70078f8ff6
- fix selinux issues
76 lines
3.0 KiB
Diff
76 lines
3.0 KiB
Diff
diff -up shadow-4.1.3/libmisc/find_new_gid.c.redhat shadow-4.1.3/libmisc/find_new_gid.c
|
|
--- shadow-4.1.3/libmisc/find_new_gid.c.redhat 2009-04-11 17:55:13.000000000 +0200
|
|
+++ shadow-4.1.3/libmisc/find_new_gid.c 2009-04-14 14:49:34.000000000 +0200
|
|
@@ -56,11 +56,11 @@ int find_new_gid (bool sys_group, gid_t
|
|
assert (gid != NULL);
|
|
|
|
if (!sys_group) {
|
|
- gid_min = getdef_ulong ("GID_MIN", 1000L);
|
|
+ gid_min = getdef_ulong ("GID_MIN", 500L);
|
|
gid_max = getdef_ulong ("GID_MAX", 60000L);
|
|
} else {
|
|
gid_min = getdef_ulong ("SYS_GID_MIN", 1L);
|
|
- gid_max = getdef_ulong ("GID_MIN", 1000L) - 1;
|
|
+ gid_max = getdef_ulong ("GID_MIN", 500L) - 1;
|
|
gid_max = getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max);
|
|
}
|
|
used_gids = alloca (sizeof (char) * gid_max +1);
|
|
diff -up shadow-4.1.3/libmisc/find_new_uid.c.redhat shadow-4.1.3/libmisc/find_new_uid.c
|
|
--- shadow-4.1.3/libmisc/find_new_uid.c.redhat 2009-04-11 17:53:19.000000000 +0200
|
|
+++ shadow-4.1.3/libmisc/find_new_uid.c 2009-04-14 14:49:34.000000000 +0200
|
|
@@ -56,11 +56,11 @@ int find_new_uid (bool sys_user, uid_t *
|
|
assert (uid != NULL);
|
|
|
|
if (!sys_user) {
|
|
- uid_min = getdef_ulong ("UID_MIN", 1000L);
|
|
+ uid_min = getdef_ulong ("UID_MIN", 500L);
|
|
uid_max = getdef_ulong ("UID_MAX", 60000L);
|
|
} else {
|
|
uid_min = getdef_ulong ("SYS_UID_MIN", 1L);
|
|
- uid_max = getdef_ulong ("UID_MIN", 1000L) - 1;
|
|
+ uid_max = getdef_ulong ("UID_MIN", 500L) - 1;
|
|
uid_max = getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max);
|
|
}
|
|
used_uids = alloca (sizeof (char) * uid_max +1);
|
|
diff -up shadow-4.1.3/src/useradd.c.redhat shadow-4.1.3/src/useradd.c
|
|
--- shadow-4.1.3/src/useradd.c.redhat 2009-04-11 20:39:52.000000000 +0200
|
|
+++ shadow-4.1.3/src/useradd.c 2009-04-14 14:58:17.000000000 +0200
|
|
@@ -89,7 +89,7 @@ char *Prog;
|
|
static gid_t def_group = 100;
|
|
static const char *def_gname = "other";
|
|
static const char *def_home = "/home";
|
|
-static const char *def_shell = "";
|
|
+static const char *def_shell = "/sbin/nologin";
|
|
static const char *def_template = SKEL_DIR;
|
|
static const char *def_create_mail_spool = "no";
|
|
|
|
@@ -101,7 +101,7 @@ static char def_file[] = USER_DEFAULTS_F
|
|
#define VALID(s) (strcspn (s, ":\n") == strlen (s))
|
|
|
|
static const char *user_name = "";
|
|
-static const char *user_pass = "!";
|
|
+static const char *user_pass = "!!";
|
|
static uid_t user_id;
|
|
static gid_t user_gid;
|
|
static const char *user_comment = "";
|
|
@@ -978,9 +978,9 @@ static void process_flags (int argc, cha
|
|
};
|
|
while ((c = getopt_long (argc, argv,
|
|
#ifdef WITH_SELINUX
|
|
- "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:UZ:",
|
|
+ "b:c:d:De:f:g:G:k:K:lmMnNop:rs:u:UZ:",
|
|
#else
|
|
- "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:U",
|
|
+ "b:c:d:De:f:g:G:k:K:lmMnNop:rs:u:U",
|
|
#endif
|
|
long_options, NULL)) != -1) {
|
|
switch (c) {
|
|
@@ -1130,6 +1130,7 @@ static void process_flags (int argc, cha
|
|
case 'M':
|
|
Mflg = true;
|
|
break;
|
|
+ case 'n':
|
|
case 'N':
|
|
Nflg = true;
|
|
break;
|