diff --git a/.gitignore b/.gitignore
index 9e9905a..de3b420 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,3 +12,5 @@ shadow-4.1.4.2.tar.bz2
/shadow-4.6.tar.xz.asc
/shadow-4.8.tar.xz
/shadow-4.8.tar.xz.asc
+/shadow-4.8.1.tar.xz
+/shadow-4.8.1.tar.xz.asc
diff --git a/shadow-4.8-invalid-shell-check.patch b/shadow-4.8-invalid-shell-check.patch
deleted file mode 100644
index fb586e0..0000000
--- a/shadow-4.8-invalid-shell-check.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-diff -up shadow-4.8/src/useradd.c.invalid-shell shadow-4.8/src/useradd.c
---- shadow-4.8/src/useradd.c.invalid-shell 2020-01-16 08:47:13.841921106 +0100
-+++ shadow-4.8/src/useradd.c 2020-01-16 08:57:26.338421901 +0100
-@@ -1277,15 +1277,22 @@ static void process_flags (int argc, cha
- if ( ( !VALID (optarg) )
- || ( ('\0' != optarg[0])
- && ('/' != optarg[0])
-- && ('*' != optarg[0]) )
-- || (stat(optarg, &st) != 0)
-- || (S_ISDIR(st.st_mode))
-- || (access(optarg, X_OK) != 0)) {
-+ && ('*' != optarg[0]) )) {
- fprintf (stderr,
- _("%s: invalid shell '%s'\n"),
- Prog, optarg);
- exit (E_BAD_ARG);
- }
-+ if ( '\0' != optarg[0]
-+ && '*' != optarg[0]
-+ && strcmp(optarg, "/sbin/nologin") != 0
-+ && ( stat(optarg, &st) != 0
-+ || S_ISDIR(st.st_mode)
-+ || access(optarg, X_OK) != 0)) {
-+ fprintf (stderr,
-+ _("%s: Warning: missing or non-executable shell '%s'\n"),
-+ Prog, optarg);
-+ }
- user_shell = optarg;
- def_shell = optarg;
- sflg = true;
diff --git a/shadow-4.8-audit-update.patch b/shadow-4.8.1-audit-update.patch
similarity index 94%
rename from shadow-4.8-audit-update.patch
rename to shadow-4.8.1-audit-update.patch
index 153adfe..1b9586a 100644
--- a/shadow-4.8-audit-update.patch
+++ b/shadow-4.8.1-audit-update.patch
@@ -1,6 +1,6 @@
-diff -up shadow-4.8/libmisc/audit_help.c.audit-update shadow-4.8/libmisc/audit_help.c
---- shadow-4.8/libmisc/audit_help.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/libmisc/audit_help.c 2020-01-13 10:15:51.802073378 +0100
+diff -up shadow-4.8.1/libmisc/audit_help.c.audit-update shadow-4.8.1/libmisc/audit_help.c
+--- shadow-4.8.1/libmisc/audit_help.c.audit-update 2019-07-23 17:26:08.000000000 +0200
++++ shadow-4.8.1/libmisc/audit_help.c 2020-03-17 16:53:44.371943299 +0100
@@ -68,7 +68,7 @@ void audit_help_open (void)
* This function will log a message to the audit system using a predefined
* message format. Parameter usage is as follows:
@@ -50,9 +50,9 @@ diff -up shadow-4.8/libmisc/audit_help.c.audit-update shadow-4.8/libmisc/audit_h
void audit_logger_message (const char *message, shadow_audit_result result)
{
if (audit_fd < 0) {
-diff -up shadow-4.8/libmisc/cleanup_group.c.audit-update shadow-4.8/libmisc/cleanup_group.c
---- shadow-4.8/libmisc/cleanup_group.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/libmisc/cleanup_group.c 2020-01-13 10:15:51.802073378 +0100
+diff -up shadow-4.8.1/libmisc/cleanup_group.c.audit-update shadow-4.8.1/libmisc/cleanup_group.c
+--- shadow-4.8.1/libmisc/cleanup_group.c.audit-update 2019-07-23 17:26:08.000000000 +0200
++++ shadow-4.8.1/libmisc/cleanup_group.c 2020-03-17 16:53:44.371943299 +0100
@@ -83,7 +83,7 @@ void cleanup_report_mod_group (void *cle
gr_dbname (),
info->action));
@@ -131,9 +131,9 @@ diff -up shadow-4.8/libmisc/cleanup_group.c.audit-update shadow-4.8/libmisc/clea
SHADOW_AUDIT_FAILURE);
#endif
}
-diff -up shadow-4.8/libmisc/cleanup_user.c.audit-update shadow-4.8/libmisc/cleanup_user.c
---- shadow-4.8/libmisc/cleanup_user.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/libmisc/cleanup_user.c 2020-01-13 10:15:51.802073378 +0100
+diff -up shadow-4.8.1/libmisc/cleanup_user.c.audit-update shadow-4.8.1/libmisc/cleanup_user.c
