rpms
/
coreutils
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

- 6.7. No longer need sort-compatibility, rename, newhashes, timestyle, 

acl, df-cifs, afs or autoconf patches.
This commit is contained in:
Tim Waugh 2007-01-09 19:29:30 +00:00
parent 2e236a2e3f
commit d66c4db957
10 changed files with 4361 additions and 4839 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.cvsignore
View File

@ -5,3 +5,4 @@ coreutils-5.94.tar.bz2
coreutils-5.95.tar.bz2
coreutils-5.96.tar.bz2
coreutils-5.97.tar.bz2
coreutils-6.7.tar.bz2

140
coreutils-5.2.1-runuser.patch
View File

@ -1,6 +1,27 @@
--- coreutils-5.97/src/su.c.runuser 2006-07-21 14:32:13.000000000 +0100
+++ coreutils-5.97/src/su.c 2006-07-21 15:40:16.000000000 +0100
@@ -132,9 +132,15 @@
--- coreutils-6.7/tests/help-version.runuser 2006-12-07 09:06:04.000000000 +0000
+++ coreutils-6.7/tests/help-version 2007-01-09 17:31:44.000000000 +0000
@@ -168,6 +168,7 @@
seq_args=10
sleep_args=0
su_args=--version
+runuser_args=--version
# I'd rather not run sync, since it spins up disks that I've
# deliberately caused to spin down (but not unmounted).
--- coreutils-6.7/README.runuser 2006-11-24 21:28:27.000000000 +0000
+++ coreutils-6.7/README 2007-01-09 17:32:16.000000000 +0000
@@ -11,7 +11,7 @@
dd df dir dircolors dirname du echo env expand expr factor false fmt fold
ginstall groups head hostid hostname id join kill link ln logname ls
md5sum mkdir mkfifo mknod mv nice nl nohup od paste pathchk pinky pr
- printenv printf ptx pwd readlink rm rmdir seq sha1sum sha224sum sha256sum
+ printenv printf ptx pwd readlink rm rmdir runuser seq sha1sum sha224sum sha256sum
sha384sum sha512sum shred shuf sleep sort split stat stty su sum sync tac
tail tee test touch tr true tsort tty uname unexpand uniq unlink uptime
users vdir wc who whoami yes
--- coreutils-6.7/src/su.c.runuser 2007-01-09 17:27:56.000000000 +0000
+++ coreutils-6.7/src/su.c 2007-01-09 17:30:12.000000000 +0000
@@ -110,9 +110,15 @@
#include "error.h"
/* The official name of this program (e.g., no `g' prefix). */
@ -16,7 +37,7 @@
#if HAVE_PATHS_H
# include <paths.h>
@@ -172,6 +178,10 @@
@@ -150,6 +156,10 @@
#ifndef USE_PAM
char *crypt ();
#endif
@ -24,10 +45,10 @@
+#define CHECKPASSWD 1
+#endif
+
char *getpass ();
char *getusershell ();
void endusershell ();
@@ -180,7 +190,11 @@
void setusershell ();
@@ -157,7 +167,11 @@
extern char **environ;
static void run_shell (char const *, char const *, char **, size_t,
@ -40,7 +61,7 @@
#ifdef USE_PAM
;
#else
@@ -210,6 +224,10 @@
@@ -187,6 +201,10 @@
{"login", no_argument, NULL, 'l'},
{"preserve-environment", no_argument, NULL, 'p'},
{"shell", required_argument, NULL, 's'},
@ -51,7 +72,7 @@
{GETOPT_HELP_OPTION_DECL},
{GETOPT_VERSION_OPTION_DECL},
{NULL, 0, NULL, 0}
@@ -307,10 +325,12 @@
@@ -288,10 +306,12 @@
retval = pam_start(PROGRAM_NAME, pw->pw_name, &conv, &pamh);
PAM_BAIL_P;
@ -64,7 +85,7 @@
caller = getpwuid(getuid());
if(caller != NULL && caller->pw_name != NULL) {
@@ -327,6 +347,11 @@
@@ -308,6 +328,11 @@
retval = pam_set_item(pamh, PAM_TTY, tty_name);
PAM_BAIL_P;
}
@ -76,7 +97,7 @@
retval = pam_authenticate(pamh, 0);
PAM_BAIL_P;
retval = pam_acct_mgmt(pamh, 0);
@@ -336,6 +361,7 @@
@@ -317,6 +342,7 @@
PAM_BAIL_P;
}
PAM_BAIL_P;
@ -84,7 +105,7 @@
/* must be authenticated if this point was reached */
return 1;
#else /* !USE_PAM */
@@ -417,11 +443,22 @@
@@ -398,11 +424,22 @@
/* Become the user and group(s) specified by PW. */
