diff --git a/.gitignore b/.gitignore index ccacfb0..d99615d 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ shadow-4.1.4.2.tar.bz2 +/shadow-4.1.4.3.tar.bz2 diff --git a/shadow-4.1.4.2-redhat.patch b/shadow-4.1.4.2-redhat.patch index da39e65..fb2a437 100644 --- a/shadow-4.1.4.2-redhat.patch +++ b/shadow-4.1.4.2-redhat.patch @@ -1,39 +1,3 @@ -diff -up shadow-4.1.4.2/libmisc/find_new_gid.c.redhat shadow-4.1.4.2/libmisc/find_new_gid.c ---- shadow-4.1.4.2/libmisc/find_new_gid.c.redhat 2009-07-18 01:53:42.000000000 +0200 -+++ shadow-4.1.4.2/libmisc/find_new_gid.c 2011-02-09 11:04:06.009400412 +0100 -@@ -58,11 +58,11 @@ int find_new_gid (bool sys_group, - assert (gid != NULL); - - if (!sys_group) { -- gid_min = (gid_t) getdef_ulong ("GID_MIN", 1000UL); -+ gid_min = (gid_t) getdef_ulong ("GID_MIN", 500UL); - gid_max = (gid_t) getdef_ulong ("GID_MAX", 60000UL); - } else { -- gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL); -- gid_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1; -+ gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 201UL); -+ gid_max = (gid_t) getdef_ulong ("GID_MIN", 500UL) - 1; - gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max); - } - used_gids = alloca (sizeof (bool) * (gid_max +1)); -diff -up shadow-4.1.4.2/libmisc/find_new_uid.c.redhat shadow-4.1.4.2/libmisc/find_new_uid.c ---- shadow-4.1.4.2/libmisc/find_new_uid.c.redhat 2009-07-18 01:53:43.000000000 +0200 -+++ shadow-4.1.4.2/libmisc/find_new_uid.c 2011-02-09 11:04:06.009400412 +0100 -@@ -58,11 +58,11 @@ int find_new_uid (bool sys_user, - assert (uid != NULL); - - if (!sys_user) { -- uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL); -+ uid_min = (uid_t) getdef_ulong ("UID_MIN", 500UL); - uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL); - } else { -- uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL); -- uid_max = (uid_t) getdef_ulong ("UID_MIN", 1000UL) - 1; -+ uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 201UL); -+ uid_max = (uid_t) getdef_ulong ("UID_MIN", 500UL) - 1; - uid_max = (uid_t) getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max); - } - used_uids = alloca (sizeof (bool) * (uid_max +1)); diff -up shadow-4.1.4.2/man/useradd.8.redhat shadow-4.1.4.2/man/useradd.8 --- shadow-4.1.4.2/man/useradd.8.redhat 2009-07-24 03:16:44.000000000 +0200 +++ shadow-4.1.4.2/man/useradd.8 2011-02-09 11:04:24.851151246 +0100 diff --git a/shadow-4.1.4.2-uflg.patch b/shadow-4.1.4.2-uflg.patch deleted file mode 100644 index be1a73e..0000000 --- a/shadow-4.1.4.2-uflg.patch +++ /dev/null @@ -1,25 +0,0 @@ -diff -up shadow-4.1.4.2/libmisc/find_new_gid.c.uflg shadow-4.1.4.2/libmisc/find_new_gid.c ---- shadow-4.1.4.2/libmisc/find_new_gid.c.uflg 2010-05-21 11:31:36.069929199 +0200 -+++ shadow-4.1.4.2/libmisc/find_new_gid.c 2010-05-21 11:31:47.600963338 +0200 -@@ -61,7 +61,7 @@ int find_new_gid (bool sys_group, - gid_min = (gid_t) getdef_ulong ("GID_MIN", 500UL); - gid_max = (gid_t) getdef_ulong ("GID_MAX", 60000UL); - } else { -- gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 201UL); -+ gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 1UL); - gid_max = (gid_t) getdef_ulong ("GID_MIN", 500UL) - 1; - gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max); - } -@@ -79,7 +79,11 @@ int find_new_gid (bool sys_group, - *gid = *preferred_gid; - return 0; - } -- -+ -+ /* if we did not find free preffered system gid, we