+--- shadow-4.8.1/libmisc/cleanup_user.c.audit-update 2019-07-23 17:26:08.000000000 +0200
++++ shadow-4.8.1/libmisc/cleanup_user.c 2020-03-17 16:53:44.371943299 +0100
@@ -65,7 +65,7 @@ void cleanup_report_mod_passwd (void *cl
pw_dbname (),
info->action));
@@ -181,9 +181,9 @@ diff -up shadow-4.8/libmisc/cleanup_user.c.audit-update shadow-4.8/libmisc/clean
SHADOW_AUDIT_FAILURE);
#endif
}
-diff -up shadow-4.8/lib/prototypes.h.audit-update shadow-4.8/lib/prototypes.h
---- shadow-4.8/lib/prototypes.h.audit-update 2020-01-13 10:15:51.785073664 +0100
-+++ shadow-4.8/lib/prototypes.h 2020-01-13 10:15:51.803073362 +0100
+diff -up shadow-4.8.1/lib/prototypes.h.audit-update shadow-4.8.1/lib/prototypes.h
+--- shadow-4.8.1/lib/prototypes.h.audit-update 2020-03-17 16:53:44.364943206 +0100
++++ shadow-4.8.1/lib/prototypes.h 2020-03-17 16:53:44.371943299 +0100
@@ -219,12 +219,21 @@ extern int audit_fd;
extern void audit_help_open (void);
/* Use AUDIT_NO_ID when a name is provided to audit_logger instead of an ID */
@@ -206,9 +206,9 @@ diff -up shadow-4.8/lib/prototypes.h.audit-update shadow-4.8/lib/prototypes.h
void audit_logger_message (const char *message, shadow_audit_result result);
#endif
-diff -up shadow-4.8/src/chage.c.audit-update shadow-4.8/src/chage.c
---- shadow-4.8/src/chage.c.audit-update 2019-11-12 01:18:25.000000000 +0100
-+++ shadow-4.8/src/chage.c 2020-01-13 10:15:51.806073311 +0100
+diff -up shadow-4.8.1/src/chage.c.audit-update shadow-4.8.1/src/chage.c
+--- shadow-4.8.1/src/chage.c.audit-update 2019-11-12 01:18:25.000000000 +0100
++++ shadow-4.8.1/src/chage.c 2020-03-17 16:53:44.371943299 +0100
@@ -123,9 +123,10 @@ static /*@noreturn@*/void fail_exit (int
#ifdef WITH_AUDIT
@@ -296,9 +296,9 @@ diff -up shadow-4.8/src/chage.c.audit-update shadow-4.8/src/chage.c
user_name, (unsigned int) user_uid, 1);
}
#endif
-diff -up shadow-4.8/src/gpasswd.c.audit-update shadow-4.8/src/gpasswd.c
---- shadow-4.8/src/gpasswd.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/src/gpasswd.c 2020-01-13 10:15:51.803073362 +0100
+diff -up shadow-4.8.1/src/gpasswd.c.audit-update shadow-4.8.1/src/gpasswd.c
+--- shadow-4.8.1/src/gpasswd.c.audit-update 2019-07-23 17:26:08.000000000 +0200
++++ shadow-4.8.1/src/gpasswd.c 2020-03-17 16:53:44.371943299 +0100
@@ -138,7 +138,7 @@ static void usage (int status)
(void) fputs (_(" -d, --delete USER remove USER from GROUP\n"), usageout);
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
@@ -562,9 +562,9 @@ diff -up shadow-4.8/src/gpasswd.c.audit-update shadow-4.8/src/gpasswd.c
SHADOW_AUDIT_SUCCESS);
#endif
}
-diff -up shadow-4.8/src/groupadd.c.audit-update shadow-4.8/src/groupadd.c
---- shadow-4.8/src/groupadd.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/src/groupadd.c 2020-01-13 10:15:51.804073345 +0100
+diff -up shadow-4.8.1/src/groupadd.c.audit-update shadow-4.8.1/src/groupadd.c
+--- shadow-4.8.1/src/groupadd.c.audit-update 2019-07-23 17:26:08.000000000 +0200
++++ shadow-4.8.1/src/groupadd.c 2020-03-17 16:53:44.372943312 +0100
@@ -131,6 +131,15 @@ static /*@noreturn@*/void usage (int sta
exit (status);
}
@@ -740,9 +740,9 @@ diff -up shadow-4.8/src/groupadd.c.audit-update shadow-4.8/src/groupadd.c
}
}
-diff -up shadow-4.8/src/groupdel.c.audit-update shadow-4.8/src/groupdel.c
---- shadow-4.8/src/groupdel.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/src/groupdel.c 2020-01-13 10:15:51.804073345 +0100
+diff -up shadow-4.8.1/src/groupdel.c.audit-update shadow-4.8.1/src/groupdel.c
+--- shadow-4.8.1/src/groupdel.c.audit-update 2019-07-23 17:26:08.000000000 +0200
++++ shadow-4.8.1/src/groupdel.c 2020-03-17 16:53:44.372943312 +0100
@@ -106,6 +106,15 @@ static /*@noreturn@*/void usage (int sta
exit (status);
}
