- Rebase to version 4.15.0

- getdef: avoid spurious error messages about unknown configuration options

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This commit is contained in:
Iker Pedrosa 2024-04-03 09:49:58 +02:00
parent 875366386d
commit fd50fe1eda
9 changed files with 455 additions and 407 deletions

2
.gitignore vendored
View File

@ -24,3 +24,5 @@ shadow-4.1.4.2.tar.bz2
/shadow-4.13.tar.xz.asc /shadow-4.13.tar.xz.asc
/shadow-4.14.0.tar.xz /shadow-4.14.0.tar.xz
/shadow-4.14.0.tar.xz.asc /shadow-4.14.0.tar.xz.asc
/shadow-4.15.0.tar.xz
/shadow-4.15.0.tar.xz.asc

View File

@ -1,28 +0,0 @@
From 48aa12af31c0b72872b411857d03a518a4200a3d Mon Sep 17 00:00:00 2001
From: Johannes Segitz <jsegitz@suse.de>
Date: Tue, 26 Sep 2023 15:14:14 +0200
Subject: [PATCH] useradd: Set proper SELinux labels for def_usrtemplate
Fixes: 74c17c716 ("Add support for skeleton files from /usr/etc/skel")
Signed-off-by: Johannes Segitz <jsegitz@suse.com>
---
src/useradd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/useradd.c b/src/useradd.c
index 76a4d649..fe62a051 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -2788,7 +2788,7 @@ int main (int argc, char **argv)
if (home_added) {
copy_tree (def_template, prefix_user_home, false, true,
(uid_t)-1, user_id, (gid_t)-1, user_gid);
- copy_tree (def_usrtemplate, prefix_user_home, false, false,
+ copy_tree (def_usrtemplate, prefix_user_home, false, true,
(uid_t)-1, user_id, (gid_t)-1, user_gid);
} else {
fprintf (stderr,
--
2.41.0

