Compare commits
7 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
033c98378d | ||
|
2f332dc07c | ||
|
99f1f175f1 | ||
|
eb97365f20 | ||
|
9e3b561c11 | ||
|
f436725393 | ||
|
9d8d75d499 |
2
.gitignore
vendored
2
.gitignore
vendored
@ -16,5 +16,3 @@ shadow-4.1.4.2.tar.bz2
|
|||||||
/shadow-4.8.1.tar.xz.asc
|
/shadow-4.8.1.tar.xz.asc
|
||||||
/shadow-4.9.tar.xz
|
/shadow-4.9.tar.xz
|
||||||
/shadow-4.9.tar.xz.asc
|
/shadow-4.9.tar.xz.asc
|
||||||
/shadow-4.11.1.tar.xz
|
|
||||||
/shadow-4.11.1.tar.xz.asc
|
|
||||||
|
@ -1,22 +0,0 @@
|
|||||||
diff -up shadow-4.11.1/src/chage.c.null-tm shadow-4.11.1/src/chage.c
|
|
||||||
diff -up shadow-4.11.1/src/lastlog.c.null-tm shadow-4.11.1/src/lastlog.c
|
|
||||||
--- shadow-4.11.1/src/lastlog.c.null-tm 2022-01-03 15:31:56.348555620 +0100
|
|
||||||
+++ shadow-4.11.1/src/lastlog.c 2022-01-03 15:38:41.262229024 +0100
|
|
||||||
@@ -151,9 +151,12 @@ static void print_one (/*@null@*/const s
|
|
||||||
|
|
||||||
ll_time = ll.ll_time;
|
|
||||||
tm = localtime (&ll_time);
|
|
||||||
- strftime (ptime, sizeof (ptime), "%a %b %e %H:%M:%S %z %Y", tm);
|
|
||||||
- cp = ptime;
|
|
||||||
-
|
|
||||||
+ if (tm == NULL) {
|
|
||||||
+ cp = "(unknown)";
|
|
||||||
+ } else {
|
|
||||||
+ strftime (ptime, sizeof (ptime), "%a %b %e %H:%M:%S %z %Y", tm);
|
|
||||||
+ cp = ptime;
|
|
||||||
+ }
|
|
||||||
if (ll.ll_time == (time_t) 0) {
|
|
||||||
cp = _("**Never logged in**\0");
|
|
||||||
}
|
|
||||||
diff -up shadow-4.11.1/src/passwd.c.null-tm shadow-4.11.1/src/passwd.c
|
|
||||||
diff -up shadow-4.11.1/src/usermod.c.null-tm shadow-4.11.1/src/usermod.c
|
|
@ -1,40 +0,0 @@
|
|||||||
From f1f1678e13aa3ae49bdb139efaa2c5bc53dcfe92 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Iker Pedrosa <ipedrosa@redhat.com>
|
|
||||||
Date: Tue, 4 Jan 2022 13:06:00 +0100
|
|
||||||
Subject: [PATCH] useradd: modify check ID range for system users
|
|
||||||
|
|
||||||
useradd warns that a system user ID less than SYS_UID_MIN is outside the
|
|
||||||
expected range, even though that ID has been specifically selected with
|
|
||||||
the "-u" option.
|
|
||||||
|
|
||||||
In my opinion all the user ID's below SYS_UID_MAX are for the system,
|
|
||||||
thus I change the condition to take that into account.
|
|
||||||
|
|
||||||
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2004911
|
|
||||||
|
|
||||||
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
|
|
||||||
---
|
|
||||||
src/useradd.c | 6 ++----
|
|
||||||
1 file changed, 2 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/useradd.c b/src/useradd.c
|
|
||||||
index 34376fa5..4c71c38a 100644
|
|
||||||
--- a/src/useradd.c
|
|
||||||
+++ b/src/useradd.c
|
|
||||||
@@ -2409,11 +2409,9 @@ static void check_uid_range(int rflg, uid_t user_id)
|
|
||||||
uid_t uid_min ;
|
|
||||||
uid_t uid_max ;
|
|
||||||
if (rflg) {
|
|
||||||
- uid_min = (uid_t)getdef_ulong("SYS_UID_MIN",101UL);
|
|
||||||
uid_max = (uid_t)getdef_ulong("SYS_UID_MAX",getdef_ulong("UID_MIN",1000UL)-1);
|
|
||||||
- if (uid_min <= uid_max) {
|
|
||||||
- if (user_id < uid_min || user_id >uid_max)
|
|
||||||
- fprintf(stderr, _("%s warning: %s's uid %d outside of the SYS_UID_MIN %d and SYS_UID_MAX %d range.\n"), Prog, user_name, user_id, uid_min, uid_max);
|
|
||||||
+ if (user_id > uid_max) {
|
|
||||||
+ fprintf(stderr, _("%s warning: %s's uid %d is greater than SYS_UID_MAX %d\n"), Prog, user_name, user_id, uid_max);
|
|
||||||
}
|
|
||||||
}else{
|
|
||||||
uid_min = (uid_t)getdef_ulong("UID_MIN", 1000UL);
|
|
||||||
--
|
|
||||||
2.37.1
|
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
245
shadow-4.9-getsubids.patch
Normal file
245
shadow-4.9-getsubids.patch
Normal file
@ -0,0 +1,245 @@
|
|||||||
|
diff -up shadow-4.9/man/getsubids.1.xml.getsubids shadow-4.9/man/getsubids.1.xml
|
||||||
|
--- shadow-4.9/man/getsubids.1.xml.getsubids 2021-11-18 16:27:33.951053120 +0100
|
||||||
|
+++ shadow-4.9/man/getsubids.1.xml 2021-11-18 16:27:33.951053120 +0100
|
||||||
|
@@ -0,0 +1,141 @@
|
||||||
|
+<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
+<!--
|
||||||
|
+ Copyright (c) 2021 Iker Pedrosa
|
||||||
|
+ All rights reserved.
