diff --git a/shadow-4.9-audit-update.patch b/shadow-4.11.1-audit-update.patch
similarity index 84%
rename from shadow-4.9-audit-update.patch
rename to shadow-4.11.1-audit-update.patch
index 99513ef..65acae0 100644
--- a/shadow-4.9-audit-update.patch
+++ b/shadow-4.11.1-audit-update.patch
@@ -1,16 +1,16 @@
-diff -up shadow-4.8.1/libmisc/audit_help.c.audit-update shadow-4.8.1/libmisc/audit_help.c
---- shadow-4.8.1/libmisc/audit_help.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8.1/libmisc/audit_help.c 2020-03-17 16:53:44.371943299 +0100
-@@ -68,7 +68,7 @@ void audit_help_open (void)
+diff -up shadow-4.11.1/libmisc/audit_help.c.audit-update shadow-4.11.1/libmisc/audit_help.c
+--- shadow-4.11.1/libmisc/audit_help.c.audit-update 2022-01-03 01:46:53.000000000 +0100
++++ shadow-4.11.1/libmisc/audit_help.c 2022-01-03 15:15:38.946046192 +0100
+@@ -46,7 +46,7 @@ void audit_help_open (void)
* This function will log a message to the audit system using a predefined
* message format. Parameter usage is as follows:
*
-- * type - type of message: AUDIT_USER_CHAUTHTOK for changing any account
-+ * type - type of message: AUDIT_USER_MGMT for changing any account
+- * type - type of message: AUDIT_USER_CHAUTHTOK for changing any account
++ * type - type of message: AUDIT_USER_MGMT for changing any account
* attributes.
* pgname - program's name
* op - operation. "adding user", "changing finger info", "deleting group"
-@@ -88,6 +88,39 @@ void audit_logger (int type, unused cons
+@@ -66,6 +66,39 @@ void audit_logger (int type, unused cons
}
}
@@ -50,71 +50,71 @@ diff -up shadow-4.8.1/libmisc/audit_help.c.audit-update shadow-4.8.1/libmisc/aud
void audit_logger_message (const char *message, shadow_audit_result result)
{
if (audit_fd < 0) {
-diff -up shadow-4.8.1/libmisc/cleanup_group.c.audit-update shadow-4.8.1/libmisc/cleanup_group.c
---- shadow-4.8.1/libmisc/cleanup_group.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8.1/libmisc/cleanup_group.c 2020-03-17 16:53:44.371943299 +0100
-@@ -83,7 +83,7 @@ void cleanup_report_mod_group (void *cle
+diff -up shadow-4.11.1/libmisc/cleanup_group.c.audit-update shadow-4.11.1/libmisc/cleanup_group.c
+--- shadow-4.11.1/libmisc/cleanup_group.c.audit-update 2022-01-03 14:57:01.777006776 +0100
++++ shadow-4.11.1/libmisc/cleanup_group.c 2022-01-03 15:22:27.438770608 +0100
+@@ -61,7 +61,7 @@ void cleanup_report_mod_group (void *cle
gr_dbname (),
info->action));
#ifdef WITH_AUDIT
-- audit_logger (AUDIT_USER_ACCT, Prog,
-+ audit_logger (AUDIT_GRP_MGMT, Prog,
+- audit_logger (AUDIT_USER_ACCT, log_get_progname(),
++ audit_logger (AUDIT_GRP_MGMT, log_get_progname(),
info->audit_msg,
info->name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
-@@ -101,7 +101,7 @@ void cleanup_report_mod_gshadow (void *c
+@@ -79,7 +79,7 @@ void cleanup_report_mod_gshadow (void *c
sgr_dbname (),
info->action));
#ifdef WITH_AUDIT
-- audit_logger (AUDIT_USER_ACCT, Prog,
-+ audit_logger (AUDIT_GRP_MGMT, Prog,
+- audit_logger (AUDIT_USER_ACCT, log_get_progname(),
++ audit_logger (AUDIT_GRP_MGMT, log_get_progname(),
info->audit_msg,
info->name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
-@@ -122,7 +122,7 @@ void cleanup_report_add_group_group (voi
+@@ -100,7 +100,7 @@ void cleanup_report_add_group_group (voi
SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, gr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_ADD_GROUP, Prog,
+ audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
- "adding group to /etc/group",
+ "adding-group",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -141,8 +141,8 @@ void cleanup_report_add_group_gshadow (v
+@@ -119,8 +119,8 @@ void cleanup_report_add_group_gshadow (v
SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, sgr_dbname ()));
#ifdef WITH_AUDIT
-- audit_logger (AUDIT_ADD_GROUP, Prog,
+- audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
- "adding group to /etc/gshadow",
-+ audit_logger (AUDIT_GRP_MGMT, Prog,
++ audit_logger (AUDIT_GRP_MGMT, log_get_progname(),
+ "adding-shadow-group",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -164,8 +164,8 @@ void cleanup_report_del_group_group (voi
+@@ -142,8 +142,8 @@ void cleanup_report_del_group_group (voi
"failed to remove group %s from %s",
name, gr_dbname ()));
#ifdef WITH_AUDIT
-- audit_logger (AUDIT_ADD_GROUP, Prog,
+- audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
- "removing group from /etc/group",
-+ audit_logger (AUDIT_DEL_GROUP, Prog,
++ audit_logger (AUDIT_DEL_GROUP, log_get_progname(),
+ "removing-group",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -187,8 +187,8 @@ void cleanup_report_del_group_gshadow (v
+@@ -165,8 +165,8 @@ void cleanup_report_del_group_gshadow (v
"failed to remove group %s from %s",
name, sgr_dbname ()));
#ifdef WITH_AUDIT
-- audit_logger (AUDIT_ADD_GROUP, Prog,
+- audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
- "removing group from /etc/gshadow",
-+ audit_logger (AUDIT_GRP_MGMT, Prog,
++ audit_logger (AUDIT_GRP_MGMT, log_get_progname(),
+ "removing-shadow-group",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -208,7 +208,7 @@ void cleanup_unlock_group (unused void *
- Prog, gr_dbname ());
+@@ -186,7 +186,7 @@ void cleanup_unlock_group (unused void *
+ log_get_progname(), gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger_message ("unlocking group file",
@@ -122,8 +122,8 @@ diff -up shadow-4.8.1/libmisc/cleanup_group.c.audit-update shadow-4.8.1/libmisc/
SHADOW_AUDIT_FAILURE);
#endif
}
-@@ -228,7 +228,7 @@ void cleanup_unlock_gshadow (unused void
- Prog, sgr_dbname ());
+@@ -206,7 +206,7 @@ void cleanup_unlock_gshadow (unused void
+ log_get_progname(), sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger_message ("unlocking gshadow file",
@@ -131,40 +131,40 @@ diff -up shadow-4.8.1/libmisc/cleanup_group.c.audit-update shadow-4.8.1/libmisc/
SHADOW_AUDIT_FAILURE);
#endif
}
-diff -up shadow-4.8.1/libmisc/cleanup_user.c.audit-update shadow-4.8.1/libmisc/cleanup_user.c
---- shadow-4.8.1/libmisc/cleanup_user.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8.1/libmisc/cleanup_user.c 2020-03-17 16:53:44.371943299 +0100
-@@ -65,7 +65,7 @@ void cleanup_report_mod_passwd (void *cl
+diff -up shadow-4.11.1/libmisc/cleanup_user.c.audit-update shadow-4.11.1/libmisc/cleanup_user.c
+--- shadow-4.11.1/libmisc/cleanup_user.c.audit-update 2022-01-03 14:57:01.777006776 +0100
++++ shadow-4.11.1/libmisc/cleanup_user.c 2022-01-03 15:21:22.593338130 +0100
+@@ -43,7 +43,7 @@ void cleanup_report_mod_passwd (void *cl
pw_dbname (),
info->action));
#ifdef WITH_AUDIT
-- audit_logger (AUDIT_USER_ACCT, Prog,
-+ audit_logger (AUDIT_USER_MGMT, Prog,
+- audit_logger (AUDIT_USER_ACCT, log_get_progname(),
++ audit_logger (AUDIT_USER_MGMT, log_get_progname(),
info->audit_msg,
info->name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
-@@ -86,7 +86,7 @@ void cleanup_report_add_user_passwd (voi
+@@ -64,7 +64,7 @@ void cleanup_report_add_user_passwd (voi
SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, pw_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_ADD_USER, Prog,
+ audit_logger (AUDIT_ADD_USER, log_get_progname(),
- "adding user to /etc/passwd",
+ "adding-user",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -105,8 +105,8 @@ void cleanup_report_add_user_shadow (voi
+@@ -83,8 +83,8 @@ void cleanup_report_add_user_shadow (voi
SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, spw_dbname ()));
#ifdef WITH_AUDIT
-- audit_logger (AUDIT_ADD_USER, Prog,
+- audit_logger (AUDIT_ADD_USER, log_get_progname(),
- "adding user to /etc/shadow",
-+ audit_logger (AUDIT_USER_MGMT, Prog,
++ audit_logger (AUDIT_USER_MGMT, log_get_progname(),
+ "adding-shadow-user",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -125,7 +125,7 @@ void cleanup_unlock_passwd (unused void
- Prog, pw_dbname ());
+@@ -103,7 +103,7 @@ void cleanup_unlock_passwd (unused void
+ log_get_progname(), pw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#ifdef WITH_AUDIT
- audit_logger_message ("unlocking passwd file",
@@ -172,8 +172,8 @@ diff -up shadow-4.8.1/libmisc/cleanup_user.c.audit-update shadow-4.8.1/libmisc/c
SHADOW_AUDIT_FAILURE);
#endif
}
-@@ -144,7 +144,7 @@ void cleanup_unlock_shadow (unused void
- Prog, spw_dbname ());
+@@ -122,7 +122,7 @@ void cleanup_unlock_shadow (unused void
+ log_get_progname(), spw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#ifdef WITH_AUDIT
- audit_logger_message ("unlocking shadow file",
@@ -181,10 +181,10 @@ diff -up shadow-4.8.1/libmisc/cleanup_user.c.audit-update shadow-4.8.1/libmisc/c
SHADOW_AUDIT_FAILURE);
#endif
}
-diff -up shadow-4.8.1/lib/prototypes.h.audit-update shadow-4.8.1/lib/prototypes.h
---- shadow-4.8.1/lib/prototypes.h.audit-update 2020-03-17 16:53:44.364943206 +0100
-+++ shadow-4.8.1/lib/prototypes.h 2020-03-17 16:53:44.371943299 +0100
-@@ -219,12 +219,21 @@ extern int audit_fd;
+diff -up shadow-4.11.1/lib/prototypes.h.audit-update shadow-4.11.1/lib/prototypes.h
+--- shadow-4.11.1/lib/prototypes.h.audit-update 2022-01-03 01:46:53.000000000 +0100
++++ shadow-4.11.1/lib/prototypes.h 2022-01-03 14:57:01.777006776 +0100
+@@ -197,12 +197,21 @@ extern int audit_fd;
extern void audit_help_open (void);
/* Use AUDIT_NO_ID when a name is provided to audit_logger instead of an ID */
#define AUDIT_NO_ID ((unsigned int) -1)
@@ -206,10 +206,10 @@ diff -up shadow-4.8.1/lib/prototypes.h.audit-update shadow-4.8.1/lib/prototypes.
void audit_logger_message (const char *message, shadow_audit_result result);
#endif
-diff -up shadow-4.8.1/src/chage.c.audit-update shadow-4.8.1/src/chage.c
---- shadow-4.8.1/src/chage.c.audit-update 2019-11-12 01:18:25.000000000 +0100
-+++ shadow-4.8.1/src/chage.c 2020-03-17 16:53:44.371943299 +0100
-@@ -123,9 +123,10 @@ static /*@noreturn@*/void fail_exit (int
+diff -up shadow-4.11.1/src/chage.c.audit-update shadow-4.11.1/src/chage.c
+--- shadow-4.11.1/src/chage.c.audit-update 2022-01-03 01:46:53.000000000 +0100
++++ shadow-4.11.1/src/chage.c 2022-01-03 14:57:01.777006776 +0100
+@@ -100,9 +100,10 @@ static /*@noreturn@*/void fail_exit (int
#ifdef WITH_AUDIT
if (E_SUCCESS != code) {
@@ -223,7 +223,7 @@ diff -up shadow-4.8.1/src/chage.c.audit-update shadow-4.8.1/src/chage.c
}
#endif
-@@ -883,11 +884,7 @@ int main (int argc, char **argv)
+@@ -837,11 +838,7 @@ int main (int argc, char **argv)
fprintf (stderr, _("%s: Permission denied.\n"), Prog);
fail_exit (E_NOPERM);
}
@@ -236,7 +236,7 @@ diff -up shadow-4.8.1/src/chage.c.audit-update shadow-4.8.1/src/chage.c
list_fields ();
fail_exit (E_SUCCESS);
}
-@@ -906,41 +903,43 @@ int main (int argc, char **argv)
+@@ -860,41 +857,43 @@ int main (int argc, char **argv)
}
#ifdef WITH_AUDIT
else {
@@ -296,10 +296,10 @@ diff -up shadow-4.8.1/src/chage.c.audit-update shadow-4.8.1/src/chage.c
user_name, (unsigned int) user_uid, 1);
}
#endif
-diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
---- shadow-4.8.1/src/gpasswd.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8.1/src/gpasswd.c 2020-03-17 16:53:44.371943299 +0100
-@@ -138,7 +138,7 @@ static void usage (int status)
+diff -up shadow-4.11.1/src/gpasswd.c.audit-update shadow-4.11.1/src/gpasswd.c
+--- shadow-4.11.1/src/gpasswd.c.audit-update 2022-01-03 01:46:53.000000000 +0100
++++ shadow-4.11.1/src/gpasswd.c 2022-01-03 14:57:01.778006782 +0100
+@@ -116,7 +116,7 @@ static void usage (int status)
(void) fputs (_(" -d, --delete USER remove USER from GROUP\n"), usageout);
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
(void) fputs (_(" -Q, --root CHROOT_DIR directory to chroot into\n"), usageout);
@@ -308,7 +308,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
(void) fputs (_(" -R, --restrict restrict access to GROUP to its members\n"), usageout);
(void) fputs (_(" -M, --members USER,... set the list of members of GROUP\n"), usageout);
#ifdef SHADOWGRP
-@@ -397,21 +397,14 @@ static void open_files (void)
+@@ -375,21 +375,14 @@ static void open_files (void)
static void log_gpasswd_failure (const char *suffix)
{
@@ -333,7 +333,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE);
#endif
} else if (dflg) {
-@@ -419,13 +412,9 @@ static void log_gpasswd_failure (const c
+@@ -397,13 +390,9 @@ static void log_gpasswd_failure (const c
"%s failed to remove user %s from group %s%s",
myname, user, group, suffix));
#ifdef WITH_AUDIT
@@ -350,7 +350,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE);
#endif
} else if (rflg) {
-@@ -433,13 +422,9 @@ static void log_gpasswd_failure (const c
+@@ -411,13 +400,9 @@ static void log_gpasswd_failure (const c
"%s failed to remove password of group %s%s",
myname, group, suffix));
#ifdef WITH_AUDIT
@@ -367,7 +367,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE);
#endif
} else if (Rflg) {
-@@ -447,13 +432,9 @@ static void log_gpasswd_failure (const c
+@@ -425,13 +410,9 @@ static void log_gpasswd_failure (const c
"%s failed to restrict access to group %s%s",
myname, group, suffix));
#ifdef WITH_AUDIT
@@ -384,7 +384,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE);
#endif
} else if (Aflg || Mflg) {
-@@ -463,13 +444,9 @@ static void log_gpasswd_failure (const c
+@@ -441,13 +422,9 @@ static void log_gpasswd_failure (const c
"%s failed to set the administrators of group %s to %s%s",
myname, group, admins, suffix));
#ifdef WITH_AUDIT
@@ -401,7 +401,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE);
#endif
}
-@@ -479,13 +456,9 @@ static void log_gpasswd_failure (const c
+@@ -457,13 +434,9 @@ static void log_gpasswd_failure (const c
"%s failed to set the members of group %s to %s%s",
myname, group, members, suffix));
#ifdef WITH_AUDIT
@@ -418,7 +418,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE);
#endif
}
-@@ -494,13 +467,9 @@ static void log_gpasswd_failure (const c
+@@ -472,13 +445,9 @@ static void log_gpasswd_failure (const c
"%s failed to change password of group %s%s",
myname, group, suffix));
#ifdef WITH_AUDIT
@@ -435,7 +435,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE);
#endif
}
-@@ -531,21 +500,14 @@ static void log_gpasswd_failure_gshadow
+@@ -509,21 +478,14 @@ static void log_gpasswd_failure_gshadow
static void log_gpasswd_success (const char *suffix)
{
@@ -460,7 +460,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS);
#endif
} else if (dflg) {
-@@ -553,13 +515,9 @@ static void log_gpasswd_success (const c
+@@ -531,13 +493,9 @@ static void log_gpasswd_success (const c
"user %s removed by %s from group %s%s",
user, myname, group, suffix));
#ifdef WITH_AUDIT
@@ -477,7 +477,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS);
#endif
} else if (rflg) {
-@@ -567,13 +525,9 @@ static void log_gpasswd_success (const c
+@@ -545,13 +503,9 @@ static void log_gpasswd_success (const c
"password of group %s removed by %s%s",
group, myname, suffix));
#ifdef WITH_AUDIT
@@ -494,7 +494,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS);
#endif
} else if (Rflg) {
-@@ -581,13 +535,9 @@ static void log_gpasswd_success (const c
+@@ -559,13 +513,9 @@ static void log_gpasswd_success (const c
"access to group %s restricted by %s%s",
group, myname, suffix));
#ifdef WITH_AUDIT
@@ -511,7 +511,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS);
#endif
} else if (Aflg || Mflg) {
-@@ -597,13 +547,9 @@ static void log_gpasswd_success (const c
+@@ -575,13 +525,9 @@ static void log_gpasswd_success (const c
"administrators of group %s set by %s to %s%s",
group, myname, admins, suffix));
#ifdef WITH_AUDIT
@@ -528,7 +528,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS);
#endif
}
-@@ -613,13 +559,9 @@ static void log_gpasswd_success (const c
+@@ -591,13 +537,9 @@ static void log_gpasswd_success (const c
"members of group %s set by %s to %s%s",
group, myname, members, suffix));
#ifdef WITH_AUDIT
@@ -545,7 +545,7 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS);
#endif
}
-@@ -628,13 +570,9 @@ static void log_gpasswd_success (const c
+@@ -606,13 +548,9 @@ static void log_gpasswd_success (const c
"password of group %s changed by %s%s",
group, myname, suffix));
#ifdef WITH_AUDIT
@@ -562,10 +562,10 @@ diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS);
#endif
}
-diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
---- shadow-4.8.1/src/groupadd.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8.1/src/groupadd.c 2020-03-17 16:53:44.372943312 +0100
-@@ -131,6 +131,15 @@ static /*@noreturn@*/void usage (int sta
+diff -up shadow-4.11.1/src/groupadd.c.audit-update shadow-4.11.1/src/groupadd.c
+--- shadow-4.11.1/src/groupadd.c.audit-update 2022-01-03 01:46:53.000000000 +0100
++++ shadow-4.11.1/src/groupadd.c 2022-01-03 14:57:01.778006782 +0100
+@@ -111,6 +111,15 @@ static /*@noreturn@*/void usage (int sta
exit (status);
}
@@ -581,7 +581,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
/*
* new_grent - initialize the values in a group file entry
*
-@@ -214,7 +223,7 @@ static void grp_update (void)
+@@ -207,7 +216,7 @@ static void grp_update (void)
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, gr_dbname (), grp.gr_name);
@@ -590,7 +590,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
#ifdef SHADOWGRP
/*
-@@ -224,7 +233,7 @@ static void grp_update (void)
+@@ -217,7 +226,7 @@ static void grp_update (void)
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, sgr_dbname (), sgrp.sg_name);
@@ -599,7 +599,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
#endif /* SHADOWGRP */
}
-@@ -248,7 +257,7 @@ static void check_new_name (void)
+@@ -241,7 +250,7 @@ static void check_new_name (void)
fprintf (stderr, _("%s: '%s' is not a valid group name\n"),
Prog, group_name);
@@ -608,7 +608,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
/*
-@@ -264,11 +273,11 @@ static void close_files (void)
+@@ -257,11 +266,11 @@ static void close_files (void)
fprintf (stderr,
_("%s: failure while writing changes to %s\n"),
Prog, gr_dbname ());
@@ -622,7 +622,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
group_name, (unsigned int) group_id,
SHADOW_AUDIT_SUCCESS);
#endif
-@@ -286,11 +295,11 @@ static void close_files (void)
+@@ -279,11 +288,11 @@ static void close_files (void)
fprintf (stderr,
_("%s: failure while writing changes to %s\n"),
Prog, sgr_dbname ());
@@ -637,7 +637,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
group_name, (unsigned int) group_id,
SHADOW_AUDIT_SUCCESS);
#endif
-@@ -304,12 +313,6 @@ static void close_files (void)
+@@ -297,12 +306,6 @@ static void close_files (void)
#endif /* SHADOWGRP */
/* Report success at the system level */
@@ -650,7 +650,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u",
group_name, (unsigned int) group_id));
del_cleanup (cleanup_report_add_group);
-@@ -327,7 +330,7 @@ static void open_files (void)
+@@ -320,7 +323,7 @@ static void open_files (void)
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
Prog, gr_dbname ());
@@ -659,7 +659,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
add_cleanup (cleanup_unlock_group, NULL);
-@@ -337,7 +340,7 @@ static void open_files (void)
+@@ -330,7 +333,7 @@ static void open_files (void)
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
Prog, sgr_dbname ());
@@ -668,7 +668,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
add_cleanup (cleanup_unlock_gshadow, NULL);
}
-@@ -353,7 +356,7 @@ static void open_files (void)
+@@ -346,7 +349,7 @@ static void open_files (void)
if (gr_open (O_CREAT | O_RDWR) == 0) {
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
@@ -677,7 +677,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
#ifdef SHADOWGRP
-@@ -363,7 +366,7 @@ static void open_files (void)
+@@ -356,7 +359,7 @@ static void open_files (void)
_("%s: cannot open %s\n"),
Prog, sgr_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
@@ -686,7 +686,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
}
#endif /* SHADOWGRP */
-@@ -496,7 +499,7 @@ static void check_flags (void)
+@@ -493,7 +496,7 @@ static void check_flags (void)
fprintf (stderr,
_("%s: group '%s' already exists\n"),
Prog, group_name);
@@ -695,7 +695,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
if (gflg && (prefix_getgrgid (group_id) != NULL)) {
-@@ -515,7 +518,7 @@ static void check_flags (void)
+@@ -512,7 +515,7 @@ static void check_flags (void)
fprintf (stderr,
_("%s: GID '%lu' already exists\n"),
Prog, (unsigned long int) group_id);
@@ -704,7 +704,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
}
}
-@@ -543,7 +546,7 @@ static void check_perms (void)
+@@ -540,7 +543,7 @@ static void check_perms (void)
fprintf (stderr,
_("%s: Cannot determine your user name.\n"),
Prog);
@@ -713,7 +713,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh);
-@@ -563,7 +566,7 @@ static void check_perms (void)
+@@ -560,7 +563,7 @@ static void check_perms (void)
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
@@ -722,7 +722,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
(void) pam_end (pamh, retval);
#endif /* USE_PAM */
-@@ -596,7 +599,7 @@ int main (int argc, char **argv)
+@@ -595,7 +598,7 @@ int main (int argc, char **argv)
fprintf (stderr,
_("%s: Cannot setup cleanup service.\n"),
Prog);
@@ -731,7 +731,7 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
/*
-@@ -618,7 +621,7 @@ int main (int argc, char **argv)
+@@ -617,7 +620,7 @@ int main (int argc, char **argv)
if (!gflg) {
if (find_new_gid (rflg, &group_id, NULL) < 0) {
