home directory on fs with noacl + remove faillog
This commit is contained in:
parent
ca4ecc57a6
commit
e997448056
@ -1,6 +1,6 @@
|
||||
diff -up shadow-4.1.4.2/libmisc/copydir.c.acl shadow-4.1.4.2/libmisc/copydir.c
|
||||
--- shadow-4.1.4.2/libmisc/copydir.c.acl 2010-04-29 15:55:26.949959971 +0200
|
||||
+++ shadow-4.1.4.2/libmisc/copydir.c 2010-04-29 15:55:26.956960471 +0200
|
||||
--- shadow-4.1.4.2/libmisc/copydir.c.acl 2011-02-09 17:35:23.455413575 +0100
|
||||
+++ shadow-4.1.4.2/libmisc/copydir.c 2011-02-09 17:49:17.606330202 +0100
|
||||
@@ -45,6 +45,9 @@
|
||||
#ifdef WITH_SELINUX
|
||||
#include <selinux/selinux.h>
|
||||
@ -20,7 +20,7 @@ diff -up shadow-4.1.4.2/libmisc/copydir.c.acl shadow-4.1.4.2/libmisc/copydir.c
|
||||
const struct stat *statp, const struct timeval mt[],
|
||||
long int uid, long int gid);
|
||||
static int copy_file (const char *src, const char *dst,
|
||||
@@ -78,6 +81,24 @@ static int copy_file (const char *src, c
|
||||
@@ -78,6 +81,28 @@ static int copy_file (const char *src, c
|
||||
long int uid, long int gid);
|
||||
|
||||
#ifdef WITH_SELINUX
|
||||
@ -28,6 +28,10 @@ diff -up shadow-4.1.4.2/libmisc/copydir.c.acl shadow-4.1.4.2/libmisc/copydir.c
|
||||
+void error (struct error_context *ctx, const char *fmt, ...)
|
||||
+{
|
||||
+ va_list ap;
|
||||
+
|
||||
+ /* ignore the case when destination does not support ACLs */
|
||||
+ if(errno==EOPNOTSUPP)
|
||||
+ return;
|
||||
+
|
||||
+ va_start (ap, fmt);
|
||||
+ (void) fprintf (stderr, _("%s: "), Prog);
|
||||
@ -45,7 +49,7 @@ diff -up shadow-4.1.4.2/libmisc/copydir.c.acl shadow-4.1.4.2/libmisc/copydir.c
|
||||
/*
|
||||
* selinux_file_context - Set the security context before any file or
|
||||
* directory creation.
|
||||
@@ -369,7 +390,7 @@ static int copy_entry (const char *src,
|
||||
@@ -369,7 +394,7 @@ static int copy_entry (const char *src,
|
||||
*/
|
||||
|
||||
else if (!S_ISREG (sb.st_mode)) {
|
||||
@ -54,15 +58,30 @@ diff -up shadow-4.1.4.2/libmisc/copydir.c.acl shadow-4.1.4.2/libmisc/copydir.c
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -413,6 +434,7 @@ static int copy_dir (const char *src, co
|
||||
@@ -413,8 +438,20 @@ static int copy_dir (const char *src, co
|
||||
|| (chown (dst,
|
||||
(uid == - 1) ? statp->st_uid : (uid_t) uid,
|
||||
(gid == - 1) ? statp->st_gid : (gid_t) gid) != 0)
|
||||
+ || (perm_copy_file (src, dst, &ctx) != 0)
|
||||
|| (chmod (dst, statp->st_mode) != 0)
|
||||
|| (copy_tree (src, dst, uid, gid) != 0)
|
||||
- || (chmod (dst, statp->st_mode) != 0)
|
||||
- || (copy_tree (src, dst, uid, gid) != 0)
|
||||
+ || (chmod (dst, statp->st_mode) != 0)) {
|
||||
+ err = -1;
|
||||
+ return err;
|
||||
+ }
|
||||
+
|
||||
+ /* ignore the case when destination does not support ACLs */
|
||||
+ if (perm_copy_file (src, dst, &ctx) != 0) {
|
||||
+ if (errno!=EOPNOTSUPP) {
|
||||
+ err = -1;
|
||||
+ return err;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if ((copy_tree (src, dst, uid, gid) != 0)
|
||||
|| (utimes (dst, mt) != 0)) {
|
||||
@@ -514,6 +536,13 @@ static int copy_symlink (const char *src
|
||||
err = -1;
|
||||
}
|
||||
@@ -514,6 +551,13 @@ static int copy_symlink (const char *src
|
||||
|| (lchown (dst,
|
||||
(uid == -1) ? statp->st_uid : (uid_t) uid,
|
||||
(gid == -1) ? statp->st_gid : (gid_t) gid) != 0)) {
|
||||
@ -76,7 +95,7 @@ diff -up shadow-4.1.4.2/libmisc/copydir.c.acl shadow-4.1.4.2/libmisc/copydir.c
|
||||
free (oldlink);
|
||||
return -1;
|
||||
}
|
||||
@@ -542,7 +571,7 @@ static int copy_symlink (const char *src
|
||||
@@ -542,7 +586,7 @@ static int copy_symlink (const char *src
|
||||
static int copy_hardlink (const char *src, const char *dst,
|
||||
struct link_name *lp)
|
||||
{
|
||||
@ -85,7 +104,7 @@ diff -up shadow-4.1.4.2/libmisc/copydir.c.acl shadow-4.1.4.2/libmisc/copydir.c
|
||||
|
||||
if (link (lp->ln_name, dst) != 0) {
|
||||
return -1;
|
||||
@@ -574,7 +603,7 @@ static int copy_hardlink (const char *sr
|
||||
@@ -574,7 +618,7 @@ static int copy_hardlink (const char *sr
|
||||
*
|
||||
* Return 0 on success, -1 on error.