View File

@ -1,7 +1,6 @@
diff --git a/src/chpasswd.c b/src/chpasswd.c diff -up shadow-4.15.0/src/chpasswd.c.account-tools-setuid shadow-4.15.0/src/chpasswd.c
index 3a4bd4fe..246e4176 100644 --- shadow-4.15.0/src/chpasswd.c.account-tools-setuid 2024-03-08 22:27:04.000000000 +0100
--- a/src/chpasswd.c +++ shadow-4.15.0/src/chpasswd.c 2024-03-11 11:21:57.561150382 +0100
+++ b/src/chpasswd.c
@@ -443,9 +443,11 @@ int main (int argc, char **argv) @@ -443,9 +443,11 @@ int main (int argc, char **argv)
char *cp; char *cp;
const char *salt; const char *salt;
@ -14,7 +13,7 @@ index 3a4bd4fe..246e4176 100644
int errors = 0; int errors = 0;
int line = 0; int line = 0;
@@ -470,19 +472,23 @@ int main (int argc, char **argv) @@ -469,19 +471,23 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv); prefix = process_prefix_flag ("-P", argc, argv);
@ -26,7 +25,7 @@ index 3a4bd4fe..246e4176 100644
#endif /* USE_PAM */ #endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */ +#endif /* ACCT_TOOLS_SETUID */
OPENLOG ("chpasswd"); OPENLOG (Prog);
check_perms (); check_perms ();
@ -38,15 +37,15 @@ index 3a4bd4fe..246e4176 100644
{ {
is_shadow_pwd = spw_file_present (); is_shadow_pwd = spw_file_present ();
@@ -544,6 +550,7 @@ int main (int argc, char **argv) @@ -543,6 +549,7 @@ int main (int argc, char **argv)
} }
newpwd = cp; newpwd = cp;
+#ifdef ACCT_TOOLS_SETUID +#ifdef ACCT_TOOLS_SETUID
#ifdef USE_PAM #ifdef USE_PAM
if (use_pam) { if (use_pam) {
if (do_pam_passwd_non_interactive ("chpasswd", name, newpwd) != 0) { if (do_pam_passwd_non_interactive (Prog, name, newpwd) != 0) {
@@ -554,6 +561,7 @@ int main (int argc, char **argv) @@ -553,6 +560,7 @@ int main (int argc, char **argv)
} }
} else } else
#endif /* USE_PAM */ #endif /* USE_PAM */
@ -54,7 +53,7 @@ index 3a4bd4fe..246e4176 100644
{ {
const struct spwd *sp; const struct spwd *sp;
struct spwd newsp; struct spwd newsp;
@@ -673,9 +681,11 @@ int main (int argc, char **argv) @@ -672,9 +680,11 @@ int main (int argc, char **argv)
* password database. * password database.
*/ */
if (0 != errors) { if (0 != errors) {
@ -66,7 +65,7 @@ index 3a4bd4fe..246e4176 100644
{ {
fprintf (stderr, fprintf (stderr,
_("%s: error detected, changes ignored\n"), _("%s: error detected, changes ignored\n"),
@@ -684,9 +694,11 @@ int main (int argc, char **argv) @@ -683,9 +693,11 @@ int main (int argc, char **argv)
fail_exit (1); fail_exit (1);
} }
@ -78,10 +77,9 @@ index 3a4bd4fe..246e4176 100644
{ {
/* Save the changes */ /* Save the changes */
close_files (); close_files ();
diff --git a/src/groupmems.c b/src/groupmems.c diff -up shadow-4.15.0/src/groupmems.c.account-tools-setuid shadow-4.15.0/src/groupmems.c
index 63a1601c..73f7310e 100644 --- shadow-4.15.0/src/groupmems.c.account-tools-setuid 2024-03-08 22:27:04.000000000 +0100
--- a/src/groupmems.c +++ shadow-4.15.0/src/groupmems.c 2024-03-11 11:16:18.365408572 +0100
+++ b/src/groupmems.c
@@ -14,9 +14,11 @@ @@ -14,9 +14,11 @@
#include <grp.h> #include <grp.h>
#include <stdio.h> #include <stdio.h>
@ -94,7 +92,7 @@ index 63a1601c..73f7310e 100644
#include <pwd.h> #include <pwd.h>
#include "alloc.h" #include "alloc.h"
@@ -430,6 +432,7 @@ static void process_flags (int argc, char **argv) @@ -430,6 +432,7 @@ static void process_flags (int argc, cha
static void check_perms (void) static void check_perms (void)
{ {
if (!list) { if (!list) {
@ -112,12 +110,11 @@ index 63a1601c..73f7310e 100644
} }
} }
diff --git a/src/newusers.c b/src/newusers.c diff -up shadow-4.15.0/src/newusers.c.account-tools-setuid shadow-4.15.0/src/newusers.c