static void
@ -109,7 +130,7 @@
#ifdef USE_PAM
pam_close_session(pamh, 0);
pam_end(pamh, PAM_ABORT);
@@ -468,7 +505,11 @@
@@ -449,7 +486,11 @@
static void
run_shell (char const *shell, char const *command, char **additional_args,
@ -122,7 +143,7 @@
{
size_t n_args = 1 + fast_startup + 2 * !!command + n_additional_args + 1;
char const **args = xnmalloc (n_args, sizeof *args);
@@ -499,7 +540,11 @@
@@ -480,7 +521,11 @@
child = fork();
if (child == 0) { /* child shell */
@ -135,7 +156,7 @@
pam_end(pamh, 0);
if (!same_session)
setsid ();
@@ -676,6 +721,12 @@
@@ -657,6 +702,12 @@
char *shell = NULL;
struct passwd *pw;
struct passwd pw_copy;
@ -148,7 +169,7 @@
initialize_main (&argc, &argv);
program_name = argv[0];
@@ -690,7 +741,11 @@
@@ -671,7 +722,11 @@
simulate_login = false;
change_environment = true;
@ -161,7 +182,7 @@
{
switch (optc)
{
@@ -720,6 +775,28 @@
@@ -701,6 +756,28 @@
shell = optarg;
break;
@ -190,7 +211,7 @@
case_GETOPT_HELP_CHAR;
case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
@@ -758,7 +835,20 @@
@@ -739,7 +816,20 @@
: DEFAULT_SHELL);
endpwent ();
@ -212,7 +233,7 @@
{
#ifdef SYSLOG_FAILURE
log_su (pw, false);
@@ -790,8 +880,16 @@
@@ -771,8 +861,16 @@
modify_environment (pw, shell);
#ifndef USE_PAM
@ -231,8 +252,8 @@
+#endif
+ );
}
--- coreutils-5.97/src/Makefile.am.runuser 2006-07-21 14:32:13.000000000 +0100
+++ coreutils-5.97/src/Makefile.am 2006-07-21 14:32:13.000000000 +0100
--- coreutils-6.7/src/Makefile.am.runuser 2007-01-09 17:27:56.000000000 +0000
+++ coreutils-6.7/src/Makefile.am 2007-01-09 17:27:56.000000000 +0000
@@ -17,7 +17,7 @@
## along with this program; if not, write to the Free Software Foundation,
## Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
@ -242,9 +263,9 @@
bin_SCRIPTS = groups
bin_PROGRAMS = [ chgrp chown chmod cp dd dircolors du \
@@ -94,6 +94,10 @@
su_LDADD = $(LDADD) $(LIB_CRYPT) @LIB_PAM@
@@ -112,6 +112,10 @@
mv_LDADD += $(LIB_ACL)
ginstall_LDADD += $(LIB_ACL)
+runuser_SOURCES = su.c
+runuser_CFLAGS = -DRUNUSER -DAUTHORS="\"David MacKenzie, Dan Walsh\""
@ -253,7 +274,7 @@
$(PROGRAMS): ../lib/libcoreutils.a
SUFFIXES = .sh
@@ -108,7 +112,7 @@
@@ -126,7 +130,7 @@
chmod +x $@-t
mv $@-t $@
@ -262,18 +283,8 @@
installed_su = $(DESTDIR)$(bindir)/`echo su|sed '$(transform)'`
--- coreutils-5.97/tests/help-version.runuser 2006-06-01 08:26:09.000000000 +0100
+++ coreutils-5.97/tests/help-version 2006-07-21 14:32:13.000000000 +0100
@@ -137,6 +137,7 @@
seq_args=10
sleep_args=0
su_args=--version
+runuser_args=--version
test_args=foo
# This is necessary in the unusual event that there is
--- coreutils-5.97/AUTHORS.runuser 2006-07-21 14:32:13.000000000 +0100
+++ coreutils-5.97/AUTHORS 2006-07-21 14:32:13.000000000 +0100
--- coreutils-6.7/AUTHORS.runuser 2006-10-22 17:54:15.000000000 +0100
+++ coreutils-6.7/AUTHORS 2007-01-09 17:27:56.000000000 +0000
@@ -60,6 +60,7 @@
readlink: Dmitry V. Levin
rm: Paul Rubin, David MacKenzie, Richard Stallman, Jim Meyering
@ -282,26 +293,34 @@
seq: Ulrich Drepper
sha1sum: Ulrich Drepper, Scott Miller, David Madore
sha224sum: Ulrich Drepper, Scott Miller, David Madore
--- coreutils-5.97/README.runuser 2006-07-21 14:32:13.000000000 +0100
+++ coreutils-5.97/README 2006-07-21 14:32:13.000000000 +0100
@@ -12,7 +12,7 @@
df dir dircolors dirname du echo env expand expr factor false fmt fold
ginstall groups head hostid hostname id join kill link ln logname ls