@@ -740,10 +740,10 @@ diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
}
}
-diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
---- shadow-4.8.1/src/groupdel.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8.1/src/groupdel.c 2020-03-17 16:53:44.372943312 +0100
-@@ -106,6 +106,15 @@ static /*@noreturn@*/void usage (int sta
+diff -up shadow-4.11.1/src/groupdel.c.audit-update shadow-4.11.1/src/groupdel.c
+--- shadow-4.11.1/src/groupdel.c.audit-update 2022-01-03 01:46:53.000000000 +0100
++++ shadow-4.11.1/src/groupdel.c 2022-01-03 14:57:01.778006782 +0100
+@@ -84,6 +84,15 @@ static /*@noreturn@*/void usage (int sta
exit (status);
}
@@ -759,7 +759,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
/*
* grp_update - update group file entries
*
-@@ -132,7 +141,7 @@ static void grp_update (void)
+@@ -110,7 +119,7 @@ static void grp_update (void)
fprintf (stderr,
_("%s: cannot remove entry '%s' from %s\n"),
Prog, group_name, gr_dbname ());
@@ -768,7 +768,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
}
#ifdef SHADOWGRP
-@@ -144,7 +153,7 @@ static void grp_update (void)
+@@ -122,7 +131,7 @@ static void grp_update (void)
fprintf (stderr,
_("%s: cannot remove entry '%s' from %s\n"),
Prog, group_name, sgr_dbname ());
@@ -777,7 +777,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
}
}
#endif /* SHADOWGRP */
-@@ -163,12 +172,12 @@ static void close_files (void)
+@@ -141,12 +150,12 @@ static void close_files (void)
fprintf (stderr,
_("%s: failure while writing changes to %s\n"),
Prog, gr_dbname ());
@@ -792,7 +792,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
group_name, (unsigned int) group_id,
SHADOW_AUDIT_SUCCESS);
#endif
-@@ -188,12 +197,12 @@ static void close_files (void)
+@@ -166,12 +175,12 @@ static void close_files (void)
fprintf (stderr,
_("%s: failure while writing changes to %s\n"),
Prog, sgr_dbname ());
@@ -808,7 +808,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
group_name, (unsigned int) group_id,
SHADOW_AUDIT_SUCCESS);
#endif
-@@ -207,13 +216,6 @@ static void close_files (void)
+@@ -185,13 +194,6 @@ static void close_files (void)
}
#endif /* SHADOWGRP */
@@ -822,7 +822,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
SYSLOG ((LOG_INFO, "group '%s' removed\n", group_name));
del_cleanup (cleanup_report_del_group);
}
-@@ -230,7 +232,7 @@ static void open_files (void)
+@@ -208,7 +210,7 @@ static void open_files (void)
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
Prog, gr_dbname ());
@@ -831,7 +831,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
}
add_cleanup (cleanup_unlock_group, NULL);
#ifdef SHADOWGRP
-@@ -239,7 +241,7 @@ static void open_files (void)
+@@ -217,7 +219,7 @@ static void open_files (void)
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
Prog, sgr_dbname ());
@@ -840,7 +840,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
}
add_cleanup (cleanup_unlock_gshadow, NULL);
}
-@@ -257,7 +259,7 @@ static void open_files (void)
+@@ -235,7 +237,7 @@ static void open_files (void)
_("%s: cannot open %s\n"),
Prog, gr_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
@@ -849,7 +849,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
}
#ifdef SHADOWGRP
if (is_shadow_grp) {
-@@ -266,7 +268,7 @@ static void open_files (void)
+@@ -244,7 +246,7 @@ static void open_files (void)
_("%s: cannot open %s\n"),
Prog, sgr_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
@@ -858,7 +858,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
}
}
#endif /* SHADOWGRP */
-@@ -307,7 +309,7 @@ static void group_busy (gid_t gid)
+@@ -285,7 +287,7 @@ static void group_busy (gid_t gid)
fprintf (stderr,
_("%s: cannot remove the primary group of user '%s'\n"),
Prog, pwd->pw_name);
@@ -867,7 +867,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
}
/*
-@@ -392,7 +394,7 @@ int main (int argc, char **argv)
+@@ -373,7 +375,7 @@ int main (int argc, char **argv)
fprintf (stderr,
_("%s: Cannot setup cleanup service.\n"),
Prog);
@@ -876,7 +876,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
}
process_flags (argc, argv);
-@@ -406,7 +408,7 @@ int main (int argc, char **argv)
+@@ -387,7 +389,7 @@ int main (int argc, char **argv)
fprintf (stderr,
_("%s: Cannot determine your user name.\n"),
Prog);
@@ -885,7 +885,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
}
retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh);
-@@ -427,7 +429,7 @@ int main (int argc, char **argv)
+@@ -408,7 +410,7 @@ int main (int argc, char **argv)
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
@@ -894,7 +894,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
}
(void) pam_end (pamh, retval);
#endif /* USE_PAM */
-@@ -447,7 +449,7 @@ int main (int argc, char **argv)
+@@ -428,7 +430,7 @@ int main (int argc, char **argv)
fprintf (stderr,
_("%s: group '%s' does not exist\n"),
Prog, group_name);
@@ -903,7 +903,7 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
}
group_id = grp->gr_gid;
-@@ -471,7 +473,7 @@ int main (int argc, char **argv)
+@@ -452,7 +454,7 @@ int main (int argc, char **argv)
_("%s: %s is the NIS master\n"),
Prog, nis_master);
}
@@ -912,10 +912,10 @@ diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
}
#endif
-diff -up shadow-4.8.1/src/groupmod.c.audit-update shadow-4.8.1/src/groupmod.c
---- shadow-4.8.1/src/groupmod.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8.1/src/groupmod.c 2020-03-17 16:53:44.372943312 +0100
-@@ -450,7 +450,7 @@ static void close_files (void)
+diff -up shadow-4.11.1/src/groupmod.c.audit-update shadow-4.11.1/src/groupmod.c
+--- shadow-4.11.1/src/groupmod.c.audit-update 2022-01-03 01:46:53.000000000 +0100
++++ shadow-4.11.1/src/groupmod.c 2022-01-03 14:57:01.778006782 +0100
+@@ -468,7 +468,7 @@ static void close_files (void)
exit (E_GRP_UPDATE);
}
#ifdef WITH_AUDIT
@@ -924,7 +924,7 @@ diff -up shadow-4.8.1/src/groupmod.c.audit-update shadow-4.8.1/src/groupmod.c
info_group.audit_msg,
group_name, AUDIT_NO_ID,
SHADOW_AUDIT_SUCCESS);
-@@ -473,7 +473,14 @@ static void close_files (void)
+@@ -491,7 +491,14 @@ static void close_files (void)
exit (E_GRP_UPDATE);
}
#ifdef WITH_AUDIT
@@ -940,7 +940,7 @@ diff -up shadow-4.8.1/src/groupmod.c.audit-update shadow-4.8.1/src/groupmod.c
info_gshadow.audit_msg,
group_name, AUDIT_NO_ID,
SHADOW_AUDIT_SUCCESS);
-@@ -496,7 +503,7 @@ static void close_files (void)
+@@ -514,7 +521,7 @@ static void close_files (void)
exit (E_GRP_UPDATE);
}
#ifdef WITH_AUDIT
@@ -949,7 +949,7 @@ diff -up shadow-4.8.1/src/groupmod.c.audit-update shadow-4.8.1/src/groupmod.c
info_passwd.audit_msg,
group_name, AUDIT_NO_ID,
SHADOW_AUDIT_SUCCESS);
-@@ -511,8 +518,8 @@ static void close_files (void)
+@@ -529,8 +536,8 @@ static void close_files (void)
}
#ifdef WITH_AUDIT
@@ -960,7 +960,7 @@ diff -up shadow-4.8.1/src/groupmod.c.audit-update shadow-4.8.1/src/groupmod.c
group_name, AUDIT_NO_ID,
SHADOW_AUDIT_SUCCESS);
#endif
-@@ -524,6 +531,8 @@ static void close_files (void)
+@@ -542,6 +549,8 @@ static void close_files (void)
*/
static void prepare_failure_reports (void)
{
@@ -969,7 +969,7 @@ diff -up shadow-4.8.1/src/groupmod.c.audit-update shadow-4.8.1/src/groupmod.c
info_group.name = group_name;
#ifdef SHADOWGRP
info_gshadow.name = group_name;
-@@ -536,76 +545,109 @@ static void prepare_failure_reports (voi
+@@ -554,76 +563,109 @@ static void prepare_failure_reports (voi
#endif
info_passwd.audit_msg = xmalloc (512);
@@ -1106,7 +1106,7 @@ diff -up shadow-4.8.1/src/groupmod.c.audit-update shadow-4.8.1/src/groupmod.c
"%lu", (unsigned long int) group_newid);
}
info_group.audit_msg[511] = '\0';
-@@ -613,6 +655,11 @@ static void prepare_failure_reports (voi
+@@ -631,6 +673,11 @@ static void prepare_failure_reports (voi
info_gshadow.audit_msg[511] = '\0';
#endif
info_passwd.audit_msg[511] = '\0';
@@ -1118,10 +1118,10 @@ diff -up shadow-4.8.1/src/groupmod.c.audit-update shadow-4.8.1/src/groupmod.c
// FIXME: add a system cleanup
add_cleanup (cleanup_report_mod_group, &info_group);
-diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
---- shadow-4.8.1/src/newgrp.c.audit-update 2020-01-12 15:19:28.000000000 +0100
-+++ shadow-4.8.1/src/newgrp.c 2020-03-17 16:53:44.372943312 +0100
-@@ -206,11 +206,12 @@ static void check_perms (const struct gr
+diff -up shadow-4.11.1/src/newgrp.c.audit-update shadow-4.11.1/src/newgrp.c
+--- shadow-4.11.1/src/newgrp.c.audit-update 2022-01-03 01:46:53.000000000 +0100
++++ shadow-4.11.1/src/newgrp.c 2022-01-03 15:25:39.407050922 +0100
+@@ -185,11 +185,12 @@ static void check_perms (const struct gr
strcmp (cpasswd, grp->gr_passwd) != 0) {
#ifdef WITH_AUDIT
snprintf (audit_buf, sizeof(audit_buf),
@@ -1136,7 +1136,7 @@ diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
#endif
SYSLOG ((LOG_INFO,
"Invalid password for group '%s' from '%s'",
-@@ -221,11 +222,12 @@ static void check_perms (const struct gr
+@@ -200,11 +201,12 @@ static void check_perms (const struct gr
}
#ifdef WITH_AUDIT
snprintf (audit_buf, sizeof(audit_buf),
@@ -1151,7 +1151,7 @@ diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
#endif
}
-@@ -236,19 +238,6 @@ failure:
+@@ -215,19 +217,6 @@ failure:
* harm. -- JWP
*/
closelog ();
@@ -1171,7 +1171,7 @@ diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
exit (EXIT_FAILURE);
}
-@@ -320,15 +309,27 @@ static void syslog_sg (const char *name,
+@@ -299,15 +288,27 @@ static void syslog_sg (const char *name,
is_newgrp ? "newgrp" : "sg", strerror (errno));
#ifdef WITH_AUDIT
if (group) {
@@ -1203,7 +1203,7 @@ diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
}
#endif
exit (EXIT_FAILURE);
-@@ -458,7 +459,7 @@ int main (int argc, char **argv)
+@@ -438,7 +439,7 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT
audit_logger (AUDIT_CHGRP_ID, Prog,
"changing", NULL,
@@ -1212,7 +1212,7 @@ diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
#endif
SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
(unsigned long) getuid ()));
-@@ -574,15 +575,26 @@ int main (int argc, char **argv)
+@@ -554,15 +555,26 @@ int main (int argc, char **argv)
perror ("getgroups");
#ifdef WITH_AUDIT
if (group) {
@@ -1243,7 +1243,7 @@ diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
}
#endif
exit (EXIT_FAILURE);
-@@ -739,10 +751,10 @@ int main (int argc, char **argv)
+@@ -719,10 +731,10 @@ int main (int argc, char **argv)
perror ("setgid");
#ifdef WITH_AUDIT
snprintf (audit_buf, sizeof(audit_buf),
@@ -1256,7 +1256,7 @@ diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
#endif
exit (EXIT_FAILURE);
}
-@@ -751,10 +763,10 @@ int main (int argc, char **argv)
+@@ -731,10 +743,10 @@ int main (int argc, char **argv)
perror ("setuid");
#ifdef WITH_AUDIT
snprintf (audit_buf, sizeof(audit_buf),
@@ -1269,7 +1269,7 @@ diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
#endif
exit (EXIT_FAILURE);
}
-@@ -768,10 +780,10 @@ int main (int argc, char **argv)
+@@ -748,10 +760,10 @@ int main (int argc, char **argv)
execl (SHELL, "sh", "-c", command, (char *) 0);
#ifdef WITH_AUDIT
snprintf (audit_buf, sizeof(audit_buf),
@@ -1282,7 +1282,7 @@ diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
#endif
perror (SHELL);
exit ((errno == ENOENT) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
-@@ -835,11 +847,11 @@ int main (int argc, char **argv)
+@@ -815,11 +827,11 @@ int main (int argc, char **argv)
}
#ifdef WITH_AUDIT
@@ -1296,7 +1296,7 @@ diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
#endif
/*
* Exec the login shell and go away. We are trying to get back to
-@@ -863,15 +875,24 @@ int main (int argc, char **argv)
+@@ -843,15 +855,24 @@ int main (int argc, char **argv)
closelog ();
#ifdef WITH_AUDIT
if (NULL != group) {
@@ -1313,7 +1313,7 @@ diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new_group=\"%s\"", group);
+ }
- audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_logger (AUDIT_CHGRP_ID, Prog,
audit_buf, NULL,
- (unsigned int) getuid (), 0);
+ (unsigned int) getuid (), SHADOW_AUDIT_FAILURE);
@@ -1325,10 +1325,10 @@ diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
}
#endif
exit (EXIT_FAILURE);
-diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
---- shadow-4.8.1/src/useradd.c.audit-update 2020-03-17 16:53:44.365943219 +0100
-+++ shadow-4.8.1/src/useradd.c 2020-03-17 17:03:11.614503929 +0100
-@@ -233,6 +233,8 @@ static void create_mail (void);
+diff -up shadow-4.11.1/src/useradd.c.audit-update shadow-4.11.1/src/useradd.c
+--- shadow-4.11.1/src/useradd.c.audit-update 2022-01-03 14:57:01.772006744 +0100
++++ shadow-4.11.1/src/useradd.c 2022-01-03 14:57:01.787006838 +0100
+@@ -222,6 +222,8 @@ static void check_uid_range(int rflg, ui
*/
static void fail_exit (int code)
{
@@ -1337,7 +1337,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
if (home_added) {
if (rmdir (prefix_user_home) != 0) {
fprintf (stderr,
-@@ -246,12 +248,6 @@ static void fail_exit (int code)
+@@ -235,12 +237,6 @@ static void fail_exit (int code)
if (spw_unlock () == 0) {
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
@@ -1350,7 +1350,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
/* continue */
}
}
-@@ -259,12 +255,6 @@ static void fail_exit (int code)
+@@ -248,12 +244,6 @@ static void fail_exit (int code)
if (pw_unlock () == 0) {
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
@@ -1363,7 +1363,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
/* continue */
}
}
-@@ -272,12 +262,6 @@ static void fail_exit (int code)
+@@ -261,12 +251,6 @@ static void fail_exit (int code)
if (gr_unlock () == 0) {
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
@@ -1376,7 +1376,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
/* continue */
}
}
-@@ -286,12 +270,6 @@ static void fail_exit (int code)
+@@ -275,12 +259,6 @@ static void fail_exit (int code)
if (sgr_unlock () == 0) {
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
@@ -1389,7 +1389,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
/* continue */
}
}
-@@ -301,12 +279,6 @@ static void fail_exit (int code)
+@@ -290,12 +268,6 @@ static void fail_exit (int code)
if (sub_uid_unlock () == 0) {
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
@@ -1402,7 +1402,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
/* continue */
}
}
-@@ -314,20 +286,19 @@ static void fail_exit (int code)
+@@ -303,20 +275,19 @@ static void fail_exit (int code)
if (sub_gid_unlock () == 0) {
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
@@ -1430,7 +1430,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -692,7 +663,7 @@ static int set_defaults (void)
+@@ -719,7 +690,7 @@ static int set_defaults (void)
}
#ifdef WITH_AUDIT
audit_logger (AUDIT_USYS_CONFIG, Prog,
@@ -1439,7 +1439,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
NULL, AUDIT_NO_ID,
SHADOW_AUDIT_SUCCESS);
#endif
-@@ -974,12 +945,6 @@ static void grp_update (void)
+@@ -1050,12 +1021,6 @@ static void grp_update (void)
_("%s: Out of memory. Cannot update %s.\n"),
Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
@@ -1452,7 +1452,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
fail_exit (E_GRP_UPDATE); /* XXX */
}
-@@ -993,18 +958,12 @@ static void grp_update (void)
+@@ -1069,18 +1034,12 @@ static void grp_update (void)
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, gr_dbname (), ngrp->gr_name);
SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
@@ -1474,7 +1474,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
SHADOW_AUDIT_SUCCESS);
#endif
SYSLOG ((LOG_INFO,
-@@ -1049,12 +1008,6 @@ static void grp_update (void)
+@@ -1125,12 +1084,6 @@ static void grp_update (void)
_("%s: Out of memory. Cannot update %s.\n"),
Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
@@ -1487,7 +1487,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
fail_exit (E_GRP_UPDATE); /* XXX */
}
-@@ -1068,18 +1021,13 @@ static void grp_update (void)
+@@ -1144,18 +1097,13 @@ static void grp_update (void)
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, sgr_dbname (), nsgrp->sg_name);
SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
@@ -1510,7 +1510,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
SHADOW_AUDIT_SUCCESS);
#endif
SYSLOG ((LOG_INFO,
-@@ -1452,7 +1400,7 @@ static void process_flags (int argc, cha
+@@ -1528,7 +1476,7 @@ static void process_flags (int argc, cha
Prog, user_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
@@ -1519,7 +1519,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1567,7 +1515,7 @@ static void close_files (void)
+@@ -1637,7 +1585,7 @@ static void close_files (void)
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
@@ -1528,7 +1528,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1580,7 +1528,7 @@ static void close_files (void)
+@@ -1650,7 +1598,7 @@ static void close_files (void)
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
@@ -1537,7 +1537,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1622,7 +1570,7 @@ static void close_files (void)
+@@ -1667,7 +1615,7 @@ static void close_files (void)
SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
@@ -1546,7 +1546,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1636,7 +1584,7 @@ static void close_files (void)
+@@ -1681,7 +1629,7 @@ static void close_files (void)
SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
@@ -1555,7 +1555,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1828,7 +1776,7 @@ static void grp_add (void)
+@@ -1942,7 +1890,7 @@ static void grp_add (void)
Prog, gr_dbname (), grp.gr_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
@@ -1564,7 +1564,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
grp.gr_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1844,7 +1792,7 @@ static void grp_add (void)
+@@ -1958,7 +1906,7 @@ static void grp_add (void)
Prog, sgr_dbname (), sgrp.sg_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
@@ -1573,7 +1573,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
grp.gr_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1854,7 +1802,7 @@ static void grp_add (void)
+@@ -1968,7 +1916,7 @@ static void grp_add (void)
SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u", user_name, user_gid));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
@@ -1582,7 +1582,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
grp.gr_name, AUDIT_NO_ID,
SHADOW_AUDIT_SUCCESS);
#endif
-@@ -2025,12 +1973,6 @@ static void usr_update (void)
+@@ -2161,12 +2109,6 @@ static void usr_update (unsigned long su
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, spw_dbname (), spent.sp_namp);
@@ -1595,7 +1595,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
fail_exit (E_PW_UPDATE);
}
#ifdef ENABLE_SUBIDS
-@@ -2051,9 +1993,14 @@ static void usr_update (void)
+@@ -2187,9 +2129,14 @@ static void usr_update (unsigned long su
#endif /* ENABLE_SUBIDS */
#ifdef WITH_AUDIT
@@ -1612,7 +1612,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
SHADOW_AUDIT_SUCCESS);
#endif
/*
-@@ -2140,12 +2087,6 @@ static void create_home (void)
+@@ -2279,12 +2226,6 @@ static void create_home (void)
fprintf (stderr,
_("%s: cannot create directory %s\n"),
Prog, path);
@@ -1625,7 +1625,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
fail_exit (E_HOMEDIR);
}
if (chown (path, 0, 0) < 0) {
-@@ -2168,8 +2109,8 @@ static void create_home (void)
+@@ -2311,8 +2252,8 @@ static void create_home (void)
}
home_added = true;
#ifdef WITH_AUDIT
@@ -1636,7 +1636,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_SUCCESS);
#endif
-@@ -2354,12 +2295,6 @@ int main (int argc, char **argv)
+@@ -2552,12 +2493,6 @@ int main (int argc, char **argv)
*/
if (prefix_getpwnam (user_name) != NULL) { /* local, no need for xgetpwnam */
fprintf (stderr, _("%s: user '%s' already exists\n"), Prog, user_name);
@@ -1649,7 +1649,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
fail_exit (E_NAME_IN_USE);
}
-@@ -2375,12 +2310,6 @@ int main (int argc, char **argv)
+@@ -2573,12 +2508,6 @@ int main (int argc, char **argv)
fprintf (stderr,
_("%s: group %s exists - if you want to add this user to that group, use -g.\n"),
Prog, user_name);
@@ -1662,7 +1662,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
fail_exit (E_NAME_IN_USE);
}
}
-@@ -2410,12 +2339,6 @@ int main (int argc, char **argv)
+@@ -2608,12 +2537,6 @@ int main (int argc, char **argv)
fprintf (stderr,
_("%s: UID %lu is not unique\n"),
Prog, (unsigned long) user_id);
@@ -1675,7 +1675,7 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
fail_exit (E_UID_IN_USE);
}
}
-@@ -2489,9 +2412,10 @@ int main (int argc, char **argv)
+@@ -2688,9 +2611,10 @@ int main (int argc, char **argv)
_("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
Prog, user_name, user_selinux);
#ifdef WITH_AUDIT
@@ -1689,10 +1689,10 @@ diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
#endif /* WITH_AUDIT */
fail_exit (E_SE_UPDATE);
}
-diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
---- shadow-4.8.1/src/userdel.c.audit-update 2020-03-17 16:53:44.368943259 +0100
-+++ shadow-4.8.1/src/userdel.c 2020-03-17 16:53:44.373943325 +0100
-@@ -222,9 +222,9 @@ static void update_groups (void)
+diff -up shadow-4.11.1/src/userdel.c.audit-update shadow-4.11.1/src/userdel.c
+--- shadow-4.11.1/src/userdel.c.audit-update 2022-01-03 01:46:53.000000000 +0100
++++ shadow-4.11.1/src/userdel.c 2022-01-03 14:57:01.787006838 +0100
+@@ -202,9 +202,9 @@ static void update_groups (void)
* Update the DBM group file with the new entry as well.