index 09e14a48..96b60de2 100644 --- shadow-4.15.0/src/newusers.c.account-tools-setuid 2024-03-08 22:27:04.000000000 +0100
--- a/src/newusers.c +++ shadow-4.15.0/src/newusers.c 2024-03-11 11:20:07.198909046 +0100
+++ b/src/newusers.c
@@ -59,6 +59,7 @@ @@ -59,6 +59,7 @@
const char *Prog; static const char Prog[] = "newusers";
static bool rflg = false; /* create a system account */ static bool rflg = false; /* create a system account */
+#ifndef ACCT_TOOLS_SETUID +#ifndef ACCT_TOOLS_SETUID
@ -172,7 +169,7 @@ index 09e14a48..96b60de2 100644
(void) fputs ("\n", usageout); (void) fputs ("\n", usageout);
exit (status); exit (status);
@@ -405,6 +413,7 @@ static int add_user (const char *name, uid_t uid, gid_t gid) @@ -405,6 +413,7 @@ static int add_user (const char *name, u
return (pw_update (&pwent) == 0) ? -1 : 0; return (pw_update (&pwent) == 0) ? -1 : 0;
} }
@ -180,7 +177,7 @@ index 09e14a48..96b60de2 100644
#ifndef USE_PAM #ifndef USE_PAM
/* /*
* update_passwd - update the password in the passwd entry * update_passwd - update the password in the passwd entry
@@ -457,6 +466,7 @@ static int update_passwd (struct passwd *pwd, const char *password) @@ -457,6 +466,7 @@ static int update_passwd (struct passwd
return 0; return 0;
} }
#endif /* !USE_PAM */ #endif /* !USE_PAM */
@ -188,7 +185,7 @@ index 09e14a48..96b60de2 100644
/* /*
* add_passwd - add or update the encrypted password * add_passwd - add or update the encrypted password
@@ -465,10 +475,13 @@ static int add_passwd (struct passwd *pwd, const char *password) @@ -465,10 +475,13 @@ static int add_passwd (struct passwd *pw
{ {
const struct spwd *sp; const struct spwd *sp;
struct spwd spent; struct spwd spent;
@ -202,7 +199,7 @@ index 09e14a48..96b60de2 100644
#ifndef USE_PAM #ifndef USE_PAM
void *crypt_arg = NULL; void *crypt_arg = NULL;
if (NULL != crypt_method) { if (NULL != crypt_method) {
@@ -505,13 +518,14 @@ static int add_passwd (struct passwd *pwd, const char *password) @@ -505,13 +518,14 @@ static int add_passwd (struct passwd *pw
return update_passwd (pwd, password); return update_passwd (pwd, password);
} }
#endif /* USE_PAM */ #endif /* USE_PAM */
@ -218,7 +215,7 @@ index 09e14a48..96b60de2 100644
if (NULL != sp) { if (NULL != sp) {
spent = *sp; spent = *sp;
if ( (NULL != crypt_method) if ( (NULL != crypt_method)
@@ -547,7 +561,7 @@ static int add_passwd (struct passwd *pwd, const char *password) @@ -547,7 +561,7 @@ static int add_passwd (struct passwd *pw
if (strcmp (pwd->pw_passwd, "x") != 0) { if (strcmp (pwd->pw_passwd, "x") != 0) {
return update_passwd (pwd, password); return update_passwd (pwd, password);
} }
@ -227,7 +224,7 @@ index 09e14a48..96b60de2 100644
/* /*
* If there is already a shadow entry, do not touch it. * If there is already a shadow entry, do not touch it.
* If there is already a passwd entry with a password, do not * If there is already a passwd entry with a password, do not
@@ -558,14 +572,14 @@ static int add_passwd (struct passwd *pwd, const char *password) @@ -558,14 +572,14 @@ static int add_passwd (struct passwd *pw
|| (strcmp (pwd->pw_passwd, "x") != 0)) { || (strcmp (pwd->pw_passwd, "x") != 0)) {
return 0; return 0;
} }
@ -244,7 +241,7 @@ index 09e14a48..96b60de2 100644
if ((crypt_method != NULL) && (0 == strcmp(crypt_method, "NONE"))) { if ((crypt_method != NULL) && (0 == strcmp(crypt_method, "NONE"))) {
spent.sp_pwdp = (char *)password; spent.sp_pwdp = (char *)password;
} else { } else {
@@ -610,35 +624,41 @@ static int add_passwd (struct passwd *pwd, const char *password) @@ -610,35 +624,41 @@ static int add_passwd (struct passwd *pw
