forked from pool/shadow
Accepting request 833343 from home:sbrabec:branches:util-linux-multibuild
- login.defs: Add support for new util-linux-2.36 login variable MOTD_FIRSTONLY (shadow-util-linux.patch). - shadow-login_defs-comments.patch: Remove duplicated LASTLOG_UID_MAX. - shadow-login_defs-check.sh: Update for new build system. - shadow-util-linux.patch: Restore lost chunk: SYSLOG_SU_ENAB is not used in SUSE Linux. - Refresh shadow-login_defs-suse.patch and shadow-login_defs-comments.patch. OBS-URL: https://build.opensuse.org/request/show/833343 OBS-URL: https://build.opensuse.org/package/show/Base:System/shadow?expand=0&rev=90
This commit is contained in:
parent
57f8487ce4
commit
a52384dc01
@ -104,7 +104,7 @@ LC_ALL=C sort -u ../../shadow-login_defs-check-login_defs.lst >../../shadow-logi
|
||||
|
||||
echo "Extracting variables from lib/getdef.c..."
|
||||
# Extract variables referenced in lib/getdef.c using current defines.
|
||||
sed -n 's/^\(},\|\) {"\([A-Z0-9_]*\)", /\2/p' <lib/getdef.o >../../shadow-login_defs-check-getdef.lst
|
||||
sed -n 's/^\(},\|\) {"\([A-Z0-9_]*\)", /\2/p' <lib/libshadow_la-getdef.o >../../shadow-login_defs-check-getdef.lst
|
||||
LC_ALL=C sort -u ../../shadow-login_defs-check-getdef.lst >../../shadow-login_defs-check-getdef-sorted.lst
|
||||
|
||||
echo "Extracting variables from shadow..."
|
||||
|
@ -13,7 +13,23 @@ Index: etc/login.defs
|
||||
|
||||
#
|
||||
# Delay in seconds before being allowed another attempt after a login failure
|
||||
@@ -47,6 +45,15 @@ CONSOLE /etc/securetty
|
||||
@@ -23,15 +21,6 @@ LOG_UNKFAIL_ENAB no
|
||||
#
|
||||
|
||||
#
|
||||
-# Limit the highest user ID number for which the lastlog entries should
|
||||
-# be updated.
|
||||
-#
|
||||
-# No LASTLOG_UID_MAX means that there is no user ID limit for writing
|
||||
-# lastlog entries.