start to look for -+ * one in the range assigned to dynamic system IDs */ -+ if (sys_group) -+ gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 201UL); - - /* - * Search the entire group file, diff --git a/shadow-4.1.4.3-IDs.patch b/shadow-4.1.4.3-IDs.patch new file mode 100644 index 0000000..3e5ea23 --- /dev/null +++ b/shadow-4.1.4.3-IDs.patch @@ -0,0 +1,58 @@ +diff -up shadow-4.1.4.3/libmisc/find_new_gid.c.IDs shadow-4.1.4.3/libmisc/find_new_gid.c +--- shadow-4.1.4.3/libmisc/find_new_gid.c.IDs 2011-05-20 22:45:27.852146758 +0200 ++++ shadow-4.1.4.3/libmisc/find_new_gid.c 2011-05-20 22:47:45.977909798 +0200 +@@ -32,6 +32,7 @@ + + #include + #include ++#include + + #include "prototypes.h" + #include "groupio.h" +@@ -65,7 +66,12 @@ int find_new_gid (bool sys_group, + gid_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1; + gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max); + } +- used_gids = alloca (sizeof (bool) * (gid_max +1)); ++ used_gids = malloc (sizeof (bool) * (gid_max +1)); ++ if(used_gids==NULL) { ++ fprintf (stderr, ++ _("%s: failed to allocate memory. %s\n"), Prog, strerror (errno)); ++ return -1; ++ } + memset (used_gids, false, sizeof (bool) * (gid_max + 1)); + + if ( (NULL != preferred_gid) +diff -up shadow-4.1.4.3/libmisc/find_new_uid.c.IDs shadow-4.1.4.3/libmisc/find_new_uid.c +--- shadow-4.1.4.3/libmisc/find_new_uid.c.IDs 2011-02-13 18:58:11.000000000 +0100 ++++ shadow-4.1.4.3/libmisc/find_new_uid.c 2011-05-20 22:47:45.977909798 +0200 +@@ -32,6 +32,7 @@ + + #include + #include ++#include + + #include "prototypes.h" + #include "pwio.h" +@@ -65,7 +66,12 @@ int find_new_uid (bool sys_user, + uid_max = (uid_t) getdef_ulong ("UID_MIN", 1000UL) - 1; + uid_max = (uid_t) getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max); + } +- used_uids = alloca (sizeof (bool) * (uid_max +1)); ++ used_uids = malloc (sizeof (bool) * (uid_max +1)); ++ if(used_uids==NULL) { ++ fprintf (stderr, ++ _("%s: failed to allocate memory. %s\n"), Prog, strerror (errno)); ++ return -1; ++ } + memset (used_uids, false, sizeof (bool) * (uid_max + 1)); + + if ( (NULL != preferred_uid) +@@ -178,6 +184,7 @@ int find_new_uid (bool sys_user, + } + } + ++ free(used_uids); + *uid = user_id; + return 0; + } diff --git a/shadow-4.1.4.1-goodname.patch b/shadow-4.1.4.3-goodname.patch similarity index 72% rename from shadow-4.1.4.1-goodname.patch rename to shadow-4.1.4.3-goodname.patch index 7ba4c2c..7e1ba24 100644 --- a/shadow-4.1.4.1-goodname.patch +++ b/shadow-4.1.4.3-goodname.patch @@ -1,6 +1,6 @@ -diff -up shadow-4.1.4.1/libmisc/chkname.c.goodname shadow-4.1.4.1/libmisc/chkname.c ---- shadow-4.1.4.1/libmisc/chkname.c.goodname 2009-04-28 21:14:04.000000000 +0200 -+++ shadow-4.1.4.1/libmisc/chkname.c 2009-06-16 13:47:08.000000000 +0200 +diff -up shadow-4.1.4.3/libmisc/chkname.c.goodname shadow-4.1.4.3/libmisc/chkname.c +--- shadow-4.1.4.3/libmisc/chkname.c.goodname 2011-02-13 18:58:11.000000000 +0100 ++++ shadow-4.1.4.3/libmisc/chkname.c 2011-05-18 20:38:50.639341048 +0200 @@ -49,20 +49,28 @@ static bool is_valid_name (const char *name) { @@ -40,24 +40,24 @@ diff -up shadow-4.1.4.1/libmisc/chkname.c.goodname shadow-4.1.4.1/libmisc/chknam return false; } } -diff -up shadow-4.1.4.1/man/groupadd.8.goodname shadow-4.1.4.1/man/groupadd.8 ---- shadow-4.1.4.1/man/groupadd.8.goodname 2009-05-22 15:56:08.000000000 +0200 -+++ shadow-4.1.4.1/man/groupadd.8 