static void process_flags (int argc, char **argv) static void process_flags (int argc, char **argv)
{ {
int c; int c;
@ -288,7 +285,7 @@ index 09e14a48..96b60de2 100644
"bhr", "bhr",
#endif #endif
long_options, NULL)) != -1) { long_options, NULL)) != -1) {
@@ -646,11 +666,13 @@ static void process_flags (int argc, char **argv) @@ -646,11 +666,13 @@ static void process_flags (int argc, cha
case 'b': case 'b':
allow_bad_names = true; allow_bad_names = true;
break; break;
@ -302,7 +299,7 @@ index 09e14a48..96b60de2 100644
case 'h': case 'h':
usage (EXIT_SUCCESS); usage (EXIT_SUCCESS);
break; break;
@@ -659,6 +681,7 @@ static void process_flags (int argc, char **argv) @@ -659,6 +681,7 @@ static void process_flags (int argc, cha
break; break;
case 'R': /* no-op, handled in process_root_flag () */ case 'R': /* no-op, handled in process_root_flag () */
break; break;
@ -310,7 +307,7 @@ index 09e14a48..96b60de2 100644
#ifndef USE_PAM #ifndef USE_PAM
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
case 's': case 's':
@@ -698,6 +721,7 @@ static void process_flags (int argc, char **argv) @@ -698,6 +721,7 @@ static void process_flags (int argc, cha
break; break;
#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */ #endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
#endif /* !USE_PAM */ #endif /* !USE_PAM */
@ -318,7 +315,7 @@ index 09e14a48..96b60de2 100644
default: default:
usage (EXIT_FAILURE); usage (EXIT_FAILURE);
break; break;
@@ -730,6 +754,7 @@ static void process_flags (int argc, char **argv) @@ -730,6 +754,7 @@ static void process_flags (int argc, cha
*/ */
static void check_flags (void) static void check_flags (void)
{ {
@ -347,9 +344,9 @@ index 09e14a48..96b60de2 100644
#endif /* USE_PAM */ #endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */ +#endif /* ACCT_TOOLS_SETUID */
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
@@ -1196,6 +1224,7 @@ int main (int argc, char **argv) log_set_logfd(stderr);
@@ -1195,6 +1223,7 @@ int main (int argc, char **argv)
} }
newpw = *pw; newpw = *pw;
@ -357,7 +354,7 @@ index 09e14a48..96b60de2 100644
#ifdef USE_PAM #ifdef USE_PAM
/* keep the list of user/password for later update by PAM */ /* keep the list of user/password for later update by PAM */
nusers++; nusers++;
@@ -1212,6 +1241,7 @@ int main (int argc, char **argv) @@ -1211,6 +1240,7 @@ int main (int argc, char **argv)
usernames[nusers-1] = strdup (fields[0]); usernames[nusers-1] = strdup (fields[0]);
passwords[nusers-1] = strdup (fields[1]); passwords[nusers-1] = strdup (fields[1]);
#endif /* USE_PAM */ #endif /* USE_PAM */
@ -365,7 +362,7 @@ index 09e14a48..96b60de2 100644
if (add_passwd (&newpw, fields[1]) != 0) { if (add_passwd (&newpw, fields[1]) != 0) {
fprintf (stderr, fprintf (stderr,
_("%s: line %d: can't update password\n"), _("%s: line %d: can't update password\n"),
@@ -1328,6 +1358,7 @@ int main (int argc, char **argv) @@ -1327,6 +1357,7 @@ int main (int argc, char **argv)
nscd_flush_cache ("group"); nscd_flush_cache ("group");
sssd_flush_cache (SSSD_DB_PASSWD | SSSD_DB_GROUP); sssd_flush_cache (SSSD_DB_PASSWD | SSSD_DB_GROUP);
@ -373,7 +370,7 @@ index 09e14a48..96b60de2 100644
#ifdef USE_PAM #ifdef USE_PAM
unsigned int i; unsigned int i;
/* Now update the passwords using PAM */ /* Now update the passwords using PAM */
@@ -1340,6 +1371,7 @@ int main (int argc, char **argv) @@ -1339,6 +1370,7 @@ int main (int argc, char **argv)
} }
} }
#endif /* USE_PAM */ #endif /* USE_PAM */

