From cd421e05aeb4f13565d980dc0a45f664dfd0ec09 Mon Sep 17 00:00:00 2001 From: Iker Pedrosa Date: Tue, 23 Aug 2022 09:25:47 +0200 Subject: [PATCH] Rebase to version 4.12.3 Resolves: #2117809 Signed-off-by: Iker Pedrosa --- .gitignore | 2 + ...dify-check-ID-range-for-system-users.patch | 40 ---------------- ...name.patch => shadow-4.12.3-goodname.patch | 28 +++++------ ...ry.patch => shadow-4.12.3-long-entry.patch | 48 +++++++++---------- ...redhat.patch => shadow-4.12.3-redhat.patch | 23 ++++----- ...patch => shadow-4.12.3-selinux-perms.patch | 34 ++++++------- ...-get-shadow-logfd-with-log-get-logfd.patch | 48 ------------------- shadow-utils.spec | 21 ++++---- sources | 4 +- 9 files changed, 78 insertions(+), 170 deletions(-) delete mode 100644 shadow-4.11.1-useradd-modify-check-ID-range-for-system-users.patch rename shadow-4.8-goodname.patch => shadow-4.12.3-goodname.patch (77%) rename shadow-4.8-long-entry.patch => shadow-4.12.3-long-entry.patch (54%) rename shadow-4.11.1-redhat.patch => shadow-4.12.3-redhat.patch (53%) rename shadow-4.8-selinux-perms.patch => shadow-4.12.3-selinux-perms.patch (84%) delete mode 100644 shadow-4.9-nss-get-shadow-logfd-with-log-get-logfd.patch diff --git a/.gitignore b/.gitignore index e368bdf..7113c48 100644 --- a/.gitignore +++ b/.gitignore @@ -18,3 +18,5 @@ shadow-4.1.4.2.tar.bz2 /shadow-4.9.tar.xz.asc /shadow-4.11.1.tar.xz /shadow-4.11.1.tar.xz.asc +/shadow-4.12.3.tar.xz +/shadow-4.12.3.tar.xz.asc diff --git a/shadow-4.11.1-useradd-modify-check-ID-range-for-system-users.patch b/shadow-4.11.1-useradd-modify-check-ID-range-for-system-users.patch deleted file mode 100644 index dead628..0000000 --- a/shadow-4.11.1-useradd-modify-check-ID-range-for-system-users.patch +++ /dev/null @@ -1,40 +0,0 @@ -From f1f1678e13aa3ae49bdb139efaa2c5bc53dcfe92 Mon Sep 17 00:00:00 2001 -From: Iker Pedrosa -Date: Tue, 4 Jan 2022 13:06:00 +0100 -Subject: [PATCH] useradd: modify check ID range for system users - -useradd warns that a system user ID less than SYS_UID_MIN is outside the -expected range, even though that ID has been specifically selected with -the "-u" option. - -In my opinion all the user ID's below SYS_UID_MAX are for the system, -thus I change the condition to take that into account. - -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2004911 - -Signed-off-by: Iker Pedrosa ---- - src/useradd.c | 6 ++---- - 1 file changed, 2 insertions(+), 4 deletions(-) - -diff --git a/src/useradd.c b/src/useradd.c -index 34376fa5..4c71c38a 100644 ---- a/src/useradd.c -+++ b/src/useradd.c -@@ -2409,11 +2409,9 @@ static void check_uid_range(int rflg, uid_t user_id) - uid_t uid_min ; - uid_t uid_max ; - if (rflg) { -- uid_min = (uid_t)getdef_ulong("SYS_UID_MIN",101UL); - uid_max = (uid_t)getdef_ulong("SYS_UID_MAX",getdef_ulong("UID_MIN",1000UL)-1); -- if (uid_min <= uid_max) { -- if (user_id < uid_min || user_id >uid_max) -- fprintf(stderr, _("%s warning: %s's uid %d outside of the SYS_UID_MIN %d and SYS_UID_MAX %d range.