|
||||||
|
+
|
||||||
|
+ Redistribution and use in source and binary forms, with or without
|
||||||
|
+ modification, are permitted provided that the following conditions
|
||||||
|
+ are met:
|
||||||
|
+ 1. Redistributions of source code must retain the above copyright
|
||||||
|
+ notice, this list of conditions and the following disclaimer.
|
||||||
|
+ 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
+ notice, this list of conditions and the following disclaimer in the
|
||||||
|
+ documentation and/or other materials provided with the distribution.
|
||||||
|
+ 3. The name of the copyright holders or contributors may not be used to
|
||||||
|
+ endorse or promote products derived from this software without
|
||||||
|
+ specific prior written permission.
|
||||||
|
+
|
||||||
|
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||||
|
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||||
|
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
||||||
|
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||||
|
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||||
|
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||||
|
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||||
|
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||||
|
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||||
|
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
+-->
|
||||||
|
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
|
||||||
|
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
||||||
|
+<!-- SHADOW-CONFIG-HERE -->
|
||||||
|
+]>
|
||||||
|
+
|
||||||
|
+<refentry id='getsubids.1'>
|
||||||
|
+ <refentryinfo>
|
||||||
|
+ <author>
|
||||||
|
+ <firstname>Iker</firstname>
|
||||||
|
+ <surname>Pedrosa</surname>
|
||||||
|
+ <contrib>Creation, 2021</contrib>
|
||||||
|
+ </author>
|
||||||
|
+ </refentryinfo>
|
||||||
|
+ <refmeta>
|
||||||
|
+ <refentrytitle>getsubids</refentrytitle>
|
||||||
|
+ <manvolnum>1</manvolnum>
|
||||||
|
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
|
||||||
|
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
|
||||||
|
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
|
||||||
|
+ </refmeta>
|
||||||
|
+ <refnamediv id='name'>
|
||||||
|
+ <refname>getsubids</refname>
|
||||||
|
+ <refpurpose>get the subordinate id ranges for a user</refpurpose>
|
||||||
|
+ </refnamediv>
|
||||||
|
+
|
||||||
|
+ <refsynopsisdiv id='synopsis'>
|
||||||
|
+ <cmdsynopsis>
|
||||||
|
+ <command>getsubids</command>
|
||||||
|
+ <arg choice='opt'>
|
||||||
|
+ <replaceable>options</replaceable>
|
||||||
|
+ </arg>
|
||||||
|
+ <arg choice='plain'>
|
||||||
|
+ <replaceable>USER</replaceable>
|
||||||
|
+ </arg>
|
||||||
|
+ </cmdsynopsis>
|
||||||
|
+ </refsynopsisdiv>
|
||||||
|
+
|
||||||
|
+ <refsect1 id='description'>
|
||||||
|
+ <title>DESCRIPTION</title>
|
||||||
|
+ <para>
|
||||||
|
+ The <command>getsubids</command> command lists the subordinate user ID
|
||||||
|
+ ranges for a given user. The subordinate group IDs can be listed using
|
||||||
|
+ the <option>-g</option> option.
|
||||||
|
+ </para>
|
||||||
|
+ </refsect1>
|
||||||
|
+
|
||||||
|
+ <refsect1 id='options'>
|
||||||
|
+ <title>OPTIONS</title>
|
||||||
|
+ <para>
|
||||||
|
+ The options which apply to the <command>getsubids</command> command are:
|
||||||
|
+ </para>
|
||||||
|
+ <variablelist remap='IP'>
|
||||||
|
+ <varlistentry>
|
||||||
|
+ <term>
|
||||||
|
+ <option>-g</option>
|
||||||
|
+ </term>
|
||||||
|
+ <listitem>
|
||||||
|
+ <para>
|
||||||
|
+ List the subordinate group ID ranges.
