new upstream version

- use the original file permissions when creating backup (#853102)
This commit is contained in:
Tomas Mraz 2012-09-19 20:33:30 +02:00
parent cae35b95ab
commit 44a40b2f4e
10 changed files with 175 additions and 141 deletions

2
.gitignore vendored
View File

@ -1,3 +1,5 @@
shadow-4.1.4.2.tar.bz2
/shadow-4.1.4.3.tar.bz2
/shadow-4.1.5.tar.bz2
/shadow-4.1.5.1.tar.bz2
/shadow-4.1.5.1.tar.bz2.sig

View File

@ -1,68 +0,0 @@
diff -up shadow-4.1.5/libmisc/chkname.c.goodname shadow-4.1.5/libmisc/chkname.c
--- shadow-4.1.5/libmisc/chkname.c.goodname 2009-04-28 21:14:04.000000000 +0200
+++ shadow-4.1.5/libmisc/chkname.c 2012-03-19 09:52:12.910605026 +0100
@@ -49,20 +49,28 @@
static bool is_valid_name (const char *name)
{
/*
- * User/group names must match [a-z_][a-z0-9_-]*[$]
- */
- if (('\0' == *name) ||
- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
+ * User/group names must match gnu e-regex:
+ * [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
+ *
+ * as a non-POSIX, extension, allow "$" as the last char for
+ * sake of Samba 3.x "add machine script"
+ */
+ if ( ('\0' == *name) ||
+ !((*name >= 'a' && *name <= 'z') ||
+ (*name >= 'A' && *name <= 'Z') ||
+ (*name >= '0' && *name <= '9') ||
+ (*name == '_') || (*name == '.')
+ )) {
return false;
}
while ('\0' != *++name) {
- if (!(( ('a' <= *name) && ('z' >= *name) ) ||
- ( ('0' <= *name) && ('9' >= *name) ) ||
- ('_' == *name) ||
- ('-' == *name) ||
- ( ('$' == *name) && ('\0' == *(name + 1)) )
- )) {
+ if (!( (*name >= 'a' && *name <= 'z') ||
+ (*name >= 'A' && *name <= 'Z') ||
+ (*name >= '0' && *name <= '9') ||
+ (*name == '_') || (*name == '.') || (*name == '-') ||
+ (*name == '$' && *(name + 1) == '\0')
+ )) {
return false;
}
}
diff -up shadow-4.1.5/man/groupadd.8.goodname shadow-4.1.5/man/groupadd.8
--- shadow-4.1.5/man/groupadd.8.goodname 2012-02-12 22:27:42.000000000 +0100
+++ shadow-4.1.5/man/groupadd.8 2012-03-19 09:56:17.113723732 +0100
@@ -181,9 +181,7 @@ Shadow password suite configuration\&.
.RE
.SH "CAVEATS"
.PP
-Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
-.PP
-Groupnames may only be up to 16 characters long\&.
+Groupnames may only be up to 32 characters long\&.
.PP
You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&.
.PP
diff -up shadow-4.1.5/man/useradd.8.goodname shadow-4.1.5/man/useradd.8
--- shadow-4.1.5/man/useradd.8.goodname 2012-02-12 22:28:02.000000000 +0100
+++ shadow-4.1.5/man/useradd.8 2012-03-19 09:52:12.911605018 +0100
@@ -421,8 +421,6 @@ Similarly, if the username already exist
\fBuseradd\fR
will deny the user account creation request\&.
.PP
-Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
-.PP
Usernames may only be up to 32 characters long\&.
.SH "CONFIGURATION"
.PP

View File

@ -1,12 +0,0 @@
diff -up shadow-4.1.5/man/useradd.8.man shadow-4.1.5/man/useradd.8
--- shadow-4.1.5/man/useradd.8.man 2012-03-19 13:06:48.000000000 +0100
+++ shadow-4.1.5/man/useradd.8 2012-03-19 13:07:44.540169270 +0100
@@ -215,7 +215,7 @@ is not enabled, no home directories are
.PP
\fB\-M\fR
.RS 4
-Do no create the user\*(Aqs home directory, even if the system wide setting from
+Do not create the user\*(Aqs home directory, even if the system wide setting from
/etc/login\&.defs
(\fBCREATE_HOME\fR) is set to
\fIyes\fR\&.

