinst_LTLIBRARIES = libmisc.la
|
||||||
|
|
||||||
|
Index: shadow-4.9/libsubid/Makefile.am
|
||||||
|
===================================================================
|
||||||
|
--- shadow-4.9.orig/libsubid/Makefile.am
|
||||||
|
+++ shadow-4.9/libsubid/Makefile.am
|
||||||
|
@@ -1,6 +1,8 @@
|
||||||
|
lib_LTLIBRARIES = libsubid.la
|
||||||
|
+if ENABLE_SHARED
|
||||||
|
libsubid_la_LDFLAGS = -Wl,-soname,libsubid.so.@LIBSUBID_ABI@ \
|
||||||
|
-shared -version-info @LIBSUBID_ABI_MAJOR@
|
||||||
|
+endif
|
||||||
|
libsubid_la_SOURCES = api.c
|
||||||
|
|
||||||
|
pkginclude_HEADERS = subid.h
|
||||||
|
@@ -16,11 +18,12 @@ MISCLIBS = \
|
||||||
|
$(LIBCRYPT) \
|
||||||
|
$(LIBACL) \
|
||||||
|
$(LIBATTR) \
|
||||||
|
- $(LIBTCB)
|
||||||
|
+ $(LIBTCB) \
|
||||||
|
+ $(LIBPAM)
|
||||||
|
|
||||||
|
libsubid_la_LIBADD = \
|
||||||
|
- $(top_srcdir)/lib/libshadow.la \
|
||||||
|
- $(top_srcdir)/libmisc/libmisc.la \
|
||||||
|
+ $(top_builddir)/lib/libshadow.la \
|
||||||
|
+ $(top_builddir)/libmisc/libmisc.la \
|
||||||
|
$(MISCLIBS) -ldl
|
||||||
|
|
||||||
|
AM_CPPFLAGS = \
|
||||||
|
Index: shadow-4.9/src/Makefile.am
|
||||||
|
===================================================================
|
||||||
|
--- shadow-4.9.orig/src/Makefile.am
|
||||||
|
+++ shadow-4.9/src/Makefile.am
|
||||||
|
@@ -10,6 +10,7 @@ sgidperms = 2755
|
||||||
|
AM_CPPFLAGS = \
|
||||||
|
-I${top_srcdir}/lib \
|
||||||
|
-I$(top_srcdir)/libmisc \
|
||||||
|
+ -I$(top_srcdir) \
|
||||||
|
-DLOCALEDIR=\"$(datadir)/locale\"
|
||||||
|
|
||||||
|
# XXX why are login and su in /bin anyway (other than for
|
||||||
|
@@ -183,6 +184,7 @@ list_subid_ranges_LDADD = \
|
||||||
|
list_subid_ranges_CPPFLAGS = \
|
||||||
|
-I$(top_srcdir)/lib \
|
||||||
|
-I$(top_srcdir)/libmisc \
|
||||||
|
+ -I$(top_srcdir) \
|
||||||
|
-I$(top_srcdir)/libsubid
|
||||||
|
|
||||||
|
get_subid_owners_LDADD = \
|
||||||
|
@@ -194,11 +196,13 @@ get_subid_owners_LDADD = \
|
||||||
|
get_subid_owners_CPPFLAGS = \
|
||||||
|
-I$(top_srcdir)/lib \
|
||||||
|
-I$(top_srcdir)/libmisc \
|
||||||
|
+ -I$(top_srcdir) \
|
||||||
|
-I$(top_srcdir)/libsubid
|
||||||
|
|
||||||
|
new_subid_range_CPPFLAGS = \
|
||||||
|
-I$(top_srcdir)/lib \
|
||||||
|
-I$(top_srcdir)/libmisc \
|
||||||
|
+ -I$(top_srcdir) \
|
||||||
|
-I$(top_srcdir)/libsubid
|
||||||
|
|
||||||
|
new_subid_range_LDADD = \
|
||||||
|
@@ -210,6 +214,7 @@ new_subid_range_LDADD = \
|
||||||
|
free_subid_range_CPPFLAGS = \
|
||||||
|
-I$(top_srcdir)/lib \
|
||||||
|
-I$(top_srcdir)/libmisc \
|
||||||
|
+ -I$(top_srcdir) \
|
||||||
|
-I$(top_srcdir)/libsubid
|
||||||
|
|
||||||
|
free_subid_range_LDADD = \
|
||||||
|
@@ -220,6 +225,7 @@ free_subid_range_LDADD = \
|
||||||
|
|
||||||
|
check_subid_range_CPPFLAGS = \
|
||||||
|
-I$(top_srcdir)/lib \
|
||||||
|
+ -I$(top_srcdir) \
|
||||||
|
-I$(top_srcdir)/libmisc
|
||||||
|
|
||||||
|
check_subid_range_LDADD = \
|
@ -1,11 +0,0 @@
|
|||||||
--- src/useradd.c
|
|
||||||
+++ src/useradd.c
|
|
||||||
@@ -320,7 +320,7 @@ static void fail_exit (int code)
|
|
||||||
user_name, AUDIT_NO_ID,
|
|
||||||
SHADOW_AUDIT_FAILURE);
|
|
||||||
#endif
|
|
||||||
- SYSLOG ((LOG_INFO, "failed adding user '%s', data deleted", user_name));
|
|
||||||
+ SYSLOG ((LOG_INFO, "failed adding user '%s', exit code: %d", user_name, code));
|
|
||||||
exit (code);
|
|
||||||
}
|
|
||||||
|
|
@ -1,14 +0,0 @@
|
|||||||
--- src/userdel.c
|
|
||||||
+++ src/userdel.c
|
|
||||||
@@ -143,8 +143,9 @@ static void usage (int status)
|
|
||||||
"\n"
|
|
||||||
"Options:\n"),
|
|
||||||
Prog);
|
|
||||||
- (void) fputs (_(" -f, --force force removal of files,\n"
|
|
||||||
- " even if not owned by user\n"),
|
|
||||||
+ (void) fputs (_(" -f, --force force some actions that would fail otherwise\n"
|
|
||||||
+ " e.g. removal of user still logged in\n"
|
|
||||||
+ " or files, even if not owned by the user\n"),
|
|
||||||
usageout);
|
|
||||||
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
|
|
||||||
(void) fputs (_(" -r, --remove remove home directory and mail spool\n"), usageout);
|
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:a3ad4630bdc41372f02a647278a8c3514844295d36eefe68ece6c3a641c1ae62
|
|
||||||
size 1611196
|
|
@ -1,11 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
|
|
||||||
iQEzBAABCgAdFiEE8dCNt3gYW/eEAC3/6f7qBqheP50FAl4qDlEACgkQ6f7qBqhe
|
|
||||||
P51Lfwf/b2gxtqo9WRUTOhau4kCy+zDbg3S/K7ZD/20I2t205FNCOyV+cR4Q/PRA
|
|
||||||
+hBLFsA/WAVqZm0/3re09VDV0eaBpI7hgNF0JFODawIixKdLVff9mbfbLdgzy2Dl
|
|
||||||
IvbNrUVDJV1wSlEJLIeUpUT4ClFaiExM/XaCvHSUUbRsJ5cutH2wt0neNC8mJHMu
|
|
||||||
srXoCp8lb4fT+BDgRKoGA6RMvnJSkExBbhrRqaARWWCGnS++5oJiD7UwPAOu9Imb
|
|
||||||
LtouVitkrjrpQncnQN+zCaKwyTGw/xlQyl0z86DXWbvhnTwUeeWZbyfRAglIsSkk
|
|
||||||
DRpWh2m7ejcvf1pGt66UBuMNr0yb1w==
|
|
||||||
=8I3q
|
|
||||||
-----END PGP SIGNATURE-----
|
|
3
shadow-4.9.tar.xz
Normal file
3
shadow-4.9.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:feec1f2ce9c1b62798afd35a7d1b04cefdfa3a0a30ff3e75d6965ba8978c9144
|
||||||
|
size 1627008
|
11
shadow-4.9.tar.xz.asc
Normal file
11
shadow-4.9.tar.xz.asc
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
|
iQEzBAABCgAdFiEE8dCNt3gYW/eEAC3/6f7qBqheP50FAmD5+dkACgkQ6f7qBqhe
|
||||||
|
P53Qywf/ShkcKvecTDRIrKUNJUTIlP8iywZ1NXypfdDKG/J63awMAGrKMZwOkLUS
|
||||||
|
AnImsvyoW3+XDIhdkeJd1Kv+8JDEt3oJ0ifHjfpXl4FzOervb1ZKtRPUcoJzzpnJ
|
||||||
|
Szt/7f3Sd0VfbItgf5F6jgMi7iDA/ZIqJTXeI0kEfVVL7DT681jVRjpnoURlrEq1
|
||||||
|
6SmIyAul50VmZjLXq1xJ35uktr7VclnaRu17acax95e+oekP4sdNMaV5E5DSeq2N
|
||||||
|
db7kKCu80+lPvtQpj22vOO2w15ActH6f5Ec3P7OG8jL125q3yZNebVoh8FKxmFsh
|
||||||
|
PssfXu0TL50qH/p7qNEeihDLpwoI7g==
|
||||||
|
=6MLu
|
||||||
|
-----END PGP SIGNATURE-----
|
14
shadow-fix-sigabrt.patch
Normal file
14
shadow-fix-sigabrt.patch
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
Upstream commit 4624e9fca1b02b64e25e8b2280a0186182ab73ba
|
||||||
|
To fix SIGABRT: https://github.com/shadow-maint/shadow/issues/394
|
||||||
|
Index: shadow-4.9/src/useradd.c
|
||||||
|
===================================================================
|
||||||
|
--- shadow-4.9.orig/src/useradd.c
|
||||||
|
+++ shadow-4.9/src/useradd.c
|
||||||
|
