SHA256
3
0
forked from pool/shadow

- bsc#1160729: Make valid shell check only a warning

* Add shadow-4.8-shell-check.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/shadow?expand=0&rev=83
This commit is contained in:
Michael Vetter 2020-01-16 13:01:03 +00:00 committed by Git OBS Bridge
parent 9b62b0468b
commit 50741a7c13
3 changed files with 53 additions and 1 deletions

View File

@ -0,0 +1,43 @@
From 4ed08824e511fa5247006c71490b0440e1c17319 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Thu, 16 Jan 2020 12:55:30 +0100
Subject: [PATCH] Make the check for non-executable shell only a warning.
Although it is a good idea to check for an inadvertent typo
in the shell name it is possible that the shell might not be present
on the system yet when the user is added.
---
src/useradd.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/src/useradd.c b/src/useradd.c
index c29ae949..a679392d 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -1328,15 +1328,22 @@ static void process_flags (int argc, char **argv)
if ( ( !VALID (optarg) )
|| ( ('\0' != optarg[0])
&& ('/' != optarg[0])
- && ('*' != optarg[0]) )
- || (stat(optarg, &st) != 0)
- || (S_ISDIR(st.st_mode))
- || (access(optarg, X_OK) != 0)) {
+ && ('*' != optarg[0]) )) {
fprintf (stderr,
_("%s: invalid shell '%s'\n"),
Prog, optarg);
exit (E_BAD_ARG);
}
+ if ( '\0' != optarg[0]
+ && '*' != optarg[0]
+ && strcmp(optarg, "/sbin/nologin") != 0
+ && ( stat(optarg, &st) != 0
+ || S_ISDIR(st.st_mode)
+ || access(optarg, X_OK) != 0)) {
+ fprintf (stderr,
+ _("%s: Warning: missing or non-executable shell '%s'\n"),
+ Prog, optarg);
+ }
user_shell = optarg;
def_shell = optarg;
sflg = true;

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu Jan 16 12:54:39 UTC 2020 - Michael Vetter <mvetter@suse.com>
- bsc#1160729: Make valid shell check only a warning
* Add shadow-4.8-shell-check.patch
-------------------------------------------------------------------
Tue Dec 17 12:43:01 UTC 2019 - Michael Vetter <mvetter@suse.com>

View File

@ -1,7 +1,7 @@
#
# spec file for package shadow
#
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -63,6 +63,8 @@ Patch13: shadow-login_defs-comments.patch
Patch14: shadow-login_defs-suse.patch
# PATCH-FIX-UPSTREAM shadow-4.8-selinux-include.patch mvetter@suse.com -- https://github.com/shadow-maint/shadow/pull/200
Patch15: shadow-4.8-selinux-include.patch
# PATCH-FEATURE mvetter@suse.com -- bsc#1160729 https://github.com/shadow-maint/shadow/pull/210
Patch16: shadow-4.8-shell-check.patch
# PATCH-FIX-SUSE disable_new_audit_function.patch adam.majer@suse.de -- Disable newer libaudit functionality for older distributions.
Patch20: disable_new_audit_function.patch
BuildRequires: audit-devel > 2.3
@ -109,6 +111,7 @@ group accounts.
%patch13
%patch14
%patch15 -p1
%patch16 -p1
%if 0%{?suse_version} < 1330
%patch20 -p1
%endif