md5sum mkdir mkfifo mknod mv nice nl nohup od paste pathchk pinky pr
- printenv printf ptx pwd readlink rm rmdir seq sha1sum sha224sum
+ printenv printf ptx pwd readlink rm rmdir runuser seq sha1sum sha224sum
sha256sum sha384sum sha512sum shred sleep sort
split stat stty su sum sync tac tail tee test touch tr true tsort tty
uname unexpand uniq unlink uptime users vdir wc who whoami yes
--- /dev/null 2006-07-21 09:48:40.571484750 +0100
+++ coreutils-5.97/man/runuser.x 2006-07-21 14:32:13.000000000 +0100
--- coreutils-6.7/man/Makefile.am.runuser 2006-11-16 08:49:56.000000000 +0000
+++ coreutils-6.7/man/Makefile.am 2007-01-09 17:32:38.000000000 +0000
@@ -26,7 +26,7 @@
link.1 ln.1 logname.1 \
ls.1 md5sum.1 mkdir.1 mkfifo.1 mknod.1 mv.1 nl.1 nohup.1 od.1 \
paste.1 pathchk.1 pr.1 printenv.1 printf.1 ptx.1 pwd.1 readlink.1 \
- rm.1 rmdir.1 seq.1 sha1sum.1 sha224sum.1 sha256sum.1 sha384sum.1 sha512sum.1 \
+ rm.1 rmdir.1 runuser.1 seq.1 sha1sum.1 sha224sum.1 sha256sum.1 sha384sum.1 sha512sum.1 \
shred.1 shuf.1 sleep.1 sort.1 split.1 stat.1 \
su.1 sum.1 sync.1 tac.1 tail.1 tee.1 test.1 touch.1 tr.1 true.1 tsort.1 \
tty.1 unexpand.1 uniq.1 unlink.1 vdir.1 wc.1 \
@@ -105,6 +105,7 @@
readlink.1: $(common_dep) $(srcdir)/readlink.x ../src/readlink.c
rm.1: $(common_dep) $(srcdir)/rm.x ../src/rm.c
rmdir.1: $(common_dep) $(srcdir)/rmdir.x ../src/rmdir.c
+runuser.1: $(common_dep) $(srcdir)/runuser.x ../src/su.c
seq.1: $(common_dep) $(srcdir)/seq.x ../src/seq.c
sha1sum.1: $(common_dep) $(srcdir)/sha1sum.x ../src/md5sum.c
sha224sum.1: $(common_dep) $(srcdir)/sha224sum.x ../src/md5sum.c
--- /dev/null 2007-01-09 09:38:07.860075128 +0000
+++ coreutils-6.7/man/runuser.x 2007-01-09 17:27:56.000000000 +0000
@@ -0,0 +1,4 @@
+[NAME]
+runuser \- run a shell with substitute user and group IDs
+[DESCRIPTION]
+.\" Add any additional description here
--- /dev/null 2006-09-11 09:20:12.657562250 +0100
+++ coreutils-5.97/man/runuser.1 2006-09-11 13:34:45.000000000 +0100
--- /dev/null 2007-01-09 09:38:07.860075128 +0000
+++ coreutils-6.7/man/runuser.1 2007-01-09 17:27:56.000000000 +0000
@@ -0,0 +1,68 @@
+.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.33.
+.TH RUNUSER "1" "September 2004" "runuser (coreutils) 5.2.1" "User Commands"
@ -371,22 +390,3 @@
+.B info coreutils su
+.PP
+should give you access to the complete manual.
--- coreutils-5.97/man/Makefile.am.runuser 2006-07-21 14:32:13.000000000 +0100
+++ coreutils-5.97/man/Makefile.am 2006-07-21 14:32:13.000000000 +0100
@@ -7,7 +7,7 @@
link.1 ln.1 logname.1 \
ls.1 md5sum.1 mkdir.1 mkfifo.1 mknod.1 mv.1 nice.1 nl.1 nohup.1 od.1 \
paste.1 pathchk.1 pinky.1 pr.1 printenv.1 printf.1 ptx.1 pwd.1 readlink.1 \
- rm.1 rmdir.1 seq.1 sha1sum.1 sha224sum.1 sha256sum.1 sha384sum.1 sha512sum.1 \
+ rm.1 rmdir.1 runuser.1 seq.1 sha1sum.1 sha224sum.1 sha256sum.1 sha384sum.1 sha512sum.1 \
shred.1 sleep.1 sort.1 split.1 stat.1 stty.1 \
su.1 sum.1 sync.1 tac.1 tail.1 tee.1 test.1 touch.1 tr.1 true.1 tsort.1 \
tty.1 uname.1 unexpand.1 uniq.1 unlink.1 uptime.1 users.1 vdir.1 wc.1 \
@@ -83,6 +83,7 @@
readlink.1: $(common_dep) $(srcdir)/readlink.x ../src/readlink.c
rm.1: $(common_dep) $(srcdir)/rm.x ../src/rm.c
rmdir.1: $(common_dep) $(srcdir)/rmdir.x ../src/rmdir.c
+runuser.1: $(common_dep) $(srcdir)/runuser.x ../src/su.c
seq.1: $(common_dep) $(srcdir)/seq.x ../src/seq.c
sha1sum.1: $(common_dep) $(srcdir)/sha1sum.x ../src/md5sum.c
sha224sum.1: $(common_dep) $(srcdir)/sha224sum.x ../src/md5sum.c