@@ -420,7 +420,6 @@ static void get_defaults (void)
|
||||||
|
} else {
|
||||||
|
def_group = grp->gr_gid;
|
||||||
|
def_gname = xstrdup (grp->gr_name);
|
||||||
|
- gr_free(grp);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
17
shadow-libeconf-include.patch
Normal file
17
shadow-libeconf-include.patch
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
Include libeconf to newuidmap and newgidmap
|
||||||
|
Upstream commit: c6847011e8b656adacd9a0d2a78418cad0de34cb
|
||||||
|
Index: shadow-4.9/src/Makefile.am
|
||||||
|
===================================================================
|
||||||
|
--- shadow-4.9.orig/src/Makefile.am
|
||||||
|
+++ shadow-4.9/src/Makefile.am
|
||||||
|
@@ -96,8 +96,8 @@ LIBCRYPT_NOPAM = $(LIBCRYPT)
|
||||||
|
endif
|
||||||
|
|
||||||
|
chage_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
|
||||||
|
-newuidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) -ldl
|
||||||
|
-newgidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) -ldl
|
||||||
|
+newuidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) $(LIBECONF) -ldl
|
||||||
|
+newgidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) $(LIBECONF) -ldl
|
||||||
|
chfn_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
|
||||||
|
chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF)
|
||||||
|
chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
|
@ -14,7 +14,7 @@ Index: etc/login.defs
|
|||||||
|
|
||||||
#
|
#
|
||||||
# Delay in seconds before being allowed another attempt after a login failure
|
# Delay in seconds before being allowed another attempt after a login failure
|
||||||
@@ -62,8 +65,8 @@ CONSOLE /etc/securetty
|
@@ -52,8 +55,8 @@ CONSOLE /etc/securetty
|
||||||
# If defined, ":" delimited list of "message of the day" files to
|
# If defined, ":" delimited list of "message of the day" files to
|
||||||
# be displayed upon login.
|
# be displayed upon login.
|
||||||
#
|
#
|
||||||
@ -25,7 +25,7 @@ Index: etc/login.defs
|
|||||||
|
|
||||||
#
|
#
|
||||||
# If set to "yes", login stops display content specified by MOTD_FILE after
|
# If set to "yes", login stops display content specified by MOTD_FILE after
|
||||||
@@ -83,8 +85,8 @@ MOTD_FILE /etc/motd
|
@@ -73,8 +76,8 @@ MOTD_FILE /etc/motd
|
||||||
# user's name or shell are found in the file. If not a full pathname, then
|
# user's name or shell are found in the file. If not a full pathname, then
|
||||||
# hushed mode will be enabled if the file exists in the user's home directory.
|
# hushed mode will be enabled if the file exists in the user's home directory.
|
||||||
#
|
#
|
||||||
@ -36,7 +36,7 @@ Index: etc/login.defs
|
|||||||
|
|
||||||
# If this variable is set to "yes", hostname will be suppressed in the
|
# If this variable is set to "yes", hostname will be suppressed in the
|
||||||
# login: prompt.
|
# login: prompt.
|
||||||
@@ -103,9 +105,9 @@ HUSHLOGIN_FILE .hushlogin
|
@@ -93,9 +96,9 @@ HUSHLOGIN_FILE .hushlogin
|
||||||
# ENV_SUPATH is an ENV_ROOTPATH override for su and runuser
|
# ENV_SUPATH is an ENV_ROOTPATH override for su and runuser
|
||||||
# (and falback for login).
|
# (and falback for login).
|
||||||
#
|
#
|
||||||
@ -49,7 +49,7 @@ Index: etc/login.defs
|
|||||||
|
|
||||||
# If this variable is set to "yes" (default is "no"), su will always set
|
# If this variable is set to "yes" (default is "no"), su will always set
|
||||||
# path. every su call will overwrite the PATH variable.
|
# path. every su call will overwrite the PATH variable.
|
||||||
@@ -115,7 +117,7 @@ ENV_ROOTPATH /sbin:/bin:/usr/sbin:/usr/b
|
@@ -105,7 +108,7 @@ ENV_ROOTPATH /sbin:/bin:/usr/sbin:/usr/b
|
||||||
# The recommended value is "yes". The default "no" behavior could have
|
# The recommended value is "yes". The default "no" behavior could have
|
||||||
# a security implication in applications that use commands without path.
|
# a security implication in applications that use commands without path.
|
||||||
#
|
#
|
||||||
@ -58,7 +58,7 @@ Index: etc/login.defs
|
|||||||
|
|
||||||
#
|
#
|
||||||
# Terminal permissions
|
# Terminal permissions
|
||||||
@@ -129,7 +131,7 @@ ALWAYS_SET_PATH no
|
@@ -119,7 +122,7 @@ ALWAYS_SET_PATH no
|
||||||
# set TTYPERM to either 622 or 600.
|
# set TTYPERM to either 622 or 600.
|
||||||
#
|
#
|
||||||
TTYGROUP tty
|
TTYGROUP tty
|
||||||
@ -67,7 +67,7 @@ Index: etc/login.defs
|
|||||||
|
|
||||||
# Default initial "umask" value used by login(1) on non-PAM enabled systems.
|
# Default initial "umask" value used by login(1) on non-PAM enabled systems.
|
||||||
# Default "umask" value for pam_umask(8) on PAM enabled systems.
|
# Default "umask" value for pam_umask(8) on PAM enabled systems.
|
||||||
@@ -167,8 +169,8 @@ PASS_WARN_AGE 7
|
@@ -157,8 +160,8 @@ PASS_WARN_AGE 7
|
||||||
UID_MIN 1000
|
UID_MIN 1000
|
||||||
UID_MAX 60000
|
UID_MAX 60000
|
||||||
# System accounts
|
# System accounts
|
||||||
@ -78,7 +78,7 @@ Index: etc/login.defs
|
|||||||
# Extra per user uids
|
# Extra per user uids
|
||||||
SUB_UID_MIN 100000
|
SUB_UID_MIN 100000
|
||||||
SUB_UID_MAX 600100000
|
SUB_UID_MAX 600100000
|
||||||
@@ -185,8 +187,8 @@ SUB_UID_COUNT 65536
|
@@ -175,8 +178,8 @@ SUB_UID_COUNT 65536
|
||||||
GID_MIN 1000
|
GID_MIN 1000
|
||||||
GID_MAX 60000
|
GID_MAX 60000
|
||||||
# System accounts
|
# System accounts
|
||||||
@ -89,7 +89,7 @@ Index: etc/login.defs
|
|||||||
# Extra per user group ids
|
# Extra per user group ids
|
||||||
SUB_GID_MIN 100000
|
SUB_GID_MIN 100000
|
||||||
SUB_GID_MAX 600100000
|
SUB_GID_MAX 600100000
|
||||||
@@ -195,7 +197,7 @@ SUB_GID_COUNT 65536
|
@@ -185,7 +188,7 @@ SUB_GID_COUNT 65536
|
||||||
#
|
#
|
||||||
# Max number of login(1) retries if password is bad
|
# Max number of login(1) retries if password is bad
|
||||||
#
|
#
|
||||||
@ -98,7 +98,7 @@ Index: etc/login.defs
|
|||||||
|
|
||||||
#
|
#
|
||||||
# Max time in seconds for login(1)
|
# Max time in seconds for login(1)
|
||||||
@@ -211,18 +213,9 @@ LOGIN_TIMEOUT 60
|
@@ -201,18 +204,9 @@ LOGIN_TIMEOUT 60
|
||||||
CHFN_RESTRICT rwh
|
CHFN_RESTRICT rwh
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -119,7 +119,7 @@ Index: etc/login.defs