*/
#ifdef WITH_AUDIT
@@ -1705,7 +1705,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
SHADOW_AUDIT_SUCCESS);
#endif /* WITH_AUDIT */
SYSLOG ((LOG_INFO, "delete '%s' from group '%s'\n",
-@@ -284,9 +284,9 @@ static void update_groups (void)
+@@ -264,9 +264,9 @@ static void update_groups (void)
exit (E_GRP_UPDATE);
}
#ifdef WITH_AUDIT
@@ -1718,7 +1718,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
SHADOW_AUDIT_SUCCESS);
#endif /* WITH_AUDIT */
SYSLOG ((LOG_INFO, "delete '%s' from shadow group '%s'\n",
-@@ -363,9 +363,9 @@ static void remove_usergroup (void)
+@@ -343,9 +343,9 @@ static void remove_usergroup (void)
}
#ifdef WITH_AUDIT
@@ -1731,7 +1731,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
SHADOW_AUDIT_SUCCESS);
#endif /* WITH_AUDIT */
SYSLOG ((LOG_INFO,
-@@ -381,9 +381,9 @@ static void remove_usergroup (void)
+@@ -361,9 +361,9 @@ static void remove_usergroup (void)
fail_exit (E_GRP_UPDATE);
}
#ifdef WITH_AUDIT
@@ -1744,7 +1744,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
SHADOW_AUDIT_SUCCESS);
#endif /* WITH_AUDIT */
SYSLOG ((LOG_INFO,
-@@ -545,7 +545,7 @@ static void fail_exit (int code)
+@@ -525,7 +525,7 @@ static void fail_exit (int code)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
@@ -1753,7 +1753,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
-@@ -565,24 +565,12 @@ static void open_files (void)
+@@ -545,24 +545,12 @@ static void open_files (void)
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
Prog, pw_dbname ());
@@ -1778,7 +1778,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
fail_exit (E_PW_UPDATE);
}
if (is_shadow_pwd) {
-@@ -590,12 +578,6 @@ static void open_files (void)
+@@ -570,12 +558,6 @@ static void open_files (void)
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
Prog, spw_dbname ());
@@ -1791,7 +1791,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
fail_exit (E_PW_UPDATE);
}
spw_locked = true;
-@@ -603,12 +585,6 @@ static void open_files (void)
+@@ -583,12 +565,6 @@ static void open_files (void)
fprintf (stderr,
_("%s: cannot open %s\n"),
Prog, spw_dbname ());
@@ -1804,7 +1804,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
fail_exit (E_PW_UPDATE);
}
}
-@@ -616,23 +592,11 @@ static void open_files (void)
+@@ -596,23 +572,11 @@ static void open_files (void)
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
Prog, gr_dbname ());
@@ -1828,7 +1828,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
fail_exit (E_GRP_UPDATE);
}
#ifdef SHADOWGRP
-@@ -641,24 +605,12 @@ static void open_files (void)
+@@ -621,24 +585,12 @@ static void open_files (void)
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
Prog, sgr_dbname ());
@@ -1853,7 +1853,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
fail_exit (E_GRP_UPDATE);
}
}
-@@ -669,24 +621,12 @@ static void open_files (void)
+@@ -649,24 +601,12 @@ static void open_files (void)
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
Prog, sub_uid_dbname ());
@@ -1878,7 +1878,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
fail_exit (E_SUB_UID_UPDATE);
}
}
-@@ -695,24 +635,12 @@ static void open_files (void)
+@@ -675,24 +615,12 @@ static void open_files (void)
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
Prog, sub_gid_dbname ());
@@ -1903,7 +1903,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
fail_exit (E_SUB_GID_UPDATE);
}
}
-@@ -757,7 +685,7 @@ static void update_user (void)
+@@ -737,7 +665,7 @@ static void update_user (void)
#endif /* ENABLE_SUBIDS */
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
@@ -1912,7 +1912,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_SUCCESS);
#endif /* WITH_AUDIT */
-@@ -865,7 +793,7 @@ static int remove_mailbox (void)
+@@ -845,7 +773,7 @@ static int remove_mailbox (void)
SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
@@ -1921,7 +1921,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
-@@ -882,7 +810,7 @@ static int remove_mailbox (void)
+@@ -862,7 +790,7 @@ static int remove_mailbox (void)
SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
@@ -1930,7 +1930,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
-@@ -892,8 +820,8 @@ static int remove_mailbox (void)
+@@ -872,8 +800,8 @@ static int remove_mailbox (void)
#ifdef WITH_AUDIT
else
{
@@ -1941,7 +1941,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_SUCCESS);
}
-@@ -911,7 +839,7 @@ static int remove_mailbox (void)
+@@ -891,7 +819,7 @@ static int remove_mailbox (void)
mailfile, strerror (errno)));
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
@@ -1950,7 +1950,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
-@@ -928,7 +856,7 @@ static int remove_mailbox (void)
+@@ -908,7 +836,7 @@ static int remove_mailbox (void)
SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
@@ -1959,7 +1959,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
-@@ -938,8 +866,8 @@ static int remove_mailbox (void)
+@@ -918,8 +846,8 @@ static int remove_mailbox (void)
#ifdef WITH_AUDIT
else
{
@@ -1970,7 +1970,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_SUCCESS);
}
-@@ -1152,7 +1080,7 @@ int main (int argc, char **argv)
+@@ -1138,7 +1066,7 @@ int main (int argc, char **argv)
Prog, user_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
@@ -1979,7 +1979,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
-@@ -1208,7 +1136,7 @@ int main (int argc, char **argv)
+@@ -1194,7 +1122,7 @@ int main (int argc, char **argv)
if (!fflg) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
@@ -1988,7 +1988,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
-@@ -1302,8 +1230,8 @@ int main (int argc, char **argv)
+@@ -1288,8 +1216,8 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT
else
{
@@ -1999,7 +1999,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_SUCCESS);
}
-@@ -1312,7 +1240,7 @@ int main (int argc, char **argv)
+@@ -1298,7 +1226,7 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT
if (0 != errors) {
audit_logger (AUDIT_DEL_USER, Prog,
@@ -2008,7 +2008,7 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
}
-@@ -1325,8 +1253,8 @@ int main (int argc, char **argv)
+@@ -1311,8 +1239,8 @@ int main (int argc, char **argv)
_("%s: warning: the user name %s to SELinux user mapping removal failed.\n"),
Prog, user_name);
#ifdef WITH_AUDIT
@@ -2019,10 +2019,10 @@ diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
-diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
---- shadow-4.8.1/src/usermod.c.audit-update 2020-03-17 16:53:44.370943285 +0100
-+++ shadow-4.8.1/src/usermod.c 2020-03-17 16:53:44.373943325 +0100
-@@ -457,8 +457,8 @@ static char *new_pw_passwd (char *pw_pas
+diff -up shadow-4.11.1/src/usermod.c.audit-update shadow-4.11.1/src/usermod.c
+--- shadow-4.11.1/src/usermod.c.audit-update 2022-01-03 14:57:01.776006769 +0100
++++ shadow-4.11.1/src/usermod.c 2022-01-03 15:28:16.959101706 +0100
+@@ -417,8 +417,8 @@ static char *new_pw_passwd (char *pw_pas
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
@@ -2033,7 +2033,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
#endif
SYSLOG ((LOG_INFO, "lock user '%s' password", user_newname));
strcpy (buf, "!");
-@@ -477,8 +477,8 @@ static char *new_pw_passwd (char *pw_pas
+@@ -437,8 +437,8 @@ static char *new_pw_passwd (char *pw_pas
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
@@ -2044,7 +2044,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
#endif
SYSLOG ((LOG_INFO, "unlock user '%s' password", user_newname));
s = pw_pass;
-@@ -489,7 +489,7 @@ static char *new_pw_passwd (char *pw_pas
+@@ -449,7 +449,7 @@ static char *new_pw_passwd (char *pw_pas
} else if (pflg) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
@@ -2053,7 +2053,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1);
#endif
SYSLOG ((LOG_INFO, "change user '%s' password", user_newname));
-@@ -518,8 +518,8 @@ static void new_pwent (struct passwd *pw
+@@ -478,8 +478,8 @@ static void new_pwent (struct passwd *pw
fail_exit (E_NAME_IN_USE);
}
#ifdef WITH_AUDIT
@@ -2064,7 +2064,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
-@@ -539,8 +539,8 @@ static void new_pwent (struct passwd *pw
+@@ -499,8 +499,8 @@ static void new_pwent (struct passwd *pw
if (uflg) {
#ifdef WITH_AUDIT
@@ -2075,7 +2075,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
-@@ -550,8 +550,8 @@ static void new_pwent (struct passwd *pw
+@@ -510,8 +510,8 @@ static void new_pwent (struct passwd *pw
}
if (gflg) {
#ifdef WITH_AUDIT
@@ -2086,7 +2086,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
-@@ -561,8 +561,8 @@ static void new_pwent (struct passwd *pw
+@@ -521,8 +521,8 @@ static void new_pwent (struct passwd *pw
}
if (cflg) {
#ifdef WITH_AUDIT
@@ -2097,7 +2097,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1);
#endif
pwent->pw_gecos = user_newcomment;
-@@ -570,8 +570,8 @@ static void new_pwent (struct passwd *pw
+@@ -530,8 +530,8 @@ static void new_pwent (struct passwd *pw
if (dflg) {
#ifdef WITH_AUDIT
@@ -2108,7 +2108,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
-@@ -581,8 +581,8 @@ static void new_pwent (struct passwd *pw
+@@ -547,8 +547,8 @@ static void new_pwent (struct passwd *pw
}
if (sflg) {
#ifdef WITH_AUDIT
@@ -2119,7 +2119,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
-@@ -612,8 +612,8 @@ static void new_spent (struct spwd *spen
+@@ -578,8 +578,8 @@ static void new_spent (struct spwd *spen
if (fflg) {
#ifdef WITH_AUDIT
@@ -2130,9 +2130,9 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
-@@ -629,8 +629,8 @@ static void new_spent (struct spwd *spen
- date_to_str (old_exp, sizeof(old_exp),
- user_expire * DAY);
+@@ -593,8 +593,8 @@ static void new_spent (struct spwd *spen
+ date_to_str (sizeof(new_exp), new_exp, user_newexpire * DAY);
+ date_to_str (sizeof(old_exp), old_exp, user_expire * DAY);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "changing expiration date",
@@ -2141,7 +2141,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
-@@ -713,9 +713,9 @@ static /*@noreturn@*/void fail_exit (int
+@@ -677,9 +677,9 @@ static /*@noreturn@*/void fail_exit (int
#endif /* ENABLE_SUBIDS */
#ifdef WITH_AUDIT
@@ -2154,7 +2154,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
#endif
exit (code);
}
-@@ -769,9 +769,12 @@ static void update_group (void)
+@@ -741,9 +741,12 @@ static void update_group (void)
user_newname);
changed = true;
#ifdef WITH_AUDIT
@@ -2170,7 +2170,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
#endif
SYSLOG ((LOG_INFO,
"change '%s' to '%s' in group '%s'",
-@@ -785,9 +788,11 @@ static void update_group (void)
+@@ -757,9 +760,11 @@ static void update_group (void)
ngrp->gr_mem = del_list (ngrp->gr_mem, user_name);
changed = true;
#ifdef WITH_AUDIT
@@ -2185,7 +2185,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
#endif
SYSLOG ((LOG_INFO,
"delete '%s' from group '%s'",
-@@ -800,9 +805,11 @@ static void update_group (void)
+@@ -772,9 +777,11 @@ static void update_group (void)
ngrp->gr_mem = add_list (ngrp->gr_mem, user_newname);
changed = true;
#ifdef WITH_AUDIT
@@ -2200,7 +2200,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
#endif
SYSLOG ((LOG_INFO, "add '%s' to group '%s'",
user_newname, ngrp->gr_name));
-@@ -877,9 +884,10 @@ static void update_gshadow (void)
+@@ -859,9 +866,10 @@ static void update_gshadow (void)
nsgrp->sg_adm = add_list (nsgrp->sg_adm, user_newname);
changed = true;
#ifdef WITH_AUDIT
@@ -2214,7 +2214,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
#endif
SYSLOG ((LOG_INFO,
"change admin '%s' to '%s' in shadow group '%s'",
-@@ -899,9 +907,10 @@ static void update_gshadow (void)
+@@ -881,9 +889,10 @@ static void update_gshadow (void)
user_newname);
changed = true;
#ifdef WITH_AUDIT
@@ -2228,7 +2228,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
#endif
SYSLOG ((LOG_INFO,
"change '%s' to '%s' in shadow group '%s'",
-@@ -915,9 +924,10 @@ static void update_gshadow (void)
+@@ -897,9 +906,10 @@ static void update_gshadow (void)
nsgrp->sg_mem = del_list (nsgrp->sg_mem, user_name);
changed = true;
#ifdef WITH_AUDIT
@@ -2242,7 +2242,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
#endif
SYSLOG ((LOG_INFO,
"delete '%s' from shadow group '%s'",
-@@ -930,9 +940,10 @@ static void update_gshadow (void)
+@@ -912,9 +922,10 @@ static void update_gshadow (void)
nsgrp->sg_mem = add_list (nsgrp->sg_mem, user_newname);
changed = true;
#ifdef WITH_AUDIT
@@ -2256,7 +2256,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
#endif
SYSLOG ((LOG_INFO, "add '%s' to shadow group '%s'",
user_newname, nsgrp->sg_name));
-@@ -1799,8 +1810,8 @@ static void move_home (void)
+@@ -1817,8 +1828,8 @@ static void move_home (void)
#ifdef WITH_AUDIT
if (uflg || gflg) {
@@ -2267,7 +2267,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1);
}
#endif
-@@ -1818,8 +1829,8 @@ static void move_home (void)
+@@ -1836,8 +1847,8 @@ static void move_home (void)
fail_exit (E_HOMEDIR);
}
#ifdef WITH_AUDIT
@@ -2278,7 +2278,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid,
1);
#endif
-@@ -1847,9 +1858,9 @@ static void move_home (void)
+@@ -1865,9 +1876,9 @@ static void move_home (void)
Prog, prefix_user_home);
}
#ifdef WITH_AUDIT
@@ -2290,7 +2290,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname,
(unsigned int) user_newid,
1);
-@@ -2071,8 +2082,8 @@ static void move_mailbox (void)
+@@ -2085,8 +2096,8 @@ static void move_mailbox (void)
}
#ifdef WITH_AUDIT
else {
@@ -2301,7 +2301,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1);
}
#endif
-@@ -2098,8 +2109,8 @@ static void move_mailbox (void)
+@@ -2112,8 +2123,8 @@ static void move_mailbox (void)
}
#ifdef WITH_AUDIT
else {
@@ -2312,7 +2312,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1);
}
#endif
-@@ -2294,8 +2305,8 @@ int main (int argc, char **argv)
+@@ -2310,8 +2321,8 @@ int main (int argc, char **argv)
_("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
Prog, user_name, user_selinux);
#ifdef WITH_AUDIT
@@ -2323,7 +2323,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
-@@ -2307,8 +2318,8 @@ int main (int argc, char **argv)
+@@ -2323,8 +2334,8 @@ int main (int argc, char **argv)
_("%s: warning: the user name %s to SELinux user mapping removal failed.\n"),
Prog, user_name);
#ifdef WITH_AUDIT
@@ -2334,7 +2334,7 @@ diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
-@@ -2349,8 +2360,8 @@ int main (int argc, char **argv)
+@@ -2365,8 +2376,8 @@ int main (int argc, char **argv)
*/
#ifdef WITH_AUDIT
if (uflg || gflg) {
diff --git a/shadow-4.11.1-null-tm.patch b/shadow-4.11.1-null-tm.patch
new file mode 100644
index 0000000..b8d5fc8
--- /dev/null
+++ b/shadow-4.11.1-null-tm.patch
@@ -0,0 +1,22 @@
+diff -up shadow-4.11.1/src/chage.c.null-tm shadow-4.11.1/src/chage.c
+diff -up shadow-4.11.1/src/lastlog.c.null-tm shadow-4.11.1/src/lastlog.c
+--- shadow-4.11.1/src/lastlog.c.null-tm 2022-01-03 15:31:56.348555620 +0100
++++ shadow-4.11.1/src/lastlog.c 2022-01-03 15:38:41.262229024 +0100
+@@ -151,9 +151,12 @@ static void print_one (/*@null@*/const s
+
+ ll_time = ll.ll_time;
+ tm = localtime (&ll_time);
+- strftime (ptime, sizeof (ptime), "%a %b %e %H:%M:%S %z %Y", tm);
+- cp = ptime;
+-
++ if (tm == NULL) {
++ cp = "(unknown)";
++ } else {
++ strftime (ptime, sizeof (ptime), "%a %b %e %H:%M:%S %z %Y", tm);
++ cp = ptime;
++ }
+ if (ll.ll_time == (time_t) 0) {
+ cp = _("**Never logged in**\0");
+ }
+diff -up shadow-4.11.1/src/passwd.c.null-tm shadow-4.11.1/src/passwd.c
+diff -up shadow-4.11.1/src/usermod.c.null-tm shadow-4.11.1/src/usermod.c
diff --git a/shadow-4.9-redhat.patch b/shadow-4.11.1-redhat.patch
similarity index 70%
rename from shadow-4.9-redhat.patch
rename to shadow-4.11.1-redhat.patch
index 9dfb3e8..e5e6c60 100644
--- a/shadow-4.9-redhat.patch
+++ b/shadow-4.11.1-redhat.patch
@@ -1,7 +1,7 @@
-diff -up shadow-4.9/src/useradd.c.redhat shadow-4.9/src/useradd.c
---- shadow-4.9/src/useradd.c.redhat 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/useradd.c 2021-08-02 11:45:11.942867250 +0200
-@@ -104,7 +104,7 @@ FILE *shadow_logfd = NULL;
+diff -up shadow-4.11.1/src/useradd.c.redhat shadow-4.11.1/src/useradd.c
+--- shadow-4.11.1/src/useradd.c.redhat 2022-01-03 01:46:53.000000000 +0100
++++ shadow-4.11.1/src/useradd.c 2022-01-03 14:53:12.988484829 +0100
+@@ -82,7 +82,7 @@ const char *Prog;
static gid_t def_group = 1000;
static const char *def_gname = "other";
static const char *def_home = "/home";
@@ -9,8 +9,8 @@ diff -up shadow-4.9/src/useradd.c.redhat shadow-4.9/src/useradd.c
+static const char *def_shell = "/sbin/nologin";
static const char *def_template = SKEL_DIR;
static const char *def_create_mail_spool = "yes";
-
-@@ -114,7 +114,7 @@ static const char *def_expire = "";
+ static const char *def_log_init = "yes";
+@@ -93,7 +93,7 @@ static const char *def_expire = "";
#define VALID(s) (strcspn (s, ":\n") == strlen (s))
static const char *user_name = "";
@@ -19,7 +19,7 @@ diff -up shadow-4.9/src/useradd.c.redhat shadow-4.9/src/useradd.c
static uid_t user_id;
static gid_t user_gid;
static const char *user_comment = "";
-@@ -1204,9 +1204,9 @@ static void process_flags (int argc, cha
+@@ -1219,9 +1219,9 @@ static void process_flags (int argc, cha
};
while ((c = getopt_long (argc, argv,
#ifdef WITH_SELINUX
@@ -31,7 +31,7 @@ diff -up shadow-4.9/src/useradd.c.redhat shadow-4.9/src/useradd.c
#endif /* !WITH_SELINUX */
long_options, NULL)) != -1) {
switch (c) {
-@@ -1363,6 +1363,7 @@ static void process_flags (int argc, cha
+@@ -1378,6 +1378,7 @@ static void process_flags (int argc, cha
case 'M':
Mflg = true;
break;
diff --git a/shadow-4.9-getsubids.patch b/shadow-4.9-getsubids.patch
deleted file mode 100644
index b9f2449..0000000
--- a/shadow-4.9-getsubids.patch
+++ /dev/null
@@ -1,245 +0,0 @@
-diff -up shadow-4.9/man/getsubids.1.xml.getsubids shadow-4.9/man/getsubids.1.xml
---- shadow-4.9/man/getsubids.1.xml.getsubids 2021-11-18 16:27:33.951053120 +0100
-+++ shadow-4.9/man/getsubids.1.xml 2021-11-18 16:27:33.951053120 +0100
-@@ -0,0 +1,141 @@
-+
-+
-+
-+]>
-+
-+
-+
-+
-+ Iker
-+ Pedrosa
-+ Creation, 2021
-+
-+
-+
-+ getsubids
-+ 1
-+ User Commands
-+ shadow-utils
-+ &SHADOW_UTILS_VERSION;
-+
-+
-+ getsubids
-+ get the subordinate id ranges for a user
-+
-+
-+
-+
-+ getsubids
-+
-+ options
-+
-+
-+ USER
-+
-+
-+
-+
-+
-+ DESCRIPTION
-+
-+ The getsubids command lists the subordinate user ID
-+ ranges for a given user. The subordinate group IDs can be listed using
-+ the option.
-+
-+
-+
-+
-+ OPTIONS
-+
-+ The options which apply to the getsubids command are:
-+
-+
-+
-+
-+
-+
-+
-+
-+ List the subordinate group ID ranges.
-+
-+
-+
-+
-+
-+
-+
-+ EXAMPLE
-+
-+ For example, to obtain the subordinate UIDs of the testuser:
-+
-+
-+
-+$ getsubids testuser
-+0: testuser 100000 65536
-+
-+
-+
-+ This command output provides (in order from left to right) the list
-+ index, username, UID range start, and number of UIDs in range.
-+
-+
-+
-+
-+ SEE ALSO
-+
-+
-+ login.defs5
-+ ,
-+
-+ newgidmap1
-+ ,
-+
-+ newuidmap1
-+ ,
-+
-+ subgid5
-+ ,
-+
-+ subuid5
-+ ,
-+
-+ useradd8
-+ ,
-+
-+ userdel8
-+ .
-+
-+ usermod8
-+ ,
-+
-+
-+
-diff -up shadow-4.9/man/Makefile.am.getsubids shadow-4.9/man/Makefile.am
---- shadow-4.9/man/Makefile.am.getsubids 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/man/Makefile.am 2021-11-18 16:27:33.951053120 +0100
-@@ -62,6 +62,7 @@ man_MANS += $(man_nopam)
- endif
-
- man_subids = \
-+ man1/getsubids.1 \
- man1/newgidmap.1 \
- man1/newuidmap.1 \
- man5/subgid.5 \
-@@ -80,6 +81,7 @@ man_XMANS = \
- expiry.1.xml \
- faillog.5.xml \
- faillog.8.xml \
-+ getsubids.1.xml \
- gpasswd.1.xml \
- groupadd.8.xml \
- groupdel.8.xml \
-diff -up shadow-4.9/src/getsubids.c.getsubids shadow-4.9/src/getsubids.c
---- shadow-4.9/src/getsubids.c.getsubids 2021-11-18 16:27:33.951053120 +0100
-+++ shadow-4.9/src/getsubids.c 2021-11-18 16:27:33.951053120 +0100
-@@ -0,0 +1,46 @@
-+#include
-+#include
-+#include
-+#include "subid.h"
-+#include "prototypes.h"
-+
-+const char *Prog;
-+FILE *shadow_logfd = NULL;
-+
-+void usage(void)
-+{
-+ fprintf(stderr, "Usage: %s [-g] user\n", Prog);
-+ fprintf(stderr, " list subuid ranges for user\n");
-+ fprintf(stderr, " pass -g to list subgid ranges\n");
-+ exit(EXIT_FAILURE);
-+}
-+
-+int main(int argc, char *argv[])
-+{
-+ int i, count=0;
-+ struct subid_range *ranges;
-+ const char *owner;
-+
-+ Prog = Basename (argv[0]);
-+ shadow_logfd = stderr;
-+ if (argc < 2)
-+ usage();
-+ owner = argv[1];
-+ if (argc == 3 && strcmp(argv[1], "-g") == 0) {
-+ owner = argv[2];
-+ count = get_subgid_ranges(owner, &ranges);
-+ } else if (argc == 2 && strcmp(argv[1], "-h") == 0) {
-+ usage();
-+ } else {
-+ count = get_subuid_ranges(owner, &ranges);
-+ }
-+ if (!ranges) {
-+ fprintf(stderr, "Error fetching ranges\n");
-+ exit(1);
-+ }
-+ for (i = 0; i < count; i++) {
-+ printf("%d: %s %lu %lu\n", i, owner,
-+ ranges[i].start, ranges[i].count);
-+ }
-+ return 0;
-+}
-diff -up shadow-4.9/src/list_subid_ranges.c.getsubids shadow-4.9/src/list_subid_ranges.c
-diff -up shadow-4.9/src/Makefile.am.getsubids shadow-4.9/src/Makefile.am
---- shadow-4.9/src/Makefile.am.getsubids 2021-11-18 16:27:33.943053061 +0100
-+++ shadow-4.9/src/Makefile.am 2021-11-18 16:28:03.647272392 +0100
-@@ -157,8 +157,8 @@ if FCAPS
- setcap cap_setgid+ep $(DESTDIR)$(ubindir)/newgidmap
- endif
-
--noinst_PROGRAMS += list_subid_ranges \
-- get_subid_owners \
-+bin_PROGRAMS += getsubids
-+noinst_PROGRAMS += get_subid_owners \
- new_subid_range \
- free_subid_range \
- check_subid_range
-@@ -174,13 +174,13 @@ MISCLIBS = \
- $(LIBCRYPT) \
- $(LIBTCB)
-
--list_subid_ranges_LDADD = \
-+getsubids_LDADD = \
- $(top_builddir)/lib/libshadow.la \
- $(top_builddir)/libmisc/libmisc.la \
- $(top_builddir)/libsubid/libsubid.la \
- $(MISCLIBS) -ldl
-
--list_subid_ranges_CPPFLAGS = \
-+getsubids_CPPFLAGS = \
- -I$(top_srcdir)/lib \
- -I$(top_srcdir)/libmisc \
- -I$(top_srcdir)/libsubid
diff --git a/shadow-4.9-groupdel-fix-sigsegv-when-passwd-does-not-exist.patch b/shadow-4.9-groupdel-fix-sigsegv-when-passwd-does-not-exist.patch
deleted file mode 100644
index 658156a..0000000
--- a/shadow-4.9-groupdel-fix-sigsegv-when-passwd-does-not-exist.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff -up shadow-4.9/libmisc/prefix_flag.c.groupdel-fix-sigsegv-when-passwd-does-not-exist shadow-4.9/libmisc/prefix_flag.c
---- shadow-4.9/libmisc/prefix_flag.c.groupdel-fix-sigsegv-when-passwd-does-not-exist 2021-11-19 09:21:36.997091941 +0100
-+++ shadow-4.9/libmisc/prefix_flag.c 2021-11-19 09:22:19.001341010 +0100
-@@ -288,6 +288,9 @@ extern struct passwd* prefix_getpwent()
- if(!passwd_db_file) {
- return getpwent();
- }
-+ if (!fp_pwent) {
-+ return NULL;
-+ }
- return fgetpwent(fp_pwent);
- }
- extern void prefix_endpwent()
diff --git a/shadow-4.9-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch b/shadow-4.9-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch
deleted file mode 100644
index 5eaaec9..0000000
--- a/shadow-4.9-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-From 234e8fa7b134d1ebabfdad980a3ae5b63c046c62 Mon Sep 17 00:00:00 2001
-From: Mike Gilbert
-Date: Sat, 14 Aug 2021 13:24:34 -0400
-Subject: [PATCH] libmisc: fix default value in SHA_get_salt_rounds()
-
-If SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS are both unspecified,
-use SHA_ROUNDS_DEFAULT.
-
-Previously, the code fell through, calling shadow_random(-1, -1). This
-ultimately set rounds = (unsigned long) -1, which ends up being a very
-large number! This then got capped to SHA_ROUNDS_MAX later in the
-function.
-
-The new behavior matches BCRYPT_get_salt_rounds().
-
-Bug: https://bugs.gentoo.org/808195
-Fixes: https://github.com/shadow-maint/shadow/issues/393
----
- libmisc/salt.c | 21 +++++++++++----------
- 1 file changed, 11 insertions(+), 10 deletions(-)
-
-diff --git a/libmisc/salt.c b/libmisc/salt.c
-index 91d528fd..30eefb9c 100644
---- a/libmisc/salt.c
-+++ b/libmisc/salt.c
-@@ -223,20 +223,21 @@ static /*@observer@*/const unsigned long SHA_get_salt_rounds (/*@null@*/int *pre
- if ((-1 == min_rounds) && (-1 == max_rounds)) {
- rounds = SHA_ROUNDS_DEFAULT;
- }
-+ else {
-+ if (-1 == min_rounds) {
-+ min_rounds = max_rounds;
-+ }
-
-- if (-1 == min_rounds) {
-- min_rounds = max_rounds;
-- }
-+ if (-1 == max_rounds) {
-+ max_rounds = min_rounds;
-+ }
-
-- if (-1 == max_rounds) {
-- max_rounds = min_rounds;
-- }
-+ if (min_rounds > max_rounds) {
-+ max_rounds = min_rounds;
-+ }
-
-- if (min_rounds > max_rounds) {
-- max_rounds = min_rounds;
-+ rounds = (unsigned long) shadow_random (min_rounds, max_rounds);
- }
--
-- rounds = (unsigned long) shadow_random (min_rounds, max_rounds);
- } else if (0 == *prefered_rounds) {
- rounds = SHA_ROUNDS_DEFAULT;
- } else {
---
-2.31.1
-
diff --git a/shadow-4.9-make-shadow-logfd-and-prog-not-extern.patch b/shadow-4.9-make-shadow-logfd-and-prog-not-extern.patch
deleted file mode 100644
index d0b7059..0000000
--- a/shadow-4.9-make-shadow-logfd-and-prog-not-extern.patch
+++ /dev/null
@@ -1,2497 +0,0 @@
-diff -up shadow-4.9/lib/commonio.c.debug1 shadow-4.9/lib/commonio.c
---- shadow-4.9/lib/commonio.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/lib/commonio.c 2022-01-10 10:45:52.202132937 +0100
-@@ -51,6 +51,7 @@
- #endif /* WITH_TCB */
- #include "prototypes.h"
- #include "commonio.h"
-+#include "shadowlog_internal.h"
-
- /* local function prototypes */
- static int lrename (const char *, const char *);
-diff -up shadow-4.9/lib/encrypt.c.debug1 shadow-4.9/lib/encrypt.c
---- shadow-4.9/lib/encrypt.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/lib/encrypt.c 2022-01-10 10:45:52.202132937 +0100
-@@ -39,6 +39,7 @@
-
- #include "prototypes.h"
- #include "defines.h"
-+#include "shadowlog_internal.h"
-
- /*@exposed@*//*@null@*/char *pw_encrypt (const char *clear, const char *salt)
- {
-diff -up shadow-4.9/lib/getdef.c.debug1 shadow-4.9/lib/getdef.c
---- shadow-4.9/lib/getdef.c.debug1 2022-01-10 10:45:52.191132858 +0100
-+++ shadow-4.9/lib/getdef.c 2022-01-10 10:45:52.202132937 +0100
-@@ -44,6 +44,7 @@
- #include
- #endif
- #include "getdef.h"
-+#include "shadowlog_internal.h"
- /*
- * A configuration item definition.