7
coreutils-6.7.tar.bz2.sig Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQBFeKRc/dLerNMzy6ERAiEJAJ435eWCOpfJkoCKoSpnh8Fwwb9XugCgnQ5H
SYg6l7M/jyvUdsFM1yS4RKk=
=GOOc
-----END PGP SIGNATURE-----

36
coreutils-getgrouplist.patch
View File

@ -1,18 +1,8 @@
--- coreutils-5.92/m4/jm-macros.m4.getgrouplist 2005-09-25 06:57:46.000000000 +0100
+++ coreutils-5.92/m4/jm-macros.m4 2005-10-25 14:28:45.000000000 +0100
@@ -105,6 +105,7 @@
fchmod \
fchown \
ftruncate \
+ getgrouplist \
hasmntopt \
isascii \
iswspace \
--- coreutils-5.92/lib/getugroups.c.getgrouplist 2005-09-22 07:47:18.000000000 +0100
+++ coreutils-5.92/lib/getugroups.c 2005-10-25 14:28:02.000000000 +0100
@@ -23,6 +23,9 @@
# include <config.h>
#endif
--- coreutils-6.7/lib/getugroups.c.getgrouplist 2006-09-14 10:53:58.000000000 +0100
+++ coreutils-6.7/lib/getugroups.c 2007-01-09 17:33:09.000000000 +0000
@@ -21,6 +21,9 @@
#include <config.h>
+/* We do not need this code if getgrouplist(3) is available. */
+#ifndef HAVE_GETGROUPLIST
@ -20,13 +10,13 @@
#include <sys/types.h>
#include <stdio.h> /* grp.h on alpha OSF1 V2.0 uses "FILE *". */
#include <grp.h>
@@ -105,3 +108,4 @@
@@ -102,3 +105,4 @@
return count;
}
+#endif /* have getgrouplist */
--- coreutils-5.92/src/id.c.getgrouplist 2005-08-11 22:02:57.000000000 +0100
+++ coreutils-5.92/src/id.c 2005-10-25 14:30:41.000000000 +0100
--- coreutils-6.7/src/id.c.getgrouplist 2006-10-22 17:54:15.000000000 +0100
+++ coreutils-6.7/src/id.c 2007-01-09 17:33:09.000000000 +0000
@@ -253,7 +253,14 @@
if (!username)
max_n_groups = getgroups (0, NULL);
@ -67,3 +57,13 @@
}
if (ng < 0)
--- coreutils-6.7/m4/jm-macros.m4.getgrouplist 2006-12-06 11:04:22.000000000 +0000
+++ coreutils-6.7/m4/jm-macros.m4 2007-01-09 17:33:47.000000000 +0000
@@ -64,6 +64,7 @@
fchown \
fchmod \
ftruncate \
+ getgrouplist \
iswspace \
mkfifo \
mbrlen \