|
|||||||
|
|
||||||
#
|
#
|
||||||
# If set to MD5, MD5-based algorithm will be used for encrypting password
|
# If set to MD5, MD5-based algorithm will be used for encrypting password
|
||||||
@@ -235,7 +228,7 @@ CHFN_RESTRICT rwh
|
@@ -227,7 +221,7 @@ CHFN_RESTRICT rwh
|
||||||
# Note: If you use PAM, it is recommended to use a value consistent with
|
# Note: If you use PAM, it is recommended to use a value consistent with
|
||||||
# the PAM modules configuration.
|
# the PAM modules configuration.
|
||||||
#
|
#
|
||||||
@ -128,7 +128,7 @@ Index: etc/login.defs
|
|||||||
|
|
||||||
#
|
#
|
||||||
# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
|
# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
|
||||||
@@ -311,7 +304,7 @@ USERDEL_POSTCMD /usr/sbin/userde
|
@@ -325,7 +319,7 @@ USERDEL_POSTCMD /usr/sbin/userde
|
||||||
#
|
#
|
||||||
# This also enables userdel(8) to remove user groups if no members exist.
|
# This also enables userdel(8) to remove user groups if no members exist.
|
||||||
#
|
#
|
||||||
@ -137,7 +137,7 @@ Index: etc/login.defs
|
|||||||
|
|
||||||
#
|
#
|
||||||
# If set to a non-zero number, the shadow utilities will make sure that
|
# If set to a non-zero number, the shadow utilities will make sure that
|
||||||
@@ -330,13 +323,13 @@ USERGROUPS_ENAB yes
|
@@ -344,13 +338,13 @@ USERGROUPS_ENAB yes
|
||||||
# This option is overridden with the -M or -m flags on the useradd(8)
|
# This option is overridden with the -M or -m flags on the useradd(8)
|
||||||
# command-line.
|
# command-line.
|
||||||
#
|
#
|
||||||
@ -151,5 +151,5 @@ Index: etc/login.defs
|
|||||||
-#FORCE_SHADOW yes
|
-#FORCE_SHADOW yes
|
||||||
+FORCE_SHADOW no
|
+FORCE_SHADOW no
|
||||||
|
|
||||||
#
|
|
||||||
# User/group names must match the following regex expression.
|
# User/group names must match the following regex expression.
|
||||||
|
# The default is [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\?,
|
||||||
|
@ -149,7 +149,7 @@ Index: etc/login.defs
|
|||||||
|
|
||||||
# Default initial "umask" value used by login(1) on non-PAM enabled systems.
|
# Default initial "umask" value used by login(1) on non-PAM enabled systems.
|
||||||
# Default "umask" value for pam_umask(8) on PAM enabled systems.
|
# Default "umask" value for pam_umask(8) on PAM enabled systems.
|
||||||
@@ -206,28 +120,13 @@ UMASK 022
|
@@ -211,28 +125,13 @@ UMASK 022
|
||||||
#
|
#
|
||||||
# PASS_MAX_DAYS Maximum number of days a password may be used.
|
# PASS_MAX_DAYS Maximum number of days a password may be used.
|
||||||
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
|
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
|
||||||
@ -178,7 +178,7 @@ Index: etc/login.defs
|
|||||||
# Min/max values for automatic uid selection in useradd(8)
|
# Min/max values for automatic uid selection in useradd(8)
|
||||||
#
|
#
|
||||||
UID_MIN 1000
|
UID_MIN 1000
|
||||||
@@ -264,28 +163,6 @@ LOGIN_RETRIES 5
|
@@ -269,28 +168,6 @@ LOGIN_RETRIES 5
|
||||||
LOGIN_TIMEOUT 60
|
LOGIN_TIMEOUT 60
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -207,7 +207,7 @@ Index: etc/login.defs
|
|||||||
# Which fields may be changed by regular users using chfn(1) - use
|
# Which fields may be changed by regular users using chfn(1) - use
|
||||||
# any combination of letters "frwh" (full name, room number, work
|
# any combination of letters "frwh" (full name, room number, work
|
||||||
# phone, home phone). If not defined, no changes are allowed.
|
# phone, home phone). If not defined, no changes are allowed.
|
||||||
@@ -294,13 +171,6 @@ CHFN_AUTH yes
|
@@ -299,13 +176,6 @@ CHFN_AUTH yes
|
||||||
CHFN_RESTRICT rwh
|
CHFN_RESTRICT rwh
|
||||||
|
|
||||||
#
|
#
|
||||||
@ -221,8 +221,8 @@ Index: etc/login.defs
|
|||||||
# Only works if compiled with MD5_CRYPT defined:
|
# Only works if compiled with MD5_CRYPT defined:
|
||||||
# If set to "yes", new passwords will be encrypted using the MD5-based
|
# If set to "yes", new passwords will be encrypted using the MD5-based
|
||||||
# algorithm compatible with the one used by recent releases of FreeBSD.
|
# algorithm compatible with the one used by recent releases of FreeBSD.
|
||||||
@@ -361,29 +231,12 @@ CHFN_RESTRICT rwh
|
@@ -382,17 +252,6 @@ CHFN_RESTRICT rwh
|
||||||
#BCRYPT_MAX_ROUNDS 13
|
#YESCRYPT_COST_FACTOR 5
|
||||||
|
|
||||||
#
|
#
|
||||||
-# List of groups to add to the user's supplementary group set
|
-# List of groups to add to the user's supplementary group set
|
||||||
@ -239,7 +239,8 @@ Index: etc/login.defs
|
|||||||
# Should login be allowed if we can't cd to the home directory?
|
# Should login be allowed if we can't cd to the home directory?
|
||||||
# Default is no.
|
# Default is no.
|
||||||
#
|
#
|
||||||
DEFAULT_HOME yes
|
@@ -407,12 +266,6 @@ DEFAULT_HOME yes
|
||||||
|
NONEXISTENT /nonexistent
|
||||||
|
|
||||||
#
|
#
|
||||||
-# If this file exists and is readable, login environment will be
|
-# If this file exists and is readable, login environment will be
|
||||||
|
21
shadow-passwd-handle-null.patch
Normal file
21
shadow-passwd-handle-null.patch
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
Upstream commit: adb83f779618674e5e96e27e3d48559d62e2c410
|
||||||
|
To fix: https://github.com/shadow-maint/shadow/pull/398
|
||||||
|
Index: shadow-4.9/src/passwd.c
|
||||||
|
===================================================================
|
||||||
|
--- shadow-4.9.orig/src/passwd.c
|
||||||
|
+++ shadow-4.9/src/passwd.c
|
||||||
|
@@ -490,9 +490,12 @@ static void print_status (const struct p
|
||||||
|
((long long)sp->sp_max * SCALE) / DAY,
|
||||||
|
((long long)sp->sp_warn * SCALE) / DAY,
|
||||||
|
((long long)sp->sp_inact * SCALE) / DAY);
|
||||||
|
- } else {
|
||||||
|
+ } else if (NULL != pw->pw_passwd) {
|
||||||
|
(void) printf ("%s %s\n",
|
||||||
|
- pw->pw_name, pw_status (pw->pw_passwd));
|
||||||
|
+ pw->pw_name, pw_status (pw->pw_passwd));
|
||||||
|
+ } else {
|
||||||
|
+ (void) fprintf(stderr, _("%s: malformed password data obtained for user %s\n"),
|
||||||
|
+ Prog, pw->pw_name);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -113,7 +113,7 @@ Index: lib/getdef.c
|
|||||||
===================================================================
|
===================================================================
|
||||||
--- lib/getdef.c.orig
|
--- lib/getdef.c.orig
|
||||||
+++ lib/getdef.c
|
+++ lib/getdef.c
|
||||||
@@ -66,6 +66,7 @@ struct itemdef {
|
@@ -67,6 +67,7 @@ struct itemdef {
|
||||||
{"LOGIN_STRING", NULL}, \
|
{"LOGIN_STRING", NULL}, \
|
||||||
{"MAIL_CHECK_ENAB", NULL}, \
|
{"MAIL_CHECK_ENAB", NULL}, \
|
||||||
{"MOTD_FILE", NULL}, \
|
{"MOTD_FILE", NULL}, \
