useradd: modify check ID range for system users
Resolves: #2093692 Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This commit is contained in:
Iker Pedrosa
parent
71c99ba5b1
commit
97547bc00a
@ -0,0 +1,40 @@
|
||||
From f1f1678e13aa3ae49bdb139efaa2c5bc53dcfe92 Mon Sep 17 00:00:00 2001
|
||||
From: Iker Pedrosa <ipedrosa@redhat.com>
|
||||
Date: Tue, 4 Jan 2022 13:06:00 +0100
|
||||
Subject: [PATCH] useradd: modify check ID range for system users
|
||||
|
||||
useradd warns that a system user ID less than SYS_UID_MIN is outside the
|
||||
expected range, even though that ID has been specifically selected with
|
||||
the "-u" option.
|
||||
|
||||
In my opinion all the user ID's below SYS_UID_MAX are for the system,
|
||||
thus I change the condition to take that into account.
|
||||
|
||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2004911
|
||||
|
||||
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
|
||||
---
|
||||
src/useradd.c | 6 ++----
|
||||
1 file changed, 2 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/useradd.c b/src/useradd.c
|
||||
index 34376fa5..4c71c38a 100644
|
||||
--- a/src/useradd.c
|
||||
+++ b/src/useradd.c
|
||||
@@ -2409,11 +2409,9 @@ static void check_uid_range(int rflg, uid_t user_id)
|
||||
uid_t uid_min ;
|
||||
uid_t uid_max ;
|
||||
if (rflg) {
|
||||
- uid_min = (uid_t)getdef_ulong("SYS_UID_MIN",101UL);
|
||||
uid_max = (uid_t)getdef_ulong("SYS_UID_MAX",getdef_ulong("UID_MIN",1000UL)-1);
|
||||
- if (uid_min <= uid_max) {
|
||||
- if (user_id < uid_min || user_id >uid_max)
|
||||
- fprintf(stderr, _("%s warning: %s's uid %d outside of the SYS_UID_MIN %d and SYS_UID_MAX %d range.\n"), Prog, user_name, user_id, uid_min, uid_max);
|
||||
+ if (user_id > uid_max) {
|
||||
+ fprintf(stderr, _("%s warning: %s's uid %d is greater than SYS_UID_MAX %d\n"), Prog, user_name, user_id, uid_max);
|
||||
}
|
||||
}else{
|
||||
uid_min = (uid_t)getdef_ulong("UID_MIN", 1000UL);
|
||||
--
|
||||
2.37.1
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
Summary: Utilities for managing accounts and shadow password files
|
||||
Name: shadow-utils
|
||||
Version: 4.11.1
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
Epoch: 2
|
||||
License: BSD and GPLv2+
|
||||
URL: https://github.com/shadow-maint/shadow
|
||||
@ -45,6 +45,8 @@ Patch12: shadow-4.6-sysugid-min-limit.patch
|
||||
Patch13: shadow-4.8-ignore-login-prompt.patch
|
||||
# https://github.com/shadow-maint/shadow/commit/e101219ad71de11da3fdd1b3ec2620fd1a97b92c
|
||||
Patch14: shadow-4.9-nss-get-shadow-logfd-with-log-get-logfd.patch
|
||||
# https://github.com/shadow-maint/shadow/commit/f1f1678e13aa3ae49bdb139efaa2c5bc53dcfe92
|
||||
Patch15: shadow-4.11.1-useradd-modify-check-ID-range-for-system-users.patch
|
||||
|
||||
### Dependencies ###
|
||||
Requires: audit-libs >= 1.6.5
|
||||
@ -119,6 +121,7 @@ Development files for shadow-utils-subid.
|
||||
%patch12 -p1 -b .sysugid-min-limit
|
||||
%patch13 -p1 -b .login-prompt
|
||||
%patch14 -p1 -b .nss-get-shadow-logfd-with-log-get-logfd
|
||||
%patch15 -p1 -b .useradd-modify-check-ID-range-for-system-users
|
||||
|
||||
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
|
||||
cp -f doc/HOWTO.utf8 doc/HOWTO
|
||||
@ -292,6 +295,9 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.a
|
||||
%{_libdir}/libsubid.so
|
||||
|
||||
%changelog
|
||||
* Mon Aug 1 2022 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.11.1-4
|
||||
- useradd: modify check ID range for system users. Resolves: #2093692
|
||||
|
||||
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2:4.11.1-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user