|
||||||
|
+ </para>
|
||||||
|
+ </listitem>
|
||||||
|
+ </varlistentry>
|
||||||
|
+ </variablelist>
|
||||||
|
+ </refsect1>
|
||||||
|
+
|
||||||
|
+ <refsect1 id='example'>
|
||||||
|
+ <title>EXAMPLE</title>
|
||||||
|
+ <para>
|
||||||
|
+ For example, to obtain the subordinate UIDs of the testuser:
|
||||||
|
+ </para>
|
||||||
|
+ <para>
|
||||||
|
+<programlisting>
|
||||||
|
+$ getsubids testuser
|
||||||
|
+0: testuser 100000 65536
|
||||||
|
+</programlisting>
|
||||||
|
+ </para>
|
||||||
|
+ <para>
|
||||||
|
+ This command output provides (in order from left to right) the list
|
||||||
|
+ index, username, UID range start, and number of UIDs in range.
|
||||||
|
+ </para>
|
||||||
|
+ </refsect1>
|
||||||
|
+
|
||||||
|
+ <refsect1 id='see_also'>
|
||||||
|
+ <title>SEE ALSO</title>
|
||||||
|
+ <para>
|
||||||
|
+ <citerefentry>
|
||||||
|
+ <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
|
||||||
|
+ </citerefentry>,
|
||||||
|
+ <citerefentry>
|
||||||
|
+ <refentrytitle>newgidmap</refentrytitle><manvolnum>1</manvolnum>
|
||||||
|
+ </citerefentry>,
|
||||||
|
+ <citerefentry>
|
||||||
|
+ <refentrytitle>newuidmap</refentrytitle><manvolnum>1</manvolnum>
|
||||||
|
+ </citerefentry>,
|
||||||
|
+ <citerefentry>
|
||||||
|
+ <refentrytitle>subgid</refentrytitle><manvolnum>5</manvolnum>
|
||||||
|
+ </citerefentry>,
|
||||||
|
+ <citerefentry>
|
||||||
|
+ <refentrytitle>subuid</refentrytitle><manvolnum>5</manvolnum>
|
||||||
|
+ </citerefentry>,
|
||||||
|
+ <citerefentry>
|
||||||
|
+ <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
|
||||||
|
+ </citerefentry>,
|
||||||
|
+ <citerefentry>
|
||||||
|
+ <refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
|
||||||
|
+ </citerefentry>.
|
||||||
|
+ <citerefentry>
|
||||||
|
+ <refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
|
||||||
|
+ </citerefentry>,
|
||||||
|
+ </para>
|
||||||
|
+ </refsect1>
|
||||||
|
+</refentry>
|
||||||
|
diff -up shadow-4.9/man/Makefile.am.getsubids shadow-4.9/man/Makefile.am
|
||||||
|
--- shadow-4.9/man/Makefile.am.getsubids 2021-07-22 23:55:35.000000000 +0200
|
||||||
|
+++ shadow-4.9/man/Makefile.am 2021-11-18 16:27:33.951053120 +0100
|
||||||
|
@@ -62,6 +62,7 @@ man_MANS += $(man_nopam)
|
||||||
|
endif
|
||||||
|
|
||||||
|
man_subids = \
|
||||||
|
+ man1/getsubids.1 \
|
||||||
|
man1/newgidmap.1 \
|
||||||
|
man1/newuidmap.1 \
|
||||||
|
man5/subgid.5 \
|
||||||
|
@@ -80,6 +81,7 @@ man_XMANS = \
|
||||||
|
expiry.1.xml \
|
||||||
|
faillog.5.xml \
|
||||||
|
faillog.8.xml \
|
||||||
|
+ getsubids.1.xml \
|
||||||
|
gpasswd.1.xml \
|
||||||
|
groupadd.8.xml \
|
||||||
|
groupdel.8.xml \
|
||||||
|
diff -up shadow-4.9/src/getsubids.c.getsubids shadow-4.9/src/getsubids.c
|
||||||
|
--- shadow-4.9/src/getsubids.c.getsubids 2021-11-18 16:27:33.951053120 +0100
|
||||||
|
+++ shadow-4.9/src/getsubids.c 2021-11-18 16:27:33.951053120 +0100
|
||||||
|
@@ -0,0 +1,46 @@
|
||||||
|
+#include <stdio.h>
|
||||||
|
+#include <string.h>
|
||||||
|
+#include <stdlib.h>
|
||||||
|
+#include "subid.h"
|
||||||
|
+#include "prototypes.h"
|
||||||
|
+
|
||||||
|
+const char *Prog;
|
||||||
|
+FILE *shadow_logfd = NULL;
|
||||||
|
+
|
||||||
|
+void usage(void)
|
||||||
|
+{
|
||||||
|
+ fprintf(stderr, "Usage: %s [-g] user\n", Prog);
|
||||||
|
+ fprintf(stderr, " list subuid ranges for user\n");
|
||||||
|
+ fprintf(stderr, " pass -g to list subgid ranges\n");
|
||||||