View File

@ -1,7 +1,7 @@
Index: shadow-4.5/libmisc/getdate.y Index: shadow-4.5/lib/getdate.y
=================================================================== ===================================================================
--- shadow-4.5.orig/libmisc/getdate.y --- shadow-4.5.orig/lib/getdate.y
+++ shadow-4.5/libmisc/getdate.y +++ shadow-4.5/lib/getdate.y
@@ -152,6 +152,7 @@ static int yyHaveDay; @@ -152,6 +152,7 @@ static int yyHaveDay;
static int yyHaveRel; static int yyHaveRel;
static int yyHaveTime; static int yyHaveTime;

View File

@ -0,0 +1,137 @@
From ead55e9ba8958504e23e29545f90c4dd925c7462 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge@hallyn.com>
Date: Wed, 20 Mar 2024 17:39:46 -0500
Subject: [PATCH] getdef: avoid spurious error messages about unknown
configuration options
def_find can return NULL for unset, not just unknown, config options. So
move the decision of whether to log an error message about an unknown config
option back into def_find, which knows the difference. Only putdef_str()
will pass a char* srcfile to def_find, so only calls from putdef_str will
cause the message, which was the original intent of fa68441bc4be8.
closes #967
fixes: fa68441bc4be8 ("Improve the login.defs unknown item error message")
Signed-off-by: Serge Hallyn <serge@hallyn.com>
---
lib/getdef.c | 30 ++++++++++++++++--------------
1 file changed, 16 insertions(+), 14 deletions(-)
diff --git a/lib/getdef.c b/lib/getdef.c
index 4d4d4e19..ef2ae1f0 100644
--- a/lib/getdef.c
+++ b/lib/getdef.c
@@ -176,7 +176,7 @@ static const char* def_fname = LOGINDEFS; /* login config defs file */
static bool def_loaded = false; /* are defs already loaded? */
/* local function prototypes */
-static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *);
+static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *, const char *);
static void def_load (void);
@@ -195,7 +195,7 @@ static void def_load (void);
def_load ();
}
- d = def_find (item);
+ d = def_find (item, NULL);
return (NULL == d) ? NULL : d->value;
}
@@ -214,7 +214,7 @@ bool getdef_bool (const char *item)
def_load ();
}
- d = def_find (item);
+ d = def_find (item, NULL);
if ((NULL == d) || (NULL == d->value)) {
return false;
}
@@ -240,7 +240,7 @@ int getdef_num (const char *item, int dflt)
def_load ();
}
- d = def_find (item);
+ d = def_find (item, NULL);
if ((NULL == d) || (NULL == d->value)) {
return dflt;
}
@@ -275,7 +275,7 @@ unsigned int getdef_unum (const char *item, unsigned int dflt)
def_load ();
}
- d = def_find (item);
+ d = def_find (item, NULL);
if ((NULL == d) || (NULL == d->value)) {
return dflt;
}
@@ -310,7 +310,7 @@ long getdef_long (const char *item, long dflt)
def_load ();
}
- d = def_find (item);
+ d = def_find (item, NULL);
if ((NULL == d) || (NULL == d->value)) {
return dflt;
}
@@ -342,7 +342,7 @@ unsigned long getdef_ulong (const char *item, unsigned long dflt)
def_load ();
}
- d = def_find (item);
+ d = def_find (item, NULL);
if ((NULL == d) || (NULL == d->value)) {
return dflt;
}
@@ -375,12 +375,9 @@ int putdef_str (const char *name, const char *value, const char *srcfile)
* Locate the slot to save the value. If this parameter
* is unknown then "def_find" will print an err message.
*/
- d = def_find (name);
- if (NULL == d) {
- if (NULL != srcfile)
- SYSLOG ((LOG_CRIT, "shadow: unknown configuration item '%s' in '%s'", name, srcfile));
+ d = def_find (name, srcfile);
+ if (NULL == d)
return -1;
- }
/*
* Save off the value.
@@ -404,9 +401,12 @@ int putdef_str (const char *name, const char *value, const char *srcfile)
*
* Search through a table of configurable items to locate the
* specified configuration option.
+ *
+ * If srcfile is not NULL, and the item is not found, then report an error saying
+ * the unknown item was used in this file.
*/
-static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
+static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name, const char *srcfile)
{
struct itemdef *ptr;
@@ -432,6 +432,8 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
fprintf (shadow_logfd,
_("configuration error - unknown item '%s' (notify administrator)\n"),
name);
+ if (srcfile != NULL)
+ SYSLOG ((LOG_CRIT, "shadow: unknown configuration item '%s' in '%s'", name, srcfile));
out:
return NULL;
@@ -610,7 +612,7 @@ int main (int argc, char **argv)
def_load ();
for (i = 0; i < NUMDEFS; ++i) {
- d = def_find (def_table[i].name);
+ d = def_find (def_table[i].name, NULL);
if (NULL == d) {
printf ("error - lookup '%s' failed\n",
def_table[i].name);
--
2.44.0