- */
-diff -up shadow-4.9/lib/Makefile.am.debug1 shadow-4.9/lib/Makefile.am
---- shadow-4.9/lib/Makefile.am.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/lib/Makefile.am 2022-01-10 10:45:52.202132937 +0100
-@@ -34,6 +34,8 @@ libshadow_la_SOURCES = \
- nss.c \
- nscd.c \
- nscd.h \
-+ shadowlog.c \
-+ shadowlog.h \
- sssd.c \
- sssd.h \
- pam_defs.h \
-diff -up shadow-4.9/libmisc/addgrps.c.debug1 shadow-4.9/libmisc/addgrps.c
---- shadow-4.9/libmisc/addgrps.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/addgrps.c 2022-01-10 10:45:52.203132944 +0100
-@@ -40,6 +40,7 @@
- #include
- #include
- #include
-+#include "shadowlog.h"
-
- #ident "$Id$"
-
-@@ -58,6 +59,7 @@ int add_groups (const char *list)
- char *token;
- char buf[1024];
- int ret;
-+ FILE *shadow_logfd = log_get_logfd();
-
- if (strlen (list) >= sizeof (buf)) {
- errno = EINVAL;
-diff -up shadow-4.9/libmisc/audit_help.c.debug1 shadow-4.9/libmisc/audit_help.c
---- shadow-4.9/libmisc/audit_help.c.debug1 2022-01-10 10:45:52.184132808 +0100
-+++ shadow-4.9/libmisc/audit_help.c 2022-01-10 10:45:52.203132944 +0100
-@@ -45,6 +45,7 @@
- #include
- #include
- #include "prototypes.h"
-+#include "shadowlog.h"
- int audit_fd;
-
- void audit_help_open (void)
-@@ -59,7 +60,7 @@ void audit_help_open (void)
- return;
- }
- (void) fputs (_("Cannot open audit interface - aborting.\n"),
-- shadow_logfd);
-+ log_get_logfd());
- exit (EXIT_FAILURE);
- }
- }
-diff -up shadow-4.9/libmisc/chowntty.c.debug1 shadow-4.9/libmisc/chowntty.c
---- shadow-4.9/libmisc/chowntty.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/chowntty.c 2022-01-10 10:45:52.203132944 +0100
-@@ -43,6 +43,7 @@
- #include "defines.h"
- #include
- #include "getdef.h"
-+#include "shadowlog.h"
-
- /*
- * chown_tty() sets the login tty to be owned by the new user ID
-@@ -75,6 +76,7 @@ void chown_tty (const struct passwd *inf
- if ( (fchown (STDIN_FILENO, info->pw_uid, gid) != 0)
- || (fchmod (STDIN_FILENO, (mode_t)getdef_num ("TTYPERM", 0600)) != 0)) {
- int err = errno;
-+ FILE *shadow_logfd = log_get_logfd();
-
- fprintf (shadow_logfd,
- _("Unable to change owner or mode of tty stdin: %s"),
-diff -up shadow-4.9/libmisc/cleanup_group.c.debug1 shadow-4.9/libmisc/cleanup_group.c
---- shadow-4.9/libmisc/cleanup_group.c.debug1 2022-01-10 10:45:52.184132808 +0100
-+++ shadow-4.9/libmisc/cleanup_group.c 2022-01-10 10:47:02.241632844 +0100
-@@ -36,6 +36,7 @@
- #include "groupio.h"
- #include "sgroupio.h"
- #include "prototypes.h"
-+#include "shadowlog.h"
-
- /*
- * cleanup_report_add_group - Report failure to add a group to the system
-@@ -48,7 +49,7 @@ void cleanup_report_add_group (void *gro
-
- SYSLOG ((LOG_ERR, "failed to add group %s", name));
- #ifdef WITH_AUDIT
-- audit_logger (AUDIT_ADD_GROUP, Prog,
-+ audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
- "",
- name, AUDIT_NO_ID,
- SHADOW_AUDIT_FAILURE);
-@@ -66,7 +67,7 @@ void cleanup_report_del_group (void *gro
-
- SYSLOG ((LOG_ERR, "failed to remove group %s", name));
- #ifdef WITH_AUDIT
-- audit_logger (AUDIT_DEL_GROUP, Prog,
-+ audit_logger (AUDIT_DEL_GROUP, log_get_progname(),
- "",
- name, AUDIT_NO_ID,
- SHADOW_AUDIT_FAILURE);
-@@ -83,7 +84,7 @@ void cleanup_report_mod_group (void *cle
- gr_dbname (),
- info->action));
- #ifdef WITH_AUDIT
-- audit_logger (AUDIT_GRP_MGMT, Prog,
-+ audit_logger (AUDIT_GRP_MGMT, log_get_progname(),
- info->audit_msg,
- info->name, AUDIT_NO_ID,
- SHADOW_AUDIT_FAILURE);
-@@ -101,7 +102,7 @@ void cleanup_report_mod_gshadow (void *c
- sgr_dbname (),
- info->action));
- #ifdef WITH_AUDIT
-- audit_logger (AUDIT_GRP_MGMT, Prog,
-+ audit_logger (AUDIT_GRP_MGMT, log_get_progname(),
- info->audit_msg,
- info->name, AUDIT_NO_ID,
- SHADOW_AUDIT_FAILURE);
-@@ -121,7 +122,7 @@ void cleanup_report_add_group_group (voi
-
- SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, gr_dbname ()));
- #ifdef WITH_AUDIT
-- audit_logger (AUDIT_ADD_GROUP, Prog,
-+ audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
- "adding-group",
- name, AUDIT_NO_ID,
- SHADOW_AUDIT_FAILURE);
-@@ -141,7 +142,7 @@ void cleanup_report_add_group_gshadow (v
-
- SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, sgr_dbname ()));
- #ifdef WITH_AUDIT
-- audit_logger (AUDIT_GRP_MGMT, Prog,
-+ audit_logger (AUDIT_GRP_MGMT, log_get_progname(),
- "adding-shadow-group",
- name, AUDIT_NO_ID,
- SHADOW_AUDIT_FAILURE);
-@@ -164,7 +165,7 @@ void cleanup_report_del_group_group (voi
- "failed to remove group %s from %s",
- name, gr_dbname ()));
- #ifdef WITH_AUDIT
-- audit_logger (AUDIT_DEL_GROUP, Prog,
-+ audit_logger (AUDIT_DEL_GROUP, log_get_progname(),
- "removing-group",
- name, AUDIT_NO_ID,
- SHADOW_AUDIT_FAILURE);
-@@ -187,7 +188,7 @@ void cleanup_report_del_group_gshadow (v
- "failed to remove group %s from %s",
- name, sgr_dbname ()));
- #ifdef WITH_AUDIT
-- audit_logger (AUDIT_GRP_MGMT, Prog,
-+ audit_logger (AUDIT_GRP_MGMT, log_get_progname(),
- "removing-shadow-group",
- name, AUDIT_NO_ID,
- SHADOW_AUDIT_FAILURE);
-@@ -203,9 +204,9 @@ void cleanup_report_del_group_gshadow (v
- void cleanup_unlock_group (unused void *arg)
- {
- if (gr_unlock () == 0) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: failed to unlock %s\n"),
-- Prog, gr_dbname ());
-+ log_get_progname(), gr_dbname ());
- SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
- #ifdef WITH_AUDIT
- audit_logger_message ("unlocking-group",
-@@ -223,9 +224,9 @@ void cleanup_unlock_group (unused void *
- void cleanup_unlock_gshadow (unused void *arg)
- {
- if (sgr_unlock () == 0) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: failed to unlock %s\n"),
-- Prog, sgr_dbname ());
-+ log_get_progname(), sgr_dbname ());
- SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
- #ifdef WITH_AUDIT
- audit_logger_message ("unlocking-gshadow",
-diff -up shadow-4.9/libmisc/cleanup_user.c.debug1 shadow-4.9/libmisc/cleanup_user.c
---- shadow-4.9/libmisc/cleanup_user.c.debug1 2022-01-10 10:45:52.184132808 +0100
-+++ shadow-4.9/libmisc/cleanup_user.c 2022-01-10 10:47:49.539970421 +0100
-@@ -36,6 +36,7 @@
- #include "pwio.h"
- #include "shadowio.h"
- #include "prototypes.h"
-+#include "shadowlog.h"
-
- /*
- * cleanup_report_add_user - Report failure to add an user to the system
-@@ -48,7 +49,7 @@ void cleanup_report_add_user (void *user
-
- SYSLOG ((LOG_ERR, "failed to add user %s", name));
- #ifdef WITH_AUDIT
-- audit_logger (AUDIT_ADD_USER, Prog,
-+ audit_logger (AUDIT_ADD_USER, log_get_progname(),
- "",
- name, AUDIT_NO_ID,
- SHADOW_AUDIT_FAILURE);
-@@ -65,7 +66,7 @@ void cleanup_report_mod_passwd (void *cl
- pw_dbname (),
- info->action));
- #ifdef WITH_AUDIT
-- audit_logger (AUDIT_USER_MGMT, Prog,
-+ audit_logger (AUDIT_USER_MGMT, log_get_progname(),
- info->audit_msg,
- info->name, AUDIT_NO_ID,
- SHADOW_AUDIT_FAILURE);
-@@ -85,7 +86,7 @@ void cleanup_report_add_user_passwd (voi
-
- SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, pw_dbname ()));
- #ifdef WITH_AUDIT
-- audit_logger (AUDIT_ADD_USER, Prog,
-+ audit_logger (AUDIT_ADD_USER, log_get_progname(),
- "adding-user",
- name, AUDIT_NO_ID,
- SHADOW_AUDIT_FAILURE);
-@@ -105,7 +106,7 @@ void cleanup_report_add_user_shadow (voi
-
- SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, spw_dbname ()));
- #ifdef WITH_AUDIT
-- audit_logger (AUDIT_USER_MGMT, Prog,
-+ audit_logger (AUDIT_USER_MGMT, log_get_progname(),
- "adding-shadow-user",
- name, AUDIT_NO_ID,
- SHADOW_AUDIT_FAILURE);
-@@ -120,9 +121,9 @@ void cleanup_report_add_user_shadow (voi
- void cleanup_unlock_passwd (unused void *arg)
- {
- if (pw_unlock () == 0) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: failed to unlock %s\n"),
-- Prog, pw_dbname ());
-+ log_get_progname(), pw_dbname ());
- SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
- #ifdef WITH_AUDIT
- audit_logger_message ("unlocking-passwd",
-@@ -139,9 +140,9 @@ void cleanup_unlock_passwd (unused void
- void cleanup_unlock_shadow (unused void *arg)
- {
- if (spw_unlock () == 0) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: failed to unlock %s\n"),
-- Prog, spw_dbname ());
-+ log_get_progname(), spw_dbname ());
- SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
- #ifdef WITH_AUDIT
- audit_logger_message ("unlocking-shadow",
-diff -up shadow-4.9/libmisc/copydir.c.debug1 shadow-4.9/libmisc/copydir.c
---- shadow-4.9/libmisc/copydir.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/copydir.c 2022-01-10 10:48:02.158060482 +0100
-@@ -55,6 +55,7 @@
- #ifdef WITH_ATTR
- #include
- #endif /* WITH_ATTR */
-+#include "shadowlog.h"
-
-
- static /*@null@*/const char *src_orig;
-@@ -116,6 +117,7 @@ static int fchown_if_needed (int fdst, c
- static void error_acl (struct error_context *ctx, const char *fmt, ...)
- {
- va_list ap;
-+ FILE *shadow_logfd = log_get_logfd();
-
- /* ignore the case when destination does not support ACLs
- * or extended attributes */
-@@ -125,7 +127,7 @@ static void error_acl (struct error_cont
- }
-
- va_start (ap, fmt);
-- (void) fprintf (shadow_logfd, _("%s: "), Prog);
-+ (void) fprintf (shadow_logfd, _("%s: "), log_get_progname());
- if (vfprintf (shadow_logfd, fmt, ap) != 0) {
- (void) fputs (_(": "), shadow_logfd);
- }
-@@ -248,9 +250,9 @@ int copy_tree (const char *src_root, con
- }
-
- if (!S_ISDIR (sb.st_mode)) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- "%s: %s is not a directory",
-- Prog, src_root);
-+ log_get_progname(), src_root);
- return -1;
- }
-
-diff -up shadow-4.9/libmisc/env.c.debug1 shadow-4.9/libmisc/env.c
---- shadow-4.9/libmisc/env.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/env.c 2022-01-10 10:45:52.203132944 +0100
-@@ -40,6 +40,7 @@
- #include
- #include "prototypes.h"
- #include "defines.h"
-+#include "shadowlog.h"
- /*
- * NEWENVP_STEP must be a power of two. This is the number
- * of (char *) pointers to allocate at a time, to avoid using
-@@ -171,7 +172,7 @@ void addenv (const char *string, /*@null
- }
- newenvp = __newenvp;
- } else {
-- (void) fputs (_("Environment overflow\n"), shadow_logfd);
-+ (void) fputs (_("Environment overflow\n"), log_get_logfd());
- newenvc--;
- free (newenvp[newenvc]);
- }
-diff -up shadow-4.9/libmisc/find_new_gid.c.debug1 shadow-4.9/libmisc/find_new_gid.c
---- shadow-4.9/libmisc/find_new_gid.c.debug1 2022-01-10 10:45:52.191132858 +0100
-+++ shadow-4.9/libmisc/find_new_gid.c 2022-01-10 10:45:52.203132944 +0100
-@@ -38,6 +38,7 @@
- #include "prototypes.h"
- #include "groupio.h"
- #include "getdef.h"
-+#include "shadowlog.h"
-
- /*
- * get_ranges - Get the minimum and maximum ID ranges for the search
-@@ -74,10 +75,10 @@ static int get_ranges (bool sys_group, g
-
- /* Check that the ranges make sense */
- if (*max_id < *min_id) {
-- (void) fprintf (shadow_logfd,
-+ (void) fprintf (log_get_logfd(),
- _("%s: Invalid configuration: SYS_GID_MIN (%lu), "
- "GID_MIN (%lu), SYS_GID_MAX (%lu)\n"),
-- Prog, (unsigned long) *min_id,
-+ log_get_progname(), (unsigned long) *min_id,
- getdef_ulong ("GID_MIN", 1000UL),
- (unsigned long) *max_id);
- return EINVAL;
-@@ -104,10 +105,10 @@ static int get_ranges (bool sys_group, g
-
- /* Check that the ranges make sense */
- if (*max_id < *min_id) {
-- (void) fprintf (shadow_logfd,
-+ (void) fprintf (log_get_logfd(),
- _("%s: Invalid configuration: GID_MIN (%lu), "
- "GID_MAX (%lu)\n"),
-- Prog, (unsigned long) *min_id,
-+ log_get_progname(), (unsigned long) *min_id,
- (unsigned long) *max_id);
- return EINVAL;
- }
-@@ -220,10 +221,10 @@ int find_new_gid (bool sys_group,
- * more likely to want to stop and address the
- * issue.
- */
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Encountered error attempting to use "
- "preferred GID: %s\n"),
-- Prog, strerror (result));
-+ log_get_progname(), strerror (result));
- return -1;
- }
- }
-@@ -250,9 +251,9 @@ int find_new_gid (bool sys_group,
- /* Create an array to hold all of the discovered GIDs */
- used_gids = malloc (sizeof (bool) * (gid_max +1));
- if (NULL == used_gids) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: failed to allocate memory: %s\n"),
-- Prog, strerror (errno));
-+ log_get_progname(), strerror (errno));
- return -1;
- }
- memset (used_gids, false, sizeof (bool) * (gid_max + 1));
-@@ -330,10 +331,10 @@ int find_new_gid (bool sys_group,
- *
- */
- if (!nospam) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Can't get unique system GID (%s). "
- "Suppressing additional messages.\n"),
-- Prog, strerror (result));
-+ log_get_progname(), strerror (result));
- SYSLOG ((LOG_ERR,
- "Error checking available GIDs: %s",
- strerror (result)));
-@@ -373,10 +374,10 @@ int find_new_gid (bool sys_group,
- *
- */
- if (!nospam) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Can't get unique system GID (%s). "
- "Suppressing additional messages.\n"),
-- Prog, strerror (result));
-+ log_get_progname(), strerror (result));
- SYSLOG ((LOG_ERR,
- "Error checking available GIDs: %s",
- strerror (result)));
-@@ -433,10 +434,10 @@ int find_new_gid (bool sys_group,
- *
- */
- if (!nospam) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Can't get unique GID (%s). "
- "Suppressing additional messages.\n"),
-- Prog, strerror (result));
-+ log_get_progname(), strerror (result));
- SYSLOG ((LOG_ERR,
- "Error checking available GIDs: %s",
- strerror (result)));
-@@ -476,10 +477,10 @@ int find_new_gid (bool sys_group,
- *
- */
- if (!nospam) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Can't get unique GID (%s). "
- "Suppressing additional messages.\n"),
-- Prog, strerror (result));
-+ log_get_progname(), strerror (result));
- SYSLOG ((LOG_ERR,
- "Error checking available GIDs: %s",
- strerror (result)));
-@@ -495,9 +496,9 @@ int find_new_gid (bool sys_group,
- }
-
- /* The code reached here and found no available IDs in the range */
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Can't get unique GID (no more available GIDs)\n"),
-- Prog);
-+ log_get_progname());
- SYSLOG ((LOG_WARN, "no more available GIDs on the system"));
- free (used_gids);
- return -1;
-diff -up shadow-4.9/libmisc/find_new_sub_gids.c.debug1 shadow-4.9/libmisc/find_new_sub_gids.c
---- shadow-4.9/libmisc/find_new_sub_gids.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/find_new_sub_gids.c 2022-01-10 10:45:52.203132944 +0100
-@@ -37,6 +37,7 @@
- #include "prototypes.h"
- #include "subordinateio.h"
- #include "getdef.h"
-+#include "shadowlog.h"
-
- /*
- * find_new_sub_gids - Find a new unused range of GIDs.
-@@ -60,18 +61,18 @@ int find_new_sub_gids (gid_t *range_star
- count = getdef_ulong ("SUB_GID_COUNT", 65536);
-
- if (min > max || count >= max || (min + count - 1) > max) {
-- (void) fprintf (shadow_logfd,
-+ (void) fprintf (log_get_logfd(),
- _("%s: Invalid configuration: SUB_GID_MIN (%lu),"
- " SUB_GID_MAX (%lu), SUB_GID_COUNT (%lu)\n"),
-- Prog, min, max, count);
-+ log_get_progname(), min, max, count);
- return -1;
- }
-
- start = sub_gid_find_free_range(min, max, count);
- if (start == (gid_t)-1) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Can't get unique subordinate GID range\n"),
-- Prog);
-+ log_get_progname());
- SYSLOG ((LOG_WARN, "no more available subordinate GIDs on the system"));
- return -1;
- }
-diff -up shadow-4.9/libmisc/find_new_sub_uids.c.debug1 shadow-4.9/libmisc/find_new_sub_uids.c
---- shadow-4.9/libmisc/find_new_sub_uids.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/find_new_sub_uids.c 2022-01-10 10:45:52.203132944 +0100
-@@ -37,6 +37,7 @@
- #include "prototypes.h"
- #include "subordinateio.h"
- #include "getdef.h"
-+#include "shadowlog.h"
-
- /*
- * find_new_sub_uids - Find a new unused range of UIDs.
-@@ -60,18 +61,18 @@ int find_new_sub_uids (uid_t *range_star
- count = getdef_ulong ("SUB_UID_COUNT", 65536);
-
- if (min > max || count >= max || (min + count - 1) > max) {
-- (void) fprintf (shadow_logfd,
-+ (void) fprintf (log_get_logfd(),
- _("%s: Invalid configuration: SUB_UID_MIN (%lu),"
- " SUB_UID_MAX (%lu), SUB_UID_COUNT (%lu)\n"),
-- Prog, min, max, count);
-+ log_get_progname(), min, max, count);
- return -1;
- }
-
- start = sub_uid_find_free_range(min, max, count);
- if (start == (uid_t)-1) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Can't get unique subordinate UID range\n"),
-- Prog);
-+ log_get_progname());
- SYSLOG ((LOG_WARN, "no more available subordinate UIDs on the system"));
- return -1;
- }
-diff -up shadow-4.9/libmisc/find_new_uid.c.debug1 shadow-4.9/libmisc/find_new_uid.c
---- shadow-4.9/libmisc/find_new_uid.c.debug1 2022-01-10 10:45:52.191132858 +0100
-+++ shadow-4.9/libmisc/find_new_uid.c 2022-01-10 10:45:52.204132951 +0100
-@@ -38,6 +38,7 @@
- #include "prototypes.h"
- #include "pwio.h"
- #include "getdef.h"
-+#include "shadowlog.h"
-
- /*
- * get_ranges - Get the minimum and maximum ID ranges for the search
-@@ -74,10 +75,10 @@ static int get_ranges (bool sys_user, ui
-
- /* Check that the ranges make sense */
- if (*max_id < *min_id) {
-- (void) fprintf (shadow_logfd,
-+ (void) fprintf (log_get_logfd(),
- _("%s: Invalid configuration: SYS_UID_MIN (%lu), "
- "UID_MIN (%lu), SYS_UID_MAX (%lu)\n"),
-- Prog, (unsigned long) *min_id,
-+ log_get_progname(), (unsigned long) *min_id,
- getdef_ulong ("UID_MIN", 1000UL),
- (unsigned long) *max_id);
- return EINVAL;
-@@ -104,10 +105,10 @@ static int get_ranges (bool sys_user, ui
-
- /* Check that the ranges make sense */
- if (*max_id < *min_id) {
-- (void) fprintf (shadow_logfd,
-+ (void) fprintf (log_get_logfd(),
- _("%s: Invalid configuration: UID_MIN (%lu), "
- "UID_MAX (%lu)\n"),
-- Prog, (unsigned long) *min_id,
-+ log_get_progname(), (unsigned long) *min_id,
- (unsigned long) *max_id);
- return EINVAL;
- }
-@@ -220,10 +221,10 @@ int find_new_uid(bool sys_user,
- * more likely to want to stop and address the
- * issue.
- */
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Encountered error attempting to use "
- "preferred UID: %s\n"),
-- Prog, strerror (result));
-+ log_get_progname(), strerror (result));
- return -1;
- }
- }
-@@ -250,9 +251,9 @@ int find_new_uid(bool sys_user,
- /* Create an array to hold all of the discovered UIDs */
- used_uids = malloc (sizeof (bool) * (uid_max +1));
- if (NULL == used_uids) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: failed to allocate memory: %s\n"),
-- Prog, strerror (errno));
-+ log_get_progname(), strerror (errno));
- return -1;
- }
- memset (used_uids, false, sizeof (bool) * (uid_max + 1));
-@@ -330,10 +331,10 @@ int find_new_uid(bool sys_user,
- *
- */
- if (!nospam) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Can't get unique system UID (%s). "
- "Suppressing additional messages.\n"),
-- Prog, strerror (result));
-+ log_get_progname(), strerror (result));
- SYSLOG ((LOG_ERR,
- "Error checking available UIDs: %s",
- strerror (result)));
-@@ -373,10 +374,10 @@ int find_new_uid(bool sys_user,
- *
- */
- if (!nospam) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Can't get unique system UID (%s). "
- "Suppressing additional messages.\n"),
-- Prog, strerror (result));
-+ log_get_progname(), strerror (result));
- SYSLOG((LOG_ERR,
- "Error checking available UIDs: %s",
- strerror (result)));
-@@ -433,10 +434,10 @@ int find_new_uid(bool sys_user,
- *
- */
- if (!nospam) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Can't get unique UID (%s). "
- "Suppressing additional messages.\n"),
-- Prog, strerror (result));
-+ log_get_progname(), strerror (result));
- SYSLOG ((LOG_ERR,
- "Error checking available UIDs: %s",
- strerror (result)));
-@@ -476,10 +477,10 @@ int find_new_uid(bool sys_user,
- *
- */
- if (!nospam) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Can't get unique UID (%s). "
- "Suppressing additional messages.\n"),
-- Prog, strerror (result));
-+ log_get_progname(), strerror (result));
- SYSLOG ((LOG_ERR,
- "Error checking available UIDs: %s",
- strerror (result)));
-@@ -495,9 +496,9 @@ int find_new_uid(bool sys_user,
- }
-
- /* The code reached here and found no available IDs in the range */
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: Can't get unique UID (no more available UIDs)\n"),
-- Prog);
-+ log_get_progname());
- SYSLOG ((LOG_WARN, "no more available UIDs on the system"));
- free (used_uids);
- return -1;
-diff -up shadow-4.9/libmisc/gettime.c.debug1 shadow-4.9/libmisc/gettime.c
---- shadow-4.9/libmisc/gettime.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/gettime.c 2022-01-10 10:45:52.204132951 +0100
-@@ -36,6 +36,7 @@
- #include
- #include "defines.h"
- #include "prototypes.h"
-+#include "shadowlog.h"
-
- /*
- * gettime() returns the time as the number of seconds since the Epoch
-@@ -50,6 +51,7 @@
- char *source_date_epoch;
- time_t fallback;
- unsigned long long epoch;
-+ FILE *shadow_logfd = log_get_logfd();
-
- fallback = time (NULL);
- source_date_epoch = shadow_getenv ("SOURCE_DATE_EPOCH");
-diff -up shadow-4.9/libmisc/idmapping.c.debug1 shadow-4.9/libmisc/idmapping.c
---- shadow-4.9/libmisc/idmapping.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/idmapping.c 2022-01-10 10:45:52.204132951 +0100
-@@ -40,6 +40,7 @@
- #include
- #include
- #endif
-+#include "shadowlog.h"
-
- struct map_range *get_map_ranges(int ranges, int argc, char **argv)
- {
-@@ -47,28 +48,28 @@ struct map_range *get_map_ranges(int ran
- int idx, argidx;
-
- if (ranges < 0 || argc < 0) {
-- fprintf(shadow_logfd, "%s: error calculating number of arguments\n", Prog);
-+ fprintf(log_get_logfd(), "%s: error calculating number of arguments\n", log_get_progname());
- return NULL;
- }
-
- if (ranges != ((argc + 2) / 3)) {
-- fprintf(shadow_logfd, "%s: ranges: %u is wrong for argc: %d\n", Prog, ranges, argc);
-+ fprintf(log_get_logfd(), "%s: ranges: %u is wrong for argc: %d\n", log_get_progname(), ranges, argc);
- return NULL;
- }
-
- if ((ranges * 3) > argc) {
-- fprintf(shadow_logfd, "ranges: %u argc: %d\n",
-+ fprintf(log_get_logfd(), "ranges: %u argc: %d\n",
- ranges, argc);
-- fprintf(shadow_logfd,
-+ fprintf(log_get_logfd(),
- _( "%s: Not enough arguments to form %u mappings\n"),
-- Prog, ranges);
-+ log_get_progname(), ranges);
- return NULL;
- }
-
- mappings = calloc(ranges, sizeof(*mappings));
- if (!mappings) {
-- fprintf(shadow_logfd, _( "%s: Memory allocation failure\n"),
-- Prog);
-+ fprintf(log_get_logfd(), _( "%s: Memory allocation failure\n"),
-+ log_get_progname());
- exit(EXIT_FAILURE);
- }
-
-@@ -88,24 +89,24 @@ struct map_range *get_map_ranges(int ran
- return NULL;
- }
- if (ULONG_MAX - mapping->upper <= mapping->count || ULONG_MAX - mapping->lower <= mapping->count) {
-- fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
-+ fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname());
- exit(EXIT_FAILURE);
- }
- if (mapping->upper > UINT_MAX ||
- mapping->lower > UINT_MAX ||
- mapping->count > UINT_MAX) {
-- fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
-+ fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname());
- exit(EXIT_FAILURE);
- }
- if (mapping->lower + mapping->count > UINT_MAX ||
- mapping->upper + mapping->count > UINT_MAX) {
-- fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
-+ fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname());
- exit(EXIT_FAILURE);
- }
- if (mapping->lower + mapping->count < mapping->lower ||
- mapping->upper + mapping->count < mapping->upper) {
- /* this one really shouldn't be possible given previous checks */
-- fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
-+ fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname());
- exit(EXIT_FAILURE);
- }
- }
-@@ -176,19 +177,19 @@ void write_mapping(int proc_dir_fd, int
- } else if (strcmp(map_file, "gid_map") == 0) {
- cap = CAP_SETGID;
- } else {
-- fprintf(shadow_logfd, _("%s: Invalid map file %s specified\n"), Prog, map_file);
