new upstream version
- use the original file permissions when creating backup (#853102)
This commit is contained in:
parent
cae35b95ab
commit
44a40b2f4e
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,3 +1,5 @@
|
||||
shadow-4.1.4.2.tar.bz2
|
||||
/shadow-4.1.4.3.tar.bz2
|
||||
/shadow-4.1.5.tar.bz2
|
||||
/shadow-4.1.5.1.tar.bz2
|
||||
/shadow-4.1.5.1.tar.bz2.sig
|
||||
|
@ -1,68 +0,0 @@
|
||||
diff -up shadow-4.1.5/libmisc/chkname.c.goodname shadow-4.1.5/libmisc/chkname.c
|
||||
--- shadow-4.1.5/libmisc/chkname.c.goodname 2009-04-28 21:14:04.000000000 +0200
|
||||
+++ shadow-4.1.5/libmisc/chkname.c 2012-03-19 09:52:12.910605026 +0100
|
||||
@@ -49,20 +49,28 @@
|
||||
static bool is_valid_name (const char *name)
|
||||
{
|
||||
/*
|
||||
- * User/group names must match [a-z_][a-z0-9_-]*[$]
|
||||
- */
|
||||
- if (('\0' == *name) ||
|
||||
- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
|
||||
+ * User/group names must match gnu e-regex:
|
||||
+ * [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
|
||||
+ *
|
||||
+ * as a non-POSIX, extension, allow "$" as the last char for
|
||||
+ * sake of Samba 3.x "add machine script"
|
||||
+ */
|
||||
+ if ( ('\0' == *name) ||
|
||||
+ !((*name >= 'a' && *name <= 'z') ||
|
||||
+ (*name >= 'A' && *name <= 'Z') ||
|
||||
+ (*name >= '0' && *name <= '9') ||
|
||||
+ (*name == '_') || (*name == '.')
|
||||
+ )) {
|
||||
return false;
|
||||
}
|
||||
|
||||
while ('\0' != *++name) {
|
||||
- if (!(( ('a' <= *name) && ('z' >= *name) ) ||
|
||||
- ( ('0' <= *name) && ('9' >= *name) ) ||
|
||||
- ('_' == *name) ||
|
||||
- ('-' == *name) ||
|
||||
- ( ('$' == *name) && ('\0' == *(name + 1)) )
|
||||
- )) {
|
||||
+ if (!( (*name >= 'a' && *name <= 'z') ||
|
||||
+ (*name >= 'A' && *name <= 'Z') ||
|
||||
+ (*name >= '0' && *name <= '9') ||
|
||||
+ (*name == '_') || (*name == '.') || (*name == '-') ||
|
||||
+ (*name == '$' && *(name + 1) == '\0')
|
||||
+ )) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
diff -up shadow-4.1.5/man/groupadd.8.goodname shadow-4.1.5/man/groupadd.8
|
||||
--- shadow-4.1.5/man/groupadd.8.goodname 2012-02-12 22:27:42.000000000 +0100
|
||||
+++ shadow-4.1.5/man/groupadd.8 2012-03-19 09:56:17.113723732 +0100
|
||||
@@ -181,9 +181,7 @@ Shadow password suite configuration\&.
|
||||
.RE
|
||||
.SH "CAVEATS"
|
||||
.PP
|
||||
-Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
|
||||
-.PP
|
||||
-Groupnames may only be up to 16 characters long\&.
|
||||
+Groupnames may only be up to 32 characters long\&.
|
||||
.PP
|
||||
You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&.
|
||||
.PP
|
||||
diff -up shadow-4.1.5/man/useradd.8.goodname shadow-4.1.5/man/useradd.8
|
||||
--- shadow-4.1.5/man/useradd.8.goodname 2012-02-12 22:28:02.000000000 +0100
|
||||
+++ shadow-4.1.5/man/useradd.8 2012-03-19 09:52:12.911605018 +0100
|
||||
@@ -421,8 +421,6 @@ Similarly, if the username already exist
|
||||
\fBuseradd\fR
|
||||
will deny the user account creation request\&.
|
||||
.PP
|
||||
-Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
|
||||
-.PP
|
||||
Usernames may only be up to 32 characters long\&.