|
||||
-#
|
||||
-#LASTLOG_UID_MAX
|
||||
-
|
||||
-#
|
||||
# Enable "syslog" logging of newgrp(1) and sg(1) activity - in addition
|
||||
# to sulog file logging.
|
||||
#
|
||||
@@ -46,6 +35,15 @@ CONSOLE /etc/securetty
|
||||
#CONSOLE console:tty01:tty02:tty03:tty04
|
||||
|
||||
#
|
||||
@ -29,7 +45,7 @@ Index: etc/login.defs
|
||||
# If defined, all su(1) activity is logged to this file.
|
||||
#
|
||||
#SULOG_FILE /var/log/sulog
|
||||
@@ -94,11 +101,14 @@ ENV_PATH /bin:/usr/bin
|
||||
@@ -99,11 +97,14 @@ ENV_PATH /bin:/usr/bin
|
||||
ENV_ROOTPATH /sbin:/bin:/usr/sbin:/usr/bin
|
||||
#ENV_SUPATH /sbin:/bin:/usr/sbin:/usr/bin
|
||||
|
||||
@ -46,7 +62,7 @@ Index: etc/login.defs
|
||||
ALWAYS_SET_PATH no
|
||||
|
||||
#
|
||||
@@ -138,6 +148,11 @@ PASS_WARN_AGE 7
|
||||
@@ -148,6 +149,11 @@ PASS_WARN_AGE 7
|
||||
#
|
||||
# Min/max values for automatic uid selection in useradd(8)
|
||||
#
|
||||
@ -58,7 +74,7 @@ Index: etc/login.defs
|
||||
UID_MIN 1000
|
||||
UID_MAX 60000
|
||||
# System accounts
|
||||
@@ -151,6 +166,11 @@ SUB_UID_COUNT 65536
|
||||
@@ -161,6 +167,11 @@ SUB_UID_COUNT 65536
|
||||
#
|
||||
# Min/max values for automatic gid selection in groupadd(8)
|
||||
#
|
||||
@ -70,7 +86,7 @@ Index: etc/login.defs
|
||||
GID_MIN 1000
|
||||
GID_MAX 60000
|
||||
# System accounts
|
||||
@@ -180,7 +200,6 @@ LOGIN_TIMEOUT 60
|
||||
@@ -190,7 +201,6 @@ LOGIN_TIMEOUT 60
|
||||
CHFN_RESTRICT rwh
|
||||
|
||||
#
|
||||
@ -78,7 +94,7 @@ Index: etc/login.defs
|
||||
# If set to "yes", new passwords will be encrypted using the MD5-based
|
||||
# algorithm compatible with the one used by recent releases of FreeBSD.
|
||||
# It supports passwords of unlimited length and longer salt strings.
|
||||
@@ -195,7 +214,6 @@ CHFN_RESTRICT rwh
|
||||
@@ -205,7 +215,6 @@ CHFN_RESTRICT rwh
|
||||
#MD5_CRYPT_ENAB no
|
||||
|
||||
#
|
||||
|
@ -14,7 +14,7 @@ Index: etc/login.defs
|
||||
|
||||
#
|
||||
# Delay in seconds before being allowed another attempt after a login failure
|
||||
@@ -47,8 +50,7 @@ CONSOLE /etc/securetty
|
||||
@@ -62,8 +65,7 @@ CONSOLE /etc/securetty
|
||||
# If defined, ":" delimited list of "message of the day" files to
|
||||
# be displayed upon login.
|
||||
#
|
||||
@ -23,8 +23,8 @@ Index: etc/login.defs
|
||||
+#MOTD_FILE /etc/motd:/usr/share/misc/motd
|
||||
|
||||
#
|
||||
# If defined, file which maps tty line to TERM environment parameter.
|
||||
@@ -62,8 +64,8 @@ MOTD_FILE /etc/motd
|
||||
# If set to "yes", login stops display content specified by MOTD_FILE after
|
||||
@@ -83,8 +85,8 @@ MOTD_FILE /etc/motd
|
||||
# user's name or shell are found in the file. If not a full pathname, then
|
||||
# hushed mode will be enabled if the file exists in the user's home directory.
|
||||
#
|
||||
@ -35,7 +35,7 @@ Index: etc/login.defs
|
||||
|
||||
# If this variable is set to "yes", hostname will be suppressed in the
|
||||
# login: prompt.
|
||||
@@ -82,9 +84,9 @@ HUSHLOGIN_FILE .hushlogin
|
||||
@@ -103,9 +105,9 @@ HUSHLOGIN_FILE .hushlogin
|
||||
# ENV_SUPATH is an ENV_ROOTPATH override for su and runuser
|
||||
# (and falback for login).
|
||||
#
|
||||
@ -48,7 +48,7 @@ Index: etc/login.defs
|
||||
|
||||
# If this variable is set to "yes" (default is "no"), su will always set
|
||||
# path. every su call will overwrite the PATH variable.
|
||||
@@ -94,7 +96,7 @@ ENV_ROOTPATH /sbin:/bin:/usr/sbin:/usr/b
|
||||
@@ -115,7 +117,7 @@ ENV_ROOTPATH /sbin:/bin:/usr/sbin:/usr/b
|
||||
# The recommended value is "yes". The default "no" behavior could have
|