-+ fprintf(log_get_logfd(), _("%s: Invalid map file %s specified\n"), log_get_progname(), map_file);
- exit(EXIT_FAILURE);
- }
-
- /* Align setuid- and fscaps-based new{g,u}idmap behavior. */
- if (geteuid() == 0 && geteuid() != ruid) {
- if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) {
-- fprintf(shadow_logfd, _("%s: Could not prctl(PR_SET_KEEPCAPS)\n"), Prog);
-+ fprintf(log_get_logfd(), _("%s: Could not prctl(PR_SET_KEEPCAPS)\n"), log_get_progname());
- exit(EXIT_FAILURE);
- }
-
- if (seteuid(ruid) < 0) {
-- fprintf(shadow_logfd, _("%s: Could not seteuid to %d\n"), Prog, ruid);
-+ fprintf(log_get_logfd(), _("%s: Could not seteuid to %d\n"), log_get_progname(), ruid);
- exit(EXIT_FAILURE);
- }
- }
-@@ -204,7 +205,7 @@ void write_mapping(int proc_dir_fd, int
- data[0].effective |= CAP_TO_MASK(CAP_SETFCAP);
- data[0].permitted = data[0].effective;
- if (capset(&hdr, data) < 0) {
-- fprintf(shadow_logfd, _("%s: Could not set caps\n"), Prog);
-+ fprintf(log_get_logfd(), _("%s: Could not set caps\n"), log_get_progname());
- exit(EXIT_FAILURE);
- }
- #endif
-@@ -222,7 +223,7 @@ void write_mapping(int proc_dir_fd, int
- mapping->lower,
- mapping->count);
- if ((written <= 0) || (written >= (bufsize - (pos - buf)))) {
-- fprintf(shadow_logfd, _("%s: snprintf failed!\n"), Prog);
-+ fprintf(log_get_logfd(), _("%s: snprintf failed!\n"), log_get_progname());
- exit(EXIT_FAILURE);
- }
- pos += written;
-@@ -231,13 +232,13 @@ void write_mapping(int proc_dir_fd, int
- /* Write the mapping to the mapping file */
- fd = openat(proc_dir_fd, map_file, O_WRONLY);
- if (fd < 0) {
-- fprintf(shadow_logfd, _("%s: open of %s failed: %s\n"),
-- Prog, map_file, strerror(errno));
-+ fprintf(log_get_logfd(), _("%s: open of %s failed: %s\n"),
-+ log_get_progname(), map_file, strerror(errno));
- exit(EXIT_FAILURE);
- }
- if (write(fd, buf, pos - buf) != (pos - buf)) {
-- fprintf(shadow_logfd, _("%s: write to %s failed: %s\n"),
-- Prog, map_file, strerror(errno));
-+ fprintf(log_get_logfd(), _("%s: write to %s failed: %s\n"),
-+ log_get_progname(), map_file, strerror(errno));
- exit(EXIT_FAILURE);
- }
- close(fd);
-diff -up shadow-4.9/libmisc/limits.c.debug1 shadow-4.9/libmisc/limits.c
---- shadow-4.9/libmisc/limits.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/limits.c 2022-01-10 10:45:52.204132951 +0100
-@@ -50,6 +50,7 @@
- #include "defines.h"
- #include
- #include "getdef.h"
-+#include "shadowlog.h"
- #ifdef HAVE_SYS_RESOURCE_H
- #include
- #define LIMITS
-@@ -548,7 +549,7 @@ void setup_limits (const struct passwd *
- #ifdef LIMITS
- if (info->pw_uid != 0) {
- if ((setup_user_limits (info->pw_name) & LOGIN_ERROR_LOGIN) != 0) {
-- (void) fputs (_("Too many logins.\n"), shadow_logfd);
-+ (void) fputs (_("Too many logins.\n"), log_get_logfd());
- (void) sleep (2); /* XXX: Should be FAIL_DELAY */
- exit (EXIT_FAILURE);
- }
-diff -up shadow-4.9/libmisc/pam_pass.c.debug1 shadow-4.9/libmisc/pam_pass.c
---- shadow-4.9/libmisc/pam_pass.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/pam_pass.c 2022-01-10 10:45:52.204132951 +0100
-@@ -46,11 +46,13 @@
- #include "defines.h"
- #include "pam_defs.h"
- #include "prototypes.h"
-+#include "shadowlog.h"
-
- void do_pam_passwd (const char *user, bool silent, bool change_expired)
- {
- pam_handle_t *pamh = NULL;
- int flags = 0, ret;
-+ FILE *shadow_logfd = log_get_logfd();
-
- if (silent)
- flags |= PAM_SILENT;
-diff -up shadow-4.9/libmisc/pam_pass_non_interactive.c.debug1 shadow-4.9/libmisc/pam_pass_non_interactive.c
---- shadow-4.9/libmisc/pam_pass_non_interactive.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/pam_pass_non_interactive.c 2022-01-10 10:45:52.204132951 +0100
-@@ -38,6 +38,7 @@
- #include
- #include
- #include "prototypes.h"
-+#include "shadowlog.h"
-
- /*@null@*/ /*@only@*/static const char *non_interactive_password = NULL;
- static int ni_conv (int num_msg,
-@@ -76,9 +77,9 @@ static int ni_conv (int num_msg,
-
- switch (msg[count]->msg_style) {
- case PAM_PROMPT_ECHO_ON:
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: PAM modules requesting echoing are not supported.\n"),
-- Prog);
-+ log_get_progname());
- goto failed_conversation;
- case PAM_PROMPT_ECHO_OFF:
- responses[count].resp = strdup (non_interactive_password);
-@@ -88,7 +89,7 @@ static int ni_conv (int num_msg,
- break;
- case PAM_ERROR_MSG:
- if ( (NULL == msg[count]->msg)
-- || (fprintf (shadow_logfd, "%s\n", msg[count]->msg) <0)) {
-+ || (fprintf (log_get_logfd(), "%s\n", msg[count]->msg) <0)) {
- goto failed_conversation;
- }
- responses[count].resp = NULL;
-@@ -101,9 +102,9 @@ static int ni_conv (int num_msg,
- responses[count].resp = NULL;
- break;
- default:
-- (void) fprintf (shadow_logfd,
-+ (void) fprintf (log_get_logfd(),
- _("%s: conversation type %d not supported.\n"),
-- Prog, msg[count]->msg_style);
-+ log_get_progname(), msg[count]->msg_style);
- goto failed_conversation;
- }
- }
-@@ -143,19 +144,19 @@ int do_pam_passwd_non_interactive (const
-
- ret = pam_start (pam_service, username, &non_interactive_pam_conv, &pamh);
- if (ret != PAM_SUCCESS) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: (user %s) pam_start failure %d\n"),
-- Prog, username, ret);
-+ log_get_progname(), username, ret);
- return 1;
- }
-
- non_interactive_password = password;
- ret = pam_chauthtok (pamh, 0);
- if (ret != PAM_SUCCESS) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: (user %s) pam_chauthtok() failed, error:\n"
- "%s\n"),
-- Prog, username, pam_strerror (pamh, ret));
-+ log_get_progname(), username, pam_strerror (pamh, ret));
- }
-
- (void) pam_end (pamh, PAM_SUCCESS);
-diff -up shadow-4.9/libmisc/prefix_flag.c.debug1 shadow-4.9/libmisc/prefix_flag.c
---- shadow-4.9/libmisc/prefix_flag.c.debug1 2022-01-10 10:45:52.201132929 +0100
-+++ shadow-4.9/libmisc/prefix_flag.c 2022-01-10 10:45:52.204132951 +0100
-@@ -48,6 +48,7 @@
- #include "subordinateio.h"
- #endif /* ENABLE_SUBIDS */
- #include "getdef.h"
-+#include "shadowlog.h"
-
- static char *passwd_db_file = NULL;
- static char *spw_db_file = NULL;
-@@ -83,18 +84,18 @@ extern const char* process_prefix_flag (
- && (val = argv[i] + 9))
- || (strcmp (argv[i], short_opt) == 0)) {
- if (NULL != prefix) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: multiple --prefix options\n"),
-- Prog);
-+ log_get_progname());
- exit (E_BAD_ARG);
- }
-
- if (val) {
- prefix = val;
- } else if (i + 1 == argc) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: option '%s' requires an argument\n"),
-- Prog, argv[i]);
-+ log_get_progname(), argv[i]);
- exit (E_BAD_ARG);
- } else {
- prefix = argv[++ i];
-@@ -110,9 +111,9 @@ extern const char* process_prefix_flag (
- /* should we prevent symbolic link from being used as a prefix? */
-
- if ( prefix[0] != '/') {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: prefix must be an absolute path\n"),
-- Prog);
-+ log_get_progname());
- exit (E_BAD_ARG);
- }
- size_t len;
-diff -up shadow-4.9/libmisc/pwdcheck.c.debug1 shadow-4.9/libmisc/pwdcheck.c
---- shadow-4.9/libmisc/pwdcheck.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/pwdcheck.c 2022-01-10 10:45:52.204132951 +0100
-@@ -39,6 +39,7 @@
- #include "prototypes.h"
- #include "defines.h"
- #include "pwauth.h"
-+#include "shadowlog.h"
-
- void passwd_check (const char *user, const char *passwd, unused const char *progname)
- {
-@@ -51,7 +52,7 @@ void passwd_check (const char *user, con
- if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) {
- SYSLOG ((LOG_WARN, "incorrect password for `%s'", user));
- (void) sleep (1);
-- fprintf (shadow_logfd, _("Incorrect password for %s.\n"), user);
-+ fprintf (log_get_logfd(), _("Incorrect password for %s.\n"), user);
- exit (EXIT_FAILURE);
- }
- }
-diff -up shadow-4.9/libmisc/root_flag.c.debug1 shadow-4.9/libmisc/root_flag.c
---- shadow-4.9/libmisc/root_flag.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/root_flag.c 2022-01-10 10:45:52.204132951 +0100
-@@ -38,6 +38,7 @@
- #include "prototypes.h"
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- static void change_root (const char* newroot);
-
-@@ -65,18 +66,18 @@ extern void process_root_flag (const cha
- && (val = argv[i] + 7))
- || (strcmp (argv[i], short_opt) == 0)) {
- if (NULL != newroot) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: multiple --root options\n"),
-- Prog);
-+ log_get_progname());
- exit (E_BAD_ARG);
- }
-
- if (val) {
- newroot = val;
- } else if (i + 1 == argc) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: option '%s' requires an argument\n"),
-- Prog, argv[i]);
-+ log_get_progname(), argv[i]);
- exit (E_BAD_ARG);
- } else {
- newroot = argv[++ i];
-@@ -94,36 +95,36 @@ static void change_root (const char* new
- /* Drop privileges */
- if ( (setregid (getgid (), getgid ()) != 0)
- || (setreuid (getuid (), getuid ()) != 0)) {
-- fprintf (shadow_logfd, _("%s: failed to drop privileges (%s)\n"),
-- Prog, strerror (errno));
-+ fprintf (log_get_logfd(), _("%s: failed to drop privileges (%s)\n"),
-+ log_get_progname(), strerror (errno));
- exit (EXIT_FAILURE);
- }
-
- if ('/' != newroot[0]) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: invalid chroot path '%s'\n"),
-- Prog, newroot);
-+ log_get_progname(), newroot);
- exit (E_BAD_ARG);
- }
-
- if (access (newroot, F_OK) != 0) {
-- fprintf(shadow_logfd,
-+ fprintf(log_get_logfd(),
- _("%s: cannot access chroot directory %s: %s\n"),
-- Prog, newroot, strerror (errno));
-+ log_get_progname(), newroot, strerror (errno));
- exit (E_BAD_ARG);
- }
-
- if (chdir (newroot) != 0) {
-- fprintf(shadow_logfd,
-+ fprintf(log_get_logfd(),
- _("%s: cannot chdir to chroot directory %s: %s\n"),
-- Prog, newroot, strerror (errno));
-+ log_get_progname(), newroot, strerror (errno));
- exit (E_BAD_ARG);
- }
-
- if (chroot (newroot) != 0) {
-- fprintf(shadow_logfd,
-+ fprintf(log_get_logfd(),
- _("%s: unable to chroot to directory %s: %s\n"),
-- Prog, newroot, strerror (errno));
-+ log_get_progname(), newroot, strerror (errno));
- exit (E_BAD_ARG);
- }
- }
-diff -up shadow-4.9/libmisc/salt.c.debug1 shadow-4.9/libmisc/salt.c
---- shadow-4.9/libmisc/salt.c.debug1 2022-01-10 10:45:52.195132887 +0100
-+++ shadow-4.9/libmisc/salt.c 2022-01-10 10:45:52.204132951 +0100
-@@ -21,6 +21,7 @@
- #include "prototypes.h"
- #include "defines.h"
- #include "getdef.h"
-+#include "shadowlog.h"
-
- #if (defined CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY && \
- CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY)
-@@ -178,7 +179,7 @@ static long read_random_bytes (void)
- #endif
-
- fail:
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("Unable to obtain random bytes.\n"));
- exit (1);
-
-@@ -506,7 +507,7 @@ static /*@observer@*/const char *gensalt
- SHA_salt_rounds_to_buf (result, rounds);
- #endif /* USE_SHA_CRYPT */
- } else if (0 != strcmp (method, "DES")) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("Invalid ENCRYPT_METHOD value: '%s'.\n"
- "Defaulting to DES.\n"),
- method);
-@@ -532,7 +533,7 @@ static /*@observer@*/const char *gensalt
-
- /* Should not happen, but... */
- if (NULL == retval) {
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("Unable to generate a salt from setting "
- "\"%s\", check your settings in "
- "ENCRYPT_METHOD and the corresponding "
-diff -up shadow-4.9/libmisc/setupenv.c.debug1 shadow-4.9/libmisc/setupenv.c
---- shadow-4.9/libmisc/setupenv.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/setupenv.c 2022-01-10 10:45:52.204132951 +0100
-@@ -47,6 +47,7 @@
- #include "defines.h"
- #include
- #include "getdef.h"
-+#include "shadowlog.h"
-
- #ifndef USE_PAM
- static void
-@@ -219,7 +220,7 @@ void setup_env (struct passwd *info)
- static char temp_pw_dir[] = "/";
-
- if (!getdef_bool ("DEFAULT_HOME") || chdir ("/") == -1) {
-- fprintf (shadow_logfd, _("Unable to cd to '%s'\n"),
-+ fprintf (log_get_logfd(), _("Unable to cd to '%s'\n"),
- info->pw_dir);
- SYSLOG ((LOG_WARN,
- "unable to cd to `%s' for user `%s'\n",
-diff -up shadow-4.9/libmisc/user_busy.c.debug1 shadow-4.9/libmisc/user_busy.c
---- shadow-4.9/libmisc/user_busy.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/user_busy.c 2022-01-10 10:45:52.204132951 +0100
-@@ -45,6 +45,7 @@
- #ifdef ENABLE_SUBIDS
- #include "subordinateio.h"
- #endif /* ENABLE_SUBIDS */
-+#include "shadowlog.h"
-
- #ifdef __linux__
- static int check_status (const char *name, const char *sname, uid_t uid);
-@@ -96,9 +97,9 @@ static int user_busy_utmp (const char *n
- continue;
- }
-
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: user %s is currently logged in\n"),
-- Prog, name);
-+ log_get_progname(), name);
- return 1;
- }
-
-@@ -249,9 +250,9 @@ static int user_busy_processes (const ch
- #ifdef ENABLE_SUBIDS
- sub_uid_close();
- #endif
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: user %s is currently used by process %d\n"),
-- Prog, name, pid);
-+ log_get_progname(), name, pid);
- return 1;
- }
-
-@@ -273,9 +274,9 @@ static int user_busy_processes (const ch
- #ifdef ENABLE_SUBIDS
- sub_uid_close();
- #endif
-- fprintf (shadow_logfd,
-+ fprintf (log_get_logfd(),
- _("%s: user %s is currently used by process %d\n"),
-- Prog, name, pid);
-+ log_get_progname(), name, pid);
- return 1;
- }
- }
-diff -up shadow-4.9/libmisc/xgetXXbyYY.c.debug1 shadow-4.9/libmisc/xgetXXbyYY.c
---- shadow-4.9/libmisc/xgetXXbyYY.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/xgetXXbyYY.c 2022-01-10 10:45:52.204132951 +0100
-@@ -54,6 +54,7 @@
- #include
- #include
- #include "prototypes.h"
-+#include "shadowlog.h"
-
- #define XFUNCTION_NAME XPREFIX (FUNCTION_NAME)
- #define XPREFIX(name) XPREFIX1 (name)
-@@ -74,7 +75,7 @@
-
- result = malloc(sizeof(LOOKUP_TYPE));
- if (NULL == result) {
-- fprintf (shadow_logfd, _("%s: out of memory\n"),
-+ fprintf (log_get_logfd(), _("%s: out of memory\n"),
- "x" STRINGIZE(FUNCTION_NAME));
- exit (13);
- }
-@@ -84,7 +85,7 @@
- LOOKUP_TYPE *resbuf = NULL;
- buffer = (char *)realloc (buffer, length);
- if (NULL == buffer) {
-- fprintf (shadow_logfd, _("%s: out of memory\n"),
-+ fprintf (log_get_logfd(), _("%s: out of memory\n"),
- "x" STRINGIZE(FUNCTION_NAME));
- exit (13);
- }
-@@ -132,7 +133,7 @@
- if (result) {
- result = DUP_FUNCTION(result);
- if (NULL == result) {
-- fprintf (shadow_logfd, _("%s: out of memory\n"),
-+ fprintf (log_get_logfd(), _("%s: out of memory\n"),
- "x" STRINGIZE(FUNCTION_NAME));
- exit (13);
- }
-diff -up shadow-4.9/libmisc/xmalloc.c.debug1 shadow-4.9/libmisc/xmalloc.c
---- shadow-4.9/libmisc/xmalloc.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libmisc/xmalloc.c 2022-01-10 10:45:52.204132951 +0100
-@@ -47,6 +47,7 @@
- #include
- #include "defines.h"
- #include "prototypes.h"
-+#include "shadowlog.h"
-
- /*@maynotreturn@*/ /*@only@*//*@out@*//*@notnull@*/char *xmalloc (size_t size)
- {
-@@ -54,9 +55,9 @@
-
- ptr = (char *) malloc (size);
- if (NULL == ptr) {
-- (void) fprintf (shadow_logfd,
-+ (void) fprintf (log_get_logfd(),
- _("%s: failed to allocate memory: %s\n"),
-- Prog, strerror (errno));
-+ log_get_progname(), strerror (errno));
- exit (13);
- }
- return ptr;
-diff -up shadow-4.9/lib/nscd.c.debug1 shadow-4.9/lib/nscd.c
---- shadow-4.9/lib/nscd.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/lib/nscd.c 2022-01-10 10:45:52.202132937 +0100
-@@ -10,6 +10,7 @@
- #include "defines.h"
- #include "prototypes.h"
- #include "nscd.h"
-+#include "shadowlog_internal.h"
-
- #define MSG_NSCD_FLUSH_CACHE_FAILED "%s: Failed to flush the nscd cache.\n"
-
-diff -up shadow-4.9/lib/nss.c.debug1 shadow-4.9/lib/nss.c
---- shadow-4.9/lib/nss.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/lib/nss.c 2022-01-10 10:45:52.202132937 +0100
-@@ -8,6 +8,7 @@
- #include
- #include "prototypes.h"
- #include "../libsubid/subid.h"
-+#include "shadowlog_internal.h"
-
- #define NSSWITCH "/etc/nsswitch.conf"
-
-diff -up shadow-4.9/lib/prototypes.h.debug1 shadow-4.9/lib/prototypes.h
---- shadow-4.9/lib/prototypes.h.debug1 2022-01-10 10:45:52.195132887 +0100
-+++ shadow-4.9/lib/prototypes.h 2022-01-10 10:45:52.202132937 +0100
-@@ -59,9 +59,6 @@
- #include "defines.h"
- #include "commonio.h"
-
--extern /*@observer@*/ const char *Prog; /* Program name showed in error messages */
--extern FILE *shadow_logfd; /* file descripter to which error messages are printed */
--
- /* addgrps.c */
- #if defined (HAVE_SETGROUPS) && ! defined (USE_PAM)
- extern int add_groups (const char *);
-diff -up shadow-4.9/lib/run_part.c.debug1 shadow-4.9/lib/run_part.c
---- shadow-4.9/lib/run_part.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/lib/run_part.c 2022-01-10 10:45:52.202132937 +0100
-@@ -8,6 +8,7 @@
- #include
- #include
- #include
-+#include "shadowlog_internal.h"
-
- int run_part (char *script_path, char *name, char *action)
- {
-diff -up shadow-4.9/lib/selinux.c.debug1 shadow-4.9/lib/selinux.c
---- shadow-4.9/lib/selinux.c.debug1 2022-01-10 10:45:52.196132894 +0100
-+++ shadow-4.9/lib/selinux.c 2022-01-10 10:45:52.202132937 +0100
-@@ -38,6 +38,8 @@
- #include
- #include "prototypes.h"
-
-+#include "shadowlog_internal.h"
-+
- static bool selinux_checked = false;
- static bool selinux_enabled;
- static /*@null@*/struct selabel_handle *selabel_hnd = NULL;
-diff -up shadow-4.9/lib/semanage.c.debug1 shadow-4.9/lib/semanage.c
---- shadow-4.9/lib/semanage.c.debug1 2022-01-10 10:45:52.196132894 +0100
-+++ shadow-4.9/lib/semanage.c 2022-01-10 10:45:52.202132937 +0100
-@@ -43,6 +43,7 @@
- #include
- #include "prototypes.h"
-
-+#include "shadowlog_internal.h"
-
- #ifndef DEFAULT_SERANGE
- #define DEFAULT_SERANGE "s0"
-diff -up shadow-4.9/lib/shadowlog.c.debug1 shadow-4.9/lib/shadowlog.c
---- shadow-4.9/lib/shadowlog.c.debug1 2022-01-10 10:45:52.202132937 +0100
-+++ shadow-4.9/lib/shadowlog.c 2022-01-10 10:45:52.202132937 +0100
-@@ -0,0 +1,28 @@
-+#include "shadowlog.h"
-+
-+#include "lib/shadowlog_internal.h"
-+
-+void log_set_progname(const char *progname)
-+{
-+ Prog = progname;
-+}
-+
-+const char *log_get_progname(void)
-+{
-+ return Prog;
-+}
-+
-+void log_set_logfd(FILE *fd)
-+{
-+ if (NULL != fd)
-+ shadow_logfd = fd;
-+ else
-+ shadow_logfd = stderr;
-+}
-+
-+FILE *log_get_logfd(void)
-+{
-+ if (shadow_logfd != NULL)
-+ return shadow_logfd;
-+ return stderr;
-+}
-diff -up shadow-4.9/lib/shadowlog.h.debug1 shadow-4.9/lib/shadowlog.h
---- shadow-4.9/lib/shadowlog.h.debug1 2022-01-10 10:45:52.202132937 +0100
-+++ shadow-4.9/lib/shadowlog.h 2022-01-10 10:45:52.202132937 +0100
-@@ -0,0 +1,41 @@
-+/*
-+ * Copyright (c) 2021 , Serge Hallyn
-+ * All rights reserved.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions
-+ * are met:
-+ * 1. Redistributions of source code must retain the above copyright
-+ * notice, this list of conditions and the following disclaimer.
-+ * 2. Redistributions in binary form must reproduce the above copyright
-+ * notice, this list of conditions and the following disclaimer in the
-+ * documentation and/or other materials provided with the distribution.
-+ * 3. The name of the copyright holders or contributors may not be used to
-+ * endorse or promote products derived from this software without
-+ * specific prior written permission.
-+ *
-+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
-+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-+ * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-+ */
-+
-+/* $Id$ */
-+#ifndef _LOG_H
-+#define _LOG_H
-+#include
-+
-+extern void log_set_progname(const char *);
-+extern const char *log_get_progname(void);
-+extern void log_set_logfd(FILE *fd);
-+extern FILE *log_get_logfd(void);
-+extern void log_dolog(char *, ...);
-+
-+#endif
-diff -up shadow-4.9/lib/shadowlog_internal.h.debug1 shadow-4.9/lib/shadowlog_internal.h
---- shadow-4.9/lib/shadowlog_internal.h.debug1 2022-01-10 10:45:52.202132937 +0100
-+++ shadow-4.9/lib/shadowlog_internal.h 2022-01-10 10:45:52.202132937 +0100
-@@ -0,0 +1,2 @@
-+const char *Prog; /* Program name showed in error messages */
-+FILE *shadow_logfd; /* file descripter to which error messages are printed */
-diff -up shadow-4.9/lib/spawn.c.debug1 shadow-4.9/lib/spawn.c
---- shadow-4.9/lib/spawn.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/lib/spawn.c 2022-01-10 10:45:52.202132937 +0100
-@@ -38,6 +38,8 @@
- #include "exitcodes.h"
- #include "prototypes.h"
-
-+#include "shadowlog_internal.h"
-+
- int run_command (const char *cmd, const char *argv[],
- /*@null@*/const char *envp[], /*@out@*/int *status)
- {
-diff -up shadow-4.9/lib/sssd.c.debug1 shadow-4.9/lib/sssd.c
---- shadow-4.9/lib/sssd.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/lib/sssd.c 2022-01-10 10:45:52.203132944 +0100
-@@ -11,6 +11,8 @@
- #include "prototypes.h"
- #include "sssd.h"
-
-+#include "shadowlog_internal.h"
-+
- #define MSG_SSSD_FLUSH_CACHE_FAILED "%s: Failed to flush the sssd cache."
-
- int sssd_flush_cache (int dbflags)
-diff -up shadow-4.9/libsubid/api.c.debug1 shadow-4.9/libsubid/api.c
---- shadow-4.9/libsubid/api.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/libsubid/api.c 2022-01-10 10:48:14.913151522 +0100
-@@ -38,12 +38,13 @@
- #include "subordinateio.h"
- #include "idmapping.h"
- #include "subid.h"
-+#include "shadowlog.h"
-
- const char *Prog = "(libsubid)";
--FILE *shadow_logfd;
-
- bool libsubid_init(const char *progname, FILE * logfd)
- {
-+ FILE *shadow_logfd;
- if (progname) {
- progname = strdup(progname);
- if (progname)
-@@ -53,14 +54,15 @@ bool libsubid_init(const char *progname,
- }
-
- if (logfd) {
-- shadow_logfd = logfd;
-+ log_set_logfd(logfd);
- return true;
- }
- shadow_logfd = fopen("/dev/null", "w");
- if (!shadow_logfd) {
-- shadow_logfd = stderr;
-+ log_set_logfd(stderr);
- return false;
- }
-+ log_set_logfd(shadow_logfd);
- return true;
- }
-
-diff -up shadow-4.9/lib/tcbfuncs.c.debug1 shadow-4.9/lib/tcbfuncs.c
---- shadow-4.9/lib/tcbfuncs.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/lib/tcbfuncs.c 2022-01-10 10:45:52.203132944 +0100
-@@ -38,6 +38,8 @@
- #include "shadowio.h"
- #include "tcbfuncs.h"
-
-+#include "shadowlog_internal.h"
-+
- #define SHADOWTCB_HASH_BY 1000
- #define SHADOWTCB_LOCK_SUFFIX ".lock"
-
-diff -up shadow-4.9/src/chage.c.debug1 shadow-4.9/src/chage.c
---- shadow-4.9/src/chage.c.debug1 2022-01-10 10:45:52.188132837 +0100
-+++ shadow-4.9/src/chage.c 2022-01-10 10:45:52.205132958 +0100
-@@ -52,6 +52,7 @@
- #include "defines.h"
- #include "pwio.h"
- #include "shadowio.h"
-+#include "shadowlog.h"
- #ifdef WITH_TCB
- #include "tcbfuncs.h"
- #endif
-@@ -62,7 +63,6 @@
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static bool
- dflg = false, /* set last password change date */
-@@ -820,7 +820,8 @@ int main (int argc, char **argv)
- * Get the program name so that error messages can use it.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- sanitize_env ();
- (void) setlocale (LC_ALL, "");
-diff -up shadow-4.9/src/check_subid_range.c.debug1 shadow-4.9/src/check_subid_range.c
---- shadow-4.9/src/check_subid_range.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/check_subid_range.c 2022-01-10 10:45:52.205132958 +0100
-@@ -16,9 +16,9 @@
- #include "prototypes.h"
- #include "subordinateio.h"
- #include "idmapping.h"
-+#include "shadowlog.h"
-
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- int main(int argc, char **argv)
- {
-@@ -26,7 +26,8 @@ int main(int argc, char **argv)
- unsigned long start, count;
- bool check_uids;
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- if (argc != 5)
- exit(1);
-diff -up shadow-4.9/src/chfn.c.debug1 shadow-4.9/src/chfn.c
---- shadow-4.9/src/chfn.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/chfn.c 2022-01-10 10:45:52.205132958 +0100
-@@ -52,12 +52,12 @@
- #include "pwio.h"
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- /*
- * Global variables.