View File

@ -1,41 +0,0 @@
diff -up shadow-4.1.5/lib/commonio.c.selinux shadow-4.1.5/lib/commonio.c
--- shadow-4.1.5/lib/commonio.c.selinux 2011-12-09 23:23:16.000000000 +0100
+++ shadow-4.1.5/lib/commonio.c 2012-03-22 16:42:00.952464092 +0100
@@ -977,6 +977,12 @@ int commonio_close (struct commonio_db *
snprintf (buf, sizeof buf, "%s+", db->filename);
+#ifdef WITH_SELINUX
+ if (set_selinux_file_context (buf) != 0) {
+ errors++;
+ }
+#endif
+
db->fp = fopen_set_perms (buf, "w", &sb);
if (NULL == db->fp) {
goto fail;
@@ -1011,6 +1017,12 @@ int commonio_close (struct commonio_db *
goto fail;
}
+#ifdef WITH_SELINUX
+ if (reset_selinux_file_context () != 0) {
+ goto fail;
+ }
+#endif
+
nscd_need_reload = true;
goto success;
fail:
diff -up shadow-4.1.5/src/useradd.c.selinux shadow-4.1.5/src/useradd.c
--- shadow-4.1.5/src/useradd.c.selinux 2012-03-22 16:46:11.007377548 +0100
+++ shadow-4.1.5/src/useradd.c 2012-03-22 16:46:35.037251897 +0100
@@ -2040,7 +2040,7 @@ int main (int argc, char **argv)
if (mflg) {
create_home ();
if (home_added) {
- copy_tree (def_template, user_home, false, false,
+ copy_tree (def_template, user_home, false, true,
(uid_t)-1, user_id, (gid_t)-1, user_gid);
} else {
fprintf (stderr,

View File

@ -0,0 +1,20 @@
diff -up shadow-4.1.5.1/lib/commonio.c.backup-mode shadow-4.1.5.1/lib/commonio.c
--- shadow-4.1.5.1/lib/commonio.c.backup-mode 2012-05-18 21:44:54.000000000 +0200
+++ shadow-4.1.5.1/lib/commonio.c 2012-09-19 20:27:16.089444234 +0200
@@ -301,15 +301,12 @@ static int create_backup (const char *ba
struct utimbuf ub;
FILE *bkfp;
int c;
- mode_t mask;
if (fstat (fileno (fp), &sb) != 0) {
return -1;
}
- mask = umask (077);
- bkfp = fopen (backup, "w");
- (void) umask (mask);
+ bkfp = fopen_set_perms (backup, "w", &sb);
if (NULL == bkfp) {
return -1;
}

View File

@ -0,0 +1,118 @@
diff -up shadow-4.1.5.1/libmisc/chkname.c.goodname shadow-4.1.5.1/libmisc/chkname.c
--- shadow-4.1.5.1/libmisc/chkname.c.goodname 2009-07-13 00:24:45.000000000 +0200
+++ shadow-4.1.5.1/libmisc/chkname.c 2012-09-19 18:43:53.492160653 +0200
@@ -49,20 +49,28 @@
static bool is_valid_name (const char *name)
{
/*
- * User/group names must match [a-z_][a-z0-9_-]*[$]
- */
- if (('\0' == *name) ||
- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
+ * User/group names must match gnu e-regex:
+ * [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
+ *
+ * as a non-POSIX, extension, allow "$" as the last char for
+ * sake of Samba 3.x "add machine script"
+ */
+ if ( ('\0' == *name) ||
+ !((*name >= 'a' && *name <= 'z') ||
+ (*name >= 'A' && *name <= 'Z') ||
+ (*name >= '0' && *name <= '9') ||
+ (*name == '_') || (*name == '.')
+ )) {
return false;
}
while ('\0' != *++name) {
- if (!(( ('a' <= *name) && ('z' >= *name) ) ||
- ( ('0' <= *name) && ('9' >= *name) ) ||
- ('_' == *name) ||
- ('-' == *name) ||
- ( ('$' == *name) && ('\0' == *(name + 1)) )
- )) {
+ if (!( (*name >= 'a' && *name <= 'z') ||
+ (*name >= 'A' && *name <= 'Z') ||
+ (*name >= '0' && *name <= '9') ||
+ (*name == '_') || (*name == '.') || (*name == '-') ||
+ (*name == '$' && *(name + 1) == '\0')
+ )) {
return false;
}
}
diff -up shadow-4.1.5.1/man/groupadd.8.xml.goodname shadow-4.1.5.1/man/groupadd.8.xml
--- shadow-4.1.5.1/man/groupadd.8.xml.goodname 2012-05-25 13:45:27.000000000 +0200
+++ shadow-4.1.5.1/man/groupadd.8.xml 2012-09-19 18:43:53.492160653 +0200
@@ -259,12 +259,6 @@
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>
- Groupnames must start with a lower case letter or an underscore,
- followed by lower case letters, digits, underscores, or dashes.
- They can end with a dollar sign.
- In regular expression terms: [a-z_][a-z0-9_-]*[$]?
- </para>
- <para>
Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long.
</para>
<para>
diff -up shadow-4.1.5.1/man/man8/groupadd.8.goodname shadow-4.1.5.1/man/man8/groupadd.8
--- shadow-4.1.5.1/man/man8/groupadd.8.goodname 2012-05-25 13:58:40.000000000 +0200
+++ shadow-4.1.5.1/man/man8/groupadd.8 2012-09-19 18:44:42.175123079 +0200
@@ -190,9 +190,7 @@ Shadow password suite configuration\&.
.RE
.SH "CAVEATS"
.PP
-Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
-.PP
-Groupnames may only be up to 16 characters long\&.
+Groupnames may only be up to 32 characters long\&.
.PP
You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&.
.PP
diff -up shadow-4.1.5.1/man/man8/useradd.8.goodname shadow-4.1.5.1/man/man8/useradd.8
--- shadow-4.1.5.1/man/man8/useradd.8.goodname 2012-05-25 13:59:28.000000000 +0200
+++ shadow-4.1.5.1/man/man8/useradd.8 2012-09-19 18:46:09.249033949 +0200
@@ -224,7 +224,7 @@ is not enabled, no home directories are
.PP
\fB\-M\fR
.RS 4
-Do no create the user\*(Aqs home directory, even if the system wide setting from
+Do not create the user\*(Aqs home directory, even if the system wide setting from
/etc/login\&.defs
(\fBCREATE_HOME\fR) is set to
\fIyes\fR\&.
@@ -430,8 +430,6 @@ Similarly, if the username already exist
\fBuseradd\fR
will deny the user account creation request\&.
.PP
-Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
-.PP
Usernames may only be up to 32 characters long\&.
.SH "CONFIGURATION"
.PP
diff -up shadow-4.1.5.1/man/useradd.8.xml.goodname shadow-4.1.5.1/man/useradd.8.xml
--- shadow-4.1.5.1/man/useradd.8.xml.goodname 2012-05-25 13:45:29.000000000 +0200
+++ shadow-4.1.5.1/man/useradd.8.xml 2012-09-19 18:43:53.493160675 +0200
@@ -366,7 +366,7 @@
</term>
<listitem>
<para>
- Do no create the user's home directory, even if the system
+ Do not create the user's home directory, even if the system
wide setting from <filename>/etc/login.defs</filename>
(<option>CREATE_HOME</option>) is set to
<replaceable>yes</replaceable>.
@@ -654,12 +654,6 @@
</para>
<para>
- Usernames must start with a lower case letter or an underscore,
- followed by lower case letters, digits, underscores, or dashes.
- They can end with a dollar sign.
- In regular expression terms: [a-z_][a-z0-9_-]*[$]?
- </para>
- <para>
Usernames may only be up to 32 characters long.
</para>
</refsect1>

View File

@ -1,7 +1,7 @@
diff -up shadow-4.1.4.2/man/newusers.8.infoParentDir shadow-4.1.4.2/man/newusers.8
--- shadow-4.1.4.2/man/newusers.8.infoParentDir 2010-04-28 13:44:04.634870854 +0200
+++ shadow-4.1.4.2/man/newusers.8 2010-04-28 13:46:07.190866220 +0200
@@ -88,7 +88,7 @@ This field is copied in the GECOS field
diff -up shadow-4.1.5.1/man/man8/newusers.8.info-parent-dir shadow-4.1.5.1/man/man8/newusers.8
--- shadow-4.1.5.1/man/man8/newusers.8.info-parent-dir 2012-05-25 13:59:09.000000000 +0200
+++ shadow-4.1.5.1/man/man8/newusers.8 2012-09-19 18:47:17.203525237 +0200
@@ -99,7 +99,7 @@ This field is copied in the GECOS field
.RS 4
This field is used to define the home directory of the user\&.
.sp
@ -10,10 +10,10 @@ diff -up shadow-4.1.4.2/man/newusers.8.infoParentDir shadow-4.1.4.2/man/newusers
.sp
If the home directory of an existing user is changed,
\fBnewusers\fR
diff -up shadow-4.1.4.2/man/newusers.8.xml.infoParentDir shadow-4.1.4.2/man/newusers.8.xml
--- shadow-4.1.4.2/man/newusers.8.xml.infoParentDir 2010-04-28 13:48:01.419238133 +0200
+++ shadow-4.1.4.2/man/newusers.8.xml 2010-04-28 13:55:40.499663030 +0200
@@ -192,7 +192,15 @@
diff -up shadow-4.1.5.1/man/newusers.8.xml.info-parent-dir shadow-4.1.5.1/man/newusers.8.xml
--- shadow-4.1.5.1/man/newusers.8.xml.info-parent-dir 2012-05-25 13:45:28.000000000 +0200
+++ shadow-4.1.5.1/man/newusers.8.xml 2012-09-19 18:46:35.651613365 +0200
@@ -216,7 +216,15 @@
<para>
If this field does not specify an existing directory, the
specified directory is created, with ownership set to the

View File

@ -0,0 +1,12 @@
diff -up shadow-4.1.5.1/src/useradd.c.selinux shadow-4.1.5.1/src/useradd.c
--- shadow-4.1.5.1/src/useradd.c.selinux 2012-09-19 18:28:37.662060468 +0200
+++ shadow-4.1.5.1/src/useradd.c 2012-09-19 18:28:37.672060688 +0200
@@ -2040,7 +2040,7 @@ int main (int argc, char **argv)
if (mflg) {
create_home ();
if (home_added) {
- copy_tree (def_template, user_home, false, false,
+ copy_tree (def_template, user_home, false, true,
(uid_t)-1, user_id, (gid_t)-1, user_gid);
} else {
fprintf (stderr,

View File

@ -1,20 +1,20 @@
Summary: Utilities for managing accounts and shadow password files
Name: shadow-utils
Version: 4.1.5
Release: 5%{?dist}
Version: 4.1.5.1
Release: 1%{?dist}
Epoch: 2
URL: http://pkg-shadow.alioth.debian.org/
Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2
Source3: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2.sig
Source1: shadow-utils.login.defs
Source2: shadow-utils.useradd
Patch0: shadow-4.1.5-redhat.patch
Patch1: shadow-4.1.5-goodname.patch
Patch2: shadow-4.1.4.2-infoParentDir.patch
Patch1: shadow-4.1.5.1-goodname.patch
Patch2: shadow-4.1.5.1-info-parent-dir.patch
Patch3: shadow-4.1.5-uflg.patch
Patch4: shadow-4.1.5-man.patch
Patch5: shadow-4.1.5-grremove.patch
Patch6: shadow-4.1.5-selinux.patch
Patch6: shadow-4.1.5.1-selinux.patch
Patch7: shadow-4.1.5-2ndskip.patch
Patch8: shadow-4.1.5.1-backup-mode.patch
License: BSD and GPLv2+
Group: System Environment/Base
BuildRequires: libselinux-devel >= 1.25.2-1
@ -45,13 +45,11 @@ are used for managing group accounts.
%setup -q -n shadow-%{version}
%patch0 -p1 -b .redhat
%patch1 -p1 -b .goodname
%patch2 -p1 -b .infoParentDir
%patch2 -p1 -b .info-parent-dir
%patch3 -p1 -b .uflg
%patch4 -p1 -b .man
%patch5 -p1 -b .grremove
%patch6 -p1 -b .selinux
%patch7 -p1 -b .2ndskip
%patch8 -p1 -b .backup-mode
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
cp -f doc/HOWTO.utf8 doc/HOWTO
@ -206,6 +204,10 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man8/vigr.8*
%changelog
* Wed Sep 19 2012 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-1
- new upstream version
- use the original file permissions when creating backup (#853102)
* Wed Jul 25 2012 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.5-5
- make /etc/default/useradd world-readable (#835137)

View File

@ -1 +1,2 @@
d5f7a588fadb79faeb4b08b1eee82e9a shadow-4.1.5.tar.bz2
a00449aa439c69287b6d472191dc2247 shadow-4.1.5.1.tar.bz2
f16f31f6f5a607b1ffb1aa1aac4c37f2 shadow-4.1.5.1.tar.bz2.sig