|
||||||
@ -121,7 +121,7 @@ Index: lib/getdef.c
|
|||||||
{"NOLOGINS_FILE", NULL}, \
|
{"NOLOGINS_FILE", NULL}, \
|
||||||
{"OBSCURE_CHECKS_ENAB", NULL}, \
|
{"OBSCURE_CHECKS_ENAB", NULL}, \
|
||||||
{"PASS_ALWAYS_WARN", NULL}, \
|
{"PASS_ALWAYS_WARN", NULL}, \
|
||||||
@@ -80,6 +81,7 @@ struct itemdef {
|
@@ -91,6 +92,7 @@ struct itemdef {
|
||||||
|
|
||||||
#define NUMDEFS (sizeof(def_table)/sizeof(def_table[0]))
|
#define NUMDEFS (sizeof(def_table)/sizeof(def_table[0]))
|
||||||
static struct itemdef def_table[] = {
|
static struct itemdef def_table[] = {
|
||||||
@ -129,7 +129,7 @@ Index: lib/getdef.c
|
|||||||
{"CHARACTER_CLASS", NULL},
|
{"CHARACTER_CLASS", NULL},
|
||||||
{"CHFN_RESTRICT", NULL},
|
{"CHFN_RESTRICT", NULL},
|
||||||
{"CONSOLE_GROUPS", NULL},
|
{"CONSOLE_GROUPS", NULL},
|
||||||
@@ -88,6 +90,7 @@ static struct itemdef def_table[] = {
|
@@ -99,6 +101,7 @@ static struct itemdef def_table[] = {
|
||||||
{"DEFAULT_HOME", NULL},
|
{"DEFAULT_HOME", NULL},
|
||||||
{"ENCRYPT_METHOD", NULL},
|
{"ENCRYPT_METHOD", NULL},
|
||||||
{"ENV_PATH", NULL},
|
{"ENV_PATH", NULL},
|
||||||
@ -137,7 +137,7 @@ Index: lib/getdef.c
|
|||||||
{"ENV_SUPATH", NULL},
|
{"ENV_SUPATH", NULL},
|
||||||
{"ERASECHAR", NULL},
|
{"ERASECHAR", NULL},
|
||||||
{"FAIL_DELAY", NULL},
|
{"FAIL_DELAY", NULL},
|
||||||
@@ -99,6 +102,7 @@ static struct itemdef def_table[] = {
|
@@ -110,6 +113,7 @@ static struct itemdef def_table[] = {
|
||||||
{"KILLCHAR", NULL},
|
{"KILLCHAR", NULL},
|
||||||
{"LASTLOG_UID_MAX", NULL},
|
{"LASTLOG_UID_MAX", NULL},
|
||||||
{"LOGIN_RETRIES", NULL},
|
{"LOGIN_RETRIES", NULL},
|
||||||
|
@ -1,3 +1,50 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Aug 17 15:08:09 UTC 2021 - Michael Vetter <mvetter@suse.com>
|
||||||
|
|
||||||
|
- Update to 4.9:
|
||||||
|
* Updated translations
|
||||||
|
* Major salt updates
|
||||||
|
* Various coverity and cleanup fixes
|
||||||
|
* Consistently use 0 to disable PASS_MIN_DAYS in man
|
||||||
|
* Implement NSS support for subids and a libsubid
|
||||||
|
* setfcap: retain setfcap when mapping uid 0
|
||||||
|
* login.defs: include HMAC_CRYPTO_ALGO key
|
||||||
|
* selinux fixes
|
||||||
|
* Fix path prefix path handling
|
||||||
|
* Manpage updates
|
||||||
|
* Treat an empty passwd field as invalid(Haelwenn Monnier)
|
||||||
|
* newxidmap: allow running under alternative gid
|
||||||
|
* usermod: check that shell is executable
|
||||||
|
* Add yescript support
|
||||||
|
* useradd memleak fixes
|
||||||
|
* useradd: use built-in settings by default
|
||||||
|
* getdefs: add foreign
|
||||||
|
* buffer overflow fixes
|
||||||
|
* Adding run-parts style for pre and post useradd/del
|
||||||
|
- Refresh:
|
||||||
|
* shadow-login_defs-unused-by-pam.patch
|
||||||
|
* userdel-script.patch
|
||||||
|
* useradd-script.patch
|
||||||
|
* chkname-regex.patch
|
||||||
|
* useradd-default.patch: bbf4b79 stopped shipping default file.
|
||||||
|
change group in code now.
|
||||||
|
* shadow-login_defs-suse.patch
|
||||||
|
* useradd-userkeleton.patch
|
||||||
|
- Remove because upstreamed:
|
||||||
|
* shadow-4.1.5.1-userdel-helpfix.patch
|
||||||
|
* shadow-4.1.5.1-logmsg.patch
|
||||||
|
- Add libsubid-build-fix.patch:
|
||||||
|
See https://github.com/shadow-maint/shadow/issues/387
|
||||||
|
- Add shadow-libeconf-include.patch:
|
||||||
|
See c6847011e8b656adacd9a0d2a78418cad0de34cb
|
||||||
|
- Add shadow-fix-sigabrt.patch:
|
||||||
|
See https://github.com/shadow-maint/shadow/issues/394
|
||||||
|
- Add shadow-passwd-handle-null.patch:
|
||||||
|
See https://github.com/shadow-maint/shadow/pull/398
|
||||||
|
- Remove %{_sysconfdir}/default/useradd: file not shipped anymore
|
||||||
|
- Remove --disable-shared: Dont need it anymore
|
||||||
|
See https://github.com/shadow-maint/shadow/issues/336
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jul 1 11:51:39 UTC 2021 - Thorsten Kukuk <kukuk@suse.com>
|
Thu Jul 1 11:51:39 UTC 2021 - Thorsten Kukuk <kukuk@suse.com>
|
||||||
|
|
||||||
|
98
shadow.spec
98
shadow.spec
@ -21,15 +21,14 @@
|
|||||||
%else
|
%else
|
||||||
%define no_config 1
|
%define no_config 1
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
Name: shadow
|
Name: shadow
|
||||||
Version: 4.8.1
|
Version: 4.9
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Utilities to Manage User and Group Accounts
|
Summary: Utilities to Manage User and Group Accounts
|
||||||
License: BSD-3-Clause AND GPL-2.0-or-later
|
License: BSD-3-Clause AND GPL-2.0-or-later
|
||||||
Group: System/Base
|
Group: System/Base
|
||||||
URL: https://github.com/shadow-maint/shadow
|
URL: https://github.com/shadow-maint/shadow
|
||||||
Source: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz
|
Source: https://github.com/shadow-maint/shadow/releases/download/v%{version}/shadow-%{version}.tar.xz
|
||||||
Source1: pamd.tar.bz2
|
Source1: pamd.tar.bz2
|
||||||
Source2: README.changes-pwdutils
|
Source2: README.changes-pwdutils
|
||||||
Source3: useradd.local
|
Source3: useradd.local
|
||||||
@ -37,7 +36,7 @@ Source4: userdel-pre.local
|
|||||||
Source5: userdel-post.local
|
Source5: userdel-post.local
|
||||||
Source6: shadow.service
|
Source6: shadow.service
|
||||||
Source7: shadow.timer
|
Source7: shadow.timer
|
||||||
Source42: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz.asc
|
Source42: https://github.com/shadow-maint/shadow/releases/download/v%{version}/shadow-%{version}.tar.xz.asc
|
||||||
Source43: %{name}.keyring
|
Source43: %{name}.keyring
|
||||||
# SOURCE-FEATURE-SUSE shadow-login_defs-check.sh sbrabec@suse.com -- Supplementary script that verifies coverage of variables in shadow-login_defs-unused-by-pam.patch and other patches.
|
# SOURCE-FEATURE-SUSE shadow-login_defs-check.sh sbrabec@suse.com -- Supplementary script that verifies coverage of variables in shadow-login_defs-unused-by-pam.patch and other patches.
|
||||||
Source44: shadow-login_defs-check.sh
|
Source44: shadow-login_defs-check.sh
|
||||||
@ -53,40 +52,44 @@ Patch3: chkname-regex.patch
|
|||||||
Patch4: useradd-default.patch
|
Patch4: useradd-default.patch
|
||||||
# PATCH-FEATURE-SUSE shadow-util-linux.patch sbrabec@suse.com -- Add support for util-linux specific variables, delete shadow login, su runuser specific.
|
# PATCH-FEATURE-SUSE shadow-util-linux.patch sbrabec@suse.com -- Add support for util-linux specific variables, delete shadow login, su runuser specific.
|
||||||
Patch5: shadow-util-linux.patch
|
Patch5: shadow-util-linux.patch
|
||||||
# PATCH-FEATURE-FEDORA shadow-4.1.5.1-userdel-helpfix.patch christian.brauner@mailbox.org -- Give a hint about what happens when you force the removal of a user.