|
+ exit(EXIT_FAILURE);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+int main(int argc, char *argv[])
|
||||||
|
+{
|
||||||
|
+ int i, count=0;
|
||||||
|
+ struct subid_range *ranges;
|
||||||
|
+ const char *owner;
|
||||||
|
+
|
||||||
|
+ Prog = Basename (argv[0]);
|
||||||
|
+ shadow_logfd = stderr;
|
||||||
|
+ if (argc < 2)
|
||||||
|
+ usage();
|
||||||
|
+ owner = argv[1];
|
||||||
|
+ if (argc == 3 && strcmp(argv[1], "-g") == 0) {
|
||||||
|
+ owner = argv[2];
|
||||||
|
+ count = get_subgid_ranges(owner, &ranges);
|
||||||
|
+ } else if (argc == 2 && strcmp(argv[1], "-h") == 0) {
|
||||||
|
+ usage();
|
||||||
|
+ } else {
|
||||||
|
+ count = get_subuid_ranges(owner, &ranges);
|
||||||
|
+ }
|
||||||
|
+ if (!ranges) {
|
||||||
|
+ fprintf(stderr, "Error fetching ranges\n");
|
||||||
|
+ exit(1);
|
||||||
|
+ }
|
||||||
|
+ for (i = 0; i < count; i++) {
|
||||||
|
+ printf("%d: %s %lu %lu\n", i, owner,
|
||||||
|
+ ranges[i].start, ranges[i].count);
|
||||||
|
+ }
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
diff -up shadow-4.9/src/list_subid_ranges.c.getsubids shadow-4.9/src/list_subid_ranges.c
|
||||||
|
diff -up shadow-4.9/src/Makefile.am.getsubids shadow-4.9/src/Makefile.am
|
||||||
|
--- shadow-4.9/src/Makefile.am.getsubids 2021-11-18 16:27:33.943053061 +0100
|
||||||
|
+++ shadow-4.9/src/Makefile.am 2021-11-18 16:28:03.647272392 +0100
|
||||||
|
@@ -157,8 +157,8 @@ if FCAPS
|
||||||
|
setcap cap_setgid+ep $(DESTDIR)$(ubindir)/newgidmap
|
||||||
|
endif
|
||||||
|
|
||||||
|
-noinst_PROGRAMS += list_subid_ranges \
|
||||||
|
- get_subid_owners \
|
||||||
|
+bin_PROGRAMS += getsubids
|
||||||
|
+noinst_PROGRAMS += get_subid_owners \
|
||||||
|
new_subid_range \
|
||||||
|
free_subid_range \
|
||||||
|
check_subid_range
|
||||||
|
@@ -174,13 +174,13 @@ MISCLIBS = \
|
||||||
|
$(LIBCRYPT) \
|
||||||
|
$(LIBTCB)
|
||||||
|
|
||||||
|
-list_subid_ranges_LDADD = \
|
||||||
|
+getsubids_LDADD = \
|
||||||
|
$(top_builddir)/lib/libshadow.la \
|
||||||
|
$(top_builddir)/libmisc/libmisc.la \
|
||||||
|
$(top_builddir)/libsubid/libsubid.la \
|
||||||
|
$(MISCLIBS) -ldl
|
||||||
|
|
||||||
|
-list_subid_ranges_CPPFLAGS = \
|
||||||
|
+getsubids_CPPFLAGS = \
|
||||||
|
-I$(top_srcdir)/lib \
|
||||||
|
-I$(top_srcdir)/libmisc \
|
||||||
|
-I$(top_srcdir)/libsubid
|
@ -0,0 +1,13 @@
|
|||||||
|
diff -up shadow-4.9/libmisc/prefix_flag.c.groupdel-fix-sigsegv-when-passwd-does-not-exist shadow-4.9/libmisc/prefix_flag.c
|
||||||
|
--- shadow-4.9/libmisc/prefix_flag.c.groupdel-fix-sigsegv-when-passwd-does-not-exist 2021-11-19 09:21:36.997091941 +0100
|
||||||
|
+++ shadow-4.9/libmisc/prefix_flag.c 2021-11-19 09:22:19.001341010 +0100
|
||||||
|
@@ -288,6 +288,9 @@ extern struct passwd* prefix_getpwent()
|
||||||
|
if(!passwd_db_file) {
|
||||||
|
return getpwent();
|
||||||
|
}
|
||||||
|
+ if (!fp_pwent) {
|
||||||
|
+ return NULL;
|
||||||
|
+ }
|
||||||
|
return fgetpwent(fp_pwent);
|
||||||
|
}
|
||||||
|
extern void prefix_endpwent()
|
@ -0,0 +1,60 @@
|
|||||||
|
From 234e8fa7b134d1ebabfdad980a3ae5b63c046c62 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Mike Gilbert <floppym@gentoo.org>
|
||||||
|
Date: Sat, 14 Aug 2021 13:24:34 -0400
|
||||||
|
Subject: [PATCH] libmisc: fix default value in SHA_get_salt_rounds()
|
||||||
|
|
||||||
|
If SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS are both unspecified,
|
||||||
|
use SHA_ROUNDS_DEFAULT.
