diff --git a/.cvsignore b/.cvsignore index 0fb2454..ccacfb0 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -shadow-4.1.4.1.tar.bz2 +shadow-4.1.4.2.tar.bz2 diff --git a/shadow-4.1.4.1-largeGroup.patch b/shadow-4.1.4.1-largeGroup.patch deleted file mode 100644 index 8777e24..0000000 --- a/shadow-4.1.4.1-largeGroup.patch +++ /dev/null @@ -1,230 +0,0 @@ -diff -U0 shadow-4.1.4.1/ChangeLog.large_group shadow-4.1.4.1/ChangeLog -diff -up shadow-4.1.4.1/lib/gshadow.c.large_group shadow-4.1.4.1/lib/gshadow.c ---- shadow-4.1.4.1/lib/gshadow.c.large_group 2009-04-23 13:53:56.000000000 +0200 -+++ shadow-4.1.4.1/lib/gshadow.c 2009-06-16 14:47:08.000000000 +0200 -@@ -2,7 +2,7 @@ - * Copyright (c) 1990 - 1994, Julianne Frances Haugh - * Copyright (c) 1996 - 1998, Marek Michałkiewicz - * Copyright (c) 2005 , Tomasz Kłoczko -- * Copyright (c) 2008 , Nicolas François -+ * Copyright (c) 2008 - 2009, Nicolas François - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without -@@ -41,7 +41,6 @@ - #include "prototypes.h" - #include "defines.h" - static /*@null@*/FILE *shadow; --static char sgrbuf[BUFSIZ * 4]; - static /*@null@*//*@only@*/char **members = NULL; - static size_t nmembers = 0; - static /*@null@*//*@only@*/char **admins = NULL; -@@ -131,12 +130,25 @@ void endsgent (void) - - /*@observer@*//*@null@*/struct sgrp *sgetsgent (const char *string) - { -+ static char *sgrbuf = NULL; -+ static size_t sgrbuflen = 0; -+ - char *fields[FIELDS]; - char *cp; - int i; -+ size_t len = strlen (string) + 1; -+ -+ if (len > sgrbuflen) { -+ char *buf = (char *) realloc (sgrbuf, sizeof (char) * len); -+ if (NULL == buf) { -+ return NULL; -+ } -+ sgrbuf = buf; -+ sgrbuflen = len; -+ } - -- strncpy (sgrbuf, string, sizeof sgrbuf - 1); -- sgrbuf[sizeof sgrbuf - 1] = '\0'; -+ strncpy (sgrbuf, string, len); -+ sgrbuf[len-1] = '\0'; - - cp = strrchr (sgrbuf, '\n'); - if (NULL != cp) { -@@ -161,7 +173,7 @@ void endsgent (void) - * the line is invalid. - */ - -- if ((NULL != cp) || (i != FIELDS)) -+ if ((NULL != cp) || (i != FIELDS)) { - #ifdef USE_NIS - if (!IS_NISCHAR (fields[0][0])) { - return 0; -@@ -171,6 +183,7 @@ void endsgent (void) - #else - return 0; - #endif -+ } - - sgroup.sg_name = fields[0]; - sgroup.sg_passwd = fields[1]; -@@ -199,20 +212,48 @@ void endsgent (void) - - /*@observer@*//*@null@*/struct sgrp *fgetsgent (/*@null@*/FILE * fp) - { -- char buf[sizeof sgrbuf]; -+ static size_t buflen = 0; -+ static char *buf = NULL; -+ - char *cp; -+ struct sgrp *ret; -+ -+ if (0 == buflen) { -+ buf = (char *) malloc (BUFSIZ); -+ if (NULL == buf) { -+ return NULL; -+ } -+ } - - if (NULL == fp) { -- return (0); -+ return NULL; - } - - #ifdef USE_NIS -- while (fgetsx (buf, (int) sizeof buf, fp) != (char *) 0) -+ while (fgetsx (buf, (int) sizeof buf, fp) == buf) - #else -- if (fgetsx (buf, (int) sizeof buf, fp) != (char *) 0) -+ if (fgetsx (buf, (int) sizeof buf, fp) == buf) - #endif - { -- cp = strchr (buf, '\n'); -+ while ( ((cp = strrchr (buf, '\n')) == NULL) -+ && (feof (fp) == 0)) { -+ size_t len; -+ -+ cp = (char *) realloc (buf, buflen*2); -+ if (NULL == cp) { -+ return NULL; -+ } -+ buf = cp; -+ buflen *= 2; -+ -+ len = strlen (buf); -+ if (fgetsx (&buf[len], -+ (int) (buflen - len), -+ fp) != &buf[len]) { -+ return NULL; -+ } -+ } -+ cp = strrchr (buf, '\n'); - if (NULL != cp) { - *cp = '\0'; - } -@@ -223,7 +264,7 @@ void endsgent (void) - #endif - return (sgetsgent (buf)); - } -- return 0; -+ return NULL; - } - - /* -@@ -235,7 +276,6 @@ void endsgent (void) - #ifdef USE_NIS - bool nis_1_group = false; - struct sgrp *val; -- char buf[BUFSIZ]; - #endif - if (NULL == shadow) { - setsgent (); -@@ -334,7 +374,6 @@ void endsgent (void) - struct sgrp *sgrp; - - #ifdef USE_NIS -- char buf[BUFSIZ]; - static char save_name[16]; - int nis_disabled = 0; - #endif -diff -up shadow-4.1.4.1/libmisc/xgetgrgid.c.large_group shadow-4.1.4.1/libmisc/xgetgrgid.c ---- shadow-4.1.4.1/libmisc/xgetgrgid.c.large_group 2008-09-06 16:56:51.000000000 +0200 -+++ shadow-4.1.4.1/libmisc/xgetgrgid.c 2009-06-16 14:15:08.000000000 +0200 -@@ -58,7 +58,6 @@ - #define ARG_TYPE gid_t - #define ARG_NAME gid - #define DUP_FUNCTION __gr_dup --#define MAX_LENGTH 0x8000 - #define HAVE_FUNCTION_R (defined HAVE_GETGRGID_R) - - #include "xgetXXbyYY.c" -diff -up shadow-4.1.4.1/libmisc/xgetgrnam.c.large_group shadow-4.1.4.1/libmisc/xgetgrnam.c ---- shadow-4.1.4.1/libmisc/xgetgrnam.c.large_group 2008-09-06 16:56:57.000000000 +0200 -+++ shadow-4.1.4.1/libmisc/xgetgrnam.c 2009-06-16 14:15:08.000000000 +0200 -@@ -58,7 +58,6 @@ - #define ARG_TYPE const char * - #define ARG_NAME name - #define DUP_FUNCTION __gr_dup --#define MAX_LENGTH 0x8000 - #define HAVE_FUNCTION_R (defined HAVE_GETGRNAM_R) - - #include "xgetXXbyYY.c" -diff -up shadow-4.1.4.1/libmisc/xgetpwnam.c.large_group shadow-4.1.4.1/libmisc/xgetpwnam.c ---- shadow-4.1.4.1/libmisc/xgetpwnam.c.large_group 2008-09-06 16:57:05.000000000 +0200 -+++ shadow-4.1.4.1/libmisc/xgetpwnam.c 2009-06-16 14:15:08.000000000 +0200 -@@ -58,7 +58,6 @@ - #define ARG_TYPE const char * - #define ARG_NAME name - #define DUP_FUNCTION __pw_dup --#define MAX_LENGTH 0x8000 - #define HAVE_FUNCTION_R (defined HAVE_GETPWNAM_R) - - #include "xgetXXbyYY.c" -diff -up shadow-4.1.4.1/libmisc/xgetpwuid.c.large_group shadow-4.1.4.1/libmisc/xgetpwuid.c ---- shadow-4.1.4.1/libmisc/xgetpwuid.c.large_group 2008-09-06 16:57:11.000000000 +0200 -+++ shadow-4.1.4.1/libmisc/xgetpwuid.c 2009-06-16 14:15:08.000000000 +0200 -@@ -58,7 +58,6 @@ - #define ARG_TYPE uid_t - #define ARG_NAME uid - #define DUP_FUNCTION __pw_dup --#define MAX_LENGTH 0x8000 - #define HAVE_FUNCTION_R (defined HAVE_GETPWUID_R) - - #include "xgetXXbyYY.c" -diff -up shadow-4.1.4.1/libmisc/xgetspnam.c.large_group shadow-4.1.4.1/libmisc/xgetspnam.c ---- shadow-4.1.4.1/libmisc/xgetspnam.c.large_group 2008-09-06 16:57:17.000000000 +0200 -+++ shadow-4.1.4.1/libmisc/xgetspnam.c 2009-06-16 14:15:08.000000000 +0200 -@@ -58,7 +58,6 @@ - #define ARG_TYPE const char * - #define ARG_NAME name - #define DUP_FUNCTION __spw_dup --#define MAX_LENGTH 0x8000 - #define HAVE_FUNCTION_R (defined HAVE_GETSPNAM_R) - - #include "xgetXXbyYY.c" -diff -up shadow-4.1.4.1/libmisc/xgetXXbyYY.c.large_group shadow-4.1.4.1/libmisc/xgetXXbyYY.c ---- shadow-4.1.4.1/libmisc/xgetXXbyYY.c.large_group 2009-04-23 11:15:53.000000000 +0200 -+++ shadow-4.1.4.1/libmisc/xgetXXbyYY.c 2009-06-16 14:15:08.000000000 +0200 -@@ -79,7 +79,7 @@ - exit (13); - } - -- do { -+ while (true) { - int status; - LOOKUP_TYPE *resbuf = NULL; - buffer = (char *)realloc (buffer, length); -@@ -106,8 +106,14 @@ - return NULL; - } - -- length *= 4; -- } while (length < MAX_LENGTH); -+ if (length <= ((size_t)-1 / 4)) { -+ length *= 4; -+ } else if (length == (size_t) -1) { -+ break; -+ } else { -+ length = (size_t) -1; -+ } -+ } - - free(buffer); - free(result); -diff -up shadow-4.1.4.1/NEWS.large_group shadow-4.1.4.1/NEWS diff --git a/shadow-4.1.4.1-ldap.patch b/shadow-4.1.4.1-ldap.patch deleted file mode 100644 index 9d97188..0000000 --- a/shadow-4.1.4.1-ldap.patch +++ /dev/null @@ -1,85 +0,0 @@ -diff -up shadow-4.1.4.1/libmisc/find_new_gid.c.ldap shadow-4.1.4.1/libmisc/find_new_gid.c ---- shadow-4.1.4.1/libmisc/find_new_gid.c.ldap 2009-07-16 10:37:41.653798746 +0200 -+++ shadow-4.1.4.1/libmisc/find_new_gid.c 2009-07-16 10:44:14.482808945 +0200 -@@ -90,17 +90,26 @@ int find_new_gid (bool sys_group, - * but we also check