|
||||
*/
|
||||
@ -94,18 +113,29 @@ diff -up shadow-4.1.4.2/libmisc/copydir.c.acl shadow-4.1.4.2/libmisc/copydir.c
|
||||
const struct stat *statp, const struct timeval mt[],
|
||||
long int uid, long int gid)
|
||||
{
|
||||
@@ -628,7 +657,7 @@ static int copy_file (const char *src, c
|
||||
@@ -628,11 +672,18 @@ static int copy_file (const char *src, c
|
||||
|| (fchown (ofd,
|
||||
(uid == -1) ? statp->st_uid : (uid_t) uid,
|
||||
(gid == -1) ? statp->st_gid : (gid_t) gid) != 0)
|
||||
- || (fchmod (ofd, statp->st_mode & 07777) != 0)) {
|
||||
+ || (perm_copy_fd (src, ifd, dst, ofd, &ctx) != 0) ) {
|
||||
+ || (fchmod (ofd, statp->st_mode & 07777) != 0)) {
|
||||
(void) close (ifd);
|
||||
return -1;
|
||||
}
|
||||
|
||||
+ if (perm_copy_fd (src, ifd, dst, ofd, &ctx) != 0) {
|
||||
+ if (errno!=EOPNOTSUPP) {
|
||||
+ (void) close (ifd);
|
||||
+ return -1;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
while ((cnt = read (ifd, buf, sizeof buf)) > 0) {
|
||||
if (write (ofd, buf, (size_t)cnt) != cnt) {
|
||||
return -1;
|
||||
diff -up shadow-4.1.4.2/src/Makefile.in.acl shadow-4.1.4.2/src/Makefile.in
|
||||
--- shadow-4.1.4.2/src/Makefile.in.acl 2009-07-24 03:16:00.000000000 +0200
|
||||
+++ shadow-4.1.4.2/src/Makefile.in 2010-04-29 16:08:34.347960372 +0200
|
||||
+++ shadow-4.1.4.2/src/Makefile.in 2011-02-09 17:35:23.470411800 +0100
|
||||
@@ -430,9 +430,9 @@ su_SOURCES = \
|
||||
|
||||
su_LDADD = $(LDADD) $(LIBPAM) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
|
||||
|
@ -98,6 +98,7 @@ rm $RPM_BUILD_ROOT/%{_bindir}/groups
|
||||
rm $RPM_BUILD_ROOT/%{_bindir}/login
|
||||
rm $RPM_BUILD_ROOT/%{_bindir}/passwd
|
||||
rm $RPM_BUILD_ROOT/%{_bindir}/su
|
||||
rm $RPM_BUILD_ROOT/%{_bindir}/faillog
|
||||
rm $RPM_BUILD_ROOT/%{_sysconfdir}/login.access
|
||||
rm $RPM_BUILD_ROOT/%{_sysconfdir}/limits
|
||||
rm $RPM_BUILD_ROOT/%{_sbindir}/logoutd
|
||||
@ -135,6 +136,10 @@ rm $RPM_BUILD_ROOT/%{_mandir}/man8/chgpasswd.*
|
||||
rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/chgpasswd.*
|
||||
rm $RPM_BUILD_ROOT/%{_mandir}/man3/getspnam.*
|
||||
rm $RPM_BUILD_ROOT/%{_mandir}/*/man3/getspnam.*
|
||||
rm $RPM_BUILD_ROOT/%{_mandir}/man5/faillog.*
|
||||
rm $RPM_BUILD_ROOT/%{_mandir}/*/man5/faillog.*
|
||||
rm $RPM_BUILD_ROOT/%{_mandir}/man8/faillog.*
|
||||
rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/faillog.*
|
||||
|
||||
find $RPM_BUILD_ROOT%{_mandir} -depth -type d -empty -delete
|
||||
%find_lang shadow
|
||||
@ -157,7 +162,6 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/default/useradd
|
||||
%{_bindir}/sg
|
||||
%{_bindir}/chage
|
||||
%{_bindir}/faillog
|
||||
%{_bindir}/gpasswd
|
||||
%{_bindir}/lastlog
|
||||
%{_bindir}/newgrp
|
||||
@ -179,7 +183,6 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{_mandir}/man5/shadow.5*
|
||||
%{_mandir}/man5/login.defs.5*
|
||||
%{_mandir}/man5/gshadow.5*
|
||||
%{_mandir}/man5/faillog.5*
|
||||
%{_mandir}/man8/adduser.8*
|
||||
%{_mandir}/man8/group*.8*
|
||||
%{_mandir}/man8/user*.8*
|
||||
@ -189,14 +192,15 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{_mandir}/man8/newusers.8*
|
||||
%{_mandir}/man8/*conv.8*
|
||||
%{_mandir}/man8/lastlog.8*
|
||||
%{_mandir}/man8/faillog.8*
|
||||
%{_mandir}/man8/vipw.8*
|
||||
%{_mandir}/man8/vigr.8*
|
||||
|
||||
%changelog
|
||||
* Wed Feb 09 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-11
|
||||
- useradd man page (-m option)
|
||||
Resolves: #523265
|
||||
- create home directory on fs with noacl
|
||||
- remove faillog app (pam_tally.so is no longer shipped)
|
||||
Resolves: #523265, #622320
|
||||
|
||||
* Tue Feb 01 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-10
|
||||
- do not use gshadow functions from glibc, there is a bug
|
||||
|
Loading…
Reference in New Issue
Block a user