2009-06-16 13:50:41.000000000 +0200 -@@ -153,9 +153,7 @@ Shadow password suite configuration\&. +diff -up shadow-4.1.4.3/man/groupadd.8.goodname shadow-4.1.4.3/man/groupadd.8 +--- shadow-4.1.4.3/man/groupadd.8.goodname 2011-02-16 00:12:34.000000000 +0100 ++++ shadow-4.1.4.3/man/groupadd.8 2011-05-18 20:42:53.204324534 +0200 +@@ -162,9 +162,7 @@ Shadow password suite configuration\&. .RE .SH "CAVEATS" .PP -Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]? -.PP --Groupnames may only be up to 16 characters long\&. +-Groupnames may only be up to characters long\&. +Groupnames may only be up to 32 characters long\&. .PP You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&. .PP -diff -up shadow-4.1.4.1/man/useradd.8.goodname shadow-4.1.4.1/man/useradd.8 ---- shadow-4.1.4.1/man/useradd.8.goodname 2009-05-22 15:56:28.000000000 +0200 -+++ shadow-4.1.4.1/man/useradd.8 2009-06-16 13:51:17.000000000 +0200 -@@ -405,8 +405,6 @@ Similarly, if the username already exist +diff -up shadow-4.1.4.3/man/useradd.8.goodname shadow-4.1.4.3/man/useradd.8 +--- shadow-4.1.4.3/man/useradd.8.goodname 2011-05-18 20:38:50.635376546 +0200 ++++ shadow-4.1.4.3/man/useradd.8 2011-05-18 20:38:50.641332694 +0200 +@@ -414,8 +414,6 @@ Similarly, if the username already exist \fBuseradd\fR will deny the user account creation request\&. .PP diff --git a/shadow-4.1.4.3-nopam.patch b/shadow-4.1.4.3-nopam.patch new file mode 100644 index 0000000..8307f7e --- /dev/null +++ b/shadow-4.1.4.3-nopam.patch @@ -0,0 +1,32 @@ +diff -up shadow-4.1.4.3/man/ru/Makefile.in.nopam shadow-4.1.4.3/man/ru/Makefile.in +--- shadow-4.1.4.3/man/ru/Makefile.in.nopam 2011-05-20 22:42:23.145018292 +0200 ++++ shadow-4.1.4.3/man/ru/Makefile.in 2011-05-20 22:43:56.654017229 +0200 +@@ -150,7 +150,6 @@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ + PACKAGE_NAME = @PACKAGE_NAME@ + PACKAGE_STRING = @PACKAGE_STRING@ + PACKAGE_TARNAME = @PACKAGE_TARNAME@ +-PACKAGE_URL = @PACKAGE_URL@ + PACKAGE_VERSION = @PACKAGE_VERSION@ + PATH_SEPARATOR = @PATH_SEPARATOR@ + POSUB = @POSUB@ +@@ -222,13 +221,13 @@ target_alias = @target_alias@ + top_build_prefix = @top_build_prefix@ + top_builddir = @top_builddir@ + top_srcdir = @top_srcdir@ +-man_MANS = $(man_nopam) chage.1 chfn.1 chgpasswd.8 chpasswd.8 chsh.1 \ +- expiry.1 faillog.5 faillog.8 getspnam.3 gpasswd.1 groupadd.8 \ +- groupdel.8 groupmems.8 groupmod.8 groups.1 grpck.8 grpconv.8 \ +- grpunconv.8 gshadow.5 lastlog.8 login.1 login.defs.5 logoutd.8 \ +- newgrp.1 newusers.8 nologin.8 passwd.1 passwd.5 pwck.8 \ +- pwconv.8 pwunconv.8 sg.1 shadow.3 shadow.5 su.1 suauth.5 \ +- useradd.8 userdel.8 usermod.8 vigr.8 vipw.8 $(am__append_1) ++man_MANS = chage.1 chfn.1 chgpasswd.8 chpasswd.8 chsh.1 expiry.1 \ ++ faillog.5 faillog.8 getspnam.3 gpasswd.1 groupadd.8 groupdel.8 \ ++ groupmems.8 groupmod.8 groups.1 grpck.8 grpconv.8 grpunconv.8 \ ++ gshadow.5 lastlog.8 login.1 login.defs.5 logoutd.8 newgrp.1 \ ++ newusers.8 nologin.8 passwd.1 passwd.5 pwck.8 pwconv.8 \ ++ pwunconv.8 sg.1 shadow.3 shadow.5 su.1 suauth.5 useradd.8 \ ++ userdel.8 usermod.8 vigr.8 vipw.8 $(am__append_1) + man_nopam = \ + limits.5 \ + login.access.5 \ diff --git a/shadow-4.1.4.3-uflg.patch b/shadow-4.1.4.3-uflg.patch new file mode 100644 index 0000000..1c9f58f --- /dev/null +++ b/shadow-4.1.4.3-uflg.patch @@ -0,0 +1,23 @@ +diff -up shadow-4.1.4.3/libmisc/find_new_gid.c.uflg shadow-4.1.4.3/libmisc/find_new_gid.c +--- shadow-4.1.4.3/libmisc/find_new_gid.c.uflg 2011-05-20 21:18:24.474018778 +0200 ++++ shadow-4.1.4.3/libmisc/find_new_gid.c 2011-05-20 21:18:43.178018729 +0200 +@@ -61,7 +61,7 @@ int find_new_gid (bool sys_group, + gid_min = (gid_t) getdef_ulong ("GID_MIN", 1000UL); + gid_max = (gid_t) getdef_ulong ("GID_MAX", 60000UL); + } else { +- gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL); ++ gid_min = (gid_t) 1; + gid_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1; + gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max); + } +@@ -80,6 +80,10 @@ int find_new_gid (bool sys_group, + return 0; + } + ++ /* if we did not find free preffered system gid, we start to look for ++ * one in the range assigned to dynamic system IDs */ ++ if (sys_group) ++ gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL); + + /* + * Search the entire group file, diff --git a/shadow-utils.login.defs b/shadow-utils.login.defs index b24946d..5b56cd3 100644 --- a/shadow-utils.login.defs +++ b/shadow-utils.login.defs @@ -22,14 +22,20 @@ PASS_WARN_AGE 7 # # Min/max values for automatic uid selection in useradd # -UID_MIN 500 -UID_MAX 60000 +UID_MIN 1000 +UID_MAX 60000 +# System accounts +SYS_UID_MIN 201 +SYS_UID_MAX 999 # # Min/max values for automatic gid selection in groupadd # -GID_MIN 500 -GID_MAX 60000 +GID_MIN 1000 +GID_MAX 60000 +# System accounts +SYS_GID_MIN 201 +SYS_GID_MAX 999 # # If defined, this command is run when removing a user. diff --git a/shadow-utils.spec b/shadow-utils.spec index a797592..c8edc0f 100644 --- a/shadow-utils.spec +++ b/shadow-utils.spec @@ -1,22 +1,24 @@ Summary: Utilities for managing accounts and shadow password files Name: shadow-utils -Version: 4.1.4.2 -Release: 11%{?dist} +Version: 4.1.4.3 +Release: 1%{?dist} Epoch: 2 URL: http://pkg-shadow.alioth.debian.org/ Source0: ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-%{version}.tar.bz2 Source1: shadow-utils.login.defs Source2: shadow-utils.useradd Patch0: shadow-4.1.4.2-redhat.patch -Patch1: shadow-4.1.4.1-goodname.patch +Patch1: shadow-4.1.4.3-goodname.patch Patch2: shadow-4.1.4.2-leak.patch Patch3: shadow-4.1.4.2-fixes.patch Patch4: shadow-4.1.4.2-infoParentDir.patch Patch5: shadow-4.1.4.2-semange.patch Patch6: shadow-4.1.4.2-acl.patch Patch7: shadow-4.1.4.2-underflow.patch -Patch8: shadow-4.1.4.2-uflg.patch +Patch8: shadow-4.1.4.3-uflg.patch Patch9: shadow-4.1.4.2-gshadow.patch +Patch10: shadow-4.1.4.3-nopam.patch +Patch11: shadow-4.1.4.3-IDs.patch License: BSD and GPLv2+ Group: System Environment/Base BuildRequires: libselinux-devel >= 1.25.2-1 @@ -52,6 +54,8 @@ are used for managing group accounts. %patch7 -p1 -b .underflow %patch8 -p1 -b .uflg %patch9 -p1 -b .gshadow +%patch10 -p1 -b .nopam +%patch11 -p1 -b .IDs iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 cp -f doc/HOWTO.utf8 doc/HOWTO @@ -196,6 +200,11 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man8/vigr.8* %changelog +* Fri May 20 2011 Peter Vrabec - 2:4.1.4.3-1 +- upgrade +- change UID/GID_MIN to #1000 +- fix find_new_uid/gid for big UID/GID_MAX + * Wed Feb 09 2011 Peter Vrabec - 2:4.1.4.2-11 - useradd man page (-m option) - create home directory on fs with noacl diff --git a/sources b/sources index 1922174..d82ed7b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -d593a9cab93c48ee0a6ba056db8c1997 shadow-4.1.4.2.tar.bz2 +b8608d8294ac88974f27b20f991c0e79 shadow-4.1.4.3.tar.bz2