5261
coreutils-i18n.patch
View File

File diff suppressed because it is too large Load Diff

179
coreutils-pam.patch
View File

@ -1,55 +1,16 @@
--- coreutils-5.97/doc/coreutils.texi.pam 2006-02-07 08:31:28.000000000 +0000
+++ coreutils-5.97/doc/coreutils.texi 2006-08-23 10:45:26.000000000 +0100
@@ -12768,8 +12768,11 @@
@findex syslog
@command{su} can optionally be compiled to use @code{syslog} to report
failed, and optionally successful, @command{su} attempts. (If the system
-supports @code{syslog}.) However, GNU @command{su} does not check if the
-user is a member of the @code{wheel} group; see below.
+supports @code{syslog}.)
+
+This version of @command{su} has support for using PAM for
+authentication. You can edit @file{/etc/pam.d/su} to customize its
+behaviour.
--- coreutils-6.7/src/Makefile.am.pam 2006-11-24 21:28:10.000000000 +0000
+++ coreutils-6.7/src/Makefile.am 2007-01-09 17:00:01.000000000 +0000
@@ -103,7 +103,7 @@
# If necessary, add -lm to resolve use of pow in lib/strtod.c.
uptime_LDADD = $(LDADD) $(POW_LIB) $(GETLOADAVG_LIBS)
The program accepts the following options. Also see @ref{Common options}.
-su_LDADD = $(LDADD) $(LIB_CRYPT)
+su_LDADD = $(LDADD) $(LIB_CRYPT) @LIB_PAM@
@@ -12850,33 +12853,6 @@
the exit status of the subshell otherwise
@end display
-@cindex wheel group, not supported
-@cindex group wheel, not supported
-@cindex fascism
-@subsection Why GNU @command{su} does not support the @samp{wheel} group
-
-(This section is by Richard Stallman.)
-
-@cindex Twenex
-@cindex MIT AI lab
-Sometimes a few of the users try to hold total power over all the
-rest. For example, in 1984, a few users at the MIT AI lab decided to
-seize power by changing the operator password on the Twenex system and
-keeping it secret from everyone else. (I was able to thwart this coup
-and give power back to the users by patching the kernel, but I
-wouldn't know how to do that in Unix.)
-
-However, occasionally the rulers do tell someone. Under the usual
-@command{su} mechanism, once someone learns the root password who
-sympathizes with the ordinary users, he or she can tell the rest. The
-``wheel group'' feature would make this impossible, and thus cement the
-power of the rulers.
-
-I'm on the side of the masses, not that of the rulers. If you are
-used to supporting the bosses and sysadmins in whatever they do, you
-might find this idea strange at first.
-
-
@node Process control
@chapter Process control
--- coreutils-5.97/src/su.c 2006-08-23 10:45:33.000000000 +0100
+++ coreutils-5.97/src/su.c 2006-08-24 17:04:48.000000000 +0100
dir_LDADD += $(LIB_ACL)
ls_LDADD += $(LIB_ACL)
--- coreutils-6.7/src/su.c.pam 2007-01-09 17:00:01.000000000 +0000
+++ coreutils-6.7/src/su.c 2007-01-09 17:16:43.000000000 +0000
@@ -38,6 +38,16 @@
restricts who can su to UID 0 accounts. RMS considers that to
be fascist.
@ -64,10 +25,10 @@
+
+#endif
+
Options:
-, -l, --login Make the subshell a login shell.
Unset all environment variables except
@@ -81,6 +91,15 @@
Compile-time options:
-DSYSLOG_SUCCESS Log successful su's (by default, to root) with syslog.
-DSYSLOG_FAILURE Log failed su's (by default, to root) with syslog.