View File

@ -1,7 +1,7 @@
diff -up shadow-4.8.1/man/groupmems.8.xml.manfix shadow-4.8.1/man/groupmems.8.xml diff -up shadow-4.15.0/man/groupmems.8.xml.manfix shadow-4.15.0/man/groupmems.8.xml
--- shadow-4.8.1/man/groupmems.8.xml.manfix 2020-03-17 15:34:48.750414984 +0100 --- shadow-4.15.0/man/groupmems.8.xml.manfix 2023-05-26 04:56:11.000000000 +0200
+++ shadow-4.8.1/man/groupmems.8.xml 2020-03-17 15:41:13.383588722 +0100 +++ shadow-4.15.0/man/groupmems.8.xml 2024-02-09 10:42:20.337036378 +0100
@@ -179,20 +179,10 @@ @@ -156,20 +156,10 @@
<refsect1 id='setup'> <refsect1 id='setup'>
<title>SETUP</title> <title>SETUP</title>
<para> <para>
@ -25,10 +25,10 @@ diff -up shadow-4.8.1/man/groupmems.8.xml.manfix shadow-4.8.1/man/groupmems.8.xm
</refsect1> </refsect1>
<refsect1 id='configuration'> <refsect1 id='configuration'>
diff -up shadow-4.8.1/man/ja/man5/login.defs.5.manfix shadow-4.8.1/man/ja/man5/login.defs.5 diff -up shadow-4.15.0/man/ja/man5/login.defs.5.manfix shadow-4.15.0/man/ja/man5/login.defs.5
--- shadow-4.8.1/man/ja/man5/login.defs.5.manfix 2019-07-23 17:26:08.000000000 +0200 --- shadow-4.15.0/man/ja/man5/login.defs.5.manfix 2023-03-13 21:58:56.000000000 +0100
+++ shadow-4.8.1/man/ja/man5/login.defs.5 2020-03-17 15:34:48.750414984 +0100 +++ shadow-4.15.0/man/ja/man5/login.defs.5 2024-02-09 10:42:20.337036378 +0100
@@ -147,10 +147,6 @@ 以下の参照表は、 @@ -123,10 +123,6 @@ 以下の参照表は、
shadow パスワード機能のどのプログラムが shadow パスワード機能のどのプログラムが
どのパラメータを使用するかを示したものである。 どのパラメータを使用するかを示したものである。
.na .na
@ -39,10 +39,10 @@ diff -up shadow-4.8.1/man/ja/man5/login.defs.5.manfix shadow-4.8.1/man/ja/man5/l
.IP groupadd 12 .IP groupadd 12
GID_MAX GID_MIN GID_MAX GID_MIN
.IP newusers 12 .IP newusers 12
diff -up shadow-4.8.1/man/login.defs.5.xml.manfix shadow-4.8.1/man/login.defs.5.xml diff -up shadow-4.15.0/man/login.defs.5.xml.manfix shadow-4.15.0/man/login.defs.5.xml
--- shadow-4.8.1/man/login.defs.5.xml.manfix 2020-01-17 16:47:56.000000000 +0100 --- shadow-4.15.0/man/login.defs.5.xml.manfix 2024-01-22 22:36:43.000000000 +0100
+++ shadow-4.8.1/man/login.defs.5.xml 2020-03-17 15:34:48.750414984 +0100 +++ shadow-4.15.0/man/login.defs.5.xml 2024-02-09 10:45:49.014407259 +0100
@@ -164,6 +164,17 @@ @@ -144,6 +144,17 @@
long numeric parameters is machine-dependent. long numeric parameters is machine-dependent.
</para> </para>