the local database (gr_rewind/gr_next) in case - * some groups were created but the changes were not committed yet. - */ -- setgrent (); -- while ((grp = getgrent ()) != NULL) { -- if ((grp->gr_gid >= group_id) && (grp->gr_gid <= gid_max)) { -- group_id = grp->gr_gid + 1; -+ if (sys_group ) { -+ for(group_id = gid_min; group_id<=gid_max; group_id++) { -+ grp = getgrgid(group_id); -+ if(grp) -+ used_gids[grp->gr_gid] = true; - } -- /* create index of used GIDs */ -- if (grp->gr_gid <= gid_max) { -- used_gids[grp->gr_gid] = true; -+ } -+ else { -+ setgrent (); -+ while ((grp = getgrent ()) != NULL) { -+ if ((grp->gr_gid >= group_id) && (grp->gr_gid <= gid_max)) { -+ group_id = grp->gr_gid + 1; -+ } -+ /* create index of used GIDs */ -+ if (grp->gr_gid <= gid_max) { -+ used_gids[grp->gr_gid] = true; -+ } - } -+ endgrent (); - } -- endgrent (); - gr_rewind (); - while ((grp = gr_next ()) != NULL) { - if ((grp->gr_gid >= group_id) && (grp->gr_gid <= gid_max)) { -diff -up shadow-4.1.4.1/libmisc/find_new_uid.c.ldap shadow-4.1.4.1/libmisc/find_new_uid.c ---- shadow-4.1.4.1/libmisc/find_new_uid.c.ldap 2009-07-16 10:37:41.653798746 +0200 -+++ shadow-4.1.4.1/libmisc/find_new_uid.c 2009-07-16 10:37:41.668798323 +0200 -@@ -91,17 +91,27 @@ int find_new_uid (bool sys_user, - * but we also check the local database (pw_rewind/pw_next) in case - * some users were created but the changes were not committed yet. - */ -- setpwent (); -- while ((pwd = getpwent ()) != NULL) { -- if ((pwd->pw_uid >= user_id) && (pwd->pw_uid <= uid_max)) { -- user_id = pwd->pw_uid + 1; -+ /* speed up sys users look up on LDAP boxes */ -+ if (sys_user) { -+ for (user_id = uid_min; user_id<=uid_max; user_id++) { -+ pwd = getpwuid(user_id); -+ if(pwd) -+ used_uids[user_id] = true; - } -- /* create index of used UIDs */ -- if (pwd->pw_uid <= uid_max) { -- used_uids[pwd->pw_uid] = true; -+ } -+ else { -+ setpwent (); -+ while ((pwd = getpwent ()) != NULL) { -+ if ((pwd->pw_uid >= user_id) && (pwd->pw_uid <= uid_max)) { -+ user_id = pwd->pw_uid + 1; -+ } -+ /* create index of used UIDs */ -+ if (pwd->pw_uid <= uid_max) { -+ used_uids[pwd->pw_uid] = true; -+ } - } -+ endpwent (); - } -- endpwent (); - pw_rewind (); - while ((pwd = pw_next ()) != NULL) { - if ((pwd->pw_uid >= user_id) && (pwd->pw_uid <= uid_max)) { -@@ -113,6 +123,7 @@ int find_new_uid (bool sys_user, - } - } - -+ - /* find free system account in reverse order */ - if (sys_user) { - for (user_id = uid_max; user_id >= uid_min; user_id--) { diff --git a/shadow-4.1.4.1-sysacc.patch b/shadow-4.1.4.1-sysacc.patch deleted file mode 100644 index 8a6de17..0000000 --- a/shadow-4.1.4.1-sysacc.patch +++ /dev/null @@ -1,300 +0,0 @@ -diff -up shadow-4.1.4.1/libmisc/find_new_gid.c.sysacc shadow-4.1.4.1/libmisc/find_new_gid.c ---- shadow-4.1.4.1/libmisc/find_new_gid.c.sysacc 2009-07-16 11:51:34.807860808 +0200 -+++ shadow-4.1.4.1/libmisc/find_new_gid.c 2009-07-16 14:19:08.678798578 +0200 -@@ -52,7 +52,7 @@ int find_new_gid (bool sys_group, - /*@null@*/gid_t const *preferred_gid) - { - const struct group *grp; -- gid_t gid_min, gid_max, group_id; -+ gid_t gid_min, gid_max, group_id, id; - bool *used_gids; - - assert (gid != NULL); -@@ -61,7 +61,7 @@ int find_new_gid (bool sys_group, - gid_min = (gid_t) getdef_ulong ("GID_MIN", 500UL); - gid_max = (gid_t) getdef_ulong ("GID_MAX", 60000UL); - } else { -- gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 1UL); -+ gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 201UL); - gid_max = (gid_t) getdef_ulong ("GID_MIN", 500UL) - 1; - gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max); - } -@@ -80,7 +80,6 @@ int find_new_gid (bool sys_group, - return 0; - } - -- group_id = gid_min; - - /* - * Search the entire group file, -@@ -91,13 +90,28 @@ int find_new_gid (bool sys_group, - * some groups were created but the changes were not committed yet. - */ - if (sys_group ) { -- for(group_id = gid_min; group_id<=gid_max; group_id++) { -- grp = getgrgid(group_id); -- if(grp) -+ group_id = gid_max; -+ for(id = gid_max; id>=gid_min; id--) { -+ grp = getgrgid(id); -+ if(grp) { -+ group_id = id - 1; - used_gids[grp->gr_gid] = true; -+ } -+ } -+ -+ gr_rewind (); -+ while ((grp = gr_next ()) != NULL) { -+ if ((grp->gr_gid <= group_id) && (grp->gr_gid >= gid_min)) { -+ group_id = grp->gr_gid - 1; -+ } -+ /* create index of used GIDs */ -+ if (grp->gr_gid <= gid_max) { -+ used_gids[grp->gr_gid] = true; -+ } - } - } - else { -+ group_id = gid_min; - setgrent (); - while ((grp = getgrent ()) != NULL) { - if ((grp->gr_gid >= group_id) && (grp->gr_gid <= gid_max)) { -@@ -109,32 +123,16 @@ int find_new_gid (bool sys_group, - } - } - endgrent (); -- } -- gr_rewind (); -- while ((grp = gr_next ()) != NULL) { -- if ((grp->gr_gid >= group_id) && (grp->gr_gid <= gid_max)) { -- group_id = grp->gr_gid + 1; -- } -- /* create index of used GIDs */ -- if (grp->gr_gid <= gid_max) { -- used_gids[grp->gr_gid] = true; -- } -- } - -- /* find free system account in reverse order */ -- if (sys_group) { -- for (group_id = gid_max; group_id >= gid_min; group_id--) { -- if (false == used_gids[group_id]) { -- break; -+ gr_rewind (); -+ while ((grp = gr_next ()) != NULL) { -+ if ((grp->gr_gid >= group_id) && (grp->gr_gid <= gid_max)) { -+ group_id = grp->gr_gid + 1; -+ } -+ /* create index of used GIDs */ -+ if (grp->gr_gid <= gid_max) { -+ used_gids[grp->gr_gid] = true; - } -- } -- if ( group_id < gid_min ) { -- fprintf (stderr, -- _("%s: Can't get unique GID (no more available GIDs)\n"), -- Prog); -- SYSLOG ((LOG_WARN, -- "no more available GID on the system")); -- return -1; - } - } - -@@ -143,16 +141,35 @@ int find_new_gid (bool sys_group, - * will give us GID_MAX+1 even if not unique. Search for the first - * free GID starting with GID_MIN. - */ -- if (group_id == gid_max + 1) { -- for (group_id = gid_min; group_id < gid_max; group_id++) { -- if (false == used_gids[group_id]) { -- break; -+ if (sys_group) { -+ if (group_id == gid_min - 1) { -+ for (group_id = gid_max; group_id >= gid_min; group_id--) { -+ if (false == used_gids[group_id]) { -+ break; -+ } -+ } -+ if ( group_id < gid_min ) { -+ fprintf (stderr, -+ _("%s: Can't get unique GID (no more available GIDs)\n"), -+ Prog); -+ SYSLOG ((LOG_WARN, -+ "no more available GID on the system")); -+ return -1; - } - } -- if (group_id == gid_max) { -- fprintf (stderr, _("%s: Can't get unique GID (no more available GIDs)\n"), Prog); -- SYSLOG ((LOG_WARN, "no more available GID on the system")); -- return -1; -+ } -+ else { -+ if (group_id == gid_max + 1) { -+ for (group_id = gid_min; group_id < gid_max; group_id++) { -+ if (false == used_gids[group_id]) { -+ break; -+ } -+ } -+ if (group_id == gid_max) { -+ fprintf (stderr, _("%s: Can't get unique GID (no more available GIDs)\n"), Prog); -+ SYSLOG ((LOG_WARN, "no more available GID on the system")); -+ return -1; -+ } - } - } - -diff -up shadow-4.1.4.1/libmisc/find_new_uid.c.sysacc shadow-4.1.4.1/libmisc/find_new_uid.c ---- shadow-4.1.4.1/libmisc/find_new_uid.c.sysacc 2009-07-16 11:51:34.807860808 +0200 -+++ shadow-4.1.4.1/libmisc/find_new_uid.c 2009-07-16 14:13:38.120798526 +0200 -@@ -52,7 +52,7 @@ int find_new_uid (bool sys_user, - /*@null@*/uid_t const *preferred_uid) - { - const struct passwd *pwd; -- uid_t uid_min, uid_max, user_id; -+ uid_t uid_min, uid_max, user_id, id; - bool *used_uids; - - assert (uid != NULL); -@@ -61,7 +61,7 @@ int