|
|
||||||
Patch6: shadow-4.1.5.1-userdel-helpfix.patch
|
|
||||||
# PATCH-FIX-FEDORA shadow-4.1.5.1-logmsg.patch kukuk@suse.com -- Fix error message.
|
|
||||||
Patch7: shadow-4.1.5.1-logmsg.patch
|
|
||||||
# PATCH-FEATURE-SUSE shadow-login_defs-comments.patch kukuk@suse.com -- Adjust login.defs comments.
|
# PATCH-FEATURE-SUSE shadow-login_defs-comments.patch kukuk@suse.com -- Adjust login.defs comments.
|
||||||
Patch13: shadow-login_defs-comments.patch
|
Patch6: shadow-login_defs-comments.patch
|
||||||
# PATCH-FEATURE-SUSE shadow-login_defs-suse.patch kukuk@suse.com -- Customize login.defs.
|
# PATCH-FEATURE-SUSE shadow-login_defs-suse.patch kukuk@suse.com -- Customize login.defs.
|
||||||
Patch14: shadow-login_defs-suse.patch
|
Patch7: shadow-login_defs-suse.patch
|
||||||
# PATCH-FEATURE-SUSE Copy also skeleton files from /usr/etc/skel (boo#1173321)
|
# PATCH-FEATURE-SUSE Copy also skeleton files from /usr/etc/skel (boo#1173321)
|
||||||
Patch15: useradd-userkeleton.patch
|
Patch8: useradd-userkeleton.patch
|
||||||
# PATCH-FIX-SUSE disable_new_audit_function.patch adam.majer@suse.de -- Disable newer libaudit functionality for older distributions.
|
# PATCH-FIX-SUSE disable_new_audit_function.patch adam.majer@suse.de -- Disable newer libaudit functionality for older distributions.
|
||||||
Patch20: disable_new_audit_function.patch
|
Patch9: disable_new_audit_function.patch
|
||||||
|
# PATCH-FIX-UPSTREAM libsubid-build-fix.patch mvetter@suse.de -- Fix build with libsubid (f4a84e, 537b8c, fa986b)
|
||||||
|
Patch10: libsubid-build-fix.patch
|
||||||
|
# PATCH-FIX-UPSTREAM shadow-libeconf-include.patch mvetter@suse.de -- Include libeconf to new*idmap (c68470)
|
||||||
|
Patch11: shadow-libeconf-include.patch
|
||||||
|
# PATCH-FIX-UPSTREAM shadow-fix-sigabrt.patch mvetter@suse.de -- Fix SIGABRT https://github.com/shadow-maint/shadow/issues/394
|
||||||
|
Patch12: shadow-fix-sigabrt.patch
|
||||||
|
# PATCH-FIX-UPSTREAM shadow-passwd-handle-null.patch mvetter@suse.de -- Fix passwd NULL handling https://github.com/shadow-maint/shadow/pull/398
|
||||||
|
Patch13: shadow-passwd-handle-null.patch
|
||||||
BuildRequires: audit-devel > 2.3
|
BuildRequires: audit-devel > 2.3
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: libacl-devel
|
BuildRequires: libacl-devel
|
||||||
BuildRequires: libattr-devel
|
BuildRequires: libattr-devel
|
||||||
# It should be %%if %%{defined no_config}, but OBS cannot handle it:
|
|
||||||
%if 0%{?suse_version} >= 1550
|
|
||||||
BuildRequires: libeconf-devel
|
|
||||||
%endif
|
|
||||||
BuildRequires: libselinux-devel
|
BuildRequires: libselinux-devel
|
||||||
BuildRequires: libsemanage-devel
|
BuildRequires: libsemanage-devel
|
||||||
BuildRequires: libtool
|
BuildRequires: libtool
|
||||||
BuildRequires: pam-devel
|
BuildRequires: pam-devel
|
||||||
BuildRequires: xz
|
BuildRequires: xz
|
||||||
|
Requires: login_defs >= %{version}
|
||||||
Requires(pre): group(root)
|
Requires(pre): group(root)
|
||||||
Requires(pre): group(shadow)
|
Requires(pre): group(shadow)
|
||||||
Requires(pre): permissions
|
Requires(pre): permissions
|
||||||
Requires(pre): user(root)
|
Requires(pre): user(root)
|
||||||
Provides: pwdutils = 3.2.20
|
Provides: pwdutils = 3.2.20
|
||||||
Obsoletes: pwdutils <= 3.2.19
|
Obsoletes: pwdutils <= 3.2.19
|
||||||
Requires: login_defs >= %{version}
|
|
||||||
Provides: useradd_or_adduser_dep
|
Provides: useradd_or_adduser_dep
|
||||||
|
# It should be %%if %%{defined no_config}, but OBS cannot handle it:
|
||||||
|
%if 0%{?suse_version} >= 1550
|
||||||
|
BuildRequires: libeconf-devel
|
||||||
|
%endif
|
||||||
|
|
||||||
%description
|
%description
|
||||||
This package includes the necessary programs for converting plain
|
This package includes the necessary programs for converting plain
|
||||||
@ -94,21 +97,35 @@ password files to the shadow password format and to manage user and
|
|||||||
group accounts.
|
group accounts.
|
||||||
|
|
||||||
%package -n login_defs
|
%package -n login_defs
|
||||||
Summary: login.defs configuration file
|
Summary: The login.defs configuration file
|
||||||
Group: System/Base
|
|
||||||
BuildArch: noarch
|
|
||||||
# Virtual provides for supported variables in login.defs.
|
# Virtual provides for supported variables in login.defs.
|
||||||
# It prevents references to unknown variables.
|
# It prevents references to unknown variables.
|
||||||
# Upgrade them only if shadow-util-linux.patch or
|
# Upgrade them only if shadow-util-linux.patch or
|
||||||
# encryption_method_nis.patch has to be ported!
|
# encryption_method_nis.patch has to be ported!
|
||||||
# Call shadow-login_defs-check.sh before!
|
# Call shadow-login_defs-check.sh before!
|
||||||
|
Group: System/Base
|
||||||
Provides: login_defs-support-for-pam = 1.3.1
|
Provides: login_defs-support-for-pam = 1.3.1
|
||||||
Provides: login_defs-support-for-util-linux = 2.36
|
Provides: login_defs-support-for-util-linux = 2.36
|
||||||
|
BuildArch: noarch
|
||||||
|
|
||||||
%description -n login_defs
|
%description -n login_defs
|
||||||
This package contains the default login.defs configuration file
|
This package contains the default login.defs configuration file
|
||||||
as used by util-linux, pam and shadow.
|
as used by util-linux, pam and shadow.
|
||||||
|
|
||||||
|
%package -n libsubid3
|
||||||
|
Summary: A library to manage subordinate uid and gid ranges
|
||||||
|
Group: System/Base
|
||||||
|
|
||||||
|
%description -n libsubid3
|
||||||
|
Utility library that provides a way to manage subid ranges.
|
||||||
|
|
||||||
|
%package -n libsubid-devel
|
||||||
|
Summary: Development files for libsubid3
|
||||||
|
Group: System/Base
|
||||||
|
|
||||||
|
%description -n libsubid-devel
|
||||||
|
Development files for libsubid3.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -a 1
|
%setup -q -a 1
|
||||||
%patch0
|
%patch0
|
||||||
@ -119,12 +136,14 @@ as used by util-linux, pam and shadow.
|
|||||||
%patch5
|
%patch5
|
||||||
%patch6
|
%patch6
|
||||||
%patch7
|
%patch7
|
||||||
%patch13
|
%patch8
|
||||||
%patch14
|
|
||||||
%patch15
|
|
||||||
%if 0%{?suse_version} < 1330
|
%if 0%{?suse_version} < 1330
|
||||||
%patch20 -p1
|
%patch9 -p1
|
||||||
%endif
|
%endif
|
||||||
|
%patch10 -p1
|
||||||
|
%patch11 -p1
|
||||||
|
%patch12 -p1
|
||||||
|
%patch13 -p1
|
||||||
|
|
||||||
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
|
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
|
||||||
mv -v doc/HOWTO.utf8 doc/HOWTO
|
mv -v doc/HOWTO.utf8 doc/HOWTO
|
||||||
@ -145,14 +164,16 @@ autoreconf -fvi
|
|||||||
--with-nscd \
|
--with-nscd \
|
||||||
--with-selinux \
|
--with-selinux \
|
||||||
--without-libcrack \
|
--without-libcrack \
|
||||||
--disable-shared \
|
|
||||||
--with-group-name-max-length=32 \
|
--with-group-name-max-length=32 \
|
||||||
--enable-vendordir=%{_distconfdir}
|
--enable-vendordir=%{_distconfdir}
|
||||||
make %{?_smp_mflags} V=1
|
%make_build
|
||||||
|
# --disable-shared \ currently doesn't build with this. See https://github.com/shadow-maint/shadow/issues/336
|
||||||
|
|
||||||
%install
|
%install
|
||||||
cp %{SOURCE2} .