@@ -59,6 +69,15 @@
prototype (returning `int') in <unistd.h>. */
#define getusershell _getusershell_sys_proto_
@ -81,19 +42,18 @@
+#endif /* USE_PAM */
+
#include "system.h"
#include "dirname.h"
#include "getpass.h"
@@ -150,7 +169,9 @@
@@ -128,15 +147,22 @@
/* The user to become if none is specified. */
#define DEFAULT_USER "root"
+#ifndef USE_PAM
char *crypt ();
+#endif
char *getpass ();
char *getusershell ();
void endusershell ();
@@ -158,8 +179,13 @@
void setusershell ();
extern char **environ;
@ -108,7 +68,7 @@
/* The name this program was run with. */
char *program_name;
@@ -248,7 +274,26 @@
@@ -225,7 +251,26 @@
}
#endif
@ -135,7 +95,7 @@
Return true if the user gives the correct password for entry PW,
false if not. Return true without asking for a password if run by UID 0
or if PW has an empty password. */
@@ -256,6 +301,44 @@
@@ -233,6 +278,44 @@
static bool
correct_password (const struct passwd *pw)
{
@ -180,7 +140,7 @@
char *unencrypted, *encrypted, *correct;
#if HAVE_GETSPNAM && HAVE_STRUCT_SPWD_SP_PWDP
/* Shadow passwd stuff for SVR3 and maybe other systems. */
@@ -280,6 +363,7 @@
@@ -257,6 +340,7 @@
encrypted = crypt (unencrypted, correct);
memset (unencrypted, 0, strlen (unencrypted));
return STREQ (encrypted, correct);
@ -188,7 +148,7 @@
}
/* Update `environ' for the new shell based on PW, with SHELL being
@@ -293,12 +377,18 @@
@@ -270,12 +354,18 @@
/* Leave TERM unchanged. Set HOME, SHELL, USER, LOGNAME, PATH.
Unset all other environment variables. */
char const *term = getenv ("TERM");
@ -207,7 +167,7 @@
xsetenv ("HOME", pw->pw_dir);
xsetenv ("SHELL", shell);
xsetenv ("USER", pw->pw_name);
@@ -331,8 +421,13 @@
@@ -308,8 +398,13 @@
{
#ifdef HAVE_INITGROUPS
errno = 0;
@ -222,7 +182,7 @@
endgrent ();
#endif
if (setgid (pw->pw_gid))
@@ -341,6 +436,31 @@
@@ -318,6 +413,31 @@
error (EXIT_FAIL, errno, _("cannot set user id"));
}
@ -254,7 +214,7 @@
/* Run SHELL, or DEFAULT_SHELL if SHELL is empty.
If COMMAND is nonzero, pass it to the shell with the -c option.
Pass ADDITIONAL_ARGS to the shell as more arguments; there
@@ -348,17 +468,49 @@
@@ -325,17 +445,49 @@
static void
run_shell (char const *shell, char const *command, char **additional_args,
@ -302,10 +262,10 @@
+ if(chdir(pw->pw_dir))
+ error(0, errno, _("warning: cannot change directory to %s"), pw->pw_dir);
+
shell_basename = base_name (shell);
shell_basename = last_component (shell);
arg0 = xmalloc (strlen (shell_basename) + 2);
arg0[0] = '-';
@@ -383,6 +535,66 @@
@@ -360,6 +512,66 @@
error (0, errno, "%s", shell);
exit (exit_status);
}
@ -372,7 +332,9 @@
}
/* Return true if SHELL is a restricted shell (one not returned by
@@ -552,7 +764,7 @@
@@ -527,9 +739,9 @@
shell = xstrdup (shell ? shell : pw->pw_shell);
modify_environment (pw, shell);
+#ifndef USE_PAM
change_identity (pw);
@ -383,22 +345,61 @@
- run_shell (shell, command, argv + optind, MAX (0, argc - optind));
+ run_shell (shell, command, argv + optind, MAX (0, argc - optind), pw);
}
--- coreutils-5.97/src/Makefile.am.pam 2006-08-23 10:45:26.000000000 +0100
+++ coreutils-5.97/src/Makefile.am 2006-08-23 10:45:26.000000000 +0100