|
||||||
|
|
||||||
|
Previously, the code fell through, calling shadow_random(-1, -1). This
|
||||||
|
ultimately set rounds = (unsigned long) -1, which ends up being a very
|
||||||
|
large number! This then got capped to SHA_ROUNDS_MAX later in the
|
||||||
|
function.
|
||||||
|
|
||||||
|
The new behavior matches BCRYPT_get_salt_rounds().
|
||||||
|
|
||||||
|
Bug: https://bugs.gentoo.org/808195
|
||||||
|
Fixes: https://github.com/shadow-maint/shadow/issues/393
|
||||||
|
---
|
||||||
|
libmisc/salt.c | 21 +++++++++++----------
|
||||||
|
1 file changed, 11 insertions(+), 10 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/libmisc/salt.c b/libmisc/salt.c
|
||||||
|
index 91d528fd..30eefb9c 100644
|
||||||
|
--- a/libmisc/salt.c
|
||||||
|
+++ b/libmisc/salt.c
|
||||||
|
@@ -223,20 +223,21 @@ static /*@observer@*/const unsigned long SHA_get_salt_rounds (/*@null@*/int *pre
|
||||||
|
if ((-1 == min_rounds) && (-1 == max_rounds)) {
|
||||||
|
rounds = SHA_ROUNDS_DEFAULT;
|
||||||
|
}
|
||||||
|
+ else {
|
||||||
|
+ if (-1 == min_rounds) {
|
||||||
|
+ min_rounds = max_rounds;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- if (-1 == min_rounds) {
|
||||||
|
- min_rounds = max_rounds;
|
||||||
|
- }
|
||||||
|
+ if (-1 == max_rounds) {
|
||||||
|
+ max_rounds = min_rounds;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- if (-1 == max_rounds) {
|
||||||
|
- max_rounds = min_rounds;
|
||||||
|
- }
|
||||||
|
+ if (min_rounds > max_rounds) {
|
||||||
|
+ max_rounds = min_rounds;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
- if (min_rounds > max_rounds) {
|
||||||
|
- max_rounds = min_rounds;
|
||||||
|
+ rounds = (unsigned long) shadow_random (min_rounds, max_rounds);
|
||||||
|
}
|
||||||
|
-
|
||||||
|
- rounds = (unsigned long) shadow_random (min_rounds, max_rounds);
|
||||||
|
} else if (0 == *prefered_rounds) {
|
||||||
|
rounds = SHA_ROUNDS_DEFAULT;
|
||||||
|
} else {
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
2497
shadow-4.9-make-shadow-logfd-and-prog-not-extern.patch
Normal file
2497
shadow-4.9-make-shadow-logfd-and-prog-not-extern.patch
Normal file
File diff suppressed because it is too large
Load Diff
88
shadow-4.9-move-create-home.patch
Normal file
88
shadow-4.9-move-create-home.patch
Normal file
@ -0,0 +1,88 @@
|
|||||||
|
From 09c752f00f9dfc610f66d68be38c9e5be8ca7f15 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
Date: Fri, 8 Oct 2021 13:09:59 +0200
|
||||||
|
Subject: [PATCH] useradd: create directories after the SELinux user
|
||||||
|
|
||||||
|
Create the home and mail folders after the SELinux user has been set for
|
||||||
|
the added user. This will allow the folders to be created with the
|
||||||
|
SELinux user label.