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
- static char fullnm[BUFSIZ];
- static char roomno[BUFSIZ];
- static char workph[BUFSIZ];
-@@ -640,7 +640,8 @@ int main (int argc, char **argv)
- * prefix to most error messages.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- sanitize_env ();
- (void) setlocale (LC_ALL, "");
-diff -up shadow-4.9/src/chgpasswd.c.debug1 shadow-4.9/src/chgpasswd.c
---- shadow-4.9/src/chgpasswd.c.debug1 2022-01-10 10:45:52.188132837 +0100
-+++ shadow-4.9/src/chgpasswd.c 2022-01-10 10:45:52.205132958 +0100
-@@ -61,12 +61,12 @@
- #endif
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
- static bool eflg = false;
- static bool md5flg = false;
- #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
-@@ -506,7 +506,8 @@ int main (int argc, char **argv)
- int line = 0;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/chpasswd.c.debug1 shadow-4.9/src/chpasswd.c
---- shadow-4.9/src/chpasswd.c.debug1 2022-01-10 10:45:52.188132837 +0100
-+++ shadow-4.9/src/chpasswd.c 2022-01-10 10:45:52.205132958 +0100
-@@ -58,12 +58,12 @@
- #include "shadowio.h"
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
- static bool eflg = false;
- static bool md5flg = false;
- #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
-@@ -494,7 +494,8 @@ int main (int argc, char **argv)
- int line = 0;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/chsh.c.debug1 shadow-4.9/src/chsh.c
---- shadow-4.9/src/chsh.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/chsh.c 2022-01-10 10:45:52.205132958 +0100
-@@ -51,6 +51,7 @@
- #endif
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- #ifndef SHELLS_FILE
- #define SHELLS_FILE "/etc/shells"
-@@ -59,7 +60,6 @@
- * Global variables
- */
- const char *Prog; /* Program name */
--FILE *shadow_logfd = NULL;
- static bool amroot; /* Real UID is root */
- static char loginsh[BUFSIZ]; /* Name of new login shell */
- /* command line options */
-@@ -442,7 +442,8 @@ int main (int argc, char **argv)
- * most error messages.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/expiry.c.debug1 shadow-4.9/src/expiry.c
---- shadow-4.9/src/expiry.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/expiry.c 2022-01-10 10:45:52.205132958 +0100
-@@ -43,10 +43,10 @@
- #include "prototypes.h"
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- /* Global variables */
- const char *Prog;
--FILE *shadow_logfd = NULL;
- static bool cflg = false;
-
- /* local function prototypes */
-@@ -145,7 +145,8 @@ int main (int argc, char **argv)
- struct spwd *spwd;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- sanitize_env ();
-
-diff -up shadow-4.9/src/faillog.c.debug1 shadow-4.9/src/faillog.c
---- shadow-4.9/src/faillog.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/faillog.c 2022-01-10 10:45:52.205132958 +0100
-@@ -46,6 +46,7 @@
- #include "prototypes.h"
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- /* local function prototypes */
- static /*@noreturn@*/void usage (int status);
-@@ -62,7 +63,6 @@ static void reset (void);
- * Global variables
- */
- const char *Prog; /* Program name */
--FILE *shadow_logfd = NULL;
- static FILE *fail; /* failure file stream */
- static time_t seconds; /* that number of days in seconds */
- static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */
-@@ -574,7 +574,8 @@ int main (int argc, char **argv)
- * most error messages.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/free_subid_range.c.debug1 shadow-4.9/src/free_subid_range.c
---- shadow-4.9/src/free_subid_range.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/free_subid_range.c 2022-01-10 10:45:52.205132958 +0100
-@@ -3,11 +3,11 @@
- #include "subid.h"
- #include "stdlib.h"
- #include "prototypes.h"
-+#include "shadowlog.h"
-
- /* Test program for the subid freeing routine */
-
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- void usage(void)
- {
-@@ -24,7 +24,8 @@ int main(int argc, char *argv[])
- bool group = false; // get subuids by default
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
- while ((c = getopt(argc, argv, "g")) != EOF) {
- switch(c) {
- case 'g': group = true; break;
-diff -up shadow-4.9/src/get_subid_owners.c.debug1 shadow-4.9/src/get_subid_owners.c
---- shadow-4.9/src/get_subid_owners.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/get_subid_owners.c 2022-01-10 10:45:52.205132958 +0100
-@@ -2,9 +2,9 @@
- #include "subid.h"
- #include "stdlib.h"
- #include "prototypes.h"
-+#include "shadowlog.h"
-
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- void usage(void)
- {
-@@ -20,7 +20,8 @@ int main(int argc, char *argv[])
- uid_t *uids;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
- if (argc < 2) {
- usage();
- }
-diff -up shadow-4.9/src/getsubids.c.debug1 shadow-4.9/src/getsubids.c
---- shadow-4.9/src/getsubids.c.debug1 2022-01-10 10:45:52.200132922 +0100
-+++ shadow-4.9/src/getsubids.c 2022-01-10 10:45:52.205132958 +0100
-@@ -3,9 +3,9 @@
- #include
- #include "subid.h"
- #include "prototypes.h"
-+#include "shadowlog.h"
-
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- void usage(void)
- {
-@@ -22,7 +22,8 @@ int main(int argc, char *argv[])
- const char *owner;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
- if (argc < 2)
- usage();
- owner = argv[1];
-diff -up shadow-4.9/src/gpasswd.c.debug1 shadow-4.9/src/gpasswd.c
---- shadow-4.9/src/gpasswd.c.debug1 2022-01-10 10:45:52.184132808 +0100
-+++ shadow-4.9/src/gpasswd.c 2022-01-10 10:45:52.205132958 +0100
-@@ -53,12 +53,12 @@
- /*@-exitarg@*/
- #include "exitcodes.h"
-
-+#include "shadowlog.h"
- /*
- * Global variables
- */
- /* The name of this command, as it is invoked */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- #ifdef SHADOWGRP
- /* Indicate if shadow groups are enabled on the system
-@@ -927,7 +927,8 @@ int main (int argc, char **argv)
- */
- bywho = getuid ();
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- OPENLOG ("gpasswd");
- setbuf (stdout, NULL);
-diff -up shadow-4.9/src/groupadd.c.debug1 shadow-4.9/src/groupadd.c
---- shadow-4.9/src/groupadd.c.debug1 2022-01-10 10:45:52.184132808 +0100
-+++ shadow-4.9/src/groupadd.c 2022-01-10 10:45:52.205132958 +0100
-@@ -56,6 +56,7 @@
- #ifdef SHADOWGRP
- #include "sgroupio.h"
- #endif
-+#include "shadowlog.h"
-
- /*
- * exit status values
-@@ -72,7 +73,6 @@
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static /*@null@*/char *group_name;
- static gid_t group_id;
-@@ -602,7 +602,8 @@ int main (int argc, char **argv)
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/groupdel.c.debug1 shadow-4.9/src/groupdel.c
---- shadow-4.9/src/groupdel.c.debug1 2022-01-10 10:45:52.185132815 +0100
-+++ shadow-4.9/src/groupdel.c 2022-01-10 10:45:52.205132958 +0100
-@@ -54,11 +54,11 @@
- #ifdef SHADOWGRP
- #include "sgroupio.h"
- #endif
-+#include "shadowlog.h"
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static char *group_name;
- static gid_t group_id = -1;
-@@ -379,7 +379,8 @@ int main (int argc, char **argv)
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/groupmems.c.debug1 shadow-4.9/src/groupmems.c
---- shadow-4.9/src/groupmems.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/groupmems.c 2022-01-10 10:45:52.206132965 +0100
-@@ -47,6 +47,7 @@
- #ifdef SHADOWGRP
- #include "sgroupio.h"
- #endif
-+#include "shadowlog.h"
-
- /* Exit Status Values */
- /*@-exitarg@*/
-@@ -65,7 +66,6 @@
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static char *adduser = NULL;
- static char *deluser = NULL;
-@@ -596,7 +596,8 @@ int main (int argc, char **argv)
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/groupmod.c.debug1 shadow-4.9/src/groupmod.c
---- shadow-4.9/src/groupmod.c.debug1 2022-01-10 10:45:52.185132815 +0100
-+++ shadow-4.9/src/groupmod.c 2022-01-10 10:45:52.206132965 +0100
-@@ -56,6 +56,7 @@
- #ifdef SHADOWGRP
- #include "sgroupio.h"
- #endif
-+#include "shadowlog.h"
- /*
- * exit status values
- */
-@@ -76,7 +77,6 @@
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- #ifdef SHADOWGRP
- static bool is_shadow_grp;
-@@ -840,7 +840,8 @@ int main (int argc, char **argv)
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/groups.c.debug1 shadow-4.9/src/groups.c
---- shadow-4.9/src/groups.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/groups.c 2022-01-10 10:45:52.206132965 +0100
-@@ -39,11 +39,11 @@
- #include
- #include "defines.h"
- #include "prototypes.h"
-+#include "shadowlog.h"
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- /* local function prototypes */
- static void print_groups (const char *member);
-@@ -127,7 +127,8 @@ int main (int argc, char **argv)
- * Get the program name so that error messages can use it.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- if (argc == 1) {
-
-diff -up shadow-4.9/src/grpck.c.debug1 shadow-4.9/src/grpck.c
---- shadow-4.9/src/grpck.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/grpck.c 2022-01-10 10:45:52.206132965 +0100
-@@ -45,6 +45,7 @@
- #include "nscd.h"
- #include "sssd.h"
- #include "prototypes.h"
-+#include "shadowlog.h"
-
- #ifdef SHADOWGRP
- #include "sgroupio.h"
-@@ -66,7 +67,6 @@
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static const char *grp_file = GROUP_FILE;
- static bool use_system_grp_file = true;
-@@ -841,7 +841,8 @@ int main (int argc, char **argv)
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/grpconv.c.debug1 shadow-4.9/src/grpconv.c
---- shadow-4.9/src/grpconv.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/grpconv.c 2022-01-10 10:45:52.206132965 +0100
-@@ -55,11 +55,11 @@
- #ifdef SHADOWGRP
- #include "groupio.h"
- #include "sgroupio.h"
-+#include "shadowlog.h"
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static bool gr_locked = false;
- static bool sgr_locked = false;
-@@ -147,7 +147,8 @@ int main (int argc, char **argv)
- struct sgrp sgent;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/grpunconv.c.debug1 shadow-4.9/src/grpunconv.c
---- shadow-4.9/src/grpunconv.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/grpunconv.c 2022-01-10 10:45:52.206132965 +0100
-@@ -55,11 +55,11 @@
- #ifdef SHADOWGRP
- #include "groupio.h"
- #include "sgroupio.h"
-+#include "shadowlog.h"
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static bool gr_locked = false;
- static bool sgr_locked = false;
-@@ -146,7 +146,8 @@ int main (int argc, char **argv)
- const struct sgrp *sg;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/lastlog.c.debug1 shadow-4.9/src/lastlog.c
---- shadow-4.9/src/lastlog.c.debug1 2022-01-10 10:45:52.189132844 +0100
-+++ shadow-4.9/src/lastlog.c 2022-01-10 10:45:52.206132965 +0100
-@@ -50,6 +50,7 @@
- #include "getdef.h"
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- /*
- * Needed for MkLinux DR1/2/2.1 - J.
-@@ -62,7 +63,6 @@
- * Global variables
- */
- const char *Prog; /* Program name */
--FILE *shadow_logfd = NULL;
- static FILE *lastlogfile; /* lastlog file stream */
- static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */
- static bool has_umin = false;
-@@ -322,7 +322,8 @@ int main (int argc, char **argv)
- * most error messages.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/login.c.debug1 shadow-4.9/src/login.c
---- shadow-4.9/src/login.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/login.c 2022-01-10 10:45:52.206132965 +0100
-@@ -53,6 +53,7 @@
- #include "pwauth.h"
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- #ifdef USE_PAM
- #include "pam_defs.h"
-@@ -83,7 +84,6 @@ static pam_handle_t *pamh = NULL;
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static const char *hostname = "";
- static /*@null@*/ /*@only@*/char *username = NULL;
-@@ -578,7 +578,8 @@ int main (int argc, char **argv)
-
- amroot = (getuid () == 0);
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- if (geteuid() != 0) {
- fprintf (stderr, _("%s: Cannot possibly work without effective root\n"), Prog);
-diff -up shadow-4.9/src/logoutd.c.debug1 shadow-4.9/src/logoutd.c
---- shadow-4.9/src/logoutd.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/logoutd.c 2022-01-10 10:45:52.206132965 +0100
-@@ -40,11 +40,11 @@
- #include
- #include "defines.h"
- #include "prototypes.h"
-+#include "shadowlog.h"
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- #ifndef DEFAULT_HUP_MESG
- #define DEFAULT_HUP_MESG _("login time exceeded\n\n")
-@@ -188,7 +188,8 @@ int main (int argc, char **argv)
- * Start syslogging everything
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- OPENLOG ("logoutd");
-
-diff -up shadow-4.9/src/newgidmap.c.debug1 shadow-4.9/src/newgidmap.c
---- shadow-4.9/src/newgidmap.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/newgidmap.c 2022-01-10 10:45:52.206132965 +0100
-@@ -41,12 +41,12 @@
- #include "subordinateio.h"
- #include "getdef.h"
- #include "idmapping.h"
-+#include "shadowlog.h"
-
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
-
- static bool verify_range(struct passwd *pw, struct map_range *range, bool *allow_setgroups)
-@@ -177,7 +177,8 @@ int main(int argc, char **argv)
- bool allow_setgroups = false;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- /*
- * The valid syntax are
-diff -up shadow-4.9/src/newgrp.c.debug1 shadow-4.9/src/newgrp.c
---- shadow-4.9/src/newgrp.c.debug1 2022-01-10 10:45:52.199132915 +0100
-+++ shadow-4.9/src/newgrp.c 2022-01-10 10:45:52.206132965 +0100
-@@ -44,12 +44,12 @@
- #include "prototypes.h"
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- extern char **newenvp;
- extern char **environ;
-@@ -446,7 +446,8 @@ int main (int argc, char **argv)
- * don't need to re-exec anything. -- JWP
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
- is_newgrp = (strcmp (Prog, "newgrp") == 0);
- OPENLOG (is_newgrp ? "newgrp" : "sg");
- argc--;
-diff -up shadow-4.9/src/new_subid_range.c.debug1 shadow-4.9/src/new_subid_range.c
---- shadow-4.9/src/new_subid_range.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/new_subid_range.c 2022-01-10 10:45:52.206132965 +0100
-@@ -3,11 +3,11 @@
- #include "subid.h"
- #include "stdlib.h"
- #include "prototypes.h"
-+#include "shadowlog.h"
-
- /* Test program for the subid creation routine */
-
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- void usage(void)
- {
-@@ -27,7 +27,8 @@ int main(int argc, char *argv[])
- bool ok;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
- while ((c = getopt(argc, argv, "gn")) != EOF) {
- switch(c) {
- case 'n': makenew = true; break;
-diff -up shadow-4.9/src/newuidmap.c.debug1 shadow-4.9/src/newuidmap.c
---- shadow-4.9/src/newuidmap.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/newuidmap.c 2022-01-10 10:45:52.206132965 +0100
-@@ -41,12 +41,12 @@
- #include "subordinateio.h"
- #include "getdef.h"
- #include "idmapping.h"
-+#include "shadowlog.h"
-
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static bool verify_range(struct passwd *pw, struct map_range *range)
- {
-@@ -107,7 +107,8 @@ int main(int argc, char **argv)
- int written;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- /*
- * The valid syntax are
-diff -up shadow-4.9/src/newusers.c.debug1 shadow-4.9/src/newusers.c
---- shadow-4.9/src/newusers.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/newusers.c 2022-01-10 10:45:52.207132972 +0100
-@@ -70,12 +70,12 @@
- #include "subordinateio.h"
- #endif /* ENABLE_SUBIDS */
- #include "chkname.h"
-+#include "shadowlog.h"
-
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static bool rflg = false; /* create a system account */
- #ifndef USE_PAM
-@@ -1071,7 +1071,8 @@ int main (int argc, char **argv)
- #endif /* USE_PAM */
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/passwd.c.debug1 shadow-4.9/src/passwd.c
---- shadow-4.9/src/passwd.c.debug1 2022-01-10 10:45:52.189132844 +0100
-+++ shadow-4.9/src/passwd.c 2022-01-10 10:45:52.207132972 +0100
-@@ -50,6 +50,7 @@
- #include "pwauth.h"
- #include "pwio.h"
- #include "shadowio.h"
-+#include "shadowlog.h"
-
- /*
- * exit status values
-@@ -66,7 +67,6 @@
- * Global variables
- */
- const char *Prog; /* Program name */
--FILE *shadow_logfd = NULL;
-
- static char *name; /* The name of user whose password is being changed */
- static char *myname; /* The current user's name */
-@@ -761,7 +761,8 @@ int main (int argc, char **argv)
- * most error messages.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/pwck.c.debug1 shadow-4.9/src/pwck.c
---- shadow-4.9/src/pwck.c.debug1 2022-01-10 10:45:52.198132908 +0100
-+++ shadow-4.9/src/pwck.c 2022-01-10 10:45:52.207132972 +0100
-@@ -52,6 +52,7 @@
- #ifdef WITH_TCB
- #include "tcbfuncs.h"
- #endif /* WITH_TCB */
-+#include "shadowlog.h"
-
- /*
- * Exit codes
-@@ -70,7 +71,6 @@
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static bool use_system_pw_file = true;
- static bool use_system_spw_file = true;
-@@ -857,7 +857,8 @@ int main (int argc, char **argv)
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/pwconv.c.debug1 shadow-4.9/src/pwconv.c
---- shadow-4.9/src/pwconv.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/pwconv.c 2022-01-10 10:45:52.207132972 +0100
-@@ -73,6 +73,7 @@
- #include "shadowio.h"
- #include "nscd.h"
- #include "sssd.h"
-+#include "shadowlog.h"
-
- /*
- * exit status values
-@@ -89,7 +90,6 @@
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static bool spw_locked = false;
- static bool pw_locked = false;
-@@ -177,7 +177,8 @@ int main (int argc, char **argv)
- struct spwd spent;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/pwunconv.c.debug1 shadow-4.9/src/pwunconv.c
---- shadow-4.9/src/pwunconv.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/pwunconv.c 2022-01-10 10:45:52.207132972 +0100
-@@ -48,12 +48,12 @@
- #include "shadowio.h"
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static bool spw_locked = false;
- static bool pw_locked = false;
-@@ -138,7 +138,8 @@ int main (int argc, char **argv)
- const struct spwd *spwd;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/su.c.debug1 shadow-4.9/src/su.c
---- shadow-4.9/src/su.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/su.c 2022-01-10 10:45:52.207132972 +0100
-@@ -77,12 +77,12 @@
- #endif /* USE_PAM */
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
- static /*@observer@*/const char *caller_tty = NULL; /* Name of tty SU is run from */
- static bool caller_is_root = false;
- static uid_t caller_uid;
-@@ -717,7 +717,8 @@ static void save_caller_context (char **
- * most error messages.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- caller_uid = getuid ();
- caller_is_root = (caller_uid == 0);
-diff -up shadow-4.9/src/sulogin.c.debug1 shadow-4.9/src/sulogin.c
---- shadow-4.9/src/sulogin.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/sulogin.c 2022-01-10 10:45:52.207132972 +0100
-@@ -45,12 +45,12 @@
- #include "pwauth.h"
- /*@-exitarg@*/
- #include "exitcodes.h"
-+#include "shadowlog.h"
-
- /*
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static char name[BUFSIZ];
- static char pass[BUFSIZ];
-@@ -107,7 +107,8 @@ static RETSIGTYPE catch_signals (unused
- #endif
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
- (void) textdomain (PACKAGE);
-diff -up shadow-4.9/src/useradd.c.debug1 shadow-4.9/src/useradd.c
---- shadow-4.9/src/useradd.c.debug1 2022-01-10 10:45:52.197132901 +0100
-+++ shadow-4.9/src/useradd.c 2022-01-10 10:45:52.207132972 +0100
-@@ -78,6 +78,7 @@
- #ifdef WITH_TCB
- #include "tcbfuncs.h"
- #endif
-+#include "shadowlog.h"
-
- #ifndef SKEL_DIR
- #define SKEL_DIR "/etc/skel"
-@@ -96,7 +97,6 @@
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- /*
- * These defaults are used if there is no defaults file.
-@@ -2359,7 +2359,8 @@ int main (int argc, char **argv)
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/userdel.c.debug1 shadow-4.9/src/userdel.c
---- shadow-4.9/src/userdel.c.debug1 2022-01-10 10:45:52.186132823 +0100
-+++ shadow-4.9/src/userdel.c 2022-01-10 10:45:52.208132979 +0100
-@@ -72,6 +72,7 @@
- #ifdef ENABLE_SUBIDS
- #include "subordinateio.h"
- #endif /* ENABLE_SUBIDS */
-+#include "shadowlog.h"
-
- /*
- * exit status values
-@@ -91,7 +92,6 @@
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static char *user_name;
- static uid_t user_id;
-@@ -944,7 +944,8 @@ int main (int argc, char **argv)
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
- (void) textdomain (PACKAGE);
-diff -up shadow-4.9/src/usermod.c.debug1 shadow-4.9/src/usermod.c
---- shadow-4.9/src/usermod.c.debug1 2022-01-10 10:45:52.193132872 +0100
-+++ shadow-4.9/src/usermod.c 2022-01-10 10:45:52.208132979 +0100
-@@ -74,6 +74,7 @@
- #ifdef WITH_TCB
- #include "tcbfuncs.h"
- #endif
-+#include "shadowlog.h"
-
- /*
- * exit status values
-@@ -105,7 +106,6 @@
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static char *user_name;
- static char *user_newname;
-@@ -2172,7 +2172,8 @@ int main (int argc, char **argv)
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
-diff -up shadow-4.9/src/vipw.c.debug1 shadow-4.9/src/vipw.c
---- shadow-4.9/src/vipw.c.debug1 2021-07-22 23:55:35.000000000 +0200
-+++ shadow-4.9/src/vipw.c 2022-01-10 10:45:52.208132979 +0100
-@@ -53,6 +53,7 @@
- #include
- #include "tcbfuncs.h"
- #endif /* WITH_TCB */
-+#include "shadowlog.h"
-
- #define MSG_WARN_EDIT_OTHER_FILE _( \
- "You have modified %s.\n"\
-@@ -63,7 +64,6 @@
- * Global variables
- */
- const char *Prog;
--FILE *shadow_logfd = NULL;
-
- static const char *filename, *fileeditname;
- static bool filelocked = false;
-@@ -482,7 +482,8 @@ int main (int argc, char **argv)
- bool do_vipw;
-
- Prog = Basename (argv[0]);
-- shadow_logfd = stderr;
-+ log_set_progname(Prog);
-+ log_set_logfd(stderr);
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/shadow-4.9-move-create-home.patch b/shadow-4.9-move-create-home.patch
deleted file mode 100644
index 0ed6ea7..0000000
--- a/shadow-4.9-move-create-home.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-From 09c752f00f9dfc610f66d68be38c9e5be8ca7f15 Mon Sep 17 00:00:00 2001
-From: Iker Pedrosa
-Date: Fri, 8 Oct 2021 13:09:59 +0200
-Subject: [PATCH] useradd: create directories after the SELinux user
-
-Create the home and mail folders after the SELinux user has been set for
-the added user. This will allow the folders to be created with the
-SELinux user label.
-
-Signed-off-by: Iker Pedrosa
----
- src/useradd.c | 46 +++++++++++++++++++++++-----------------------
- 1 file changed, 23 insertions(+), 23 deletions(-)
-
-diff --git a/src/useradd.c b/src/useradd.c
-index 6269c01c..b463a170 100644
---- a/src/useradd.c
-+++ b/src/useradd.c
-@@ -2670,27 +2670,12 @@ int main (int argc, char **argv)
-
- usr_update ();
-
-- if (mflg) {
-- create_home ();
-- if (home_added) {
-- copy_tree (def_template, prefix_user_home, false, false,
-- (uid_t)-1, user_id, (gid_t)-1, user_gid);
-- } else {
-- fprintf (stderr,
-- _("%s: warning: the home directory %s already exists.\n"
-- "%s: Not copying any file from skel directory into it.\n"),
-- Prog, user_home, Prog);
-- }
--
-- }
--
-- /* Do not create mail directory for system accounts */
-- if (!rflg) {
-- create_mail ();
-- }
--
- close_files ();
-
-+ nscd_flush_cache ("passwd");
-+ nscd_flush_cache ("group");
-+ sssd_flush_cache (SSSD_DB_PASSWD | SSSD_DB_GROUP);
-+
- /*
- * tallylog_reset needs to be able to lookup
- * a valid existing user name,
-@@ -2716,15 +2701,30 @@ int main (int argc, char **argv)
- }
- #endif /* WITH_SELINUX */
-
-+ if (mflg) {
-+ create_home ();
-+ if (home_added) {
-+ copy_tree (def_template, prefix_user_home, false, false,
-+ (uid_t)-1, user_id, (gid_t)-1, user_gid);
-+ } else {
-+ fprintf (stderr,
-+ _("%s: warning: the home directory %s already exists.\n"
-+ "%s: Not copying any file from skel directory into it.\n"),
-+ Prog, user_home, Prog);
-+ }
-+
-+ }
-+
-+ /* Do not create mail directory for system accounts */
-+ if (!rflg) {
-+ create_mail ();
-+ }
-+
- if (run_parts ("/etc/shadow-maint/useradd-post.d", (char*)user_name,
- "useradd")) {
- exit(1);
- }
-
-- nscd_flush_cache ("passwd");
-- nscd_flush_cache ("group");
-- sssd_flush_cache (SSSD_DB_PASSWD | SSSD_DB_GROUP);
--
- return E_SUCCESS;
- }
-
---
-2.31.1
-
diff --git a/shadow-4.9-newgrp-fix-segmentation-fault.patch b/shadow-4.9-newgrp-fix-segmentation-fault.patch
deleted file mode 100644
index 49332a1..0000000
--- a/shadow-4.9-newgrp-fix-segmentation-fault.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From 497e90751bc0d95cc998b0f06305040563903948 Mon Sep 17 00:00:00 2001
-From: Iker Pedrosa
-Date: Wed, 10 Nov 2021 12:02:04 +0100
-Subject: [PATCH] newgrp: fix segmentation fault
-
-Fix segmentation fault in newgrp when xgetspnam() returns a NULL value
-that is immediately freed.