@@ -92,7 +92,7 @@
--- coreutils-6.7/doc/coreutils.texi.pam 2006-10-27 15:30:48.000000000 +0100
+++ coreutils-6.7/doc/coreutils.texi 2007-01-09 17:00:01.000000000 +0000
@@ -13395,8 +13395,11 @@
@findex syslog
@command{su} can optionally be compiled to use @code{syslog} to report
failed, and optionally successful, @command{su} attempts. (If the system
-supports @code{syslog}.) However, GNU @command{su} does not check if the
-user is a member of the @code{wheel} group; see below.
+supports @code{syslog}.)
+
+This version of @command{su} has support for using PAM for
+authentication. You can edit @file{/etc/pam.d/su} to customize its
+behaviour.
uptime_LDADD = $(LDADD) $(GETLOADAVG_LIBS)
The program accepts the following options. Also see @ref{Common options}.
-su_LDADD = $(LDADD) $(LIB_CRYPT)
+su_LDADD = $(LDADD) $(LIB_CRYPT) @LIB_PAM@
@@ -13477,33 +13480,6 @@
the exit status of the subshell otherwise
@end display
$(PROGRAMS): ../lib/libcoreutils.a
-@cindex wheel group, not supported
-@cindex group wheel, not supported
-@cindex fascism
-@subsection Why GNU @command{su} does not support the @samp{wheel} group
-
-(This section is by Richard Stallman.)
-
-@cindex Twenex
-@cindex MIT AI lab
-Sometimes a few of the users try to hold total power over all the
-rest. For example, in 1984, a few users at the MIT AI lab decided to
-seize power by changing the operator password on the Twenex system and
-keeping it secret from everyone else. (I was able to thwart this coup
-and give power back to the users by patching the kernel, but I
-wouldn't know how to do that in Unix.)
-
-However, occasionally the rulers do tell someone. Under the usual
-@command{su} mechanism, once someone learns the root password who
-sympathizes with the ordinary users, he or she can tell the rest. The
-``wheel group'' feature would make this impossible, and thus cement the
-power of the rulers.
-
-I'm on the side of the masses, not that of the rulers. If you are
-used to supporting the bosses and sysadmins in whatever they do, you
-might find this idea strange at first.
-
-
@node Process control
@chapter Process control
--- coreutils-5.97/configure.ac.pam 2006-08-23 10:45:26.000000000 +0100
+++ coreutils-5.97/configure.ac 2006-08-23 10:45:26.000000000 +0100
@@ -27,6 +27,13 @@
AB_INIT()
AM_INIT_AUTOMAKE([1.8.3 gnits dist-bzip2])
--- coreutils-6.7/configure.ac.pam 2006-12-07 21:30:24.000000000 +0000
+++ coreutils-6.7/configure.ac 2007-01-09 17:18:04.000000000 +0000
@@ -39,6 +39,13 @@
gl_INIT
coreutils_MACROS
+dnl Give the chance to enable PAM
+AC_ARG_ENABLE(pam, dnl
@ -407,18 +408,6 @@
+LIB_PAM="-ldl -lpam -lpam_misc"
+AC_SUBST(LIB_PAM)])
+
gl_DEFAULT_POSIX2_VERSION
gl_USE_SYSTEM_EXTENSIONS
gl_PERL
--- coreutils-5.97/config.hin.pam 2006-08-23 10:45:26.000000000 +0100
+++ coreutils-5.97/config.hin 2006-08-23 10:45:26.000000000 +0100
@@ -1537,6 +1537,9 @@
/* Define if you want access control list support. */
#undef USE_ACL
+/* Define if you want to use PAM */
+#undef USE_PAM
+
/* Version number of package */
#undef VERSION
AC_CHECK_FUNCS(uname,
OPTIONAL_BIN_PROGS="$OPTIONAL_BIN_PROGS uname\$(EXEEXT)"
MAN="$MAN uname.1")