@@ -912,9 +912,9 @@ diff -up shadow-4.8/src/groupdel.c.audit-update shadow-4.8/src/groupdel.c
}
#endif
-diff -up shadow-4.8/src/groupmod.c.audit-update shadow-4.8/src/groupmod.c
---- shadow-4.8/src/groupmod.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/src/groupmod.c 2020-01-13 10:15:51.805073328 +0100
+diff -up shadow-4.8.1/src/groupmod.c.audit-update shadow-4.8.1/src/groupmod.c
+--- shadow-4.8.1/src/groupmod.c.audit-update 2019-07-23 17:26:08.000000000 +0200
++++ shadow-4.8.1/src/groupmod.c 2020-03-17 16:53:44.372943312 +0100
@@ -450,7 +450,7 @@ static void close_files (void)
exit (E_GRP_UPDATE);
}
@@ -1118,9 +1118,9 @@ diff -up shadow-4.8/src/groupmod.c.audit-update shadow-4.8/src/groupmod.c
// FIXME: add a system cleanup
add_cleanup (cleanup_report_mod_group, &info_group);
-diff -up shadow-4.8/src/newgrp.c.audit-update shadow-4.8/src/newgrp.c
---- shadow-4.8/src/newgrp.c.audit-update 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/src/newgrp.c 2020-01-13 10:15:51.806073311 +0100
+diff -up shadow-4.8.1/src/newgrp.c.audit-update shadow-4.8.1/src/newgrp.c
+--- shadow-4.8.1/src/newgrp.c.audit-update 2020-01-12 15:19:28.000000000 +0100
++++ shadow-4.8.1/src/newgrp.c 2020-03-17 16:53:44.372943312 +0100
@@ -206,11 +206,12 @@ static void check_perms (const struct gr
strcmp (cpasswd, grp->gr_passwd) != 0) {
#ifdef WITH_AUDIT
@@ -1203,7 +1203,7 @@ diff -up shadow-4.8/src/newgrp.c.audit-update shadow-4.8/src/newgrp.c
}
#endif
exit (EXIT_FAILURE);
-@@ -457,7 +458,7 @@ int main (int argc, char **argv)
+@@ -458,7 +459,7 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT
audit_logger (AUDIT_CHGRP_ID, Prog,
"changing", NULL,
@@ -1212,7 +1212,7 @@ diff -up shadow-4.8/src/newgrp.c.audit-update shadow-4.8/src/newgrp.c
#endif
SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
(unsigned long) getuid ()));
-@@ -573,15 +574,26 @@ int main (int argc, char **argv)
+@@ -574,15 +575,26 @@ int main (int argc, char **argv)
perror ("getgroups");
#ifdef WITH_AUDIT
if (group) {
@@ -1243,7 +1243,7 @@ diff -up shadow-4.8/src/newgrp.c.audit-update shadow-4.8/src/newgrp.c
}
#endif
exit (EXIT_FAILURE);
-@@ -738,10 +750,10 @@ int main (int argc, char **argv)
+@@ -739,10 +751,10 @@ int main (int argc, char **argv)
perror ("setgid");
#ifdef WITH_AUDIT
snprintf (audit_buf, sizeof(audit_buf),
@@ -1256,7 +1256,7 @@ diff -up shadow-4.8/src/newgrp.c.audit-update shadow-4.8/src/newgrp.c
#endif
exit (EXIT_FAILURE);
}
-@@ -750,10 +762,10 @@ int main (int argc, char **argv)
+@@ -751,10 +763,10 @@ int main (int argc, char **argv)
perror ("setuid");
#ifdef WITH_AUDIT
snprintf (audit_buf, sizeof(audit_buf),
@@ -1269,7 +1269,7 @@ diff -up shadow-4.8/src/newgrp.c.audit-update shadow-4.8/src/newgrp.c
#endif
exit (EXIT_FAILURE);
}
-@@ -767,10 +779,10 @@ int main (int argc, char **argv)
+@@ -768,10 +780,10 @@ int main (int argc, char **argv)
execl (SHELL, "sh", "-c", command, (char *) 0);
#ifdef WITH_AUDIT
snprintf (audit_buf, sizeof(audit_buf),
@@ -1282,7 +1282,7 @@ diff -up shadow-4.8/src/newgrp.c.audit-update shadow-4.8/src/newgrp.c
#endif
perror (SHELL);
exit ((errno == ENOENT) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
-@@ -834,11 +846,11 @@ int main (int argc, char **argv)
+@@ -835,11 +847,11 @@ int main (int argc, char **argv)
}
#ifdef WITH_AUDIT
@@ -1296,7 +1296,7 @@ diff -up shadow-4.8/src/newgrp.c.audit-update shadow-4.8/src/newgrp.c
#endif
/*
* Exec the login shell and go away. We are trying to get back to
-@@ -862,15 +874,24 @@ int main (int argc, char **argv)
+@@ -863,15 +875,24 @@ int main (int argc, char **argv)
closelog ();
#ifdef WITH_AUDIT
if (NULL != group) {
@@ -1325,9 +1325,9 @@ diff -up shadow-4.8/src/newgrp.c.audit-update shadow-4.8/src/newgrp.c
}
#endif
exit (EXIT_FAILURE);
-diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
---- shadow-4.8/src/useradd.c.audit-update 2020-01-13 10:15:51.789073597 +0100
-+++ shadow-4.8/src/useradd.c 2020-01-13 10:17:30.929406913 +0100
+diff -up shadow-4.8.1/src/useradd.c.audit-update shadow-4.8.1/src/useradd.c
+--- shadow-4.8.1/src/useradd.c.audit-update 2020-03-17 16:53:44.365943219 +0100
++++ shadow-4.8.1/src/useradd.c 2020-03-17 17:03:11.614503929 +0100
@@ -233,6 +233,8 @@ static void create_mail (void);
*/
static void fail_exit (int code)
@@ -1510,7 +1510,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
SHADOW_AUDIT_SUCCESS);
#endif
SYSLOG ((LOG_INFO,
-@@ -1445,7 +1393,7 @@ static void process_flags (int argc, cha
+@@ -1452,7 +1400,7 @@ static void process_flags (int argc, cha
Prog, user_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
@@ -1519,7 +1519,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1560,7 +1508,7 @@ static void close_files (void)
+@@ -1567,7 +1515,7 @@ static void close_files (void)
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
@@ -1528,7 +1528,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1573,7 +1521,7 @@ static void close_files (void)
+@@ -1580,7 +1528,7 @@ static void close_files (void)
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
@@ -1537,7 +1537,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1585,7 +1533,7 @@ static void close_files (void)
+@@ -1592,7 +1540,7 @@ static void close_files (void)
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
@@ -1546,7 +1546,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1599,7 +1547,7 @@ static void close_files (void)
+@@ -1606,7 +1554,7 @@ static void close_files (void)
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
@@ -1555,7 +1555,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1615,7 +1563,7 @@ static void close_files (void)
+@@ -1622,7 +1570,7 @@ static void close_files (void)
SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
@@ -1564,7 +1564,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1629,7 +1577,7 @@ static void close_files (void)
+@@ -1636,7 +1584,7 @@ static void close_files (void)
SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
@@ -1573,7 +1573,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
user_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1821,7 +1769,7 @@ static void grp_add (void)
+@@ -1828,7 +1776,7 @@ static void grp_add (void)
Prog, gr_dbname (), grp.gr_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
@@ -1582,7 +1582,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
grp.gr_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1837,7 +1785,7 @@ static void grp_add (void)
+@@ -1844,7 +1792,7 @@ static void grp_add (void)
Prog, sgr_dbname (), sgrp.sg_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
@@ -1591,7 +1591,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
grp.gr_name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
#endif
-@@ -1847,7 +1795,7 @@ static void grp_add (void)
+@@ -1854,7 +1802,7 @@ static void grp_add (void)
SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u", user_name, user_gid));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
@@ -1600,7 +1600,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
grp.gr_name, AUDIT_NO_ID,
SHADOW_AUDIT_SUCCESS);
#endif
-@@ -2015,12 +1963,6 @@ static void usr_update (void)
+@@ -2025,12 +1973,6 @@ static void usr_update (void)
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, spw_dbname (), spent.sp_namp);
@@ -1613,7 +1613,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
fail_exit (E_PW_UPDATE);
}
#ifdef ENABLE_SUBIDS
-@@ -2041,9 +1983,14 @@ static void usr_update (void)
+@@ -2051,9 +1993,14 @@ static void usr_update (void)
#endif /* ENABLE_SUBIDS */
#ifdef WITH_AUDIT
@@ -1630,7 +1630,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
SHADOW_AUDIT_SUCCESS);
#endif
/*
-@@ -2130,12 +2077,6 @@ static void create_home (void)
+@@ -2140,12 +2087,6 @@ static void create_home (void)
fprintf (stderr,
_("%s: cannot create directory %s\n"),
Prog, path);
@@ -1643,8 +1643,8 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
fail_exit (E_HOMEDIR);
}
if (chown (path, 0, 0) < 0) {
-@@ -2157,8 +2098,8 @@ static void create_home (void)
- 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
+@@ -2168,8 +2109,8 @@ static void create_home (void)
+ chmod (prefix_user_home, mode);
home_added = true;
#ifdef WITH_AUDIT
- audit_logger (AUDIT_ADD_USER, Prog,
@@ -1654,7 +1654,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_SUCCESS);
#endif
-@@ -2343,12 +2284,6 @@ int main (int argc, char **argv)
+@@ -2354,12 +2295,6 @@ int main (int argc, char **argv)
*/
if (prefix_getpwnam (user_name) != NULL) { /* local, no need for xgetpwnam */
fprintf (stderr, _("%s: user '%s' already exists\n"), Prog, user_name);
@@ -1667,7 +1667,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
fail_exit (E_NAME_IN_USE);
}
-@@ -2364,12 +2299,6 @@ int main (int argc, char **argv)
+@@ -2375,12 +2310,6 @@ int main (int argc, char **argv)
fprintf (stderr,
_("%s: group %s exists - if you want to add this user to that group, use -g.\n"),
Prog, user_name);
@@ -1680,7 +1680,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
fail_exit (E_NAME_IN_USE);
}
}
-@@ -2399,12 +2328,6 @@ int main (int argc, char **argv)
+@@ -2410,12 +2339,6 @@ int main (int argc, char **argv)
fprintf (stderr,
_("%s: UID %lu is not unique\n"),
Prog, (unsigned long) user_id);
@@ -1693,7 +1693,7 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
fail_exit (E_UID_IN_USE);
}
}
-@@ -2478,9 +2401,10 @@ int main (int argc, char **argv)
+@@ -2489,9 +2412,10 @@ int main (int argc, char **argv)
_("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
Prog, user_name, user_selinux);
#ifdef WITH_AUDIT
@@ -1707,9 +1707,9 @@ diff -up shadow-4.8/src/useradd.c.audit-update shadow-4.8/src/useradd.c
#endif /* WITH_AUDIT */
rv = E_SE_UPDATE;
}
-diff -up shadow-4.8/src/userdel.c.audit-update shadow-4.8/src/userdel.c
---- shadow-4.8/src/userdel.c.audit-update 2020-01-13 10:15:51.797073462 +0100
-+++ shadow-4.8/src/userdel.c 2020-01-13 10:15:51.809073261 +0100
+diff -up shadow-4.8.1/src/userdel.c.audit-update shadow-4.8.1/src/userdel.c
+--- shadow-4.8.1/src/userdel.c.audit-update 2020-03-17 16:53:44.368943259 +0100
++++ shadow-4.8.1/src/userdel.c 2020-03-17 16:53:44.373943325 +0100
@@ -222,9 +222,9 @@ static void update_groups (void)
* Update the DBM group file with the new entry as well.
*/
@@ -2037,9 +2037,9 @@ diff -up shadow-4.8/src/userdel.c.audit-update shadow-4.8/src/userdel.c
user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
-diff -up shadow-4.8/src/usermod.c.audit-update shadow-4.8/src/usermod.c
---- shadow-4.8/src/usermod.c.audit-update 2020-01-13 10:15:51.800073412 +0100
-+++ shadow-4.8/src/usermod.c 2020-01-13 10:15:51.812073210 +0100
+diff -up shadow-4.8.1/src/usermod.c.audit-update shadow-4.8.1/src/usermod.c
+--- shadow-4.8.1/src/usermod.c.audit-update 2020-03-17 16:53:44.370943285 +0100
++++ shadow-4.8.1/src/usermod.c 2020-03-17 16:53:44.373943325 +0100
@@ -457,8 +457,8 @@ static char *new_pw_passwd (char *pw_pas
#ifdef WITH_AUDIT
diff --git a/shadow-4.8-manfix.patch b/shadow-4.8.1-manfix.patch
similarity index 82%
rename from shadow-4.8-manfix.patch
rename to shadow-4.8.1-manfix.patch
index ecb99a4..29f06a7 100644
--- a/shadow-4.8-manfix.patch
+++ b/shadow-4.8.1-manfix.patch
@@ -1,6 +1,6 @@
-diff -up shadow-4.8/man/chage.1.xml.manfix shadow-4.8/man/chage.1.xml
---- shadow-4.8/man/chage.1.xml.manfix 2019-10-05 01:28:34.000000000 +0200
-+++ shadow-4.8/man/chage.1.xml 2020-01-13 10:12:48.445155882 +0100
+diff -up shadow-4.8.1/man/chage.1.xml.manfix shadow-4.8.1/man/chage.1.xml
+--- shadow-4.8.1/man/chage.1.xml.manfix 2019-10-05 01:28:34.000000000 +0200
++++ shadow-4.8.1/man/chage.1.xml 2020-03-17 15:34:48.750414984 +0100
@@ -102,6 +102,9 @@
Set the number of days since January 1st, 1970 when the password
was last changed. The date may also be expressed in the format
@@ -44,9 +44,9 @@ diff -up shadow-4.8/man/chage.1.xml.manfix shadow-4.8/man/chage.1.xml
The chage command is restricted to the root
user, except for the option, which may be used by
an unprivileged user to determine when their password or account is due
-diff -up shadow-4.8/man/groupadd.8.xml.manfix shadow-4.8/man/groupadd.8.xml
---- shadow-4.8/man/groupadd.8.xml.manfix 2020-01-13 10:12:48.432156100 +0100
-+++ shadow-4.8/man/groupadd.8.xml 2020-01-13 10:13:06.096859122 +0100
+diff -up shadow-4.8.1/man/groupadd.8.xml.manfix shadow-4.8.1/man/groupadd.8.xml
+--- shadow-4.8.1/man/groupadd.8.xml.manfix 2020-03-17 15:34:48.745414917 +0100
++++ shadow-4.8.1/man/groupadd.8.xml 2020-03-17 15:34:48.750414984 +0100
@@ -320,13 +320,13 @@
4
@@ -63,15 +63,15 @@ diff -up shadow-4.8/man/groupadd.8.xml.manfix shadow-4.8/man/groupadd.8.xml
-diff -up shadow-4.8/man/groupmems.8.xml.manfix shadow-4.8/man/groupmems.8.xml
---- shadow-4.8/man/groupmems.8.xml.manfix 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/man/groupmems.8.xml 2020-01-13 10:12:48.445155882 +0100
+diff -up shadow-4.8.1/man/groupmems.8.xml.manfix shadow-4.8.1/man/groupmems.8.xml
+--- shadow-4.8.1/man/groupmems.8.xml.manfix 2020-03-17 15:34:48.750414984 +0100
++++ shadow-4.8.1/man/groupmems.8.xml 2020-03-17 15:41:13.383588722 +0100
@@ -179,20 +179,10 @@
SETUP
- The groupmems executable should be in mode
-- 2770 as user root and in group
+- 2710 as user root and in group
- groups. The system administrator can add users to
- group groups to allow or disallow them using the
- groupmems utility to manage their own group
@@ -83,16 +83,16 @@ diff -up shadow-4.8/man/groupmems.8.xml.manfix shadow-4.8/man/groupmems.8.xml
-
-
- $ groupadd -r groups
-- $ chmod 2770 groupmems
+- $ chmod 2710 groupmems
- $ chown root.groups groupmems
- $ groupmems -g groups -a gk4
-
-diff -up shadow-4.8/man/ja/man5/login.defs.5.manfix shadow-4.8/man/ja/man5/login.defs.5
---- shadow-4.8/man/ja/man5/login.defs.5.manfix 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/man/ja/man5/login.defs.5 2020-01-13 10:12:48.445155882 +0100
+diff -up shadow-4.8.1/man/ja/man5/login.defs.5.manfix shadow-4.8.1/man/ja/man5/login.defs.5
+--- shadow-4.8.1/man/ja/man5/login.defs.5.manfix 2019-07-23 17:26:08.000000000 +0200
++++ shadow-4.8.1/man/ja/man5/login.defs.5 2020-03-17 15:34:48.750414984 +0100
@@ -147,10 +147,6 @@ 以下の参照表は、
shadow パスワード機能のどのプログラムが
どのパラメータを使用するかを示したものである。
@@ -104,10 +104,10 @@ diff -up shadow-4.8/man/ja/man5/login.defs.5.manfix shadow-4.8/man/ja/man5/login
.IP groupadd 12
GID_MAX GID_MIN
.IP newusers 12
-diff -up shadow-4.8/man/login.defs.5.xml.manfix shadow-4.8/man/login.defs.5.xml
---- shadow-4.8/man/login.defs.5.xml.manfix 2019-07-23 17:26:08.000000000 +0200
-+++ shadow-4.8/man/login.defs.5.xml 2020-01-13 10:14:10.491776547 +0100
-@@ -163,6 +163,17 @@
+diff -up shadow-4.8.1/man/login.defs.5.xml.manfix shadow-4.8.1/man/login.defs.5.xml
+--- shadow-4.8.1/man/login.defs.5.xml.manfix 2020-01-17 16:47:56.000000000 +0100
++++ shadow-4.8.1/man/login.defs.5.xml 2020-03-17 15:34:48.750414984 +0100
+@@ -164,6 +164,17 @@
long numeric parameters is machine-dependent.
@@ -125,7 +125,7 @@ diff -up shadow-4.8/man/login.defs.5.xml.manfix shadow-4.8/man/login.defs.5.xml
The following configuration items are provided:
-@@ -254,16 +265,6 @@
+@@ -256,16 +267,6 @@
@@ -142,7 +142,7 @@ diff -up shadow-4.8/man/login.defs.5.xml.manfix shadow-4.8/man/login.defs.5.xml
chgpasswd
-@@ -284,14 +285,6 @@
+@@ -286,14 +287,6 @@
@@ -157,7 +157,7 @@ diff -up shadow-4.8/man/login.defs.5.xml.manfix shadow-4.8/man/login.defs.5.xml
-@@ -357,34 +350,6 @@
+@@ -359,34 +352,6 @@
LASTLOG_UID_MAX
@@ -192,7 +192,7 @@ diff -up shadow-4.8/man/login.defs.5.xml.manfix shadow-4.8/man/login.defs.5.xml
newgrp / sg
-@@ -412,17 +377,6 @@
+@@ -415,17 +380,6 @@
@@ -210,7 +210,7 @@ diff -up shadow-4.8/man/login.defs.5.xml.manfix shadow-4.8/man/login.defs.5.xml
pwck
-@@ -449,32 +403,6 @@
+@@ -452,32 +406,6 @@
@@ -243,9 +243,9 @@ diff -up shadow-4.8/man/login.defs.5.xml.manfix shadow-4.8/man/login.defs.5.xml
useradd
-diff -up shadow-4.8/man/shadow.5.xml.manfix shadow-4.8/man/shadow.5.xml
---- shadow-4.8/man/shadow.5.xml.manfix 2019-12-01 17:52:32.000000000 +0100
-+++ shadow-4.8/man/shadow.5.xml 2020-01-13 10:12:48.446155865 +0100
+diff -up shadow-4.8.1/man/shadow.5.xml.manfix shadow-4.8.1/man/shadow.5.xml
+--- shadow-4.8.1/man/shadow.5.xml.manfix 2019-12-01 17:52:32.000000000 +0100
++++ shadow-4.8.1/man/shadow.5.xml 2020-03-17 15:34:48.750414984 +0100
@@ -129,7 +129,7 @@
@@ -275,10 +275,10 @@ diff -up shadow-4.8/man/shadow.5.xml.manfix shadow-4.8/man/shadow.5.xml
Note that an account expiration differs from a password
-diff -up shadow-4.8/man/useradd.8.xml.manfix shadow-4.8/man/useradd.8.xml
---- shadow-4.8/man/useradd.8.xml.manfix 2020-01-13 10:12:48.432156100 +0100
-+++ shadow-4.8/man/useradd.8.xml 2020-01-13 10:12:48.446155865 +0100
-@@ -358,6 +358,11 @@
+diff -up shadow-4.8.1/man/useradd.8.xml.manfix shadow-4.8.1/man/useradd.8.xml
+--- shadow-4.8.1/man/useradd.8.xml.manfix 2020-03-17 15:34:48.745414917 +0100
++++ shadow-4.8.1/man/useradd.8.xml 2020-03-17 15:34:48.751414997 +0100
+@@ -359,6 +359,11 @@
is not enabled, no home
directories are created.
@@ -290,10 +290,10 @@ diff -up shadow-4.8/man/useradd.8.xml.manfix shadow-4.8/man/useradd.8.xml
-diff -up shadow-4.8/man/usermod.8.xml.manfix shadow-4.8/man/usermod.8.xml
---- shadow-4.8/man/usermod.8.xml.manfix 2019-10-05 03:23:58.000000000 +0200
-+++ shadow-4.8/man/usermod.8.xml 2020-01-13 10:12:48.446155865 +0100
-@@ -153,7 +153,8 @@
+diff -up shadow-4.8.1/man/usermod.8.xml.manfix shadow-4.8.1/man/usermod.8.xml
+--- shadow-4.8.1/man/usermod.8.xml.manfix 2019-12-20 06:58:23.000000000 +0100
++++ shadow-4.8.1/man/usermod.8.xml 2020-03-17 15:34:48.751414997 +0100
+@@ -143,7 +143,8 @@
If the
option is given, the contents of the current home directory will
be moved to the new home directory, which is created if it does
@@ -303,7 +303,7 @@ diff -up shadow-4.8/man/usermod.8.xml.manfix shadow-4.8/man/usermod.8.xml
-@@ -215,6 +216,12 @@
+@@ -205,6 +206,12 @@
The group ownership of files outside of the user's home directory
must be fixed manually.
@@ -316,7 +316,7 @@ diff -up shadow-4.8/man/usermod.8.xml.manfix shadow-4.8/man/usermod.8.xml
-@@ -277,7 +284,8 @@
+@@ -267,7 +274,8 @@
Move the content of the user's home directory to the new
@@ -326,7 +326,7 @@ diff -up shadow-4.8/man/usermod.8.xml.manfix shadow-4.8/man/usermod.8.xml
This option is only valid in combination with the
-@@ -391,6 +399,12 @@
+@@ -381,6 +389,12 @@
must be fixed manually.
diff --git a/shadow-utils.HOME_MODE.xml b/shadow-utils.HOME_MODE.xml
new file mode 100644
index 0000000..21aa55f
--- /dev/null
+++ b/shadow-utils.HOME_MODE.xml
@@ -0,0 +1,43 @@
+
+
+ (number)
+
+
+ The mode for new home directories. If not specified,
+ the is used to create the mode.
+
+
+ useradd and newusers use this
+ to set the mode of the home directory they create.