|
||||
.SH "CONFIGURATION"
|
||||
.PP
|
@ -1,12 +0,0 @@
|
||||
diff -up shadow-4.1.5/man/useradd.8.man shadow-4.1.5/man/useradd.8
|
||||
--- shadow-4.1.5/man/useradd.8.man 2012-03-19 13:06:48.000000000 +0100
|
||||
+++ shadow-4.1.5/man/useradd.8 2012-03-19 13:07:44.540169270 +0100
|
||||
@@ -215,7 +215,7 @@ is not enabled, no home directories are
|
||||
.PP
|
||||
\fB\-M\fR
|
||||
.RS 4
|
||||
-Do no create the user\*(Aqs home directory, even if the system wide setting from
|
||||
+Do not create the user\*(Aqs home directory, even if the system wide setting from
|
||||
/etc/login\&.defs
|
||||
(\fBCREATE_HOME\fR) is set to
|
||||
\fIyes\fR\&.
|
@ -1,41 +0,0 @@
|
||||
diff -up shadow-4.1.5/lib/commonio.c.selinux shadow-4.1.5/lib/commonio.c
|
||||
--- shadow-4.1.5/lib/commonio.c.selinux 2011-12-09 23:23:16.000000000 +0100
|
||||
+++ shadow-4.1.5/lib/commonio.c 2012-03-22 16:42:00.952464092 +0100
|
||||
@@ -977,6 +977,12 @@ int commonio_close (struct commonio_db *
|
||||
|
||||
snprintf (buf, sizeof buf, "%s+", db->filename);
|
||||
|
||||
+#ifdef WITH_SELINUX
|
||||
+ if (set_selinux_file_context (buf) != 0) {
|
||||
+ errors++;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
db->fp = fopen_set_perms (buf, "w", &sb);
|
||||
if (NULL == db->fp) {
|
||||
goto fail;
|
||||
@@ -1011,6 +1017,12 @@ int commonio_close (struct commonio_db *
|
||||
goto fail;
|
||||
}
|
||||
|
||||
+#ifdef WITH_SELINUX
|
||||
+ if (reset_selinux_file_context () != 0) {
|
||||
+ goto fail;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
nscd_need_reload = true;
|
||||
goto success;
|
||||
fail:
|
||||
diff -up shadow-4.1.5/src/useradd.c.selinux shadow-4.1.5/src/useradd.c
|
||||
--- shadow-4.1.5/src/useradd.c.selinux 2012-03-22 16:46:11.007377548 +0100
|
||||
+++ shadow-4.1.5/src/useradd.c 2012-03-22 16:46:35.037251897 +0100
|
||||
@@ -2040,7 +2040,7 @@ int main (int argc, char **argv)
|
||||
if (mflg) {
|
||||
create_home ();
|
||||
if (home_added) {
|
||||
- copy_tree (def_template, user_home, false, false,
|
||||
+ copy_tree (def_template, user_home, false, true,
|
||||
(uid_t)-1, user_id, (gid_t)-1, user_gid);
|
||||
} else {
|
||||
fprintf (stderr,
|
20
shadow-4.1.5.1-backup-mode.patch
Normal file
20
shadow-4.1.5.1-backup-mode.patch
Normal file
@ -0,0 +1,20 @@
|
||||
diff -up shadow-4.1.5.1/lib/commonio.c.backup-mode shadow-4.1.5.1/lib/commonio.c
|
||||
--- shadow-4.1.5.1/lib/commonio.c.backup-mode 2012-05-18 21:44:54.000000000 +0200
|
||||
+++ shadow-4.1.5.1/lib/commonio.c 2012-09-19 20:27:16.089444234 +0200
|
||||
@@ -301,15 +301,12 @@ static int create_backup (const char *ba
|
||||
struct utimbuf ub;
|
||||
FILE *bkfp;
|
||||
int c;
|
||||
- mode_t mask;
|
||||
|
||||
if (fstat (fileno (fp), &sb) != 0) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
- mask = umask (077);
|
||||
- bkfp = fopen (backup, "w");
|
||||
- (void) umask (mask);
|
||||
+ bkfp = fopen_set_perms (backup, "w", &sb);
|
||||
if (NULL == bkfp) {
|
||||
return -1;
|
||||
}
|
118
shadow-4.1.5.1-goodname.patch
Normal file
118
shadow-4.1.5.1-goodname.patch
Normal file
@ -0,0 +1,118 @@
|
||||
diff -up shadow-4.1.5.1/libmisc/chkname.c.goodname shadow-4.1.5.1/libmisc/chkname.c
|
||||
--- shadow-4.1.5.1/libmisc/chkname.c.goodname 2009-07-13 00:24:45.000000000 +0200
|
||||
+++ shadow-4.1.5.1/libmisc/chkname.c 2012-09-19 18:43:53.492160653 +0200
|
||||
@@ -49,20 +49,28 @@
|
||||
static bool is_valid_name (const char *name)
|
||||
{
|
||||
/*
|
||||
- * User/group names must match [a-z_][a-z0-9_-]*[$]
|
||||
- */
|
||||
- if (('\0' == *name) ||
|
||||
- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
|
||||
+ * User/group names must match gnu e-regex:
|
||||
+ * [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
|
||||
+ *
|
||||
+ * as a non-POSIX, extension, allow "$" as the last char for
|
||||
+ * sake of Samba 3.x "add machine script"
|
||||
+ */
|
||||
+ if ( ('\0' == *name) ||
|
||||
+ !((*name >= 'a' && *name <= 'z') ||
|
||||
+ (*name >= 'A' && *name <= 'Z') ||
|
||||
+ (*name >= '0' && *name <= '9') ||
|
||||
+ (*name == '_') || (*name == '.')
|
||||
+ )) {
|
||||
return false;
|
||||
}
|
||||
|
||||
while ('\0' != *++name) {
|
||||
- if (!(( ('a' <= *name) && ('z' >= *name) ) ||
|
||||
- ( ('0' <= *name) && ('9' >= *name) ) ||
|
||||
- ('_' == *name) ||
|
||||
- ('-' == *name) ||
|
||||
- ( ('$' == *name) && ('\0' == *(name + 1)) )
|
||||
- )) {
|
||||
+ if (!( (*name >= 'a' && *name <= 'z') ||
|
||||
+ (*name >= 'A' && *name <= 'Z') ||
|
||||
+ (*name >= '0' && *name <= '9') ||
|
||||
+ (*name == '_') || (*name == '.') || (*name == '-') ||
|
||||
+ (*name == '$' && *(name + 1) == '\0')
|
||||
+ )) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
diff -up shadow-4.1.5.1/man/groupadd.8.xml.goodname shadow-4.1.5.1/man/groupadd.8.xml
|
||||
--- shadow-4.1.5.1/man/groupadd.8.xml.goodname 2012-05-25 13:45:27.000000000 +0200
|
||||
+++ shadow-4.1.5.1/man/groupadd.8.xml 2012-09-19 18:43:53.492160653 +0200
|
||||
@@ -259,12 +259,6 @@
|
||||
<refsect1 id='caveats'>
|
||||
<title>CAVEATS</title>
|
||||
<para>
|
||||
- Groupnames must start with a lower case letter or an underscore,
|
||||
- followed by lower case letters, digits, underscores, or dashes.
|
||||
- They can end with a dollar sign.
|
||||
- In regular expression terms: [a-z_][a-z0-9_-]*[$]?
|
||||
- </para>
|
||||
- <para>
|
||||
Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long.
|
||||
</para>
|
||||
<para>
|
||||
diff -up shadow-4.1.5.1/man/man8/groupadd.8.goodname shadow-4.1.5.1/man/man8/groupadd.8
|
||||
--- shadow-4.1.5.1/man/man8/groupadd.8.goodname 2012-05-25 13:58:40.000000000 +0200
|
||||
+++ shadow-4.1.5.1/man/man8/groupadd.8 2012-09-19 18:44:42.175123079 +0200
|
||||
@@ -190,9 +190,7 @@ Shadow password suite configuration\&.
|
||||
.RE
|
||||
.SH "CAVEATS"
|
||||
.PP
|
||||
-Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
|
||||
-.PP
|
||||
-Groupnames may only be up to 16 characters long\&.
|
||||
+Groupnames may only be up to 32 characters long\&.
|
||||
.PP
|
||||
You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&.
|
||||
.PP
|
||||
diff -up shadow-4.1.5.1/man/man8/useradd.8.goodname shadow-4.1.5.1/man/man8/useradd.8
|
||||
--- shadow-4.1.5.1/man/man8/useradd.8.goodname 2012-05-25 13:59:28.000000000 +0200
|
||||
+++ shadow-4.1.5.1/man/man8/useradd.8 2012-09-19 18:46:09.249033949 +0200
|
||||
@@ -224,7 +224,7 @@ is not enabled, no home directories are
|
||||
.PP
|
||||
\fB\-M\fR
|
||||
.RS 4
|
||||
-Do no create the user\*(Aqs home directory, even if the system wide setting from
|
||||
+Do not create the user\*(Aqs home directory, even if the system wide setting from
|
||||
/etc/login\&.defs
|
||||
(\fBCREATE_HOME\fR) is set to
|
||||
\fIyes\fR\&.
|
||||
@@ -430,8 +430,6 @@ Similarly, if the username already exist
|
||||
\fBuseradd\fR
|
||||
will deny the user account creation request\&.
|
||||
.PP
|
||||
-Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
|
||||
-.PP
|
||||
Usernames may only be up to 32 characters long\&.
|
||||
.SH "CONFIGURATION"
|
||||
.PP
|
||||
diff -up shadow-4.1.5.1/man/useradd.8.xml.goodname shadow-4.1.5.1/man/useradd.8.xml
|
||||
--- shadow-4.1.5.1/man/useradd.8.xml.goodname 2012-05-25 13:45:29.000000000 +0200
|
||||
+++ shadow-4.1.5.1/man/useradd.8.xml 2012-09-19 18:43:53.493160675 +0200
|
||||
@@ -366,7 +366,7 @@
|
||||
</term>
|
||||
<listitem>
|
||||
<para>
|
||||
- Do no create the user's home directory, even if the system
|
||||
+ Do not create the user's home directory, even if the system
|
||||
wide setting from <filename>/etc/login.defs</filename>
|
||||
(<option>CREATE_HOME</option>) is set to
|
||||
<replaceable>yes</replaceable>.
|
||||
@@ -654,12 +654,6 @@
|
||||
</para>
|
||||
|
||||
<para>
|
||||
- Usernames must start with a lower case letter or an underscore,
|
||||
- followed by lower case letters, digits, underscores, or dashes.
|
||||
- They can end with a dollar sign.
|
||||
- In regular expression terms: [a-z_][a-z0-9_-]*[$]?
|
||||
- </para>
|
||||
- <para>
|
||||
Usernames may only be up to 32 characters long.
|
||||
</para>
|
||||
</refsect1>
|
@ -1,7 +1,7 @@
|
||||
diff -up shadow-4.1.4.2/man/newusers.8.infoParentDir shadow-4.1.4.2/man/newusers.8
|
||||
--- shadow-4.1.4.2/man/newusers.8.infoParentDir 2010-04-28 13:44:04.634870854 +0200
|
||||
+++ shadow-4.1.4.2/man/newusers.8 2010-04-28 13:46:07.190866220 +0200
|
||||
@@ -88,7 +88,7 @@ This field is copied in the GECOS field
|
||||
diff -up shadow-4.1.5.1/man/man8/newusers.8.info-parent-dir shadow-4.1.5.1/man/man8/newusers.8
|
||||
--- shadow-4.1.5.1/man/man8/newusers.8.info-parent-dir 2012-05-25 13:59:09.000000000 +0200
|
||||
+++ shadow-4.1.5.1/man/man8/newusers.8 2012-09-19 18:47:17.203525237 +0200
|
||||
@@ -99,7 +99,7 @@ This field is copied in the GECOS field
|
||||
.RS 4
|
||||
This field is used to define the home directory of the user\&.
|
||||
.sp
|
||||
@ -10,10 +10,10 @@ diff -up shadow-4.1.4.2/man/newusers.8.infoParentDir shadow-4.1.4.2/man/newusers
|
||||
.sp
|
||||
If the home directory of an existing user is changed,
|
||||
\fBnewusers\fR
|
||||
diff -up shadow-4.1.4.2/man/newusers.8.xml.infoParentDir shadow-4.1.4.2/man/newusers.8.xml
|
||||
--- shadow-4.1.4.2/man/newusers.8.xml.infoParentDir 2010-04-28 13:48:01.419238133 +0200
|
||||
+++ shadow-4.1.4.2/man/newusers.8.xml 2010-04-28 13:55:40.499663030 +0200
|
||||
@@ -192,7 +192,15 @@
|
||||
diff -up shadow-4.1.5.1/man/newusers.8.xml.info-parent-dir shadow-4.1.5.1/man/newusers.8.xml
|
||||
--- shadow-4.1.5.1/man/newusers.8.xml.info-parent-dir 2012-05-25 13:45:28.000000000 +0200
|
||||
+++ shadow-4.1.5.1/man/newusers.8.xml 2012-09-19 18:46:35.651613365 +0200
|
||||
@@ -216,7 +216,15 @@
|
||||
<para>
|
||||
If this field does not specify an existing directory, the
|
||||
specified directory is created, with ownership set to the
|
12
shadow-4.1.5.1-selinux.patch
Normal file
12
shadow-4.1.5.1-selinux.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff -up shadow-4.1.5.1/src/useradd.c.selinux shadow-4.1.5.1/src/useradd.c
|
||||
--- shadow-4.1.5.1/src/useradd.c.selinux 2012-09-19 18:28:37.662060468 +0200
|
||||
+++ shadow-4.1.5.1/src/useradd.c 2012-09-19 18:28:37.672060688 +0200
|
||||
@@ -2040,7 +2040,7 @@ int main (int argc, char **argv)
|
||||
if (mflg) {
|
||||
create_home ();
|
||||
if (home_added) {
|
||||
- copy_tree (def_template, user_home, false, false,
|
||||
+ copy_tree (def_template, user_home, false, true,
|
||||
(uid_t)-1, user_id, (gid_t)-1, user_gid);
|
||||
} else {
|
||||
fprintf (stderr,
|
@ -1,20 +1,20 @@
|
||||
Summary: Utilities for managing accounts and shadow password files
|
||||
Name: shadow-utils
|
||||
Version: 4.1.5
|
||||
Release: 5%{?dist}
|
||||
Version: 4.1.5.1
|
||||
Release: 1%{?dist}
|
||||
Epoch: 2
|
||||
URL: http://pkg-shadow.alioth.debian.org/
|
||||
Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2
|
||||
Source3: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2.sig
|
||||
Source1: shadow-utils.login.defs
|
||||
Source2: shadow-utils.useradd
|
||||
Patch0: shadow-4.1.5-redhat.patch
|
||||
Patch1: shadow-4.1.5-goodname.patch
|
||||
Patch2: shadow-4.1.4.2-infoParentDir.patch
|
||||
Patch1: shadow-4.1.5.1-goodname.patch
|
||||
Patch2: shadow-4.1.5.1-info-parent-dir.patch
|
||||
Patch3: shadow-4.1.5-uflg.patch
|
||||
Patch4: shadow-4.1.5-man.patch
|
||||
Patch5: shadow-4.1.5-grremove.patch
|
||||
Patch6: shadow-4.1.5-selinux.patch
|
||||
Patch6: shadow-4.1.5.1-selinux.patch
|
||||
Patch7: shadow-4.1.5-2ndskip.patch
|
||||
Patch8: shadow-4.1.5.1-backup-mode.patch
|
||||
License: BSD and GPLv2+
|
||||
Group: System Environment/Base
|
||||
BuildRequires: libselinux-devel >= 1.25.2-1
|
||||
@ -45,13 +45,11 @@ are used for managing group accounts.
|
||||
%setup -q -n shadow-%{version}
|
||||
%patch0 -p1 -b .redhat
|
||||
%patch1 -p1 -b .goodname
|
||||
%patch2 -p1 -b .infoParentDir
|
||||
%patch2 -p1 -b .info-parent-dir
|
||||
%patch3 -p1 -b .uflg
|
||||
%patch4 -p1 -b .man
|
||||
%patch5 -p1 -b .grremove
|
||||
%patch6 -p1 -b .selinux
|
||||
%patch7 -p1 -b .2ndskip
|
||||
|
||||
%patch8 -p1 -b .backup-mode
|
||||
|
||||
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
|
||||
cp -f doc/HOWTO.utf8 doc/HOWTO
|
||||
@ -206,6 +204,10 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{_mandir}/man8/vigr.8*
|
||||
|
||||
%changelog
|
||||
* Wed Sep 19 2012 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-1
|
||||
- new upstream version
|
||||
- use the original file permissions when creating backup (#853102)
|
||||
|
||||
* Wed Jul 25 2012 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.5-5
|
||||
- make /etc/default/useradd world-readable (#835137)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user