\n"), Prog, user_name, user_id, uid_min, uid_max); -+ if (user_id > uid_max) { -+ fprintf(stderr, _("%s warning: %s's uid %d is greater than SYS_UID_MAX %d\n"), Prog, user_name, user_id, uid_max); - } - }else{ - uid_min = (uid_t)getdef_ulong("UID_MIN", 1000UL); --- -2.37.1 - diff --git a/shadow-4.8-goodname.patch b/shadow-4.12.3-goodname.patch similarity index 77% rename from shadow-4.8-goodname.patch rename to shadow-4.12.3-goodname.patch index f3c18d5..2376674 100644 --- a/shadow-4.8-goodname.patch +++ b/shadow-4.12.3-goodname.patch @@ -1,7 +1,7 @@ -diff -up shadow-4.8/libmisc/chkname.c.goodname shadow-4.8/libmisc/chkname.c ---- shadow-4.8/libmisc/chkname.c.goodname 2020-01-13 09:44:41.968507996 +0100 -+++ shadow-4.8/libmisc/chkname.c 2020-01-13 09:46:27.863727732 +0100 -@@ -55,26 +55,44 @@ static bool is_valid_name (const char *n +diff -up shadow-4.12.3/libmisc/chkname.c.goodname shadow-4.12.3/libmisc/chkname.c +--- shadow-4.12.3/libmisc/chkname.c.goodname 2022-06-19 16:16:48.000000000 +0200 ++++ shadow-4.12.3/libmisc/chkname.c 2022-08-22 16:00:27.646087971 +0200 +@@ -32,26 +32,44 @@ static bool is_valid_name (const char *n } /* @@ -56,12 +56,12 @@ diff -up shadow-4.8/libmisc/chkname.c.goodname shadow-4.8/libmisc/chkname.c } bool is_valid_user_name (const char *name) -diff -up shadow-4.8/man/groupadd.8.xml.goodname shadow-4.8/man/groupadd.8.xml ---- shadow-4.8/man/groupadd.8.xml.goodname 2019-07-23 17:26:08.000000000 +0200 -+++ shadow-4.8/man/groupadd.8.xml 2020-01-13 09:44:41.968507996 +0100 -@@ -273,10 +273,12 @@ - - CAVEATS +diff -up shadow-4.12.3/man/groupadd.8.xml.goodname shadow-4.12.3/man/groupadd.8.xml +--- shadow-4.12.3/man/groupadd.8.xml.goodname 2022-08-22 16:00:27.646087971 +0200 ++++ shadow-4.12.3/man/groupadd.8.xml 2022-08-22 16:01:59.301779733 +0200 +@@ -64,10 +64,12 @@ + files as needed. + - Groupnames must start with a lower case letter or an underscore, - followed by lower case letters, digits, underscores, or dashes. @@ -76,10 +76,10 @@ diff -up shadow-4.8/man/groupadd.8.xml.goodname shadow-4.8/man/groupadd.8.xml Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long. -diff -up shadow-4.8/man/useradd.8.xml.goodname shadow-4.8/man/useradd.8.xml ---- shadow-4.8/man/useradd.8.xml.goodname 2019-10-05 03:23:58.000000000 +0200 -+++ shadow-4.8/man/useradd.8.xml 2020-01-13 09:44:41.968507996 +0100 -@@ -661,10 +661,14 @@ +diff -up shadow-4.12.3/man/useradd.8.xml.goodname shadow-4.12.3/man/useradd.8.xml +--- shadow-4.12.3/man/useradd.8.xml.goodname 2022-08-22 14:46:57.000000000 +0200 ++++ shadow-4.12.3/man/useradd.8.xml 2022-08-22 16:00:27.646087971 +0200 +@@ -692,10 +692,14 @@ diff --git a/shadow-4.8-long-entry.patch b/shadow-4.12.3-long-entry.patch similarity index 54% rename from shadow-4.8-long-entry.patch rename to shadow-4.12.3-long-entry.patch index 64d9636..9dc5ef2 100644 --- a/shadow-4.8-long-entry.patch +++ b/shadow-4.12.3-long-entry.patch @@ -1,7 +1,7 @@ -diff -up shadow-4.8/lib/defines.h.long-entry shadow-4.8/lib/defines.h ---- shadow-4.8/lib/defines.h.long-entry 2020-01-13 10:29:45.288957339 +0100 -+++ shadow-4.8/lib/defines.h 2020-01-13 10:30:47.482902954 +0100 -@@ -388,6 +388,9 @@ extern char *strerror (); +diff -up shadow-4.12.3/lib/defines.h.long-entry shadow-4.12.3/lib/defines.h +--- shadow-4.12.3/lib/defines.h.long-entry 2022-08-18 23:51:37.000000000 +0200 ++++ shadow-4.12.3/lib/defines.h 2022-08-22 16:12:27.412522768 +0200 +@@ -335,6 +335,9 @@ extern char *strerror (); # endif #endif @@ -11,10 +11,10 @@ diff -up shadow-4.8/lib/defines.h.long-entry shadow-4.8/lib/defines.h #ifdef HAVE_SECURE_GETENV # define shadow_getenv(name) secure_getenv(name) # else -diff -up shadow-4.8/lib/pwio.c.long-entry shadow-4.8/lib/pwio.c ---- shadow-4.8/lib/pwio.c.long-entry 2019-07-23 17:26:08.000000000 +0200 -+++ shadow-4.8/lib/pwio.c 2020-01-13 10:29:45.288957339 +0100 -@@ -79,7 +79,10 @@ static int passwd_put (const void *ent, +diff -up shadow-4.12.3/lib/pwio.c.long-entry shadow-4.12.3/lib/pwio.c +--- shadow-4.12.3/lib/pwio.c.long-entry 2022-06-19 16:16:48.000000000 +0200 ++++ shadow-4.12.3/lib/pwio.c 2022-08-22 16:12:27.412522768 +0200 +@@ -56,7 +56,10 @@ static int passwd_put (const void *ent, || (pw->pw_gid == (gid_t)-1) || (valid_field (pw->pw_gecos, ":\n") == -1) || (valid_field (pw->pw_dir, ":\n") == -1) @@ -26,19 +26,19 @@ diff -up shadow-4.8/lib/pwio.c.long-entry shadow-4.8/lib/pwio.c return -1; } -diff -up shadow-4.8/lib/sgetpwent.c.long-entry shadow-4.8/lib/sgetpwent.c ---- shadow-4.8/lib/sgetpwent.c.long-entry 2019-10-05 03:23:58.000000000 +0200 -+++ shadow-4.8/lib/sgetpwent.c 2020-01-13 10:29:45.288957339 +0100 -@@ -57,7 +57,7 @@ +diff -up shadow-4.12.3/lib/sgetpwent.c.long-entry shadow-4.12.3/lib/sgetpwent.c +--- shadow-4.12.3/lib/sgetpwent.c.long-entry 2022-08-09 00:30:40.000000000 +0200 ++++ shadow-4.12.3/lib/sgetpwent.c 2022-08-22 16:14:10.955309200 +0200 +@@ -34,7 +34,7 @@ struct passwd *sgetpwent (const char *buf) { static struct passwd pwent; - static char pwdbuf[1024]; + static char pwdbuf[PASSWD_ENTRY_MAX_LENGTH]; - register int i; - register char *cp; + int i; + char *cp; char *fields[NFIELDS]; -@@ -67,8 +67,10 @@ struct passwd *sgetpwent (const char *bu +@@ -44,8 +44,10 @@ struct passwd *sgetpwent (const char *bu * the password structure remain valid. */ @@ -50,10 +50,10 @@ diff -up shadow-4.8/lib/sgetpwent.c.long-entry shadow-4.8/lib/sgetpwent.c strcpy (pwdbuf, buf); /* -diff -up shadow-4.8/lib/sgetspent.c.long-entry shadow-4.8/lib/sgetspent.c ---- shadow-4.8/lib/sgetspent.c.long-entry 2019-07-23 17:26:08.000000000 +0200 -+++ shadow-4.8/lib/sgetspent.c 2020-01-13 10:29:45.289957322 +0100 -@@ -48,7 +48,7 @@ +diff -up shadow-4.12.3/lib/sgetspent.c.long-entry shadow-4.12.3/lib/sgetspent.c +--- shadow-4.12.3/lib/sgetspent.c.long-entry 2022-06-19 16:16:54.000000000 +0200 ++++ shadow-4.12.3/lib/sgetspent.c 2022-08-22 16:12:27.413522776 +0200 +@@ -25,7 +25,7 @@ */ struct spwd *sgetspent (const char *string) { @@ -62,7 +62,7 @@ diff -up shadow-4.8/lib/sgetspent.c.long-entry shadow-4.8/lib/sgetspent.c static struct spwd spwd; char *fields[FIELDS]; char *cp; -@@ -61,6 +61,7 @@ struct spwd *sgetspent (const char *stri +@@ -37,6 +37,7 @@ struct spwd *sgetspent (const char *stri */ if (strlen (string) >= sizeof spwbuf) { @@ -70,10 +70,10 @@ diff -up shadow-4.8/lib/sgetspent.c.long-entry shadow-4.8/lib/sgetspent.c return 0; /* fail if too long */ } strcpy (spwbuf, string); -diff -up shadow-4.8/lib/shadowio.c.long-entry shadow-4.8/lib/shadowio.c ---- shadow-4.8/lib/shadowio.c.long-entry 2019-07-23 17:26:08.000000000 +0200 -+++ shadow-4.8/lib/shadowio.c 2020-01-13 10:29:45.289957322 +0100 -@@ -79,7 +79,9 @@ static int shadow_put (const void *ent, +diff -up shadow-4.12.3/lib/shadowio.c.long-entry shadow-4.12.3/lib/shadowio.c +--- shadow-4.12.3/lib/shadowio.c.long-entry 2022-06-19 16:16:48.000000000 +0200 ++++ shadow-4.12.3/lib/shadowio.c 2022-08-22 16:12:27.413522776 +0200 +@@ -56,7 +56,9 @@ static int shadow_put (const void *ent, if ( (NULL == sp) || (valid_field (sp->sp_namp, ":\n") == -1) diff --git a/shadow-4.11.1-redhat.patch b/shadow-4.12.3-redhat.patch similarity index 53% rename from shadow-4.11.1-redhat.patch rename to shadow-4.12.3-redhat.patch index e5e6c60..48c591d 100644 --- a/shadow-4.11.1-redhat.patch +++ b/shadow-4.12.3-redhat.patch @@ -1,6 +1,6 @@ -diff -up shadow-4.11.1/src/useradd.c.redhat shadow-4.11.1/src/useradd.c ---- shadow-4.11.1/src/useradd.c.redhat 2022-01-03 01:46:53.000000000 +0100 -+++ shadow-4.11.1/src/useradd.c 2022-01-03 14:53:12.988484829 +0100 +diff -up shadow-4.12.3/src/useradd.c.redhat shadow-4.12.3/src/useradd.c +--- shadow-4.12.3/src/useradd.c.redhat 2022-08-06 18:22:45.000000000 +0200 ++++ shadow-4.12.3/src/useradd.c 2022-08-22 15:57:19.034664441 +0200 @@ -82,7 +82,7 @@ const char *Prog; static gid_t def_group = 1000; static const char *def_gname = "other"; @@ -19,19 +19,16 @@ diff -up shadow-4.11.1/src/useradd.c.redhat shadow-4.11.1/src/useradd.c static uid_t user_id; static gid_t user_gid; static const char *user_comment = ""; -@@ -1219,9 +1219,9 @@ static void process_flags (int argc, cha +@@ -1227,7 +1227,7 @@ static void process_flags (int argc, cha + {NULL, 0, NULL, '\0'} }; while ((c = getopt_long (argc, argv, +- "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:U" ++ "b:c:d:De:f:g:G:hk:K:lmMnNop:rR:P:s:u:U" #ifdef WITH_SELINUX -- "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:UZ:", -+ "b:c:d:De:f:g:G:hk:K:lmMnNop:rR:P:s:u:UZ:", - #else /* !WITH_SELINUX */ -- "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:U", -+ "b:c:d:De:f:g:G:hk:K:lmMnNop:rR:P:s:u:U", - #endif /* !WITH_SELINUX */ - long_options, NULL)) != -1) { - switch (c) { -@@ -1378,6 +1378,7 @@ static void process_flags (int argc, cha + "Z:" + #endif /* WITH_SELINUX */ +@@ -1395,6 +1395,7 @@ static void process_flags (int argc, cha case 'M': Mflg = true; break; diff --git a/shadow-4.8-selinux-perms.patch b/shadow-4.12.3-selinux-perms.patch similarity index 84% rename from shadow-4.8-selinux-perms.patch rename to shadow-4.12.3-selinux-perms.patch index dfb32ec..f396455 100644 --- a/shadow-4.8-selinux-perms.patch +++ b/shadow-4.12.3-selinux-perms.patch @@ -1,7 +1,7 @@ -diff -up shadow-4.8/src/chgpasswd.c.selinux-perms shadow-4.8/src/chgpasswd.c ---- shadow-4.8/src/chgpasswd.c.selinux-perms 2019-12-01 18:02:43.000000000 +0100 -+++ shadow-4.8/src/chgpasswd.c 2020-01-13 10:21:44.558107260 +0100 -@@ -39,6 +39,13 @@ +diff -up shadow-4.12.3/src/chgpasswd.c.selinux-perms shadow-4.12.3/src/chgpasswd.c +--- shadow-4.12.3/src/chgpasswd.c.selinux-perms 2022-06-19 16:16:48.000000000 +0200 ++++ shadow-4.12.3/src/chgpasswd.c 2022-08-22 16:09:02.006970030 +0200 +@@ -16,6 +16,13 @@ #include #include #include @@ -15,7 +15,7 @@ diff -up shadow-4.8/src/chgpasswd.c.selinux-perms shadow-4.8/src/chgpasswd.c #ifdef ACCT_TOOLS_SETUID #ifdef USE_PAM #include "pam_defs.h" -@@ -80,6 +87,9 @@ static bool sgr_locked = false; +@@ -61,6 +68,9 @@ static bool sgr_locked = false; #endif static bool gr_locked = false; @@ -25,7 +25,7 @@ diff -up shadow-4.8/src/chgpasswd.c.selinux-perms shadow-4.8/src/chgpasswd.c /* local function prototypes */ static void fail_exit (int code); static /*@noreturn@*/void usage (int status); -@@ -334,6 +344,63 @@ static void check_perms (void) +@@ -318,6 +328,63 @@ static void check_perms (void) #endif /* ACCT_TOOLS_SETUID */ } @@ -89,7 +89,7 @@ diff -up shadow-4.8/src/chgpasswd.c.selinux-perms shadow-4.8/src/chgpasswd.c /* * open_files - lock and open the group databases */ -@@ -427,6 +494,7 @@ int main (int argc, char **argv) +@@ -411,6 +478,7 @@ int main (int argc, char **argv) const struct group *gr; struct group newgr; @@ -97,7 +97,7 @@ diff -up shadow-4.8/src/chgpasswd.c.selinux-perms shadow-4.8/src/chgpasswd.c int errors = 0; int line = 0; -@@ -436,12 +504,37 @@ int main (int argc, char **argv) +@@ -422,12 +490,37 @@ int main (int argc, char **argv) (void) bindtextdomain (PACKAGE, LOCALEDIR); (void) textdomain (PACKAGE); @@ -135,10 +135,10 @@ diff -up shadow-4.8/src/chgpasswd.c.selinux-perms shadow-4.8/src/chgpasswd.c check_perms (); #ifdef SHADOWGRP -diff -up shadow-4.8/src/chpasswd.c.selinux-perms shadow-4.8/src/chpasswd.c ---- shadow-4.8/src/chpasswd.c.selinux-perms 2019-12-01 18:02:43.000000000 +0100 -+++ shadow-4.8/src/chpasswd.c 2020-01-13 10:21:44.558107260 +0100 -@@ -39,6 +39,13 @@ +diff -up shadow-4.12.3/src/chpasswd.c.selinux-perms shadow-4.12.3/src/chpasswd.c +--- shadow-4.12.3/src/chpasswd.c.selinux-perms 2022-06-19 16:16:48.000000000 +0200 ++++ shadow-4.12.3/src/chpasswd.c 2022-08-22 16:10:56.702835681 +0200 +@@ -16,6 +16,13 @@ #include #include #include @@ -152,7 +152,7 @@ diff -up shadow-4.8/src/chpasswd.c.selinux-perms shadow-4.8/src/chpasswd.c #ifdef USE_PAM #include "pam_defs.h" #endif /* USE_PAM */ -@@ -332,6 +339,63 @@ static