+
+
+
diff --git a/shadow-utils.spec b/shadow-utils.spec
index 481a534..5b58ae6 100644
--- a/shadow-utils.spec
+++ b/shadow-utils.spec
@@ -1,7 +1,7 @@
Summary: Utilities for managing accounts and shadow password files
Name: shadow-utils
-Version: 4.8
-Release: 5%{?dist}
+Version: 4.8.1
+Release: 1%{?dist}
Epoch: 2
URL: http://pkg-shadow.alioth.debian.org/
Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz
@@ -10,6 +10,7 @@ Source2: shadow-utils.useradd
Source3: shadow-utils.login.defs
Source4: shadow-bsd.txt
Source5: https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
+Source6: shadow-utils.HOME_MODE.xml
# Misc small changes - most probably non-upstreamable
Patch0: shadow-4.6-redhat.patch
# Be more lenient with acceptable user/group names - non upstreamable
@@ -23,7 +24,7 @@ Patch11: shadow-4.1.5.1-logmsg.patch
# SElinux related - upstreamability unknown
Patch14: shadow-4.1.5.1-default-range.patch
# Misc manual page changes - only some of them could be upstreamed
-Patch15: shadow-4.8-manfix.patch
+Patch15: shadow-4.8.1-manfix.patch
# Userdel usage message change - could be upstreamed
Patch17: shadow-4.1.5.1-userdel-helpfix.patch
# Date parsing improvement - could be upstreamed
@@ -31,7 +32,7 @@ Patch19: shadow-4.2.1-date-parsing.patch
# Additional error message - could be upstreamed
Patch21: shadow-4.6-move-home.patch
# Audit message changes - upstreamability unknown
-Patch22: shadow-4.8-audit-update.patch
+Patch22: shadow-4.8.1-audit-update.patch
# Changes related to password unlocking - could be upstreamed
Patch23: shadow-4.5-usermod-unlock.patch
# Additional SElinux related changes - upstreamability unknown
@@ -48,8 +49,6 @@ Patch33: shadow-4.8-long-entry.patch
Patch38: shadow-4.6-sysugid-min-limit.patch
# Ignore LOGIN_PLAIN_PROMPT in login.defs - upstreamability unknown
Patch40: shadow-4.8-ignore-login-prompt.patch
-# Make the missing shell check into warning - could be upstreamed
-Patch41: shadow-4.8-invalid-shell-check.patch
# Generate /var/spool/mail/$USER with the proper SELinux user identity - already upstreamed
Patch42: shadow-4.8-useradd-selinux-mail.patch
@@ -99,13 +98,13 @@ are used for managing group accounts.
%patch33 -p1 -b .long-entry
%patch38 -p1 -b .sysugid-min-limit
%patch40 -p1 -b .login-prompt
-%patch41 -p1 -b .invalid-shell
%patch42 -p1 -b .useradd-selinux-mail
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
cp -f doc/HOWTO.utf8 doc/HOWTO
cp -a %{SOURCE4} %{SOURCE5} .
+cp -a %{SOURCE6} man/login.defs.d/HOME_MODE.xml
# Force regeneration of getdate.c
rm libmisc/getdate.c
@@ -255,7 +254,10 @@ done
%{_mandir}/man8/vigr.8*
%changelog
-* Mon Mar 17 2020 Iker Pedrosa - 2:4.8-5
+* Tue Mar 17 2020 Iker Pedrosa - 2:4.8.1-1
+- updated upstream to 4.8.1
+
+* Tue Mar 17 2020 Iker Pedrosa - 2:4.8-5
- synchronized login.defs with upstream file (#1261099 and #1807957)
* Mon Feb 24 2020 Iker Pedrosa - 2:4.8-4
diff --git a/sources b/sources
index c9450ff..0e0c57a 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (shadow-4.8.tar.xz) = 1c607aec541400fc179d6cbbac7511289c618ab2ce6ee9d7c18a8bfda00421c62d4b9e58aff52b5f82d485468e7db955c186ea0faad9a08003ffc01bdf2ccece
-SHA512 (shadow-4.8.tar.xz.asc) = 200f7793e55447cc5c0d11988ee26511167c5fe23e1f6622b6b0c8cb74498052f2df855f02e351fee0da16562f6a6510ad3954b4c5e13dd9a8da0d998f8dc5e6
+SHA512 (shadow-4.8.1.tar.xz) = 780a983483d847ed3c91c82064a0fa902b6f4185225978241bc3bc03fcc3aa143975b46aee43151c6ba43efcfdb1819516b76ba7ad3d1d3c34fcc38ea42e917b
+SHA512 (shadow-4.8.1.tar.xz.asc) = ec7686263c81d3feb8ee4314c3323a9a3ada74aafaaf99f4f0d9af9b1341f8c5ff5477ecf98dd94dbb7d921f532d655b0b6a87d94c71893f35dc9bc54c84dd42