diff --git a/shadow-4.9-useradd-modify-check-ID-range-for-system-users.patch b/shadow-4.9-useradd-modify-check-ID-range-for-system-users.patch new file mode 100644 index 0000000..ce47bc1 --- /dev/null +++ b/shadow-4.9-useradd-modify-check-ID-range-for-system-users.patch @@ -0,0 +1,19 @@ +diff -up shadow-4.9/src/useradd.c.useradd-modify-check-ID-range-for-system-users shadow-4.9/src/useradd.c +--- shadow-4.9/src/useradd.c.useradd-modify-check-ID-range-for-system-users 2022-04-22 14:50:10.658371270 +0200 ++++ shadow-4.9/src/useradd.c 2022-04-22 14:54:34.810100549 +0200 +@@ -2319,12 +2319,10 @@ static void check_uid_range(int rflg, ui + { + uid_t uid_min ; + uid_t uid_max ; +- if(rflg){ +- uid_min = (uid_t)getdef_ulong("SYS_UID_MIN",101UL); ++ if (rflg) { + uid_max = (uid_t)getdef_ulong("SYS_UID_MAX",getdef_ulong("UID_MIN",1000UL)-1); +- if(uid_min <= uid_max){ +- if(user_id < uid_min || user_id >uid_max) +- fprintf(stderr, _("%s warning: %s's uid %d outside of the SYS_UID_MIN %d and SYS_UID_MAX %d range.\n"), Prog, user_name, user_id, uid_min, uid_max); ++ if (user_id > uid_max) { ++ fprintf(stderr, _("%s warning: %s's uid %d is greater than SYS_UID_MAX %d\n"), Prog, user_name, user_id, uid_max); + } + }else{ + uid_min = (uid_t)getdef_ulong("UID_MIN", 1000UL); diff --git a/shadow-utils.spec b/shadow-utils.spec index aa46a17..3e2ed65 100644 --- a/shadow-utils.spec +++ b/shadow-utils.spec @@ -1,12 +1,12 @@ Summary: Utilities for managing accounts and shadow password files Name: shadow-utils Version: 4.9 -Release: 3%{?dist} +Release: 4%{?dist} Epoch: 2 License: BSD and GPLv2+ URL: https://github.com/shadow-maint/shadow -Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz -Source1: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz.asc +Source0: https://github.com/shadow-maint/shadow/releases/download/v%{version}/shadow-%{version}.tar.xz +Source1: https://github.com/shadow-maint/shadow/releases/download/v%{version}/shadow-%{version}.tar.xz.asc Source2: shadow-utils.useradd Source3: shadow-utils.login.defs Source4: shadow-bsd.txt @@ -67,6 +67,8 @@ Patch22: shadow-4.9-newgrp-fix-segmentation-fault.patch Patch23: shadow-4.9-getsubids.patch # https://github.com/shadow-maint/shadow/commit/a757b458ffb4fb9a40bcbb4f7869449431c67f83 Patch24: shadow-4.9-groupdel-fix-sigsegv-when-passwd-does-not-exist.patch +# https://github.com/shadow-maint/shadow/commit/f1f1678e13aa3ae49bdb139efaa2c5bc53dcfe92 +Patch25: shadow-4.9-useradd-modify-check-ID-range-for-system-users.patch ### Dependencies ### Requires: audit-libs >= 1.6.5 @@ -120,6 +122,7 @@ Utility library that provides a way to manage subid ranges. %package subid-devel Summary: Development package for shadow-utils-subid License: BSD and GPLv2+ +Requires: shadow-utils-subid = %{epoch}:%{version}-%{release} %description subid-devel Development files for shadow-utils-subid. @@ -151,6 +154,7 @@ Development files for shadow-utils-subid. %patch22 -p1 -b .newgrp-fix-segmentation-fault %patch23 -p1 -b .getsubids %patch24 -p1 -b .groupdel-fix-sigsegv-when-passwd-does-not-exist +%patch25 -p1 -b .useradd-modify-check-ID-range-for-system-users iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 cp -f doc/HOWTO.utf8 doc/HOWTO @@ -321,6 +325,11 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la %{_libdir}/libsubid.so %changelog +* Fri Apr 22 2022 Iker Pedrosa - 2:4.9-4 +- useradd: modify check ID range for system users. Resolves: #2004911 +- Fix release sources +- Add subid requirement for subid-devel + * Thu Dec 2 2021 Iker Pedrosa - 2:4.9-3 - getsubids: provide system binary and man page. Resolves: #2013015 - useradd: generate home and mail directories with selinux user attribute. Resolves: #1993081