||||
# a security implication in applications that use commands without path.
|
||||
#
|
||||
@ -57,7 +57,7 @@ Index: etc/login.defs
|
||||
|
||||
#
|
||||
# Terminal permissions
|
||||
@@ -108,7 +110,7 @@ ALWAYS_SET_PATH no
|
||||
@@ -129,7 +131,7 @@ ALWAYS_SET_PATH no
|
||||
# set TTYPERM to either 622 or 600.
|
||||
#
|
||||
TTYGROUP tty
|
||||
@ -66,7 +66,7 @@ Index: etc/login.defs
|
||||
|
||||
# Default initial "umask" value used by login(1) on non-PAM enabled systems.
|
||||
# Default "umask" value for pam_umask(8) on PAM enabled systems.
|
||||
@@ -141,8 +143,8 @@ PASS_WARN_AGE 7
|
||||
@@ -167,8 +169,8 @@ PASS_WARN_AGE 7
|
||||
UID_MIN 1000
|
||||
UID_MAX 60000
|
||||
# System accounts
|
||||
@ -77,7 +77,7 @@ Index: etc/login.defs
|
||||
# Extra per user uids
|
||||
SUB_UID_MIN 100000
|
||||
SUB_UID_MAX 600100000
|
||||
@@ -159,8 +161,8 @@ SUB_UID_COUNT 65536
|
||||
@@ -185,8 +187,8 @@ SUB_UID_COUNT 65536
|
||||
GID_MIN 1000
|
||||
GID_MAX 60000
|
||||
# System accounts
|
||||
@ -88,7 +88,7 @@ Index: etc/login.defs
|
||||
# Extra per user group ids
|
||||
SUB_GID_MIN 100000
|
||||
SUB_GID_MAX 600100000
|
||||
@@ -169,7 +171,7 @@ SUB_GID_COUNT 65536
|
||||
@@ -195,7 +197,7 @@ SUB_GID_COUNT 65536
|
||||
#
|
||||
# Max number of login(1) retries if password is bad
|
||||
#
|
||||
@ -97,7 +97,7 @@ Index: etc/login.defs
|
||||
|
||||
#
|
||||
# Max time in seconds for login(1)
|
||||
@@ -185,18 +187,9 @@ LOGIN_TIMEOUT 60
|
||||
@@ -211,18 +213,9 @@ LOGIN_TIMEOUT 60
|
||||
CHFN_RESTRICT rwh
|
||||
|
||||
#
|
||||
@ -118,7 +118,7 @@ Index: etc/login.defs
|
||||
|
||||
#
|
||||
# If set to MD5, MD5-based algorithm will be used for encrypting password
|
||||
@@ -210,7 +203,7 @@ CHFN_RESTRICT rwh
|
||||
@@ -235,7 +228,7 @@ CHFN_RESTRICT rwh
|
||||
# Note: If you use PAM, it is recommended to use a value consistent with
|
||||
# the PAM modules configuration.
|
||||
#
|
||||
@ -127,7 +127,7 @@ Index: etc/login.defs
|
||||
|
||||
#
|
||||
# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
|
||||
@@ -268,7 +261,7 @@ USERDEL_POSTCMD /usr/sbin/userde
|
||||
@@ -311,7 +304,7 @@ USERDEL_POSTCMD /usr/sbin/userde
|
||||
#
|
||||
# This also enables userdel(8) to remove user groups if no members exist.
|
||||
#
|
||||
@ -136,7 +136,7 @@ Index: etc/login.defs
|
||||
|
||||
#
|
||||
# If set to a non-zero number, the shadow utilities will make sure that
|
||||
@@ -291,13 +284,13 @@ USERGROUPS_ENAB yes
|
||||
@@ -330,13 +323,13 @@ USERGROUPS_ENAB yes
|
||||
# This option is overridden with the -M or -m flags on the useradd(8)
|
||||
# command-line.
|
||||
#
|
||||
|
@ -27,7 +27,33 @@ Index: etc/login.defs
|
||||
|
||||
#
|
||||
# Limit the highest user ID number for which the lastlog entries should
|
||||
@@ -72,12 +73,33 @@ MOTD_FILE /etc/motd
|
||||
@@ -31,10 +32,9 @@ LOG_OK_LOGINS no
|
||||
#LASTLOG_UID_MAX
|
||||
|
||||
#
|
||||
-# Enable "syslog" logging of su(1) activity - in addition to sulog file logging.
|
||||
-# SYSLOG_SG_ENAB does the same for newgrp(1) and sg(1).
|
||||
+# Enable "syslog" logging of newgrp(1) and sg(1) activity - in addition
|
||||
+# to sulog file logging.
|
||||
#
|
||||
-SYSLOG_SU_ENAB yes
|
||||
SYSLOG_SG_ENAB yes
|
||||
|
||||
#
|
||||
@@ -58,6 +58,12 @@ MOTD_FILE /etc/motd
|
||||
#MOTD_FILE /etc/motd:/usr/lib/news/news-motd
|
||||
|
||||
#
|
||||
+# If set to "yes", login stops display content specified by MOTD_FILE after
|
||||
+# the first accessible item in the list.