find_new_uid (bool sys_user, - uid_min = (uid_t) getdef_ulong ("UID_MIN", 500UL); - uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL); - } else { -- uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 1UL); -+ uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 201UL); - uid_max = (uid_t) getdef_ulong ("UID_MIN", 500UL) - 1; - uid_max = (uid_t) getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max); - } -@@ -81,8 +81,6 @@ int find_new_uid (bool sys_user, - } - - -- user_id = uid_min; -- - /* - * Search the entire password file, - * looking for the largest unused value. -@@ -91,15 +89,30 @@ int find_new_uid (bool sys_user, - * but we also check the local database (pw_rewind/pw_next) in case - * some users were created but the changes were not committed yet. - */ -- /* speed up sys users look up on LDAP boxes */ - if (sys_user) { -- for (user_id = uid_min; user_id<=uid_max; user_id++) { -- pwd = getpwuid(user_id); -- if(pwd) -+ user_id = uid_max; -+ for (id = uid_max; id>=uid_min; id--) { -+ pwd = getpwuid(id); -+ if(pwd) { -+ user_id = id - 1; - used_uids[user_id] = true; -+ } - } -+ -+ pw_rewind (); -+ while ((pwd = pw_next ()) != NULL) { -+ if ((pwd->pw_uid <= user_id) && (pwd->pw_uid >= uid_min)) { -+ user_id = pwd->pw_uid - 1; -+ } -+ /* create index of used UIDs */ -+ if (pwd->pw_uid <= uid_max) { -+ used_uids[pwd->pw_uid] = true; -+ } -+ } -+ - } - else { -+ user_id = uid_min; - setpwent (); - while ((pwd = getpwent ()) != NULL) { - if ((pwd->pw_uid >= user_id) && (pwd->pw_uid <= uid_max)) { -@@ -111,51 +124,55 @@ int find_new_uid (bool sys_user, - } - } - endpwent (); -- } -- pw_rewind (); -- while ((pwd = pw_next ()) != NULL) { -- if ((pwd->pw_uid >= user_id) && (pwd->pw_uid <= uid_max)) { -- user_id = pwd->pw_uid + 1; -- } -- /* create index of used UIDs */ -- if (pwd->pw_uid <= uid_max) { -- used_uids[pwd->pw_uid] = true; -- } -- } -- - -- /* find free system account in reverse order */ -- if (sys_user) { -- for (user_id = uid_max; user_id >= uid_min; user_id--) { -- if (false == used_uids[user_id]) { -- break; -+ pw_rewind (); -+ while ((pwd = pw_next ()) != NULL) { -+ if ((pwd->pw_uid >= user_id) && (pwd->pw_uid <= uid_max)) { -+ user_id = pwd->pw_uid + 1; -+ } -+ /* create index of used UIDs */ -+ if (pwd->pw_uid <= uid_max) { -+ used_uids[pwd->pw_uid] = true; - } -- } -- if (user_id < uid_min ) { -- fprintf (stderr, -- _("%s: Can't get unique system UID (no more available UIDs)\n"), -- Prog); -- SYSLOG ((LOG_WARN, -- "no more available UID on the system")); -- return -1; - } - } - -+ - /* - * If a user with UID equal to UID_MAX exists, the above algorithm - * will give us UID_MAX+1 even if not unique. Search for the first - * free UID starting with UID_MIN. - */ -- if (user_id == uid_max + 1) { -- for (user_id = uid_min; user_id < uid_max; user_id++) { -- if (false == used_uids[user_id]) { -- break; -+ if (sys_user) { -+ if (user_id == uid_min - 1) { -+ for (user_id = uid_max; user_id >= uid_min; user_id--) { -+ if (false == used_uids[user_id]) { -+ break; -+ } -+ } -+ if (user_id < uid_min ) { -+ fprintf (stderr, -+ _("%s: Can't get unique system UID (no more available UIDs)\n"), -+ Prog); -+ SYSLOG ((LOG_WARN, -+ "no more available UID on the system")); -+ return -1; - } - } -- if (user_id == uid_max) { -- fprintf (stderr, _("%s: Can't get unique UID (no more available UIDs)\n"), Prog); -- SYSLOG ((LOG_WARN, "no more available UID on the system")); -- return -1; -+ } -+ else { -+ if (user_id == uid_max + 1) { -+ for (user_id = uid_min; user_id < uid_max; user_id++) { -+ if (false == used_uids[user_id]) { -+ break; -+ } -+ } -+ if (user_id == uid_max) { -+ fprintf (stderr, _("%s: Can't get unique UID (no more available UIDs)\n"), -+ Prog); -+ SYSLOG ((LOG_WARN, "no more available UID on the system")); -+ return -1; -+ } - } - } - diff --git a/shadow-4.1.4.2-fixes.patch b/shadow-4.1.4.2-fixes.patch new file mode 100644 index 0000000..a7ab5b4 --- /dev/null +++ b/shadow-4.1.4.2-fixes.patch @@ -0,0 +1,65 @@ +diff -up shadow-4.1.4.2/lib/commonio.c.fixes shadow-4.1.4.2/lib/commonio.c +--- shadow-4.1.4.2/lib/commonio.c.fixes 2009-09-07 15:51:28.312139467 +0200 ++++ shadow-4.1.4.2/lib/commonio.c 2009-09-07 15:52:00.788140456 +0200 +@@ -710,7 +710,7 @@ commonio_sort (struct commonio_db *db, i + db->tail->prev = entries[n - 1]; + db->tail->next = NULL; + +- for (i = 1; i < n; i++) { ++ for (i = 1; i < (n-1); i++) { + entries[i]->prev = entries[i - 1]; + entries[i]->next = entries[i + 1]; + } +diff -up shadow-4.1.4.2/libmisc/cleanup.c.fixes shadow-4.1.4.2/libmisc/cleanup.c +--- shadow-4.1.4.2/libmisc/cleanup.c.fixes 2009-09-07 15:52:22.449035388 +0200 ++++ shadow-4.1.4.2/libmisc/cleanup.c 2009-09-07 15:55:06.632033653 +0200 +@@ -107,7 +107,7 @@ void del_cleanup (cleanup_function pcf) + assert (i limit) { +- SYSLOG ((LOG_WARN, "Too many logins (max %d) for %s\n", ++ SYSLOG ((LOG_WARN, "Too many logins (max %lu) for %s\n", + limit, name)); + return LOGIN_ERROR_LOGIN; + } +diff -up shadow-4.1.4.2/libmisc/utmp.c.fixes shadow-4.1.4.2/libmisc/utmp.c +--- shadow-4.1.4.2/libmisc/utmp.c.fixes 2009-09-07 15:56:30.534033865 +0200 ++++ shadow-4.1.4.2/libmisc/utmp.c 2009-09-07 16:11:23.049069289 +0200 +@@ -56,7 +56,7 @@ static bool is_my_tty (const char *tty) + /* full_tty shall be at least sizeof utmp.ut_line + 5 */ + char full_tty[200]; + /* tmptty shall be bigger than full_tty */ +- static char tmptty[sizeof (full_tty)+1]; ++ static char tmptty[sizeof (full_tty)+1] = ""; + + if ('/' != *tty) { + (void) snprintf (full_tty, sizeof full_tty, "/dev/%s", tty); +@@ -71,7 +71,7 @@ static bool is_my_tty (const char *tty) + } + } + +- if (NULL == tmptty) { ++ if ('\0' == tmptty[0]) { + (void) puts (_("Unable to determine your tty name.")); + exit (EXIT_FAILURE); + } else if (strncmp (tty, tmptty, sizeof (tmptty)) != 0) { +@@ -200,7 +200,6 @@ static void updwtmpx (const char *filena + strcpy (hostname, host); + #ifdef HAVE_STRUCT_UTMP_UT_HOST + } else if ( (NULL != ut) +- && (NULL != ut->ut_host) + && ('\0' != ut->ut_host[0])) { + hostname = (char *) xmalloc (sizeof (ut->ut_host) + 1); + strncpy (hostname, ut->ut_host, sizeof (ut->ut_host)); diff --git a/shadow-4.1.4.2-leak.patch b/shadow-4.1.4.2-leak.patch new file mode 100644 index 0000000..0d6aa09 --- /dev/null +++ b/shadow-4.1.4.2-leak.patch @@ -0,0 +1,108 @@ +diff -up shadow-4.1.4.2/lib/groupmem.c.leak shadow-4.1.4.2/lib/groupmem.c +--- shadow-4.1.4.2/lib/groupmem.c.leak 2009-04-23 19:43:27.000000000 +0200 ++++ shadow-4.1.4.2/lib/groupmem.c 2009-09-07 15:43:23.314129427 +0200 +@@ -51,10 +51,13 @@ + *gr = *grent; + gr->gr_name = strdup (grent->gr_name); + if (NULL == gr->gr_name) { ++ free(gr); + return NULL; + } + gr->gr_passwd = strdup (grent->gr_passwd); + if (NULL == gr->gr_passwd) { ++ free(gr->gr_name); ++ free(gr); + return NULL; + } + +@@ -62,11 +65,21 @@ + + gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *)); + if (NULL == gr->gr_mem) { ++ free(gr->gr_passwd); ++ free(gr->gr_name); ++ free(gr); + return NULL; + } + for (i = 0; grent->gr_mem[i]; i++) { + gr->gr_mem[i] = strdup (grent->gr_mem[i]); + if (NULL == gr->gr_mem[i]) { ++ int j; ++ for (j=0; jgr_mem[j]); ++ free(gr->gr_mem); ++ free(gr->gr_passwd); ++ free(gr->gr_name); ++ free(gr); + return NULL; + } + } +diff -up shadow-4.1.4.2/libmisc/copydir.c.leak shadow-4.1.4.2/libmisc/copydir.c +--- shadow-4.1.4.2/libmisc/copydir.c.leak 2009-05-22 