|
cp %{SOURCE2} .
|
||||||
%make_install gnulocaledir=%{buildroot}/%{_datadir}/locale MKINSTALLDIRS=`pwd`/mkinstalldirs
|
%make_install gnulocaledir=%{buildroot}/%{_datadir}/locale MKINSTALLDIRS=`pwd`/mkinstalldirs
|
||||||
|
# Separate call to install man pages. See https://github.com/shadow-maint/shadow/issues/389
|
||||||
|
%make_install -C man install-man
|
||||||
|
|
||||||
# install useradd.local, userdel.local, ...
|
# install useradd.local, userdel.local, ...
|
||||||
install -m 0755 %{SOURCE3} %{buildroot}/%{_sbindir}/
|
install -m 0755 %{SOURCE3} %{buildroot}/%{_sbindir}/
|
||||||
@ -221,6 +242,8 @@ rm %{buildroot}/%{_mandir}/*/man5/passwd.5*
|
|||||||
|
|
||||||
rm -rf %{buildroot}%{_mandir}/{??,??_??}
|
rm -rf %{buildroot}%{_mandir}/{??,??_??}
|
||||||
|
|
||||||
|
rm %{buildroot}/%{_libdir}/libsubid.la
|
||||||
|
|
||||||
# Move /etc to /usr/etc
|
# Move /etc to /usr/etc
|
||||||
if [ ! -d %{buildroot}%{_distconfdir} ]; then
|
if [ ! -d %{buildroot}%{_distconfdir} ]; then
|
||||||
mkdir -p %{buildroot}%{_distconfdir}
|
mkdir -p %{buildroot}%{_distconfdir}
|
||||||
@ -233,11 +256,11 @@ fi
|
|||||||
%pre
|
%pre
|
||||||
%service_add_pre shadow.service shadow.timer
|
%service_add_pre shadow.service shadow.timer
|
||||||
for i in pam.d/chage pam.d/chfn pam.d/chpasswd pam.d/chsh pam.d/groupadd pam.d/groupdel pam.d/groupmod pam.d/newusers pam.d/passwd pam.d/useradd pam.d/userdel pam.d/usermod; do
|
for i in pam.d/chage pam.d/chfn pam.d/chpasswd pam.d/chsh pam.d/groupadd pam.d/groupdel pam.d/groupmod pam.d/newusers pam.d/passwd pam.d/useradd pam.d/userdel pam.d/usermod; do
|
||||||
test -f /etc/${i}.rpmsave && mv -v /etc/${i}.rpmsave /etc/${i}.rpmsave.old ||:
|
test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i}.rpmsave.old ||:
|
||||||
done
|
done
|
||||||
|
|
||||||
%pre -n login_defs
|
%pre -n login_defs
|
||||||
test -f /etc/login.defs.rpmsave && mv -v /etc/login.defs.rpmsave /etc/login.defs.rpmsave.old ||:
|
test -f %{_sysconfdir}/login.defs.rpmsave && mv -v %{_sysconfdir}/login.defs.rpmsave %{_sysconfdir}/login.defs.rpmsave.old ||:
|
||||||
|
|
||||||
%post
|
%post
|
||||||
%set_permissions %{_bindir}/chage
|
%set_permissions %{_bindir}/chage
|
||||||
@ -273,7 +296,7 @@ test -f /etc/login.defs.rpmsave && mv -v /etc/login.defs.rpmsave /etc/login.defs
|
|||||||
%if %{defined no_config}
|
%if %{defined no_config}
|
||||||
# Migration to /usr/etc
|
# Migration to /usr/etc
|
||||||
for i in pam.d/chage pam.d/chfn pam.d/chpasswd pam.d/chsh pam.d/groupadd pam.d/groupdel pam.d/groupmod pam.d/newusers pam.d/passwd pam.d/useradd pam.d/userdel pam.d/usermod; do
|
for i in pam.d/chage pam.d/chfn pam.d/chpasswd pam.d/chsh pam.d/groupadd pam.d/groupdel pam.d/groupmod pam.d/newusers pam.d/passwd pam.d/useradd pam.d/userdel pam.d/usermod; do
|
||||||
test -f /etc/${i}.rpmsave && mv -v /etc/${i}.rpmsave /etc/${i} ||:
|
test -f %{_sysconfdir}/${i}.rpmsave && mv -v %{_sysconfdir}/${i}.rpmsave %{_sysconfdir}/${i} ||:
|
||||||
done
|
done
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
@ -281,12 +304,14 @@ done
|
|||||||
# rpmsave file can be created by
|
# rpmsave file can be created by
|
||||||
# - change of owning package (SLE15 SP2->SP3, Leap 15.2->15.3)
|
# - change of owning package (SLE15 SP2->SP3, Leap 15.2->15.3)
|
||||||
# - Migration to /usr/etc (after SLE15 and Leap 15)
|
# - Migration to /usr/etc (after SLE15 and Leap 15)
|
||||||
test -f /etc/login.defs.rpmsave && mv -v /etc/login.defs.rpmsave /etc/login.defs ||:
|
test -f %{_sysconfdir}/login.defs.rpmsave && mv -v %{_sysconfdir}/login.defs.rpmsave %{_sysconfdir}/login.defs ||:
|
||||||
|
|
||||||
|
%post -n libsubid3 -p /sbin/ldconfig
|
||||||
|
%postun -n libsubid3 -p /sbin/ldconfig
|
||||||
|
|
||||||
%files -f shadow.lang
|
%files -f shadow.lang
|
||||||
%license COPYING
|
%license COPYING
|
||||||
%doc NEWS doc/HOWTO README README.changes-pwdutils
|
%doc NEWS doc/HOWTO README README.changes-pwdutils
|
||||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/default/useradd
|
|
||||||
%verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/subuid
|
%verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/subuid
|
||||||
%verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/subgid
|
%verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/subgid
|
||||||
%if %{defined no_config}
|
%if %{defined no_config}
|
||||||
@ -308,7 +333,6 @@ test -f /etc/login.defs.rpmsave && mv -v /etc/login.defs.rpmsave /etc/login.defs
|
|||||||
%config %{_sysconfdir}/pam.d/chfn
|
%config %{_sysconfdir}/pam.d/chfn
|
||||||
%config %{_sysconfdir}/pam.d/chsh
|
%config %{_sysconfdir}/pam.d/chsh
|
||||||
%config %{_sysconfdir}/pam.d/passwd
|
%config %{_sysconfdir}/pam.d/passwd
|
||||||
%config %{_sysconfdir}/pam.d/useradd
|
|
||||||
%config %{_sysconfdir}/pam.d/chpasswd
|
%config %{_sysconfdir}/pam.d/chpasswd
|
||||||
%config %{_sysconfdir}/pam.d/groupadd
|
%config %{_sysconfdir}/pam.d/groupadd
|
||||||
%config %{_sysconfdir}/pam.d/groupdel
|
%config %{_sysconfdir}/pam.d/groupdel
|
||||||
@ -380,11 +404,19 @@ test -f /etc/login.defs.rpmsave && mv -v /etc/login.defs.rpmsave /etc/login.defs
|
|||||||
|
|
||||||
%files -n login_defs
|
%files -n login_defs
|
||||||
%if %{defined no_config}
|
%if %{defined no_config}
|
||||||
%dir /etc/login.defs.d
|
%dir %{_sysconfdir}/login.defs.d
|
||||||
%attr(0644,root,root) %{_distconfdir}/login.defs
|
%attr(0644,root,root) %{_distconfdir}/login.defs
|
||||||
%else
|
%else
|
||||||
%attr(0644,root,root) %config %{_sysconfdir}/login.defs
|
%attr(0644,root,root) %config %{_sysconfdir}/login.defs
|
||||||
%endif
|
%endif
|
||||||
%{_mandir}/man5/login.defs.5%{?ext_man}
|
%{_mandir}/man5/login.defs.5%{?ext_man}
|
||||||
|
|
||||||
|
%files -n libsubid3
|
||||||
|
%{_libdir}/libsubid.so.*
|
||||||
|
|
||||||
|
%files -n libsubid-devel
|
||||||
|
%dir %{_includedir}/shadow
|
||||||
|
%{_includedir}/shadow/subid.h
|
||||||
|
%{_libdir}/libsubid.so
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
@ -1,9 +1,13 @@
|
|||||||
--- etc/useradd
|
Index: src/useradd.c
|
||||||
+++ etc/useradd
|
===================================================================
|
||||||
@@ -1,5 +1,5 @@
|
--- src/useradd.c.orig
|
||||||
# useradd defaults file
|
+++ src/useradd.c
|
||||||
-GROUP=1000
|
@@ -101,7 +101,7 @@ FILE *shadow_logfd = NULL;
|
||||||
+GROUP=100
|
/*
|
||||||
HOME=/home
|
* These defaults are used if there is no defaults file.