void check_perms (void) +@@ -318,6 +325,63 @@ static void check_perms (void) #endif /* USE_PAM */ } @@ -216,7 +216,7 @@ diff -up shadow-4.8/src/chpasswd.c.selinux-perms shadow-4.8/src/chpasswd.c /* * open_files - lock and open the password databases */ -@@ -428,6 +492,10 @@ int main (int argc, char **argv) +@@ -450,6 +514,10 @@ int main (int argc, char **argv) (void) bindtextdomain (PACKAGE, LOCALEDIR); (void) textdomain (PACKAGE); @@ -224,10 +224,10 @@ diff -up shadow-4.8/src/chpasswd.c.selinux-perms shadow-4.8/src/chpasswd.c + selinux_check_root (); +#endif + - process_root_flag ("-R", argc, argv); - process_flags (argc, argv); -@@ -440,6 +508,10 @@ int main (int argc, char **argv) + + salt = get_salt(); +@@ -463,6 +531,10 @@ int main (int argc, char **argv) OPENLOG ("chpasswd"); diff --git a/shadow-4.9-nss-get-shadow-logfd-with-log-get-logfd.patch b/shadow-4.9-nss-get-shadow-logfd-with-log-get-logfd.patch deleted file mode 100644 index 4d8e792..0000000 --- a/shadow-4.9-nss-get-shadow-logfd-with-log-get-logfd.patch +++ /dev/null @@ -1,48 +0,0 @@ -From e101219ad71de11da3fdd1b3ec2620fd1a97b92c Mon Sep 17 00:00:00 2001 -From: Iker Pedrosa -Date: Mon, 10 Jan 2022 15:30:28 +0100 -Subject: [PATCH] nss: get shadow_logfd with log_get_logfd() - -If /etc/nsswitch.conf doesn't exist podman crashes because shadow_logfd -is NULL. In order to avoid that load the log file descriptor with the -log_get_logfd() helper function. - -Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2038811 - -Signed-off-by: Iker Pedrosa ---- - lib/nss.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/lib/nss.c b/lib/nss.c -index 02742902..06fa48e5 100644 ---- a/lib/nss.c -+++ b/lib/nss.c -@@ -9,6 +9,7 @@ - #include "prototypes.h" - #include "../libsubid/subid.h" - #include "shadowlog_internal.h" -+#include "shadowlog.h" - - #define NSSWITCH "/etc/nsswitch.conf" - -@@ -42,6 +43,7 @@ void nss_init(const char *nsswitch_path) { - FILE *nssfp = NULL; - char *line = NULL, *p, *token, *saveptr; - size_t len = 0; -+ FILE *shadow_logfd = log_get_logfd(); - - if (atomic_flag_test_and_set(&nss_init_started)) { - // Another thread has started nss_init, wait for it to complete -@@ -57,7 +59,7 @@ void nss_init(const char *nsswitch_path) { - // subid: files - nssfp = fopen(nsswitch_path, "r"); - if (!nssfp) { -- fprintf(shadow_logfd, "Failed opening %s: %m", nsswitch_path); -+ fprintf(shadow_logfd, "Failed opening %s: %m\n", nsswitch_path); - atomic_store(&nss_init_completed, true); - return; - } --- -2.34.1 - diff --git a/shadow-utils.spec b/shadow-utils.spec index 660f777..69a2aa8 100644 --- a/shadow-utils.spec +++ b/shadow-utils.spec @@ -1,7 +1,7 @@ Summary: Utilities for managing accounts and shadow password files Name: shadow-utils -Version: 4.11.1 -Release: 4%{?dist} +Version: 4.12.3 +Release: 1%{?dist} Epoch: 2 License: BSD and GPLv2+ URL: https://github.com/shadow-maint/shadow @@ -18,9 +18,9 @@ Source6: shadow-utils.HOME_MODE.xml ### Patches ### # Misc small changes - most probably non-upstreamable -Patch0: shadow-4.11.1-redhat.patch +Patch0: shadow-4.12.3-redhat.patch # Be more lenient with acceptable user/group names - non upstreamable -Patch1: shadow-4.8-goodname.patch +Patch1: shadow-4.12.3-goodname.patch # SElinux related - upstreamability unknown Patch3: shadow-4.9-default-range.patch # Misc manual page changes - non-upstreamable @@ -34,19 +34,15 @@ Patch7: shadow-4.11.1-audit-update.patch # Changes related to password unlocking - could be upstreamed Patch8: shadow-4.5-usermod-unlock.patch # Additional SElinux related changes - upstreamability unknown -Patch9: shadow-4.8-selinux-perms.patch +Patch9: shadow-4.12.3-selinux-perms.patch # Handle NULL return from *time funcs - upstreamable Patch10: shadow-4.11.1-null-tm.patch # Handle /etc/passwd corruption - could be upstreamed -Patch11: shadow-4.8-long-entry.patch +Patch11: shadow-4.12.3-long-entry.patch # Limit uid/gid allocation to non-zero - could be upstreamed Patch12: shadow-4.6-sysugid-min-limit.patch # Ignore LOGIN_PLAIN_PROMPT in login.defs - upstreamability unknown Patch13: shadow-4.8-ignore-login-prompt.patch -# https://github.com/shadow-maint/shadow/commit/e101219ad71de11da3fdd1b3ec2620fd1a97b92c -Patch14: shadow-4.9-nss-get-shadow-logfd-with-log-get-logfd.patch -# https://github.com/shadow-maint/shadow/commit/f1f1678e13aa3ae49bdb139efaa2c5bc53dcfe92 -Patch15: shadow-4.11.1-useradd-modify-check-ID-range-for-system-users.patch ### Dependencies ### Requires: audit-libs >= 1.6.5 @@ -120,8 +116,6 @@ Development files for shadow-utils-subid. %patch11 -p1 -b .long-entry %patch12 -p1 -b .sysugid-min-limit %patch13 -p1 -b .login-prompt -%patch14 -p1 -b .nss-get-shadow-logfd-with-log-get-logfd -%patch15 -p1 -b .useradd-modify-check-ID-range-for-system-users iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 cp -f doc/HOWTO.utf8 doc/HOWTO @@ -295,6 +289,9 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.a %{_libdir}/libsubid.so %changelog +* Mon Aug 22 2022 Iker Pedrosa - 2:4.12.3-1 +- Rebase to version 4.12.3. Resolves: #2117809 + * Mon Aug 1 2022 Iker Pedrosa - 2:4.11.1-4 - useradd: modify check ID range for system users. Resolves: #2093692 diff --git a/sources b/sources index 53a4fb0..d1e0ebd 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (shadow-4.11.1.tar.xz) = 12fbe4d6ac929ad3c21525ed0f1026b5b678ccec9762f2ec7e611d9c180934def506325f2835fb750dd30af035b592f827ff151cd6e4c805aaaf8e01425c279f -SHA512 (shadow-4.11.1.tar.xz.asc) = 4594189678cc9bcc8831f62a5d42c605b085be4a3b540429d7c800f4304e2e8fe04358547917eb90c1513646fade7c714611bfdc98af7dec5321a3dc3e65c4fd +SHA512 (shadow-4.12.3.tar.xz) = 0529889258f54e7634762dc154aa680d55f8c5f1654afadd1b7431cfbb890a3b1ba27c7ff4b7c45986e4ee2289946db2e420b23ed13e4e5b15800a1fb3a013bc +SHA512 (shadow-4.12.3.tar.xz.asc) = d3f294d86c0e2174c88809810a801737c01cd01f9cadbe7b1ae382b2745d86e2e30c0718fa6489c2abb65500ed94c8ac1961d05243b5a1800c966384c69281c9