|
||||
+#
|
||||
+#MOTD_FIRSTONLY no
|
||||
+
|
||||
+#
|
||||
# If defined, file which maps tty line to TERM environment parameter.
|
||||
# Each line of the file is in a format similar to "vt100 tty01".
|
||||
#
|
||||
@@ -72,12 +78,33 @@ MOTD_FILE /etc/motd
|
||||
HUSHLOGIN_FILE .hushlogin
|
||||
#HUSHLOGIN_FILE /etc/hushlogins
|
||||
|
||||
@ -63,7 +89,7 @@ Index: etc/login.defs
|
||||
|
||||
#
|
||||
# Terminal permissions
|
||||
@@ -93,19 +115,6 @@ ENV_PATH PATH=/bin:/usr/bin
|
||||
@@ -93,19 +120,6 @@ ENV_PATH PATH=/bin:/usr/bin
|
||||
TTYGROUP tty
|
||||
TTYPERM 0600
|
||||
|
||||
@ -87,7 +113,15 @@ Index: lib/getdef.c
|
||||
===================================================================
|
||||
--- lib/getdef.c.orig
|
||||
+++ lib/getdef.c
|
||||
@@ -80,6 +80,7 @@ struct itemdef {
|
||||
@@ -66,6 +66,7 @@ struct itemdef {
|
||||
{"LOGIN_STRING", NULL}, \
|
||||
{"MAIL_CHECK_ENAB", NULL}, \
|
||||
{"MOTD_FILE", NULL}, \
|
||||
+ {"MOTD_FIRSTONLY", NULL}, \
|
||||
{"NOLOGINS_FILE", NULL}, \
|
||||
{"OBSCURE_CHECKS_ENAB", NULL}, \
|
||||
{"PASS_ALWAYS_WARN", NULL}, \
|
||||
@@ -80,6 +81,7 @@ struct itemdef {
|
||||
|
||||
#define NUMDEFS (sizeof(def_table)/sizeof(def_table[0]))
|
||||
static struct itemdef def_table[] = {
|
||||
@ -95,7 +129,7 @@ Index: lib/getdef.c
|
||||
{"CHARACTER_CLASS", NULL},
|
||||
{"CHFN_RESTRICT", NULL},
|
||||
{"CONSOLE_GROUPS", NULL},
|
||||
@@ -88,6 +89,7 @@ static struct itemdef def_table[] = {
|
||||
@@ -88,6 +90,7 @@ static struct itemdef def_table[] = {
|
||||
{"DEFAULT_HOME", NULL},
|
||||
{"ENCRYPT_METHOD", NULL},
|
||||
{"ENV_PATH", NULL},
|
||||
@ -103,7 +137,7 @@ Index: lib/getdef.c
|
||||
{"ENV_SUPATH", NULL},
|
||||
{"ERASECHAR", NULL},
|
||||
{"FAIL_DELAY", NULL},
|
||||
@@ -98,6 +100,7 @@ static struct itemdef def_table[] = {
|
||||
@@ -99,6 +102,7 @@ static struct itemdef def_table[] = {
|
||||
{"KILLCHAR", NULL},
|
||||
{"LASTLOG_UID_MAX", NULL},
|
||||
{"LOGIN_RETRIES", NULL},
|
||||
|
@ -1,3 +1,16 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Sep 8 00:56:37 UTC 2020 - Stanislav Brabec <sbrabec@suse.com>
|
||||
|
||||
- login.defs: Add support for new util-linux-2.36 login variable
|
||||
MOTD_FIRSTONLY (shadow-util-linux.patch).
|
||||
- shadow-login_defs-comments.patch: Remove duplicated
|
||||
LASTLOG_UID_MAX.
|
||||
- shadow-login_defs-check.sh: Update for new build system.
|
||||
- shadow-util-linux.patch: Restore lost chunk: SYSLOG_SU_ENAB is
|
||||
not used in SUSE Linux.
|
||||
- Refresh shadow-login_defs-suse.patch and
|
||||
shadow-login_defs-comments.patch.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri May 22 11:21:15 UTC 2020 - Fabian Vogt <fvogt@suse.com>
|
||||
|
||||
|
@ -86,7 +86,7 @@ Obsoletes: pwdutils <= 3.2.19
|
||||
# encryption_method_nis.patch has to be ported!
|
||||
# Call shadow-login_defs-check.sh before!
|
||||
Provides: login_defs-support-for-pam = 1.3.1
|
||||
Provides: login_defs-support-for-util-linux = 2.33.1
|
||||
Provides: login_defs-support-for-util-linux = 2.36
|
||||
Provides: useradd_or_adduser_dep
|
||||
|
||||
%description
|
||||
|
Loading…
Reference in New Issue
Block a user