|
||||||
|
|
||||||
|
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
---
|
||||||
|
src/useradd.c | 46 +++++++++++++++++++++++-----------------------
|
||||||
|
1 file changed, 23 insertions(+), 23 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/useradd.c b/src/useradd.c
|
||||||
|
index 6269c01c..b463a170 100644
|
||||||
|
--- a/src/useradd.c
|
||||||
|
+++ b/src/useradd.c
|
||||||
|
@@ -2670,27 +2670,12 @@ int main (int argc, char **argv)
|
||||||
|
|
||||||
|
usr_update ();
|
||||||
|
|
||||||
|
- if (mflg) {
|
||||||
|
- create_home ();
|
||||||
|
- if (home_added) {
|
||||||
|
- copy_tree (def_template, prefix_user_home, false, false,
|
||||||
|
- (uid_t)-1, user_id, (gid_t)-1, user_gid);
|
||||||
|
- } else {
|
||||||
|
- fprintf (stderr,
|
||||||
|
- _("%s: warning: the home directory %s already exists.\n"
|
||||||
|
- "%s: Not copying any file from skel directory into it.\n"),
|
||||||
|
- Prog, user_home, Prog);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- /* Do not create mail directory for system accounts */
|
||||||
|
- if (!rflg) {
|
||||||
|
- create_mail ();
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
close_files ();
|
||||||
|
|
||||||
|
+ nscd_flush_cache ("passwd");
|
||||||
|
+ nscd_flush_cache ("group");
|
||||||
|
+ sssd_flush_cache (SSSD_DB_PASSWD | SSSD_DB_GROUP);
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* tallylog_reset needs to be able to lookup
|
||||||
|
* a valid existing user name,
|
||||||
|
@@ -2716,15 +2701,30 @@ int main (int argc, char **argv)
|
||||||
|
}
|
||||||
|
#endif /* WITH_SELINUX */
|
||||||
|
|
||||||
|
+ if (mflg) {
|
||||||
|
+ create_home ();
|
||||||
|
+ if (home_added) {
|
||||||
|
+ copy_tree (def_template, prefix_user_home, false, false,
|
||||||
|
+ (uid_t)-1, user_id, (gid_t)-1, user_gid);
|
||||||
|
+ } else {
|
||||||
|
+ fprintf (stderr,
|
||||||
|
+ _("%s: warning: the home directory %s already exists.\n"
|
||||||
|
+ "%s: Not copying any file from skel directory into it.\n"),
|
||||||
|
+ Prog, user_home, Prog);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ /* Do not create mail directory for system accounts */
|
||||||
|
+ if (!rflg) {
|
||||||
|
+ create_mail ();
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (run_parts ("/etc/shadow-maint/useradd-post.d", (char*)user_name,
|
||||||
|
"useradd")) {
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
- nscd_flush_cache ("passwd");
|
||||||
|
- nscd_flush_cache ("group");
|
||||||
|
- sssd_flush_cache (SSSD_DB_PASSWD | SSSD_DB_GROUP);
|
||||||
|
-
|
||||||
|
return E_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
35
shadow-4.9-newgrp-fix-segmentation-fault.patch
Normal file
35
shadow-4.9-newgrp-fix-segmentation-fault.patch
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
From 497e90751bc0d95cc998b0f06305040563903948 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
Date: Wed, 10 Nov 2021 12:02:04 +0100
|
||||||
|
Subject: [PATCH] newgrp: fix segmentation fault
|
||||||
|
|
||||||
|
Fix segmentation fault in newgrp when xgetspnam() returns a NULL value
|
||||||
|
that is immediately freed.
|
||||||
|
|
||||||
|
The error was committed in
|
||||||
|
https://github.com/shadow-maint/shadow/commit/e65cc6aebcb4132fa413f00a905216a5b35b3d57
|
||||||
|
|
||||||
|
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2019553
|
||||||
|
|
||||||
|
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
---
|
||||||
|
src/newgrp.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/newgrp.c b/src/newgrp.c
|
||||||
|
index 730f47e8..566f1c89 100644
|
||||||
|
--- a/src/newgrp.c
|
||||||
|
+++ b/src/newgrp.c
|
||||||
|
@@ -163,8 +163,8 @@ static void check_perms (const struct group *grp,
|
||||||
|
spwd = xgetspnam (pwd->pw_name);
|
||||||
|
if (NULL != spwd) {
|
||||||
|
pwd->pw_passwd = xstrdup (spwd->sp_pwdp);
|
||||||
|
+ spw_free (spwd);
|
||||||
|
}
|
||||||
|
- spw_free (spwd);
|
||||||
|
|
||||||
|
if ((pwd->pw_passwd[0] == '\0') && (grp->gr_passwd[0] != '\0')) {
|
||||||
|
needspasswd = true;
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
15
shadow-4.9-newuidmap-libeconf-dependency.patch
Normal file
15
shadow-4.9-newuidmap-libeconf-dependency.patch
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
diff --git a/src/Makefile.am b/src/Makefile.am
|
||||||
|
index 7c1a3491..6cc873be 100644
|
||||||
|
--- a/src/Makefile.am
|
||||||
|
+++ b/src/Makefile.am
|
||||||
|
@@ -96,8 +96,8 @@ LIBCRYPT_NOPAM = $(LIBCRYPT)
|
||||||
|
endif