@ -60,7 +60,7 @@ diff -up shadow-4.8.1/man/login.defs.5.xml.manfix shadow-4.8.1/man/login.defs.5.
<para>The following configuration items are provided:</para> <para>The following configuration items are provided:</para>
<variablelist remap='IP'> <variablelist remap='IP'>
@@ -256,16 +267,6 @@ @@ -240,16 +251,6 @@
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
@ -77,7 +77,7 @@ diff -up shadow-4.8.1/man/login.defs.5.xml.manfix shadow-4.8.1/man/login.defs.5.
<term>chgpasswd</term> <term>chgpasswd</term>
<listitem> <listitem>
<para> <para>
@@ -286,14 +287,6 @@ @@ -276,14 +277,6 @@
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -92,7 +92,7 @@ diff -up shadow-4.8.1/man/login.defs.5.xml.manfix shadow-4.8.1/man/login.defs.5.
<!-- expiry: no variables (CONSOLE_GROUPS linked, but not used) --> <!-- expiry: no variables (CONSOLE_GROUPS linked, but not used) -->
<!-- faillog: no variables --> <!-- faillog: no variables -->
<varlistentry> <varlistentry>
@@ -359,34 +352,6 @@ @@ -352,34 +345,6 @@
<para>LASTLOG_UID_MAX</para> <para>LASTLOG_UID_MAX</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -127,25 +127,7 @@ diff -up shadow-4.8.1/man/login.defs.5.xml.manfix shadow-4.8.1/man/login.defs.5.
<!-- logoutd: no variables --> <!-- logoutd: no variables -->
<varlistentry> <varlistentry>
<term>newgrp / sg</term> <term>newgrp / sg</term>
@@ -415,17 +380,6 @@ @@ -451,32 +416,6 @@
</listitem>
</varlistentry>
<!-- nologin: no variables -->
- <varlistentry condition="no_pam">
- <term>passwd</term>
- <listitem>
- <para>
- ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB
- PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN
- <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
- SHA_CRYPT_MIN_ROUNDS</phrase>
- </para>
- </listitem>
- </varlistentry>
<varlistentry>
<term>pwck</term>
<listitem>
@@ -452,32 +406,6 @@
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
@ -166,12 +148,12 @@ diff -up shadow-4.8.1/man/login.defs.5.xml.manfix shadow-4.8.1/man/login.defs.5.
- </para> - </para>
- </listitem> - </listitem>
- </varlistentry> - </varlistentry>
- <varlistentry> - <varlistentry condition="no_pam">
- <term>sulogin</term> - <term>sulogin</term>
- <listitem> - <listitem>
- <para> - <para>
- ENV_HZ - ENV_HZ
- <phrase condition="no_pam">ENV_TZ</phrase> - ENV_TZ
- </para> - </para>
- </listitem> - </listitem>
- </varlistentry> - </varlistentry>

View File

@ -1,7 +1,7 @@
Summary: Utilities for managing accounts and shadow password files Summary: Utilities for managing accounts and shadow password files
Name: shadow-utils Name: shadow-utils
Version: 4.14.0 Version: 4.15.0
Release: 6%{?dist} Release: 1%{?dist}
Epoch: 2 Epoch: 2
License: BSD-3-Clause AND GPL-2.0-or-later License: BSD-3-Clause AND GPL-2.0-or-later
URL: https://github.com/shadow-maint/shadow URL: https://github.com/shadow-maint/shadow
@ -19,20 +19,15 @@ Source7: passwd.pamd
### Patches ### ### Patches ###
# Misc manual page changes - non-upstreamable # Misc manual page changes - non-upstreamable
Patch0: shadow-4.14.0-manfix.patch Patch0: shadow-4.15.0-manfix.patch
# Date parsing improvement - could be upstreamed # Date parsing improvement - could be upstreamed
Patch1: shadow-4.2.1-date-parsing.patch Patch1: shadow-4.15.0-date-parsing.patch
# Audit message changes - partially upstreamed # Audit message changes - partially upstreamed
Patch2: shadow-4.14.0-audit-update.patch Patch2: shadow-4.15.0-audit-update.patch
# https://github.com/shadow-maint/shadow/pull/812
Patch3: shadow-4.14.0-useradd-def-usrtemplate-selinux-label.patch
# Probably non-upstreamable # Probably non-upstreamable
Patch4: shadow-4.14.0-account-tools-setuid.patch Patch3: shadow-4.15.0-account-tools-setuid.patch
# https://github.com/shadow-maint/shadow/commit/43b4e5a6c41f5c43cad18810f9229e40e8c4a57e # https://github.com/shadow-maint/shadow/commit/ead55e9ba8958504e23e29545f90c4dd925c7462
# https://github.com/shadow-maint/shadow/commit/45f34ee8c196a98397504cb7ed8576b6f1825cf9 Patch4: shadow-4.15.0-getdef-spurious-error.patch
Patch5: shadow-4.14.0-remove-libcrack.patch
# https://github.com/shadow-maint/shadow/pull/927
Patch6: shadow-4.14.0-passwd-stdin.patch
### Dependencies ### ### Dependencies ###
Requires: audit-libs >= 1.6.5 Requires: audit-libs >= 1.6.5
@ -107,7 +102,7 @@ cp -a %{SOURCE4} %{SOURCE5} .
cp -a %{SOURCE6} man/login.defs.d/HOME_MODE.xml cp -a %{SOURCE6} man/login.defs.d/HOME_MODE.xml
# Force regeneration of getdate.c # Force regeneration of getdate.c
rm libmisc/getdate.c rm lib/getdate.c
%build %build
%ifarch sparc64 %ifarch sparc64
@ -193,9 +188,11 @@ rm $RPM_BUILD_ROOT%{_mandir}/*/man8/faillog.*
# Remove PAM service files we don't use. # Remove PAM service files we don't use.
rm $RPM_BUILD_ROOT%{_pam_confdir}/chfn rm $RPM_BUILD_ROOT%{_pam_confdir}/chfn
rm $RPM_BUILD_ROOT%{_pam_confdir}/chpasswd
rm $RPM_BUILD_ROOT%{_pam_confdir}/chsh rm $RPM_BUILD_ROOT%{_pam_confdir}/chsh
rm $RPM_BUILD_ROOT%{_pam_confdir}/groupmems rm $RPM_BUILD_ROOT%{_pam_confdir}/groupmems
rm $RPM_BUILD_ROOT%{_pam_confdir}/login rm $RPM_BUILD_ROOT%{_pam_confdir}/login
rm $RPM_BUILD_ROOT%{_pam_confdir}/newusers
rm $RPM_BUILD_ROOT%{_pam_confdir}/su rm $RPM_BUILD_ROOT%{_pam_confdir}/su
find $RPM_BUILD_ROOT%{_mandir} -depth -type d -empty -delete find $RPM_BUILD_ROOT%{_mandir} -depth -type d -empty -delete
@ -278,6 +275,10 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.a
%{_libdir}/libsubid.so %{_libdir}/libsubid.so
%changelog %changelog
* Wed Apr 3 2024 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.15.0-1
- Rebase to version 4.15.0
- getdef: avoid spurious error messages about unknown configuration options
* Mon Feb 12 2024 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.14.0-6 * Mon Feb 12 2024 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.14.0-6
- Build linking `libpam` - Build linking `libpam`

View File

@ -1,2 +1,2 @@
SHA512 (shadow-4.14.0.tar.xz) = ff960481d576f9db5a9f10becc4e1a74c03de484ecfdcd7f1ea735fded683d7ba0f9cd895dc6a431b77e5a633752273178b1bcda4cefaa5adbf0f143c9a0c86f SHA512 (shadow-4.15.0.tar.xz) = 88d72fb706f6792b460c14a9b1b42fe0b5962834ec3793f296cbc138807736b5ad73d3f802cda74db740a71545eb1c8ec47447c2250299eb730ed2b2674e2249
SHA512 (shadow-4.14.0.tar.xz.asc) = d011a732d73b4b066ca8d204c0420303f925c87efc7655feb5c5f60b619d67da450e220ee44f6c86929ae79cbd4343136fe9c20d25b39fa0a228a48e57636309 SHA512 (shadow-4.15.0.tar.xz.asc) = 0a39d6a45b7d8df12aade89ed9fc9d481c91297dbd34e85fe831426c1d0051cbcf8478759306b8871cd6b1835604c5836decf398d0165c50ac52fee365561446