-
-The error was committed in
-https://github.com/shadow-maint/shadow/commit/e65cc6aebcb4132fa413f00a905216a5b35b3d57
-
-Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2019553
-
-Signed-off-by: Iker Pedrosa
----
- src/newgrp.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/newgrp.c b/src/newgrp.c
-index 730f47e8..566f1c89 100644
---- a/src/newgrp.c
-+++ b/src/newgrp.c
-@@ -163,8 +163,8 @@ static void check_perms (const struct group *grp,
- spwd = xgetspnam (pwd->pw_name);
- if (NULL != spwd) {
- pwd->pw_passwd = xstrdup (spwd->sp_pwdp);
-+ spw_free (spwd);
- }
-- spw_free (spwd);
-
- if ((pwd->pw_passwd[0] == '\0') && (grp->gr_passwd[0] != '\0')) {
- needspasswd = true;
---
-2.31.1
-
diff --git a/shadow-4.9-newuidmap-libeconf-dependency.patch b/shadow-4.9-newuidmap-libeconf-dependency.patch
deleted file mode 100644
index a1907a6..0000000
--- a/shadow-4.9-newuidmap-libeconf-dependency.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-diff --git a/src/Makefile.am b/src/Makefile.am
-index 7c1a3491..6cc873be 100644
---- a/src/Makefile.am
-+++ b/src/Makefile.am
-@@ -96,8 +96,8 @@ LIBCRYPT_NOPAM = $(LIBCRYPT)
- endif
-
- chage_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
--newuidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) -ldl
--newgidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) -ldl
-+newuidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) $(LIBECONF) -ldl
-+newgidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) $(LIBECONF) -ldl
- chfn_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
- chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF)
- chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
diff --git a/shadow-4.9-null-tm.patch b/shadow-4.9-null-tm.patch
deleted file mode 100644
index 249b27b..0000000
--- a/shadow-4.9-null-tm.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-Index: shadow-4.5/src/chage.c
-===================================================================
---- shadow-4.5.orig/src/chage.c
-+++ shadow-4.5/src/chage.c
-@@ -168,6 +168,10 @@ static void date_to_str (char *buf, size
- struct tm *tp;
-
- tp = gmtime (&date);
-+ if (tp == NULL) {
-+ (void) snprintf (buf, maxsize, "(unknown)");
-+ return;
-+ }
- #ifdef HAVE_STRFTIME
- (void) strftime (buf, maxsize, "%Y-%m-%d", tp);
- #else
-Index: shadow-4.5/src/lastlog.c
-===================================================================
---- shadow-4.5.orig/src/lastlog.c
-+++ shadow-4.5/src/lastlog.c
-@@ -158,13 +158,17 @@ static void print_one (/*@null@*/const s
-
- ll_time = ll.ll_time;
- tm = localtime (&ll_time);
-+ if (tm == NULL) {
-+ cp = "(unknown)";
-+ } else {
- #ifdef HAVE_STRFTIME
-- strftime (ptime, sizeof (ptime), "%a %b %e %H:%M:%S %z %Y", tm);
-- cp = ptime;
-+ strftime (ptime, sizeof (ptime), "%a %b %e %H:%M:%S %z %Y", tm);
-+ cp = ptime;
- #else
-- cp = asctime (tm);
-- cp[24] = '\0';
-+ cp = asctime (tm);
-+ cp[24] = '\0';
- #endif
-+ }
-
- if (ll.ll_time == (time_t) 0) {
- cp = _("**Never logged in**\0");
-Index: shadow-4.5/src/passwd.c
-===================================================================
---- shadow-4.5.orig/src/passwd.c
-+++ shadow-4.5/src/passwd.c
-@@ -455,6 +455,9 @@ static /*@observer@*/const char *date_to
- struct tm *tm;
-
- tm = gmtime (&t);
-+ if (tm == NULL) {
-+ return "(unknown)";
-+ }
- #ifdef HAVE_STRFTIME
- (void) strftime (buf, sizeof buf, "%m/%d/%Y", tm);
- #else /* !HAVE_STRFTIME */
-Index: shadow-4.5/src/usermod.c
-===================================================================
---- shadow-4.5.orig/src/usermod.c
-+++ shadow-4.5/src/usermod.c
-@@ -210,6 +210,10 @@ static void date_to_str (/*@unique@*//*@
- } else {
- time_t t = (time_t) date;
- tp = gmtime (&t);
-+ if (tp == NULL) {
-+ strncpy (buf, "unknown", maxsize);
-+ return;
-+ }
- #ifdef HAVE_STRFTIME
- strftime (buf, maxsize, "%Y-%m-%d", tp);
- #else
diff --git a/shadow-4.9-pwck-fix-segfault-when-calling-fprintf.patch b/shadow-4.9-pwck-fix-segfault-when-calling-fprintf.patch
deleted file mode 100644
index e7761b7..0000000
--- a/shadow-4.9-pwck-fix-segfault-when-calling-fprintf.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From d8e54618feea201987c1f3cb402ed50d1d8b604f Mon Sep 17 00:00:00 2001
-From: Iker Pedrosa
-Date: Mon, 15 Nov 2021 12:40:15 +0100
-Subject: [PATCH] pwck: fix segfault when calling fprintf()
-
-As shadow_logfd variable is not set at the beginning of the program if
-something fails and fprintf() is called a segmentation fault happens.
-
-Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2021339
-
-Signed-off-by: Iker Pedrosa
----
- src/pwck.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/pwck.c b/src/pwck.c
-index 4248944a..4ce86af2 100644
---- a/src/pwck.c
-+++ b/src/pwck.c
-@@ -857,6 +857,7 @@ int main (int argc, char **argv)
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
-+ shadow_logfd = stderr;
-
- (void) setlocale (LC_ALL, "");
- (void) bindtextdomain (PACKAGE, LOCALEDIR);
---
-2.31.1
-
diff --git a/shadow-4.9-rename-prog-to-shadow-progname.patch b/shadow-4.9-rename-prog-to-shadow-progname.patch
deleted file mode 100644
index d3a73a3..0000000
--- a/shadow-4.9-rename-prog-to-shadow-progname.patch
+++ /dev/null
@@ -1,507 +0,0 @@
-diff -up shadow-4.9/lib/commonio.c.debug2 shadow-4.9/lib/commonio.c
---- shadow-4.9/lib/commonio.c.debug2 2022-01-10 10:57:47.535238522 +0100
-+++ shadow-4.9/lib/commonio.c 2022-01-10 10:57:47.544238586 +0100
-@@ -147,7 +147,7 @@ static int do_lock_file (const char *fil
- if (log) {
- (void) fprintf (shadow_logfd,
- "%s: %s: %s\n",
-- Prog, file, strerror (errno));
-+ shadow_progname, file, strerror (errno));
- }
- return 0;
- }
-@@ -159,7 +159,7 @@ static int do_lock_file (const char *fil
- if (log) {
- (void) fprintf (shadow_logfd,
- "%s: %s file write error: %s\n",
-- Prog, file, strerror (errno));
-+ shadow_progname, file, strerror (errno));
- }
- (void) close (fd);
- unlink (file);
-@@ -169,7 +169,7 @@ static int do_lock_file (const char *fil
- if (log) {
- (void) fprintf (shadow_logfd,
- "%s: %s file sync error: %s\n",
-- Prog, file, strerror (errno));
-+ shadow_progname, file, strerror (errno));
- }
- (void) close (fd);
- unlink (file);
-@@ -182,7 +182,7 @@ static int do_lock_file (const char *fil
- if ((0==retval) && log) {
- (void) fprintf (shadow_logfd,
- "%s: %s: lock file already used\n",
-- Prog, file);
-+ shadow_progname, file);
- }
- unlink (file);
- return retval;
-@@ -193,7 +193,7 @@ static int do_lock_file (const char *fil
- if (log) {
- (void) fprintf (shadow_logfd,
- "%s: %s: %s\n",
-- Prog, lock, strerror (errno));
-+ shadow_progname, lock, strerror (errno));
- }
- unlink (file);
- errno = EINVAL;
-@@ -205,7 +205,7 @@ static int do_lock_file (const char *fil
- if (log) {
- (void) fprintf (shadow_logfd,
- "%s: existing lock file %s without a PID\n",
-- Prog, lock);
-+ shadow_progname, lock);
- }
- unlink (file);
- errno = EINVAL;
-@@ -216,7 +216,7 @@ static int do_lock_file (const char *fil
- if (log) {
- (void) fprintf (shadow_logfd,
- "%s: existing lock file %s with an invalid PID '%s'\n",
-- Prog, lock, buf);
-+ shadow_progname, lock, buf);
- }
- unlink (file);
- errno = EINVAL;
-@@ -226,7 +226,7 @@ static int do_lock_file (const char *fil
- if (log) {
- (void) fprintf (shadow_logfd,
- "%s: lock %s already used by PID %lu\n",
-- Prog, lock, (unsigned long) pid);
-+ shadow_progname, lock, (unsigned long) pid);
- }
- unlink (file);
- errno = EEXIST;
-@@ -236,7 +236,7 @@ static int do_lock_file (const char *fil
- if (log) {
- (void) fprintf (shadow_logfd,
- "%s: cannot get lock %s: %s\n",
-- Prog, lock, strerror (errno));
-+ shadow_progname, lock, strerror (errno));
- }
- unlink (file);
- return 0;
-@@ -248,13 +248,13 @@ static int do_lock_file (const char *fil
- if ((0==retval) && log) {
- (void) fprintf (shadow_logfd,
- "%s: %s: lock file already used\n",
-- Prog, file);
-+ shadow_progname, file);
- }
- } else {
- if (log) {
- (void) fprintf (shadow_logfd,
- "%s: cannot get lock %s: %s\n",
-- Prog, lock, strerror (errno));
-+ shadow_progname, lock, strerror (errno));
- }
- }
-
-@@ -449,7 +449,7 @@ int commonio_lock (struct commonio_db *d
- if (geteuid () != 0) {
- (void) fprintf (shadow_logfd,
- "%s: Permission denied.\n",
-- Prog);
-+ shadow_progname);
- }
- return 0; /* failure */
- }
-@@ -484,7 +484,7 @@ int commonio_lock (struct commonio_db *d
- /* no unnecessary retries on "permission denied" errors */
- if (geteuid () != 0) {
- (void) fprintf (shadow_logfd, "%s: Permission denied.\n",
-- Prog);
-+ shadow_progname);
- return 0;
- }
- }
-diff -up shadow-4.9/lib/nscd.c.debug2 shadow-4.9/lib/nscd.c
---- shadow-4.9/lib/nscd.c.debug2 2022-01-10 10:57:47.537238536 +0100
-+++ shadow-4.9/lib/nscd.c 2022-01-10 10:57:47.544238586 +0100
-@@ -26,7 +26,7 @@ int nscd_flush_cache (const char *servic
-
- if (run_command (cmd, spawnedArgs, spawnedEnv, &status) != 0) {
- /* run_command writes its own more detailed message. */
-- (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
-+ (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), shadow_progname);
- return -1;
- }
-
-@@ -34,7 +34,7 @@ int nscd_flush_cache (const char *servic
- if (!WIFEXITED (status)) {
- (void) fprintf (shadow_logfd,
- _("%s: nscd did not terminate normally (signal %d)\n"),
-- Prog, WTERMSIG (status));
-+ shadow_progname, WTERMSIG (status));
- return -1;
- } else if (code == E_CMD_NOTFOUND) {
- /* nscd is not installed, or it is installed but uses an
-@@ -45,8 +45,8 @@ int nscd_flush_cache (const char *servic
- return 0;
- } else if (code != 0) {
- (void) fprintf (shadow_logfd, _("%s: nscd exited with status %d\n"),
-- Prog, code);
-- (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
-+ shadow_progname, code);
-+ (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), shadow_progname);
- return -1;
- }
-
-diff -up shadow-4.9/lib/selinux.c.debug2 shadow-4.9/lib/selinux.c
---- shadow-4.9/lib/selinux.c.debug2 2022-01-10 10:57:47.538238543 +0100
-+++ shadow-4.9/lib/selinux.c 2022-01-10 10:57:47.544238586 +0100
-@@ -216,7 +216,7 @@ int check_selinux_permit (const char *pe
- if (getprevcon_raw (&user_context_raw) != 0) {
- fprintf (shadow_logfd,
- _("%s: can not get previous SELinux process context: %s\n"),
-- Prog, strerror (errno));
-+ shadow_progname, strerror (errno));
- SYSLOG ((LOG_WARN,
- "can not get previous SELinux process context: %s",
- strerror (errno)));
-diff -up shadow-4.9/lib/shadowlog.c.debug2 shadow-4.9/lib/shadowlog.c
---- shadow-4.9/lib/shadowlog.c.debug2 2022-01-10 10:57:47.538238543 +0100
-+++ shadow-4.9/lib/shadowlog.c 2022-01-10 10:57:47.544238586 +0100
-@@ -2,14 +2,17 @@
-
- #include "lib/shadowlog_internal.h"
-
-+const char *shadow_progname;
-+FILE *shadow_logfd;
-+
- void log_set_progname(const char *progname)
- {
-- Prog = progname;
-+ shadow_progname = progname;
- }
-
- const char *log_get_progname(void)
- {
-- return Prog;
-+ return shadow_progname;
- }
-
- void log_set_logfd(FILE *fd)
-diff -up shadow-4.9/lib/shadowlog_internal.h.debug2 shadow-4.9/lib/shadowlog_internal.h
---- shadow-4.9/lib/shadowlog_internal.h.debug2 2022-01-10 10:57:47.538238543 +0100
-+++ shadow-4.9/lib/shadowlog_internal.h 2022-01-10 10:57:47.544238586 +0100
-@@ -1,2 +1,2 @@
--const char *Prog; /* Program name showed in error messages */
--FILE *shadow_logfd; /* file descripter to which error messages are printed */
-+extern const char *shadow_progname; /* Program name showed in error messages */
-+extern FILE *shadow_logfd; /* file descripter to which error messages are printed */
-diff -up shadow-4.9/lib/spawn.c.debug2 shadow-4.9/lib/spawn.c
---- shadow-4.9/lib/spawn.c.debug2 2022-01-10 10:57:47.538238543 +0100
-+++ shadow-4.9/lib/spawn.c 2022-01-10 10:57:47.544238586 +0100
-@@ -60,11 +60,11 @@ int run_command (const char *cmd, const
- exit (E_CMD_NOTFOUND);
- }
- fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
-- Prog, cmd, strerror (errno));
-+ shadow_progname, cmd, strerror (errno));
- exit (E_CMD_NOEXEC);
- } else if ((pid_t)-1 == pid) {
- fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
-- Prog, cmd, strerror (errno));
-+ shadow_progname, cmd, strerror (errno));
- return -1;
- }
-
-@@ -77,7 +77,7 @@ int run_command (const char *cmd, const
-
- if ((pid_t)-1 == wpid) {
- fprintf (shadow_logfd, "%s: waitpid (status: %d): %s\n",
-- Prog, *status, strerror (errno));
-+ shadow_progname, *status, strerror (errno));
- return -1;
- }
-
-diff -up shadow-4.9/lib/sssd.c.debug2 shadow-4.9/lib/sssd.c
---- shadow-4.9/lib/sssd.c.debug2 2022-01-10 10:57:47.538238543 +0100
-+++ shadow-4.9/lib/sssd.c 2022-01-10 10:57:47.544238586 +0100
-@@ -48,22 +48,22 @@ int sssd_flush_cache (int dbflags)
- free(sss_cache_args);
- if (rv != 0) {
- /* run_command writes its own more detailed message. */
-- SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, Prog));
-+ SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, shadow_progname));
- return -1;
- }
-
- code = WEXITSTATUS (status);
- if (!WIFEXITED (status)) {
- SYSLOG ((LOG_WARN, "%s: sss_cache did not terminate normally (signal %d)",
-- Prog, WTERMSIG (status)));
-+ shadow_progname, WTERMSIG (status)));
- return -1;
- } else if (code == E_CMD_NOTFOUND) {
- /* sss_cache is not installed, or it is installed but uses an
- interpreter that is missing. Probably the former. */
- return 0;
- } else if (code != 0) {
-- SYSLOG ((LOG_WARN, "%s: sss_cache exited with status %d", Prog, code));
-- SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, Prog));
-+ SYSLOG ((LOG_WARN, "%s: sss_cache exited with status %d", shadow_progname, code));
-+ SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, shadow_progname));
- return -1;
- }
-
-diff -up shadow-4.9/lib/tcbfuncs.c.debug2 shadow-4.9/lib/tcbfuncs.c
---- shadow-4.9/lib/tcbfuncs.c.debug2 2022-01-10 10:57:47.538238543 +0100
-+++ shadow-4.9/lib/tcbfuncs.c 2022-01-10 10:59:01.228764507 +0100
-@@ -74,7 +74,7 @@ shadowtcb_status shadowtcb_gain_priv (vo
- * to exit soon.
- */
- #define OUT_OF_MEMORY do { \
-- fprintf (shadow_logfd, _("%s: out of memory\n"), Prog); \
-+ fprintf (shadow_logfd, _("%s: out of memory\n"), shadow_progname); \
- (void) fflush (shadow_logfd); \
- } while (false)
-
-@@ -120,7 +120,7 @@ static /*@null@*/ char *shadowtcb_path_r
- if (lstat (path, &st) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot stat %s: %s\n"),
-- Prog, path, strerror (errno));
-+ shadow_progname, path, strerror (errno));
- free (path);
- return NULL;
- }
-@@ -136,7 +136,7 @@ static /*@null@*/ char *shadowtcb_path_r
- if (!S_ISLNK (st.st_mode)) {
- fprintf (shadow_logfd,
- _("%s: %s is neither a directory, nor a symlink.\n"),
-- Prog, path);
-+ shadow_progname, path);
- free (path);
- return NULL;
- }
-@@ -144,7 +144,7 @@ static /*@null@*/ char *shadowtcb_path_r
- if (-1 == ret) {
- fprintf (shadow_logfd,
- _("%s: Cannot read symbolic link %s: %s\n"),
-- Prog, path, strerror (errno));
-+ shadow_progname, path, strerror (errno));
- free (path);
- return NULL;
- }
-@@ -153,7 +153,7 @@ static /*@null@*/ char *shadowtcb_path_r
- link[sizeof(link) - 1] = '\0';
- fprintf (shadow_logfd,
- _("%s: Suspiciously long symlink: %s\n"),
-- Prog, link);
-+ shadow_progname, link);
- return NULL;
- }
- link[(size_t)ret] = '\0';
-@@ -211,7 +211,7 @@ static shadowtcb_status mkdir_leading (c
- if (stat (TCB_DIR, &st) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot stat %s: %s\n"),
-- Prog, TCB_DIR, strerror (errno));
-+ shadow_progname, TCB_DIR, strerror (errno));
- goto out_free_path;
- }
- while ((ind = strchr (ptr, '/'))) {
-@@ -223,19 +223,19 @@ static shadowtcb_status mkdir_leading (c
- if ((mkdir (dir, 0700) != 0) && (errno != EEXIST)) {
- fprintf (shadow_logfd,
- _("%s: Cannot create directory %s: %s\n"),
-- Prog, dir, strerror (errno));
-+ shadow_progname, dir, strerror (errno));
- goto out_free_dir;
- }
- if (chown (dir, 0, st.st_gid) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot change owner of %s: %s\n"),
-- Prog, dir, strerror (errno));
-+ shadow_progname, dir, strerror (errno));
- goto out_free_dir;
- }
- if (chmod (dir, 0711) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot change mode of %s: %s\n"),
-- Prog, dir, strerror (errno));
-+ shadow_progname, dir, strerror (errno));
- goto out_free_dir;
- }
- free (dir);
-@@ -265,7 +265,7 @@ static shadowtcb_status unlink_suffs (co
- if ((unlink (tmp) != 0) && (errno != ENOENT)) {
- fprintf (shadow_logfd,
- _("%s: unlink: %s: %s\n"),
-- Prog, tmp, strerror (errno));
-+ shadow_progname, tmp, strerror (errno));
- free (tmp);
- return SHADOWTCB_FAILURE;
- }
-@@ -290,7 +290,7 @@ static shadowtcb_status rmdir_leading (c
- if (errno != ENOTEMPTY) {
- fprintf (shadow_logfd,
- _("%s: Cannot remove directory %s: %s\n"),
-- Prog, dir, strerror (errno));
-+ shadow_progname, dir, strerror (errno));
- ret = SHADOWTCB_FAILURE;
- }
- free (dir);
-@@ -319,7 +319,7 @@ static shadowtcb_status move_dir (const
- if (stat (olddir, &oldmode) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot stat %s: %s\n"),
-- Prog, olddir, strerror (errno));
-+ shadow_progname, olddir, strerror (errno));
- goto out_free;
- }
- old_uid = oldmode.st_uid;
-@@ -346,7 +346,7 @@ static shadowtcb_status move_dir (const
- if (rename (real_old_dir, real_new_dir) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot rename %s to %s: %s\n"),
-- Prog, real_old_dir, real_new_dir, strerror (errno));
-+ shadow_progname, real_old_dir, real_new_dir, strerror (errno));
- goto out_free;
- }
- if (rmdir_leading (real_old_dir_rel) == SHADOWTCB_FAILURE) {
-@@ -355,7 +355,7 @@ static shadowtcb_status move_dir (const
- if ((unlink (olddir) != 0) && (errno != ENOENT)) {
- fprintf (shadow_logfd,
- _("%s: Cannot remove %s: %s\n"),
-- Prog, olddir, strerror (errno));
-+ shadow_progname, olddir, strerror (errno));
- goto out_free;
- }
- if (asprintf (&newdir, TCB_DIR "/%s", user_newname) == -1) {
-@@ -369,7 +369,7 @@ static shadowtcb_status move_dir (const
- && (symlink (real_new_dir_rel, newdir) != 0)) {
- fprintf (shadow_logfd,
- _("%s: Cannot create symbolic link %s: %s\n"),
-- Prog, real_new_dir_rel, strerror (errno));
-+ shadow_progname, real_new_dir_rel, strerror (errno));
- goto out_free;
- }
- ret = SHADOWTCB_SUCCESS;
-@@ -468,31 +468,31 @@ shadowtcb_status shadowtcb_move (/*@NULL
- if (stat (tcbdir, &dirmode) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot stat %s: %s\n"),
-- Prog, tcbdir, strerror (errno));
-+ shadow_progname, tcbdir, strerror (errno));
- goto out_free;
- }
- if (chown (tcbdir, 0, 0) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot change owners of %s: %s\n"),
-- Prog, tcbdir, strerror (errno));
-+ shadow_progname, tcbdir, strerror (errno));
- goto out_free;
- }
- if (chmod (tcbdir, 0700) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot change mode of %s: %s\n"),
-- Prog, tcbdir, strerror (errno));
-+ shadow_progname, tcbdir, strerror (errno));
- goto out_free;
- }
- if (lstat (shadow, &filemode) != 0) {
- if (errno != ENOENT) {
- fprintf (shadow_logfd,
- _("%s: Cannot lstat %s: %s\n"),
-- Prog, shadow, strerror (errno));
-+ shadow_progname, shadow, strerror (errno));
- goto out_free;
- }
- fprintf (shadow_logfd,
- _("%s: Warning, user %s has no tcb shadow file.\n"),
-- Prog, user_newname);
-+ shadow_progname, user_newname);
- } else {
- if (!S_ISREG (filemode.st_mode) ||
- filemode.st_nlink != 1) {
-@@ -500,19 +500,19 @@ shadowtcb_status shadowtcb_move (/*@NULL
- _("%s: Emergency: %s's tcb shadow is not a "
- "regular file with st_nlink=1.\n"
- "The account is left locked.\n"),
-- Prog, user_newname);
-+ shadow_progname, user_newname);
- goto out_free;
- }
- if (chown (shadow, user_newid, filemode.st_gid) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot change owner of %s: %s\n"),
-- Prog, shadow, strerror (errno));
-+ shadow_progname, shadow, strerror (errno));
- goto out_free;
- }
- if (chmod (shadow, filemode.st_mode & 07777) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot change mode of %s: %s\n"),
-- Prog, shadow, strerror (errno));
-+ shadow_progname, shadow, strerror (errno));
- goto out_free;
- }
- }
-@@ -522,7 +522,7 @@ shadowtcb_status shadowtcb_move (/*@NULL
- if (chown (tcbdir, user_newid, dirmode.st_gid) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot change owner of %s: %s\n"),
-- Prog, tcbdir, strerror (errno));
-+ shadow_progname, tcbdir, strerror (errno));
- goto out_free;
- }
- ret = SHADOWTCB_SUCCESS;
-@@ -547,7 +547,7 @@ shadowtcb_status shadowtcb_create (const
- if (stat (TCB_DIR, &tcbdir_stat) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot stat %s: %s\n"),
-- Prog, TCB_DIR, strerror (errno));
-+ shadow_progname, TCB_DIR, strerror (errno));
- return SHADOWTCB_FAILURE;
- }
- shadowgid = tcbdir_stat.st_gid;
-@@ -567,39 +567,39 @@ shadowtcb_status shadowtcb_create (const
- if (mkdir (dir, 0700) != 0) {
- fprintf (shadow_logfd,
- _("%s: mkdir: %s: %s\n"),
-- Prog, dir, strerror (errno));
-+ shadow_progname, dir, strerror (errno));
- goto out_free;
- }
- fd = open (shadow, O_RDWR | O_CREAT | O_TRUNC, 0600);
- if (fd < 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot open %s: %s\n"),
-- Prog, shadow, strerror (errno));
-+ shadow_progname, shadow, strerror (errno));
- goto out_free;
- }
- close (fd);
- if (chown (shadow, 0, authgid) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot change owner of %s: %s\n"),
-- Prog, shadow, strerror (errno));
-+ shadow_progname, shadow, strerror (errno));
- goto out_free;
- }
- if (chmod (shadow, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot change mode of %s: %s\n"),
-- Prog, shadow, strerror (errno));
-+ shadow_progname, shadow, strerror (errno));
- goto out_free;
- }
- if (chown (dir, 0, authgid) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot change owner of %s: %s\n"),
-- Prog, dir, strerror (errno));
-+ shadow_progname, dir, strerror (errno));
- goto out_free;
- }
- if (chmod (dir, (mode_t) ((authgid == shadowgid) ? 02700 : 02710)) != 0) {
- fprintf (shadow_logfd,
- _("%s: Cannot change mode of %s: %s\n"),
-- Prog, dir, strerror (errno));
-+ shadow_progname, dir, strerror (errno));
- goto out_free;
- }
- if ( (shadowtcb_set_user (name) == SHADOWTCB_FAILURE)
diff --git a/shadow-4.9-revert-useradd-fix-memleak.patch b/shadow-4.9-revert-useradd-fix-memleak.patch
deleted file mode 100644
index e8251f2..0000000
--- a/shadow-4.9-revert-useradd-fix-memleak.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 4624e9fca1b02b64e25e8b2280a0186182ab73ba Mon Sep 17 00:00:00 2001
-From: Serge Hallyn
-Date: Sat, 14 Aug 2021 19:37:24 -0500
-Subject: [PATCH] Revert "useradd.c:fix memleaks of grp"
-
-In some cases, the value which was being freed is not actually
-safe to free.
-
-Closes #394
-
-This reverts commit c44b71cec25d60efc51aec9de3abce1f6efbfcf5.
----
- src/useradd.c | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/src/useradd.c b/src/useradd.c
-index f90127cd..0d3f390d 100644
---- a/src/useradd.c
-+++ b/src/useradd.c
-@@ -413,7 +413,6 @@ static void get_defaults (void)
- } else {
- def_group = grp->gr_gid;
- def_gname = xstrdup (grp->gr_name);
-- gr_free(grp);
- }
- }
-
---
-2.31.1
-
diff --git a/shadow-4.9-semanage-close-the-selabel-handle.patch b/shadow-4.9-semanage-close-the-selabel-handle.patch
deleted file mode 100644
index 11a23e4..0000000
--- a/shadow-4.9-semanage-close-the-selabel-handle.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From 234af5cf67fc1a3ba99fc246ba65869a3c416545 Mon Sep 17 00:00:00 2001
-From: Iker Pedrosa
-Date: Fri, 8 Oct 2021 13:13:13 +0200
-Subject: [PATCH] semanage: close the selabel handle
-
-Close the selabel handle to update the file_context. This means that the
-file_context will be remmaped and used by selabel_lookup() to return
-the appropriate context to label the home folder.