|
||||||
|
|
||||||
|
chage_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
|
||||||
|
-newuidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) -ldl
|
||||||
|
-newgidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) -ldl
|
||||||
|
+newuidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) $(LIBECONF) -ldl
|
||||||
|
+newgidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) $(LIBECONF) -ldl
|
||||||
|
chfn_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
|
||||||
|
chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF)
|
||||||
|
chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
|
70
shadow-4.9-null-tm.patch
Normal file
70
shadow-4.9-null-tm.patch
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
Index: shadow-4.5/src/chage.c
|
||||||
|
===================================================================
|
||||||
|
--- shadow-4.5.orig/src/chage.c
|
||||||
|
+++ shadow-4.5/src/chage.c
|
||||||
|
@@ -168,6 +168,10 @@ static void date_to_str (char *buf, size
|
||||||
|
struct tm *tp;
|
||||||
|
|
||||||
|
tp = gmtime (&date);
|
||||||
|
+ if (tp == NULL) {
|
||||||
|
+ (void) snprintf (buf, maxsize, "(unknown)");
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
#ifdef HAVE_STRFTIME
|
||||||
|
(void) strftime (buf, maxsize, "%Y-%m-%d", tp);
|
||||||
|
#else
|
||||||
|
Index: shadow-4.5/src/lastlog.c
|
||||||
|
===================================================================
|
||||||
|
--- shadow-4.5.orig/src/lastlog.c
|
||||||
|
+++ shadow-4.5/src/lastlog.c
|
||||||
|
@@ -158,13 +158,17 @@ static void print_one (/*@null@*/const s
|
||||||
|
|
||||||
|
ll_time = ll.ll_time;
|
||||||
|
tm = localtime (&ll_time);
|
||||||
|
+ if (tm == NULL) {
|
||||||
|
+ cp = "(unknown)";
|
||||||
|
+ } else {
|
||||||
|
#ifdef HAVE_STRFTIME
|
||||||
|
- strftime (ptime, sizeof (ptime), "%a %b %e %H:%M:%S %z %Y", tm);
|
||||||
|
- cp = ptime;
|
||||||
|
+ strftime (ptime, sizeof (ptime), "%a %b %e %H:%M:%S %z %Y", tm);
|
||||||
|
+ cp = ptime;
|
||||||
|
#else
|
||||||
|
- cp = asctime (tm);
|
||||||
|
- cp[24] = '\0';
|
||||||
|
+ cp = asctime (tm);
|
||||||
|
+ cp[24] = '\0';
|
||||||
|
#endif
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (ll.ll_time == (time_t) 0) {
|
||||||
|
cp = _("**Never logged in**\0");
|
||||||
|
Index: shadow-4.5/src/passwd.c
|
||||||
|
===================================================================
|
||||||
|
--- shadow-4.5.orig/src/passwd.c
|
||||||
|
+++ shadow-4.5/src/passwd.c
|
||||||
|
@@ -455,6 +455,9 @@ static /*@observer@*/const char *date_to
|
||||||
|
struct tm *tm;
|
||||||
|
|
||||||
|
tm = gmtime (&t);
|
||||||
|
+ if (tm == NULL) {
|
||||||
|
+ return "(unknown)";
|
||||||
|
+ }
|
||||||
|
#ifdef HAVE_STRFTIME
|
||||||
|
(void) strftime (buf, sizeof buf, "%m/%d/%Y", tm);
|
||||||
|
#else /* !HAVE_STRFTIME */
|
||||||
|
Index: shadow-4.5/src/usermod.c
|
||||||
|
===================================================================
|
||||||
|
--- shadow-4.5.orig/src/usermod.c
|
||||||
|
+++ shadow-4.5/src/usermod.c
|
||||||
|
@@ -210,6 +210,10 @@ static void date_to_str (/*@unique@*//*@
|
||||||
|
} else {
|
||||||
|
time_t t = (time_t) date;
|
||||||
|
tp = gmtime (&t);
|
||||||
|
+ if (tp == NULL) {
|
||||||
|
+ strncpy (buf, "unknown", maxsize);
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
#ifdef HAVE_STRFTIME
|
||||||
|
strftime (buf, maxsize, "%Y-%m-%d", tp);
|
||||||
|
#else
|
30
shadow-4.9-pwck-fix-segfault-when-calling-fprintf.patch
Normal file
30
shadow-4.9-pwck-fix-segfault-when-calling-fprintf.patch
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
From d8e54618feea201987c1f3cb402ed50d1d8b604f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
Date: Mon, 15 Nov 2021 12:40:15 +0100
|
||||||
|
Subject: [PATCH] pwck: fix segfault when calling fprintf()
|
||||||
|
|
||||||
|
As shadow_logfd variable is not set at the beginning of the program if
|
||||||
|
something fails and fprintf() is called a segmentation fault happens.
|
||||||
|
|
||||||
|
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2021339
|
||||||
|
|
||||||
|
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
---
|
||||||
|
src/pwck.c | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git a/src/pwck.c b/src/pwck.c
|
||||||
|
index 4248944a..4ce86af2 100644
|
||||||
|
--- a/src/pwck.c
|
||||||
|
+++ b/src/pwck.c
|
||||||
|
@@ -857,6 +857,7 @@ int main (int argc, char **argv)
|
||||||
|
* Get my name so that I can use it to report errors.