|
||||||
INACTIVE=-1
|
*/
|
||||||
EXPIRE=
|
-static gid_t def_group = 1000;
|
||||||
|
+static gid_t def_group = 100;
|
||||||
|
static const char *def_gname = "other";
|
||||||
|
static const char *def_home = "/home";
|
||||||
|
static const char *def_shell = "/bin/bash";
|
||||||
|
@ -4,10 +4,12 @@
|
|||||||
src/useradd.c | 41 ++++++++++++++++++++++++++++++++++++++++-
|
src/useradd.c | 41 ++++++++++++++++++++++++++++++++++++++++-
|
||||||
3 files changed, 48 insertions(+), 1 deletion(-)
|
3 files changed, 48 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
--- etc/login.defs
|
Index: etc/login.defs
|
||||||
+++ etc/login.defs 2020-10-30 12:54:38.117849829 +0000
|
===================================================================
|
||||||
@@ -242,6 +242,13 @@ CHFN_RESTRICT rwh
|
--- etc/login.defs.orig
|
||||||
DEFAULT_HOME yes
|
+++ etc/login.defs
|
||||||
|
@@ -266,6 +266,13 @@ DEFAULT_HOME yes
|
||||||
|
NONEXISTENT /nonexistent
|
||||||
|
|
||||||
#
|
#
|
||||||
+# If defined, this command is run when adding a user.
|
+# If defined, this command is run when adding a user.
|
||||||
@ -20,9 +22,11 @@
|
|||||||
# If defined, this command is run when removing a user.
|
# If defined, this command is run when removing a user.
|
||||||
# It should remove any at/cron/print jobs etc. owned by
|
# It should remove any at/cron/print jobs etc. owned by
|
||||||
# the user to be removed (passed as the first argument).
|
# the user to be removed (passed as the first argument).
|
||||||
--- lib/getdef.c
|
Index: lib/getdef.c
|
||||||
+++ lib/getdef.c 2020-10-30 12:54:38.117849829 +0000
|
===================================================================
|
||||||
@@ -134,6 +134,7 @@ static struct itemdef def_table[] = {
|
--- lib/getdef.c.orig
|
||||||
|
+++ lib/getdef.c
|
||||||
|
@@ -149,6 +149,7 @@ static struct itemdef def_table[] = {
|
||||||
{"UID_MAX", NULL},
|
{"UID_MAX", NULL},
|
||||||
{"UID_MIN", NULL},
|
{"UID_MIN", NULL},
|
||||||
{"UMASK", NULL},
|
{"UMASK", NULL},
|
||||||
@ -30,11 +34,13 @@
|
|||||||
{"USERDEL_CMD", NULL},
|
{"USERDEL_CMD", NULL},
|
||||||
{"USERDEL_PRECMD", NULL},
|
{"USERDEL_PRECMD", NULL},
|
||||||
{"USERDEL_POSTCMD", NULL},
|
{"USERDEL_POSTCMD", NULL},
|
||||||
--- src/useradd.c
|
Index: src/useradd.c
|
||||||
+++ src/useradd.c 2020-10-30 13:08:17.378336989 +0000
|
===================================================================
|
||||||
@@ -2238,6 +2238,44 @@ static void create_mail (void)
|
--- src/useradd.c.orig
|
||||||
}
|
+++ src/useradd.c
|
||||||
|
@@ -2398,6 +2398,44 @@ static void check_uid_range(int rflg, ui
|
||||||
|
|
||||||
|
}
|
||||||
/*
|
/*
|
||||||
+ * call_script - call a script to do some work
|
+ * call_script - call a script to do some work
|
||||||
+ *
|
+ *
|
||||||
@ -77,7 +83,7 @@
|
|||||||
* main - useradd command
|
* main - useradd command
|
||||||
*/
|
*/
|
||||||
int main (int argc, char **argv)
|
int main (int argc, char **argv)
|
||||||
@@ -2514,6 +2552,7 @@ int main (int argc, char **argv)
|
@@ -2691,6 +2729,7 @@ int main (int argc, char **argv)
|
||||||
nscd_flush_cache ("group");
|
nscd_flush_cache ("group");
|
||||||
sssd_flush_cache (SSSD_DB_PASSWD | SSSD_DB_GROUP);
|
sssd_flush_cache (SSSD_DB_PASSWD | SSSD_DB_GROUP);
|
||||||
|
|
||||||
|
@ -5,21 +5,11 @@ Copy also skeleton files from /usr/etc/skel (boo#1173321)
|
|||||||
src/useradd.c | 37 +++++++++++++++++++++++++++++++++++++
|
src/useradd.c | 37 +++++++++++++++++++++++++++++++++++++
|
||||||
2 files changed, 38 insertions(+)
|
2 files changed, 38 insertions(+)
|
||||||
|
|
||||||
Index: etc/useradd
|
|
||||||
===================================================================
|
|
||||||
--- etc/useradd.orig
|
|
||||||
+++ etc/useradd
|
|
||||||
@@ -5,4 +5,5 @@ INACTIVE=-1
|
|
||||||
EXPIRE=
|
|
||||||
SHELL=/bin/bash
|
|
||||||
SKEL=/etc/skel
|
|
||||||
+USRSKEL=/usr/etc/skel
|
|
||||||
CREATE_MAIL_SPOOL=yes
|
|
||||||
Index: src/useradd.c
|
Index: src/useradd.c
|
||||||
===================================================================
|
===================================================================
|
||||||
--- src/useradd.c.orig
|
--- src/useradd.c.orig
|
||||||
+++ src/useradd.c
|
+++ src/useradd.c
|
||||||
@@ -78,6 +78,9 @@
|
@@ -82,6 +82,9 @@
|
||||||
#ifndef SKEL_DIR
|
#ifndef SKEL_DIR
|
||||||
#define SKEL_DIR "/etc/skel"
|
#define SKEL_DIR "/etc/skel"
|
||||||
#endif
|
#endif
|
||||||
@ -29,15 +19,15 @@ Index: src/useradd.c
|
|||||||
#ifndef USER_DEFAULTS_FILE
|
#ifndef USER_DEFAULTS_FILE
|
||||||
#define USER_DEFAULTS_FILE "/etc/default/useradd"
|
#define USER_DEFAULTS_FILE "/etc/default/useradd"
|
||||||
#define NEW_USER_FILE "/etc/default/nuaddXXXXXX"
|
#define NEW_USER_FILE "/etc/default/nuaddXXXXXX"
|
||||||
@@ -101,6 +104,7 @@ static const char *def_gname = "other";
|
@@ -106,6 +109,7 @@ static const char *def_gname = "other";
|
||||||
static const char *def_home = "/home";
|
static const char *def_home = "/home";
|
||||||
static const char *def_shell = "";
|
static const char *def_shell = "/bin/bash";
|
||||||
static const char *def_template = SKEL_DIR;
|
static const char *def_template = SKEL_DIR;
|
||||||
+static const char *def_usrtemplate = USRSKELDIR;
|
+static const char *def_usrtemplate = USRSKELDIR;
|
||||||
static const char *def_create_mail_spool = "no";
|
static const char *def_create_mail_spool = "yes";
|
||||||
|
|
||||||
static long def_inactive = -1;
|
static long def_inactive = -1;
|
||||||
@@ -202,6 +206,7 @@ static bool home_added = false;
|
@@ -208,6 +212,7 @@ static bool home_added = false;
|
||||||
#define DINACT "INACTIVE="
|
#define DINACT "INACTIVE="
|
||||||
#define DEXPIRE "EXPIRE="
|
#define DEXPIRE "EXPIRE="
|
||||||
#define DSKEL "SKEL="
|
#define DSKEL "SKEL="
|
||||||
@ -45,7 +35,7 @@ Index: src/useradd.c
|
|||||||
#define DCREATE_MAIL_SPOOL "CREATE_MAIL_SPOOL="
|
#define DCREATE_MAIL_SPOOL "CREATE_MAIL_SPOOL="
|
||||||
|
|
||||||
/* local function prototypes */
|
/* local function prototypes */
|
||||||
@@ -469,6 +474,29 @@ static void get_defaults (void)
|
@@ -481,6 +486,29 @@ static void get_defaults (void)
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -75,7 +65,7 @@ Index: src/useradd.c
|
|||||||
* Create by default user mail spool or not ?
|
* Create by default user mail spool or not ?
|
||||||
*/
|
*/
|
||||||
else if (MATCH (buf, DCREATE_MAIL_SPOOL)) {
|
else if (MATCH (buf, DCREATE_MAIL_SPOOL)) {
|
||||||
@@ -500,6 +528,7 @@ static void show_defaults (void)
|
@@ -512,6 +540,7 @@ static void show_defaults (void)
|
||||||
printf ("EXPIRE=%s\n", def_expire);
|
printf ("EXPIRE=%s\n", def_expire);
|
||||||
printf ("SHELL=%s\n", def_shell);
|
printf ("SHELL=%s\n", def_shell);
|
||||||
printf ("SKEL=%s\n", def_template);
|
printf ("SKEL=%s\n", def_template);
|
||||||
@ -83,7 +73,7 @@ Index: src/useradd.c
|
|||||||
printf ("CREATE_MAIL_SPOOL=%s\n", def_create_mail_spool);
|
printf ("CREATE_MAIL_SPOOL=%s\n", def_create_mail_spool);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -526,6 +555,7 @@ static int set_defaults (void)
|
@@ -538,6 +567,7 @@ static int set_defaults (void)
|
||||||
bool out_expire = false;
|
bool out_expire = false;
|
||||||
bool out_shell = false;
|
bool out_shell = false;
|
||||||
bool out_skel = false;
|
bool out_skel = false;
|
||||||
@ -91,7 +81,7 @@ Index: src/useradd.c
|
|||||||
bool out_create_mail_spool = false;
|
bool out_create_mail_spool = false;
|
||||||
size_t len;
|
size_t len;
|
||||||
int ret = -1;
|
int ret = -1;
|
||||||
@@ -620,6 +650,9 @@ static int set_defaults (void)
|
@@ -632,6 +662,9 @@ static int set_defaults (void)
|
||||||
} else if (!out_skel && MATCH (buf, DSKEL)) {
|
} else if (!out_skel && MATCH (buf, DSKEL)) {
|
||||||
fprintf (ofp, DSKEL "%s\n", def_template);
|
fprintf (ofp, DSKEL "%s\n", def_template);
|
||||||
out_skel = true;
|
out_skel = true;
|
||||||
@ -101,7 +91,7 @@ Index: src/useradd.c
|
|||||||
} else if (!out_create_mail_spool
|
} else if (!out_create_mail_spool
|
||||||
&& MATCH (buf, DCREATE_MAIL_SPOOL)) {
|
&& MATCH (buf, DCREATE_MAIL_SPOOL)) {
|
||||||
fprintf (ofp,
|
fprintf (ofp,
|
||||||
@@ -649,6 +682,8 @@ static int set_defaults (void)
|
@@ -661,6 +694,8 @@ static int set_defaults (void)
|
||||||
fprintf (ofp, DSHELL "%s\n", def_shell);
|
fprintf (ofp, DSHELL "%s\n", def_shell);
|
||||||
if (!out_skel)
|
if (!out_skel)
|
||||||
fprintf (ofp, DSKEL "%s\n", def_template);
|
fprintf (ofp, DSKEL "%s\n", def_template);
|
||||||
@ -110,7 +100,7 @@ Index: src/useradd.c
|
|||||||
|
|
||||||
if (!out_create_mail_spool)
|
if (!out_create_mail_spool)
|
||||||
fprintf (ofp, DCREATE_MAIL_SPOOL "%s\n", def_create_mail_spool);
|
fprintf (ofp, DCREATE_MAIL_SPOOL "%s\n", def_create_mail_spool);
|
||||||
@@ -2507,6 +2542,8 @@ int main (int argc, char **argv)
|
@@ -2679,6 +2714,8 @@ int main (int argc, char **argv)
|
||||||
if (home_added) {
|
if (home_added) {
|
||||||
copy_tree (def_template, prefix_user_home, false, false,
|
copy_tree (def_template, prefix_user_home, false, false,
|
||||||
(uid_t)-1, user_id, (gid_t)-1, user_gid);
|
(uid_t)-1, user_id, (gid_t)-1, user_gid);
|
||||||
|
@ -2,7 +2,7 @@ Index: lib/getdef.c
|
|||||||
===================================================================
|
===================================================================
|
||||||
--- lib/getdef.c.orig
|
--- lib/getdef.c.orig
|
||||||
+++ lib/getdef.c
|
+++ lib/getdef.c
|
||||||
@@ -127,6 +127,8 @@ static struct itemdef def_table[] = {
|
@@ -150,6 +150,8 @@ static struct itemdef def_table[] = {
|
||||||
{"UID_MIN", NULL},
|
{"UID_MIN", NULL},
|
||||||
{"UMASK", NULL},
|
{"UMASK", NULL},
|
||||||
{"USERDEL_CMD", NULL},
|
{"USERDEL_CMD", NULL},
|
||||||
@ -15,7 +15,7 @@ Index: etc/login.defs
|
|||||||
===================================================================
|
===================================================================
|
||||||
--- etc/login.defs.orig
|
--- etc/login.defs.orig
|
||||||
+++ etc/login.defs
|
+++ etc/login.defs
|
||||||
@@ -216,9 +216,25 @@ DEFAULT_HOME yes
|
@@ -270,9 +270,25 @@ NONEXISTENT /nonexistent
|
||||||
# It should remove any at/cron/print jobs etc. owned by
|
# It should remove any at/cron/print jobs etc. owned by
|
||||||
# the user to be removed (passed as the first argument).
|
# the user to be removed (passed as the first argument).
|
||||||
#
|
#
|
||||||
@ -45,7 +45,7 @@ Index: src/userdel.c
|
|||||||
===================================================================
|
===================================================================
|
||||||
--- src/userdel.c.orig
|
--- src/userdel.c.orig
|
||||||
+++ src/userdel.c
|
+++ src/userdel.c
|
||||||
@@ -126,7 +126,7 @@ static void close_files (void);
|
@@ -131,7 +131,7 @@ static void close_files (void);
|
||||||
static void fail_exit (int);
|
static void fail_exit (int);
|
||||||
static void open_files (void);
|
static void open_files (void);
|
||||||
static void update_user (void);
|
static void update_user (void);
|
||||||
@ -54,7 +54,7 @@ Index: src/userdel.c
|
|||||||
|
|
||||||
#ifdef EXTRA_CHECK_HOME_DIR
|
#ifdef EXTRA_CHECK_HOME_DIR
|
||||||
static bool path_prefix (const char *, const char *);
|
static bool path_prefix (const char *, const char *);
|
||||||
@@ -768,13 +768,13 @@ static void update_user (void)
|
@@ -774,13 +774,13 @@ static void update_user (void)
|
||||||
* cron, at, or print jobs.
|
* cron, at, or print jobs.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
@ -70,7 +70,7 @@ Index: src/userdel.c
|
|||||||
if (NULL == cmd) {
|
if (NULL == cmd) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -1214,9 +1214,10 @@ int main (int argc, char **argv)
|
@@ -1225,9 +1225,10 @@ int main (int argc, char **argv)
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -83,7 +83,7 @@ Index: src/userdel.c
|
|||||||
open_files ();
|
open_files ();
|
||||||
update_user ();
|
update_user ();
|
||||||
update_groups ();
|
update_groups ();
|
||||||
@@ -1337,7 +1338,7 @@ int main (int argc, char **argv)
|
@@ -1348,7 +1349,7 @@ int main (int argc, char **argv)
|
||||||
* the entry from /etc/passwd.
|
* the entry from /etc/passwd.
|
||||||
*/
|
*/
|
||||||
if(prefix[0] == '\0')
|
if(prefix[0] == '\0')
|
||||||
@ -91,8 +91,8 @@ Index: src/userdel.c
|
|||||||
+ call_script ("USERDEL_CMD", user_name);
|
+ call_script ("USERDEL_CMD", user_name);
|
||||||
close_files ();
|
close_files ();
|
||||||
|
|
||||||
#ifdef WITH_TCB
|
if (run_parts ("/etc/shadow-maint/userdel-post.d", user_name, "userdel")) {
|
||||||
@@ -1348,6 +1349,9 @@ int main (int argc, char **argv)
|
@@ -1363,6 +1364,9 @@ int main (int argc, char **argv)
|
||||||
nscd_flush_cache ("group");
|
nscd_flush_cache ("group");
|
||||||
sssd_flush_cache (SSSD_DB_PASSWD | SSSD_DB_GROUP);
|
sssd_flush_cache (SSSD_DB_PASSWD | SSSD_DB_GROUP);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user