-
-Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1993081
-
-Signed-off-by: Iker Pedrosa
----
- lib/prototypes.h | 1 +
- lib/selinux.c | 5 +++++
- lib/semanage.c | 1 +
- 3 files changed, 7 insertions(+)
-
-diff --git a/lib/prototypes.h b/lib/prototypes.h
-index 1d1586d4..b697e0ec 100644
---- a/lib/prototypes.h
-+++ b/lib/prototypes.h
-@@ -392,6 +392,7 @@ extern /*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const
- /* selinux.c */
- #ifdef WITH_SELINUX
- extern int set_selinux_file_context (const char *dst_name, mode_t mode);
-+extern void reset_selinux_handle (void);
- extern int reset_selinux_file_context (void);
- extern int check_selinux_permit (const char *perm_name);
- #endif
-diff --git a/lib/selinux.c b/lib/selinux.c
-index c83545f9..b075d4c0 100644
---- a/lib/selinux.c
-+++ b/lib/selinux.c
-@@ -50,6 +50,11 @@ static void cleanup(void)
- }
- }
-
-+void reset_selinux_handle (void)
-+{
-+ cleanup();
-+}
-+
- /*
- * set_selinux_file_context - Set the security context before any file or
- * directory creation.
-diff --git a/lib/semanage.c b/lib/semanage.c
-index 0d30456a..a5bf9218 100644
---- a/lib/semanage.c
-+++ b/lib/semanage.c
-@@ -293,6 +293,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
- }
-
- ret = 0;
-+ reset_selinux_handle();
-
- done:
- semanage_seuser_key_free (key);
---
-2.31.1
-
diff --git a/shadow-4.9-shadow-progname-default-init.patch b/shadow-4.9-shadow-progname-default-init.patch
deleted file mode 100644
index 0c6d616..0000000
--- a/shadow-4.9-shadow-progname-default-init.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-diff -up shadow-4.9/lib/shadowlog.c.debug3 shadow-4.9/lib/shadowlog.c
---- shadow-4.9/lib/shadowlog.c.debug3 2022-01-10 11:16:31.636261531 +0100
-+++ shadow-4.9/lib/shadowlog.c 2022-01-10 11:16:31.637261538 +0100
-@@ -2,8 +2,8 @@
-
- #include "lib/shadowlog_internal.h"
-
--const char *shadow_progname;
--FILE *shadow_logfd;
-+const char *shadow_progname = "libshadow";
-+FILE *shadow_logfd = NULL;
-
- void log_set_progname(const char *progname)
- {
-diff -up shadow-4.9/libsubid/api.c.debug3 shadow-4.9/libsubid/api.c
---- shadow-4.9/libsubid/api.c.debug3 2022-01-10 11:16:31.637261538 +0100
-+++ shadow-4.9/libsubid/api.c 2022-01-10 11:17:15.431574120 +0100
-@@ -40,17 +40,16 @@
- #include "subid.h"
- #include "shadowlog.h"
-
--const char *Prog = "(libsubid)";
--
- bool libsubid_init(const char *progname, FILE * logfd)
- {
- FILE *shadow_logfd;
- if (progname) {
- progname = strdup(progname);
-- if (progname)
-- Prog = progname;
-- else
-+ if (!progname)
- return false;
-+ log_set_progname(progname);
-+ } else {
-+ log_set_progname("(libsubid)");
- }
-
- if (logfd) {
diff --git a/shadow-4.9-useradd-avoid-generating-empty-subid-range.patch b/shadow-4.9-useradd-avoid-generating-empty-subid-range.patch
deleted file mode 100644
index b94fd60..0000000
--- a/shadow-4.9-useradd-avoid-generating-empty-subid-range.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-diff --git a/src/useradd.c b/src/useradd.c
-index baeffb35..9abeea6e 100644
---- a/src/useradd.c
-+++ b/src/useradd.c
-@@ -142,9 +142,7 @@ static bool is_sub_gid = false;
- static bool sub_uid_locked = false;
- static bool sub_gid_locked = false;
- static uid_t sub_uid_start; /* New subordinate uid range */
--static unsigned long sub_uid_count;
- static gid_t sub_gid_start; /* New subordinate gid range */
--static unsigned long sub_gid_count;
- #endif /* ENABLE_SUBIDS */
- static bool pw_locked = false;
- static bool gr_locked = false;
-@@ -234,7 +232,7 @@ static void open_shadow (void);
- static void faillog_reset (uid_t);
- static void lastlog_reset (uid_t);
- static void tallylog_reset (const char *);
--static void usr_update (void);
-+static void usr_update (unsigned long subuid_count, unsigned long subgid_count);
- static void create_home (void);
- static void create_mail (void);
- static void check_uid_range(int rflg, uid_t user_id);
-@@ -2092,7 +2090,7 @@ static void tallylog_reset (const char *user_name)
- * usr_update() creates the password file entries for this user
- * and will update the group entries if required.
- */
--static void usr_update (void)
-+static void usr_update (unsigned long subuid_count, unsigned long subgid_count)
- {
- struct passwd pwent;
- struct spwd spent;
-@@ -2155,14 +2153,14 @@ static void usr_update (void)
- }
- #ifdef ENABLE_SUBIDS
- if (is_sub_uid &&
-- (sub_uid_add(user_name, sub_uid_start, sub_uid_count) == 0)) {
-+ (sub_uid_add(user_name, sub_uid_start, subuid_count) == 0)) {
- fprintf (stderr,
- _("%s: failed to prepare the new %s entry\n"),
- Prog, sub_uid_dbname ());
- fail_exit (E_SUB_UID_UPDATE);
- }
- if (is_sub_gid &&
-- (sub_gid_add(user_name, sub_gid_start, sub_gid_count) == 0)) {
-+ (sub_gid_add(user_name, sub_gid_start, subgid_count) == 0)) {
- fprintf (stderr,
- _("%s: failed to prepare the new %s entry\n"),
- Prog, sub_uid_dbname ());
-@@ -2624,16 +2622,16 @@ int main (int argc, char **argv)
- }
-
- #ifdef ENABLE_SUBIDS
-- if (is_sub_uid && sub_uid_count != 0) {
-- if (find_new_sub_uids(&sub_uid_start, &sub_uid_count) < 0) {
-+ if (is_sub_uid && subuid_count != 0) {
-+ if (find_new_sub_uids(&sub_uid_start, &subuid_count) < 0) {
- fprintf (stderr,
- _("%s: can't create subordinate user IDs\n"),
- Prog);
- fail_exit(E_SUB_UID_UPDATE);
- }
- }
-- if (is_sub_gid && sub_gid_count != 0) {
-- if (find_new_sub_gids(&sub_gid_start, &sub_gid_count) < 0) {
-+ if (is_sub_gid && subgid_count != 0) {
-+ if (find_new_sub_gids(&sub_gid_start, &subgid_count) < 0) {
- fprintf (stderr,
- _("%s: can't create subordinate group IDs\n"),
- Prog);
-@@ -2642,7 +2640,7 @@ int main (int argc, char **argv)
- }
- #endif /* ENABLE_SUBIDS */
-
-- usr_update ();
-+ usr_update (subuid_count, subgid_count);
-
- close_files ();
-
diff --git a/shadow-4.9-useradd-copy-tree-argument.patch b/shadow-4.9-useradd-copy-tree-argument.patch
deleted file mode 100644
index f6b9827..0000000
--- a/shadow-4.9-useradd-copy-tree-argument.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git a/src/useradd.c b/src/useradd.c
-index b463a170..f7c97958 100644
---- a/src/useradd.c
-+++ b/src/useradd.c
-@@ -2704,7 +2704,7 @@ int main (int argc, char **argv)
- if (mflg) {
- create_home ();
- if (home_added) {
-- copy_tree (def_template, prefix_user_home, false, false,
-+ copy_tree (def_template, prefix_user_home, false, true,
- (uid_t)-1, user_id, (gid_t)-1, user_gid);
- } else {
- fprintf (stderr,
diff --git a/shadow-4.9-usermod-allow-all-group-types.patch b/shadow-4.9-usermod-allow-all-group-types.patch
deleted file mode 100644
index fada15e..0000000
--- a/shadow-4.9-usermod-allow-all-group-types.patch
+++ /dev/null
@@ -1,322 +0,0 @@
-From e481437ab9ebe9a8bf8fbaabe986d42b2f765991 Mon Sep 17 00:00:00 2001
-From: Iker Pedrosa
-Date: Tue, 3 Aug 2021 08:57:20 +0200
-Subject: [PATCH] usermod: allow all group types with -G option
-
-The only way of removing a group from the supplementary list is to use
--G option, and list all groups that the user is a member of except for
-the one that wants to be removed. The problem lies when there's a user
-that contains both local and remote groups, and the group to be removed
-is a local one. As we need to include the remote group with -G option
-the command will fail.
-
-This reverts commit 140510de9de4771feb3af1d859c09604043a4c9b. This way,
-it would be possible to remove the remote groups from the supplementary
-list.
-
-Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1967641
-Resolves: https://github.com/shadow-maint/shadow/issues/338
-
-Signed-off-by: Iker Pedrosa
----
- src/usermod.c | 220 ++++++++++++++++++--------------------------------
- 1 file changed, 77 insertions(+), 143 deletions(-)
-
-diff --git a/src/usermod.c b/src/usermod.c
-index 03bb9b9d..a0c03afa 100644
---- a/src/usermod.c
-+++ b/src/usermod.c
-@@ -187,7 +187,6 @@ static bool sub_gid_locked = false;
- static void date_to_str (/*@unique@*//*@out@*/char *buf, size_t maxsize,
- long int date);
- static int get_groups (char *);
--static struct group * get_local_group (char * grp_name);
- static /*@noreturn@*/void usage (int status);
- static void new_pwent (struct passwd *);
- static void new_spent (struct spwd *);
-@@ -201,9 +200,7 @@ static void grp_update (void);
-
- static void process_flags (int, char **);
- static void close_files (void);
--static void close_group_files (void);
- static void open_files (void);
--static void open_group_files (void);
- static void usr_update (void);
- static void move_home (void);
- static void update_lastlog (void);
-@@ -260,11 +257,6 @@ static int get_groups (char *list)
- return 0;
- }
-
-- /*
-- * Open the group files
-- */
-- open_group_files ();
--
- /*
- * So long as there is some data to be converted, strip off each
- * name and look it up. A mix of numerical and string values for
-@@ -284,7 +276,7 @@ static int get_groups (char *list)
- * Names starting with digits are treated as numerical GID
- * values, otherwise the string is looked up as is.
- */
-- grp = get_local_group (list);
-+ grp = prefix_getgr_nam_gid (list);
-
- /*
- * There must be a match, either by GID value or by
-@@ -334,8 +326,6 @@ static int get_groups (char *list)
- gr_free ((struct group *)grp);
- } while (NULL != list);
-
-- close_group_files ();
--
- user_groups[ngroups] = (char *) 0;
-
- /*
-@@ -348,44 +338,6 @@ static int get_groups (char *list)
- return 0;
- }
-
--/*
-- * get_local_group - checks if a given group name exists locally
-- *
-- * get_local_group() checks if a given group name exists locally.
-- * If the name exists the group information is returned, otherwise NULL is
-- * returned.
-- */
--static struct group * get_local_group(char * grp_name)
--{
-- const struct group *grp;
-- struct group *result_grp = NULL;
-- long long int gid;
-- char *endptr;
--
-- gid = strtoll (grp_name, &endptr, 10);
-- if ( ('\0' != *grp_name)
-- && ('\0' == *endptr)
-- && (ERANGE != errno)
-- && (gid == (gid_t)gid)) {
-- grp = gr_locate_gid ((gid_t) gid);
-- }
-- else {
-- grp = gr_locate(grp_name);
-- }
--
-- if (grp != NULL) {
-- result_grp = __gr_dup (grp);
-- if (NULL == result_grp) {
-- fprintf (stderr,
-- _("%s: Out of memory. Cannot find group '%s'.\n"),
-- Prog, grp_name);
-- fail_exit (E_GRP_UPDATE);
-- }
-- }
--
-- return result_grp;
--}
--
- #ifdef ENABLE_SUBIDS
- struct ulong_range
- {
-@@ -1523,7 +1475,50 @@ static void close_files (void)
- }
-
- if (Gflg || lflg) {
-- close_group_files ();
-+ if (gr_close () == 0) {
-+ fprintf (stderr,
-+ _("%s: failure while writing changes to %s\n"),
-+ Prog, gr_dbname ());
-+ SYSLOG ((LOG_ERR,
-+ "failure while writing changes to %s",
-+ gr_dbname ()));
-+ fail_exit (E_GRP_UPDATE);
-+ }
-+#ifdef SHADOWGRP
-+ if (is_shadow_grp) {
-+ if (sgr_close () == 0) {
-+ fprintf (stderr,
-+ _("%s: failure while writing changes to %s\n"),
-+ Prog, sgr_dbname ());
-+ SYSLOG ((LOG_ERR,
-+ "failure while writing changes to %s",
-+ sgr_dbname ()));
-+ fail_exit (E_GRP_UPDATE);
-+ }
-+ }
-+#endif
-+#ifdef SHADOWGRP
-+ if (is_shadow_grp) {
-+ if (sgr_unlock () == 0) {
-+ fprintf (stderr,
-+ _("%s: failed to unlock %s\n"),
-+ Prog, sgr_dbname ());
-+ SYSLOG ((LOG_ERR,
-+ "failed to unlock %s",
-+ sgr_dbname ()));
-+ /* continue */
-+ }
-+ }
-+#endif
-+ if (gr_unlock () == 0) {
-+ fprintf (stderr,
-+ _("%s: failed to unlock %s\n"),
-+ Prog, gr_dbname ());
-+ SYSLOG ((LOG_ERR,
-+ "failed to unlock %s",
-+ gr_dbname ()));
-+ /* continue */
-+ }
- }
-
- if (is_shadow_pwd) {
-@@ -1592,60 +1587,6 @@ static void close_files (void)
- #endif
- }
-
--/*
-- * close_group_files - close all of the files that were opened
-- *
-- * close_group_files() closes all of the files that were opened related
-- * with groups. This causes any modified entries to be written out.
-- */
--static void close_group_files (void)
--{
-- if (gr_close () == 0) {
-- fprintf (stderr,
-- _("%s: failure while writing changes to %s\n"),
-- Prog, gr_dbname ());
-- SYSLOG ((LOG_ERR,
-- "failure while writing changes to %s",
-- gr_dbname ()));
-- fail_exit (E_GRP_UPDATE);
-- }
--#ifdef SHADOWGRP
-- if (is_shadow_grp) {
-- if (sgr_close () == 0) {
-- fprintf (stderr,
-- _("%s: failure while writing changes to %s\n"),
-- Prog, sgr_dbname ());
-- SYSLOG ((LOG_ERR,
-- "failure while writing changes to %s",
-- sgr_dbname ()));
-- fail_exit (E_GRP_UPDATE);
-- }
-- }
--#endif
--#ifdef SHADOWGRP
-- if (is_shadow_grp) {
-- if (sgr_unlock () == 0) {
-- fprintf (stderr,
-- _("%s: failed to unlock %s\n"),
-- Prog, sgr_dbname ());
-- SYSLOG ((LOG_ERR,
-- "failed to unlock %s",
-- sgr_dbname ()));
-- /* continue */
-- }
-- }
--#endif
-- if (gr_unlock () == 0) {
-- fprintf (stderr,
-- _("%s: failed to unlock %s\n"),
-- Prog, gr_dbname ());
-- SYSLOG ((LOG_ERR,
-- "failed to unlock %s",
-- gr_dbname ()));
-- /* continue */
-- }
--}
--
- /*
- * open_files - lock and open the password files
- *
-@@ -1681,7 +1622,38 @@ static void open_files (void)
- }
-
- if (Gflg || lflg) {
-- open_group_files ();
-+ /*
-+ * Lock and open the group file. This will load all of the
-+ * group entries.
-+ */
-+ if (gr_lock () == 0) {
-+ fprintf (stderr,
-+ _("%s: cannot lock %s; try again later.\n"),
-+ Prog, gr_dbname ());
-+ fail_exit (E_GRP_UPDATE);
-+ }
-+ gr_locked = true;
-+ if (gr_open (O_CREAT | O_RDWR) == 0) {
-+ fprintf (stderr,
-+ _("%s: cannot open %s\n"),
-+ Prog, gr_dbname ());
-+ fail_exit (E_GRP_UPDATE);
-+ }
-+#ifdef SHADOWGRP
-+ if (is_shadow_grp && (sgr_lock () == 0)) {
-+ fprintf (stderr,
-+ _("%s: cannot lock %s; try again later.\n"),
-+ Prog, sgr_dbname ());
-+ fail_exit (E_GRP_UPDATE);
-+ }
-+ sgr_locked = true;
-+ if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) {
-+ fprintf (stderr,
-+ _("%s: cannot open %s\n"),
-+ Prog, sgr_dbname ());
-+ fail_exit (E_GRP_UPDATE);
-+ }
-+#endif
- }
- #ifdef ENABLE_SUBIDS
- if (vflg || Vflg) {
-@@ -1717,44 +1689,6 @@ static void open_files (void)
- #endif /* ENABLE_SUBIDS */
- }
-
--/*
-- * open_group_files - lock and open the group files
-- *
-- * open_group_files() loads all of the group entries.
-- */
--static void open_group_files (void)
--{
-- if (gr_lock () == 0) {
-- fprintf (stderr,
-- _("%s: cannot lock %s; try again later.\n"),
-- Prog, gr_dbname ());
-- fail_exit (E_GRP_UPDATE);
-- }
-- gr_locked = true;
-- if (gr_open (O_CREAT | O_RDWR) == 0) {
-- fprintf (stderr,
-- _("%s: cannot open %s\n"),
-- Prog, gr_dbname ());
-- fail_exit (E_GRP_UPDATE);
-- }
--
--#ifdef SHADOWGRP
-- if (is_shadow_grp && (sgr_lock () == 0)) {
-- fprintf (stderr,
-- _("%s: cannot lock %s; try again later.\n"),
-- Prog, sgr_dbname ());
-- fail_exit (E_GRP_UPDATE);
-- }
-- sgr_locked = true;
-- if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) {
-- fprintf (stderr,
-- _("%s: cannot open %s\n"),
-- Prog, sgr_dbname ());
-- fail_exit (E_GRP_UPDATE);
-- }
--#endif
--}
--
- /*
- * usr_update - create the user entries
- *
---
-2.31.1
-
diff --git a/shadow-utils.spec b/shadow-utils.spec
index bcbadf8..16ec56c 100644
--- a/shadow-utils.spec
+++ b/shadow-utils.spec
@@ -1,12 +1,12 @@
Summary: Utilities for managing accounts and shadow password files
Name: shadow-utils
-Version: 4.9
-Release: 10%{?dist}
+Version: 4.11.1
+Release: 1%{?dist}
Epoch: 2
License: BSD and GPLv2+
URL: https://github.com/shadow-maint/shadow
-Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz
-Source1: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz.asc
+Source0: https://github.com/shadow-maint/shadow/releases/download/v%{version}/shadow-%{version}.tar.xz
+Source1: https://github.com/shadow-maint/shadow/releases/download/v%{version}/shadow-%{version}.tar.xz.asc
Source2: shadow-utils.useradd
Source3: shadow-utils.login.defs
Source4: shadow-bsd.txt
@@ -18,11 +18,9 @@ Source6: shadow-utils.HOME_MODE.xml
### Patches ###
# Misc small changes - most probably non-upstreamable
-Patch0: shadow-4.9-redhat.patch
+Patch0: shadow-4.11.1-redhat.patch
# Be more lenient with acceptable user/group names - non upstreamable
Patch1: shadow-4.8-goodname.patch
-# https://github.com/shadow-maint/shadow/commit/09c752f00f9dfc610f66d68be38c9e5be8ca7f15
-Patch2: shadow-4.9-move-create-home.patch
# SElinux related - upstreamability unknown
Patch3: shadow-4.9-default-range.patch
# Misc manual page changes - non-upstreamable
@@ -32,50 +30,21 @@ Patch5: shadow-4.2.1-date-parsing.patch
# Additional error message - could be upstreamed
Patch6: shadow-4.6-move-home.patch
# Audit message changes - upstreamability unknown
-Patch7: shadow-4.9-audit-update.patch
+Patch7: shadow-4.11.1-audit-update.patch
# Changes related to password unlocking - could be upstreamed
Patch8: shadow-4.5-usermod-unlock.patch
# Additional SElinux related changes - upstreamability unknown
Patch9: shadow-4.8-selinux-perms.patch
-# Handle NULL return from *time funcs - could be upstreamed
-Patch10: shadow-4.9-null-tm.patch
+# Handle NULL return from *time funcs - upstreamable
+Patch10: shadow-4.11.1-null-tm.patch
# Handle /etc/passwd corruption - could be upstreamed
Patch11: shadow-4.8-long-entry.patch
# Limit uid/gid allocation to non-zero - could be upstreamed
Patch12: shadow-4.6-sysugid-min-limit.patch
# Ignore LOGIN_PLAIN_PROMPT in login.defs - upstreamability unknown
Patch13: shadow-4.8-ignore-login-prompt.patch
-# https://github.com/shadow-maint/shadow/commit/c6847011e8b656adacd9a0d2a78418cad0de34cb
-Patch14: shadow-4.9-newuidmap-libeconf-dependency.patch
-# https://github.com/shadow-maint/shadow/commit/e481437ab9ebe9a8bf8fbaabe986d42b2f765991
-Patch15: shadow-4.9-usermod-allow-all-group-types.patch
-# https://github.com/shadow-maint/shadow/commit/9dd720a28578eef5be8171697aae0906e4c53249
-Patch16: shadow-4.9-useradd-avoid-generating-empty-subid-range.patch
-# https://github.com/shadow-maint/shadow/commit/234e8fa7b134d1ebabfdad980a3ae5b63c046c62
-Patch17: shadow-4.9-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch
-# https://github.com/shadow-maint/shadow/commit/234af5cf67fc1a3ba99fc246ba65869a3c416545
-Patch18: shadow-4.9-semanage-close-the-selabel-handle.patch
-# https://github.com/shadow-maint/shadow/commit/4624e9fca1b02b64e25e8b2280a0186182ab73ba
-Patch19: shadow-4.9-revert-useradd-fix-memleak.patch
-# https://github.com/shadow-maint/shadow/commit/06eb4e4d76ac7f1ac86e68a89b2dc9be7c7323a2
-Patch20: shadow-4.9-useradd-copy-tree-argument.patch
-# https://github.com/shadow-maint/shadow/commit/d8e54618feea201987c1f3cb402ed50d1d8b604f
-Patch21: shadow-4.9-pwck-fix-segfault-when-calling-fprintf.patch
-# https://github.com/shadow-maint/shadow/commit/497e90751bc0d95cc998b0f06305040563903948
-Patch22: shadow-4.9-newgrp-fix-segmentation-fault.patch
-# https://github.com/shadow-maint/shadow/commit/3b6ccf642c6bb2b7db087f09ee563ae9318af734
-Patch23: shadow-4.9-getsubids.patch
-# https://github.com/shadow-maint/shadow/commit/a757b458ffb4fb9a40bcbb4f7869449431c67f83
-Patch24: shadow-4.9-groupdel-fix-sigsegv-when-passwd-does-not-exist.patch
-# https://github.com/shadow-maint/shadow/commit/79157cbad87f42cdc2068d72e798488572c68bb2
-Patch25: shadow-4.9-make-shadow-logfd-and-prog-not-extern.patch
-# https://github.com/shadow-maint/shadow/commit/0e6fe5e728a45baff3977d73e81a27adb6ae30c6
-Patch26: shadow-4.9-rename-prog-to-shadow-progname.patch
-# https://github.com/shadow-maint/shadow/commit/2b0bdef6f9a18382e92b0fb6d893c4339123ffac
-# https://github.com/shadow-maint/shadow/commit/9750fd681919ed558a9b044248a284d567cddf1a
-Patch27: shadow-4.9-shadow-progname-default-init.patch
# https://github.com/shadow-maint/shadow/commit/e101219ad71de11da3fdd1b3ec2620fd1a97b92c
-Patch28: shadow-4.9-nss-get-shadow-logfd-with-log-get-logfd.patch
+Patch14: shadow-4.9-nss-get-shadow-logfd-with-log-get-logfd.patch
### Dependencies ###
Requires: audit-libs >= 1.6.5
@@ -129,6 +98,7 @@ Utility library that provides a way to manage subid ranges.
%package subid-devel
Summary: Development package for shadow-utils-subid
License: BSD and GPLv2+
+Requires: shadow-utils-subid = %{version}-%{release}
%description subid-devel
Development files for shadow-utils-subid.
@@ -137,7 +107,6 @@ Development files for shadow-utils-subid.
%setup -q -n shadow-%{version}
%patch0 -p1 -b .redhat
%patch1 -p1 -b .goodname
-%patch2 -p1 -b .move-create-home
%patch3 -p1 -b .default-range
%patch4 -p1 -b .manfix
%patch5 -p1 -b .date-parsing
@@ -149,21 +118,7 @@ Development files for shadow-utils-subid.
%patch11 -p1 -b .long-entry
%patch12 -p1 -b .sysugid-min-limit
%patch13 -p1 -b .login-prompt
-%patch14 -p1 -b .newuidmap-libeconf-dependency
-%patch15 -p1 -b .usermod-allow-all-group-types
-%patch16 -p1 -b .useradd-avoid-generating-empty-subid-range
-%patch17 -p1 -b .libmisc-fix-default-value-in-SHA_get_salt_rounds
-%patch18 -p1 -b .semanage-close-the-selabel-handle
-%patch19 -p1 -b .revert-useradd-fix-memleak
-%patch20 -p1 -b .useradd-copy-tree-argument
-%patch21 -p1 -b .pwck-fix-segfault-when-calling-fprintf
-%patch22 -p1 -b .newgrp-fix-segmentation-fault
-%patch23 -p1 -b .getsubids
-%patch24 -p1 -b .groupdel-fix-sigsegv-when-passwd-does-not-exist
-%patch25 -p1 -b .make-shadow-logfd-and-prog-not-extern
-%patch26 -p1 -b .rename-prog-to-shadow-progname
-%patch27 -p1 -b .shadow-progname-default-init
-%patch28 -p1 -b .nss-get-shadow-logfd-with-log-get-logfd
+%patch14 -p1 -b .nss-get-shadow-logfd-with-log-get-logfd
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
cp -f doc/HOWTO.utf8 doc/HOWTO
@@ -275,8 +230,9 @@ echo $(ls)
mkdir -p $RPM_BUILD_ROOT/%{includesubiddir}
install -m 644 libsubid/subid.h $RPM_BUILD_ROOT/%{includesubiddir}/
-# Remove .la files created by libsubid
+# Remove .la and .a files created by libsubid
rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la
+rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.a
%files -f shadow.lang
%doc NEWS doc/HOWTO README
@@ -336,6 +292,11 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la
%{_libdir}/libsubid.so
%changelog
+* Tue Jan 25 2022 Iker Pedrosa - 2:4.11.1-1
+- Rebase to version 4.11.1 (#2034038)
+- Fix release sources
+- Add explicit subid requirement for subid-devel
+
* Sat Jan 22 2022 Fedora Release Engineering - 2:4.9-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild