upgrade

.cvsignore

@@ -1 +1 @@
-shadow-4.0.12.tar.bz2
+shadow-4.0.13.tar.bz2

shadow-4.0.13-newgrpPwd.patch

@@ -0,0 +1,92 @@
+--- shadow-4.0.13/src/newgrp.c.newgrpPwd	2005-09-15 18:44:12.000000000 +0200
++++ shadow-4.0.13/src/newgrp.c	2005-10-21 16:02:16.000000000 +0200
+@@ -333,25 +333,37 @@ int main (int argc, char **argv)
+ 	}
+ #endif
+ 
+-	/*
+-	 * see if she is a member of this group. If she isn't a member, she
+-	 * needs to provide the group password. If there is no group
+-	 * password, she will be denied access anyway.
+-	 *
+-	 */
+-	if (!is_on_list (grp->gr_mem, name))
+-		needspasswd = 1;
++        /* Needn't password:
++         *      - default user's GID = group ID
++         *      - members of group
++         *      - root
++         * Need password:
++         *      - all others users
++         *
++         * -- Karel Zak <kzak@redhat.com> 2004/03/29
++         */
++	if (getuid ()!=0)
++        {
++                if (grp->gr_gid==pwd->pw_gid)
++                        needspasswd = 0;
++                else if (is_on_list (grp->gr_mem, name))
++                        needspasswd = 0;
++                else
++                        needspasswd = 1;
+ 
+ 	/*
+ 	 * If she does not have either a shadowed password, or a regular
+ 	 * password, and the group has a password, she needs to give the
+ 	 * group password.
+ 	 */
+-	if ((spwd = getspnam (name)))
+-		pwd->pw_passwd = spwd->sp_pwdp;
+-
+-	if (pwd->pw_passwd[0] == '\0' && grp->gr_passwd[0])
+-		needspasswd = 1;
++                if (!needspasswd)
++                {
++                        if ((spwd = getspnam (name)))
++                                pwd->pw_passwd = spwd->sp_pwdp;
++                        if (pwd->pw_passwd[0] == '\0' && grp->gr_passwd[0])
++                                needspasswd = 1;
++                }
++        }
+ 
+ 	/*
+ 	 * Now i see about letting her into the group she requested. If she
+@@ -362,7 +374,21 @@ int main (int argc, char **argv)
+ 	 * Note that she now has to provide the password to her own group,
+ 	 * unless she is listed as a member.  -- JWP
+ 	 */
+-	if (getuid () != 0 && needspasswd) {
++        if (needspasswd) {
++
++                /* note: the original util-linux newgrp didn't ask for pasword if
++                 * there is no password. It's better directly give up.
++                 * -- kzak@redhat.com
++                 */
++		if (grp->gr_passwd==NULL || grp->gr_passwd[0] == '\0') {
++                        /*
++                         * there is no password, print out "Sorry" and give up
++                         */
++                        sleep (1);
++                        fputs (_("Sorry.\n"), stderr);
++			goto failure;
++                }
++
+ 		/*
+ 		 * get the password from her, and set the salt for
+ 		 * the decryption from the group file.
+@@ -378,15 +404,6 @@ int main (int argc, char **argv)
+ 		cpasswd = pw_encrypt (cp, grp->gr_passwd);
+ 		strzero (cp);
+ 
+-		if (grp->gr_passwd[0] == '\0') {
+-			/*
+-			 * there is no password, print out "Sorry" and give up
+-			 */
+-			sleep (1);
+-			fputs (_("Sorry.\n"), stderr);
+-			goto failure;
+-		}
+-
+ 		if (strcmp (cpasswd, grp->gr_passwd) != 0) {
+ 			SYSLOG ((LOG_INFO,
+ 				 "Invalid password for group `%s' from `%s'",

shadow-utils.spec

@@ -6,22 +6,19 @@
 
 Summary: Utilities for managing accounts and shadow password files.
 Name: shadow-utils
-Version: 4.0.12
+Version: 4.0.13
-Release: 4
+Release: 1
 Epoch: 2
 URL: http://shadow.pld.org.pl/
 Source0: ftp://ftp.pld.org.pl/software/shadow/shadow-%{version}.tar.bz2
 Source1: shadow-970616.login.defs
 Source2: shadow-970616.useradd
-Patch0: shadow-4.0.12-redhat.patch
+Patch0: shadow-4.0.13-redhat.patch
 Patch1: shadow-4.0.3-noinst.patch
 Patch2: shadow-4.0.11.1-vipw.patch
-Patch3: shadow-4.0.3-goodname.patch
+Patch3: shadow-4.0.13-goodname.patch
-Patch4: shadow-4.0.11.1-newgrpPwd.patch
+Patch4: shadow-4.0.13-newgrpPwd.patch
-Patch5: shadow-4.0.11.1-isSelinuxEnabled.patch
+Patch5: shadow-4.0.12-lOption.patch
-Patch6: shadow-4.0.11.1-selinux.patch
-Patch7: shadow-4.0.12-audit.patch
-Patch8: shadow-4.0.12-lOption.patch
 License: BSD
 Group: System Environment/Base
 BuildRequires: autoconf, automake, libtool, gettext-devel
@@ -51,10 +48,7 @@ are used for managing group accounts.
 %patch2 -p1 -b .vipw
 %patch3 -p1 -b .goodname
 %patch4 -p1 -b .newgrpPwd
-%patch5 -p1 -b .isSelinuxEnabled
+%patch5 -p1 -b .lOption
-%patch6 -p1 -b .selinux
-%patch7 -p1 -b .audit
-%patch8 -p1 -b .lOption
 
 rm po/*.gmo
 rm po/stamp-po
@@ -108,7 +102,8 @@ autoconf
 	--with-selinux \
 %endif
 	--without-libpam \
-	--disable-shared
+	--disable-shared \
+	--with-libaudit
 make 
 
 %install
@@ -235,6 +230,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/*/man8/faillog.8*
 
 %changelog
+* Fri Oct 21 2005 Peter Vrabec <pvrabec@redhat.com> 2:4.0.13-1
+- upgrade
+
 * Fri Sep 23 2005 Peter Vrabec <pvrabec@redhat.com> 2:4.0.12-4
 - add useradd -l option back, it was removed by mistake
 

sources

@@ -1 +1 @@
-609a417a45827c36ba6e33f9dc785371  shadow-4.0.12.tar.bz2
+5c6a105d89afb0900922260e9c5650cc  shadow-4.0.13.tar.bz2