12:16:14.000000000 +0200 ++++ shadow-4.1.4.2/libmisc/copydir.c 2009-09-07 15:41:49.217192095 +0200 +@@ -443,6 +443,7 @@ static char *readlink_malloc (const char + nchars = readlink (filename, buffer, size); + + if (nchars < 0) { ++ free(buffer); + return NULL; + } + +diff -up shadow-4.1.4.2/lib/pwmem.c.leak shadow-4.1.4.2/lib/pwmem.c +--- shadow-4.1.4.2/lib/pwmem.c.leak 2009-04-23 19:43:27.000000000 +0200 ++++ shadow-4.1.4.2/lib/pwmem.c 2009-09-07 15:41:49.218203063 +0200 +@@ -51,22 +51,37 @@ + *pw = *pwent; + pw->pw_name = strdup (pwent->pw_name); + if (NULL == pw->pw_name) { ++ free(pw); + return NULL; + } + pw->pw_passwd = strdup (pwent->pw_passwd); + if (NULL == pw->pw_passwd) { ++ free(pw->pw_name); ++ free(pw); + return NULL; + } + pw->pw_gecos = strdup (pwent->pw_gecos); + if (NULL == pw->pw_gecos) { ++ free(pw->pw_passwd); ++ free(pw->pw_name); ++ free(pw); + return NULL; + } + pw->pw_dir = strdup (pwent->pw_dir); + if (NULL == pw->pw_dir) { ++ free(pw->pw_gecos); ++ free(pw->pw_passwd); ++ free(pw->pw_name); ++ free(pw); + return NULL; + } + pw->pw_shell = strdup (pwent->pw_shell); + if (NULL == pw->pw_shell) { ++ free(pw->pw_dir); ++ free(pw->pw_gecos); ++ free(pw->pw_passwd); ++ free(pw->pw_name); ++ free(pw); + return NULL; + } + +diff -up shadow-4.1.4.2/lib/shadowmem.c.leak shadow-4.1.4.2/lib/shadowmem.c +--- shadow-4.1.4.2/lib/shadowmem.c.leak 2009-04-23 19:43:27.000000000 +0200 ++++ shadow-4.1.4.2/lib/shadowmem.c 2009-09-07 15:41:49.218203063 +0200 +@@ -52,10 +52,13 @@ + *sp = *spent; + sp->sp_namp = strdup (spent->sp_namp); + if (NULL == sp->sp_namp) { ++ free(sp); + return NULL; + } + sp->sp_pwdp = strdup (spent->sp_pwdp); + if (NULL == sp->sp_pwdp) { ++ free(sp->sp_namp); ++ free(sp); + return NULL; + } + diff --git a/shadow-4.1.4-redhat.patch b/shadow-4.1.4.2-redhat.patch similarity index 67% rename from shadow-4.1.4-redhat.patch rename to shadow-4.1.4.2-redhat.patch index 3143c21..2b9e334 100644 --- a/shadow-4.1.4-redhat.patch +++ b/shadow-4.1.4.2-redhat.patch @@ -1,6 +1,6 @@ -diff -up shadow-4.1.4/libmisc/find_new_gid.c.redhat shadow-4.1.4/libmisc/find_new_gid.c ---- shadow-4.1.4/libmisc/find_new_gid.c.redhat 2009-04-23 19:36:42.000000000 +0200 -+++ shadow-4.1.4/libmisc/find_new_gid.c 2009-05-15 12:01:18.000000000 +0200 +diff -up shadow-4.1.4.2/libmisc/find_new_gid.c.redhat shadow-4.1.4.2/libmisc/find_new_gid.c +--- shadow-4.1.4.2/libmisc/find_new_gid.c.redhat 2009-07-18 01:53:42.000000000 +0200 ++++ shadow-4.1.4.2/libmisc/find_new_gid.c 2009-09-07 16:34:26.640814090 +0200 @@ -58,11 +58,11 @@ int find_new_gid (bool sys_group, assert (gid != NULL); @@ -9,15 +9,16 @@ diff -up shadow-4.1.4/libmisc/find_new_gid.c.redhat shadow-4.1.4/libmisc/find_ne + gid_min = (gid_t) getdef_ulong ("GID_MIN", 500UL); gid_max = (gid_t) getdef_ulong ("GID_MAX", 60000UL); } else { - gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 1UL); +- gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL); - gid_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1; ++ gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 201UL); + gid_max = (gid_t) getdef_ulong ("GID_MIN", 500UL) - 1; gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max); } used_gids = alloca (sizeof (bool) * (gid_max +1)); -diff -up shadow-4.1.4/libmisc/find_new_uid.c.redhat shadow-4.1.4/libmisc/find_new_uid.c ---- shadow-4.1.4/libmisc/find_new_uid.c.redhat 2009-04-23 19:37:12.000000000 +0200 -+++ shadow-4.1.4/libmisc/find_new_uid.c 2009-05-15 12:01:39.000000000 +0200 +diff -up shadow-4.1.4.2/libmisc/find_new_uid.c.redhat shadow-4.1.4.2/libmisc/find_new_uid.c +--- shadow-4.1.4.2/libmisc/find_new_uid.c.redhat 2009-07-18 01:53:43.000000000 +0200 ++++ shadow-4.1.4.2/libmisc/find_new_uid.c 2009-09-07 16:34:19.695877000 +0200 @@ -58,11 +58,11 @@ int find_new_uid (bool sys_user, assert (uid != NULL); @@ -26,15 +27,16 @@ diff -up shadow-4.1.4/libmisc/find_new_uid.c.redhat shadow-4.1.4/libmisc/find_ne + uid_min = (uid_t) getdef_ulong ("UID_MIN", 500UL); uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL); } else { - uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 1UL); +- uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL); - uid_max = (uid_t) getdef_ulong ("UID_MIN", 1000UL) - 1; ++ uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 201UL); + uid_max = (uid_t) getdef_ulong ("UID_MIN", 500UL) - 1; uid_max = (uid_t) getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max); } used_uids = alloca (sizeof (bool) * (uid_max +1)); -diff -up shadow-4.1.4/src/useradd.c.redhat shadow-4.1.4/src/useradd.c ---- shadow-4.1.4/src/useradd.c.redhat 2009-05-10 20:26:35.000000000 +0200 -+++ shadow-4.1.4/src/useradd.c 2009-05-15 11:59:40.000000000 +0200 +diff -up shadow-4.1.4.2/src/useradd.c.redhat shadow-4.1.4.2/src/useradd.c +--- shadow-4.1.4.2/src/useradd.c.redhat 2009-06-06 00:16:58.000000000 +0200 ++++ shadow-4.1.4.2/src/useradd.c 2009-09-07 16:34:01.402878101 +0200 @@ -90,7 +90,7 @@ char *Prog; static gid_t def_group = 100; static const char *def_gname = "other"; @@ -53,7 +55,7 @@ diff -up shadow-4.1.4/src/useradd.c.redhat shadow-4.1.4/src/useradd.c static uid_t user_id; static gid_t user_gid; static const char *user_comment = ""; -@@ -996,9 +996,9 @@ static void process_flags (int argc, cha +@@ -989,9 +989,9 @@ static void process_flags (int argc, cha }; while ((c = getopt_long (argc, argv, #ifdef WITH_SELINUX @@ -65,7 +67,7 @@ diff -up shadow-4.1.4/src/useradd.c.redhat shadow-4.1.4/src/useradd.c #endif long_options, NULL)) != -1) { switch (c) { -@@ -1148,6 +1148,7 @@ static void process_flags (int argc, cha +@@ -1141,6 +1141,7 @@ static void process_flags (int argc, cha case 'M': Mflg = true; break; diff --git a/shadow-utils.spec b/shadow-utils.spec index f0c816d..4d13a7c 100644 --- a/shadow-utils.spec +++ b/shadow-utils.spec @@ -1,17 +1,16 @@ Summary: Utilities for managing accounts and shadow password files Name: shadow-utils -Version: 4.1.4.1 -Release: 7%{?dist} +Version: 4.1.4.2 +Release: 1%{?dist} Epoch: 2 URL: http://pkg-shadow.alioth.debian.org/ Source0: ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-%{version}.tar.bz2 Source1: shadow-4.0.17-login.defs Source2: shadow-4.0.18.1-useradd -Patch0: shadow-4.1.4-redhat.patch +Patch0: shadow-4.1.4.2-redhat.patch Patch1: shadow-4.1.4.1-goodname.patch -Patch2: shadow-4.1.4.1-largeGroup.patch -Patch3: shadow-4.1.4.1-ldap.patch -Patch4: shadow-4.1.4.1-sysacc.patch +Patch2: shadow-4.1.4.2-leak.patch +Patch3: shadow-4.1.4.2-fixes.patch License: BSD and GPLv2+ Group: System Environment/Base BuildRequires: libselinux-devel >= 1.25.2-1 @@ -37,10 +36,9 @@ are used for managing group accounts. %prep %setup -q -n shadow-%{version} %patch0 -p1 -b .redhat -%patch1 -p1 -b .goodname -%patch2 -p1 -b .largeGroup -%patch3 -p1 -b .ldap -%patch4 -p1 -b .sysacc +#%patch1 -p1 -b .goodname +#%patch2 -p1 -b .leak +#%patch3 -p1 -b .fixes iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 cp -f doc/HOWTO.utf8 doc/HOWTO @@ -182,6 +180,9 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man8/vigr.8* %changelog +* Mon Sep 07 2009 Peter Vrabec - 2:4.1.4.2-1 +- upgrade + * Fri Aug 21 2009 Tomas Mraz - 2:4.1.4.1-7 - rebuilt with new audit diff --git a/sources b/sources index 13714cc..1922174 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -62f7dae4cb54fa84e478c4602d58cbe8 shadow-4.1.4.1.tar.bz2 +d593a9cab93c48ee0a6ba056db8c1997 shadow-4.1.4.2.tar.bz2