3531
coreutils-selinux.patch
View File

File diff suppressed because it is too large Load Diff

20
coreutils-setsid.patch
View File

@ -1,6 +1,6 @@
--- coreutils-5.97/src/su.c.setsid 2006-07-21 14:09:29.000000000 +0100
+++ coreutils-5.97/src/su.c 2006-07-21 14:20:28.000000000 +0100
@@ -199,9 +199,13 @@
--- coreutils-6.7/src/su.c.setsid 2007-01-09 17:26:26.000000000 +0000
+++ coreutils-6.7/src/su.c 2007-01-09 17:26:57.000000000 +0000
@@ -176,9 +176,13 @@
/* If true, change some environment vars to indicate the user su'd to. */
static bool change_environment;
@ -14,7 +14,7 @@
{"fast", no_argument, NULL, 'f'},
{"login", no_argument, NULL, 'l'},
{"preserve-environment", no_argument, NULL, 'p'},
@@ -497,6 +501,8 @@
@@ -478,6 +482,8 @@
if (child == 0) { /* child shell */
change_identity (pw);
pam_end(pamh, 0);
@ -23,7 +23,7 @@
#endif
if (simulate_login)
@@ -551,13 +557,27 @@
@@ -532,13 +538,27 @@
sigemptyset(&action.sa_mask);
action.sa_flags = 0;
sigemptyset(&ourset);
@ -55,16 +55,16 @@
}
if (!caught) {
do {
@@ -628,6 +648,8 @@
@@ -609,6 +629,8 @@
\n\
-, -l, --login make the shell a login shell\n\
-c, --commmand=COMMAND pass a single COMMAND to the shell with -c\n\
-c, --command=COMMAND pass a single COMMAND to the shell with -c\n\
+ --session-command=COMMAND pass a single COMMAND to the shell with -c\n\
+ and do not create a new session\n\
-f, --fast pass -f to the shell (for csh or tcsh)\n\
-m, --preserve-environment do not reset environment variables\n\
-p same as -m\n\
@@ -650,6 +672,7 @@
@@ -631,6 +653,7 @@
int optc;
const char *new_user = DEFAULT_USER;
char *command = NULL;
@ -72,7 +72,7 @@
char *shell = NULL;
struct passwd *pw;
struct passwd pw_copy;
@@ -675,6 +698,11 @@
@@ -656,6 +679,11 @@
command = optarg;
break;
@ -84,7 +84,7 @@
case 'f':
fast_startup = true;
break;
@@ -744,6 +772,9 @@
@@ -725,6 +753,9 @@
}
#endif

24
coreutils.spec
View File

@ -1,7 +1,7 @@
Summary: The GNU core utilities: a set of tools commonly used in shell scripts
Name: coreutils
Version: 5.97
Release: 16%{?dist}
Version: 6.7
Release: 1%{?dist}
License: GPL
Group: System Environment/Base
Url: http://www.gnu.org/software/coreutils/
@ -20,15 +20,9 @@ Source202: su-l.pamd
Source203: runuser-l.pamd
# From upstream
Patch1: coreutils-sort-compatibility.patch
Patch2: coreutils-rename.patch
Patch10: coreutils-newhashes.patch
# Our patches
Patch100: coreutils-chgrp.patch
Patch107: fileutils-4.1.10-timestyle.patch
Patch182: coreutils-acl.patch
Patch183: coreutils-df-cifs.patch
# sh-utils
Patch703: sh-utils-2.0.11-dateman.patch
@ -47,8 +41,6 @@ Patch900: coreutils-setsid.patch
Patch907: coreutils-5.2.1-runuser.patch
Patch908: coreutils-getgrouplist.patch
Patch912: coreutils-overflow.patch
Patch913: coreutils-afs.patch
Patch914: coreutils-autoconf.patch
Patch915: coreutils-split-pam.patch
#SELINUX Patch
@ -80,15 +72,9 @@ the old GNU fileutils, sh-utils, and textutils packages.
%setup -q
# From upstream
%patch1 -p1 -b .sort-compatibility
%patch2 -p1 -b .rename
%patch10 -p1 -b .newhashes
# Our patches
%patch100 -p1 -b .chgrp
%patch107 -p1 -b .timestyle
%patch182 -p1 -b .acl
%patch183 -p1 -b .df-cifs
# sh-utils
%patch703 -p1 -b .dateman
@ -105,8 +91,6 @@ the old GNU fileutils, sh-utils, and textutils packages.
%patch907 -p1 -b .runuser
%patch908 -p1 -b .getgrouplist
%patch912 -p1 -b .overflow
%patch913 -p1 -b .afs
%patch914 -p1 -b .autoconf
%patch915 -p1 -b .splitl
#SELinux
@ -285,6 +269,10 @@ fi
/sbin/runuser
%changelog
* Tue Jan 9 2007 Tim Waugh <twaugh@redhat.com> 6.7-1
- 6.7. No longer need sort-compatibility, rename, newhashes, timestyle,
acl, df-cifs, afs or autoconf patches.
* Tue Jan 2 2007 Tim Waugh <twaugh@redhat.com>
- Prevent 'su --help' showing runuser-only options such as --group.

1
sources
View File

@ -1 +1,2 @@
1537379b6264a1def443713988a78020 coreutils-5.97.tar.bz2
a16465d0856cd011a1acc1c21040b7f4 coreutils-6.7.tar.bz2