|
||||||
|
*/
|
||||||
|
Prog = Basename (argv[0]);
|
||||||
|
+ shadow_logfd = stderr;
|
||||||
|
|
||||||
|
(void) setlocale (LC_ALL, "");
|
||||||
|
(void) bindtextdomain (PACKAGE, LOCALEDIR);
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
@ -1,7 +1,7 @@
|
|||||||
diff -up shadow-4.11.1/src/useradd.c.redhat shadow-4.11.1/src/useradd.c
|
diff -up shadow-4.9/src/useradd.c.redhat shadow-4.9/src/useradd.c
|
||||||
--- shadow-4.11.1/src/useradd.c.redhat 2022-01-03 01:46:53.000000000 +0100
|
--- shadow-4.9/src/useradd.c.redhat 2021-07-22 23:55:35.000000000 +0200
|
||||||
+++ shadow-4.11.1/src/useradd.c 2022-01-03 14:53:12.988484829 +0100
|
+++ shadow-4.9/src/useradd.c 2021-08-02 11:45:11.942867250 +0200
|
||||||
@@ -82,7 +82,7 @@ const char *Prog;
|
@@ -104,7 +104,7 @@ FILE *shadow_logfd = NULL;
|
||||||
static gid_t def_group = 1000;
|
static gid_t def_group = 1000;
|
||||||
static const char *def_gname = "other";
|
static const char *def_gname = "other";
|
||||||
static const char *def_home = "/home";
|
static const char *def_home = "/home";
|
||||||
@ -9,8 +9,8 @@ diff -up shadow-4.11.1/src/useradd.c.redhat shadow-4.11.1/src/useradd.c
|
|||||||
+static const char *def_shell = "/sbin/nologin";
|
+static const char *def_shell = "/sbin/nologin";
|
||||||
static const char *def_template = SKEL_DIR;
|
static const char *def_template = SKEL_DIR;
|
||||||
static const char *def_create_mail_spool = "yes";
|
static const char *def_create_mail_spool = "yes";
|
||||||
static const char *def_log_init = "yes";
|
|
||||||
@@ -93,7 +93,7 @@ static const char *def_expire = "";
|
@@ -114,7 +114,7 @@ static const char *def_expire = "";
|
||||||
#define VALID(s) (strcspn (s, ":\n") == strlen (s))
|
#define VALID(s) (strcspn (s, ":\n") == strlen (s))
|
||||||
|
|
||||||
static const char *user_name = "";
|
static const char *user_name = "";
|
||||||
@ -19,7 +19,7 @@ diff -up shadow-4.11.1/src/useradd.c.redhat shadow-4.11.1/src/useradd.c
|
|||||||
static uid_t user_id;
|
static uid_t user_id;
|
||||||
static gid_t user_gid;
|
static gid_t user_gid;
|
||||||
static const char *user_comment = "";
|
static const char *user_comment = "";
|
||||||
@@ -1219,9 +1219,9 @@ static void process_flags (int argc, cha
|
@@ -1204,9 +1204,9 @@ static void process_flags (int argc, cha
|
||||||
};
|
};
|
||||||
while ((c = getopt_long (argc, argv,
|
while ((c = getopt_long (argc, argv,
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
@ -31,7 +31,7 @@ diff -up shadow-4.11.1/src/useradd.c.redhat shadow-4.11.1/src/useradd.c
|
|||||||
#endif /* !WITH_SELINUX */
|
#endif /* !WITH_SELINUX */
|
||||||
long_options, NULL)) != -1) {
|
long_options, NULL)) != -1) {
|
||||||
switch (c) {
|
switch (c) {
|
||||||
@@ -1378,6 +1378,7 @@ static void process_flags (int argc, cha
|
@@ -1363,6 +1363,7 @@ static void process_flags (int argc, cha
|
||||||
case 'M':
|
case 'M':
|
||||||
Mflg = true;
|
Mflg = true;
|
||||||
break;
|
break;
|
507
shadow-4.9-rename-prog-to-shadow-progname.patch
Normal file
507
shadow-4.9-rename-prog-to-shadow-progname.patch
Normal file
@ -0,0 +1,507 @@
|
|||||||
|
diff -up shadow-4.9/lib/commonio.c.debug2 shadow-4.9/lib/commonio.c
|
||||||
|
--- shadow-4.9/lib/commonio.c.debug2 2022-01-10 10:57:47.535238522 +0100
|
||||||
|
+++ shadow-4.9/lib/commonio.c 2022-01-10 10:57:47.544238586 +0100
|
||||||
|
@@ -147,7 +147,7 @@ static int do_lock_file (const char *fil
|
||||||
|
if (log) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: %s: %s\n",
|
||||||
|
- Prog, file, strerror (errno));
|
||||||
|
+ shadow_progname, file, strerror (errno));
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
@@ -159,7 +159,7 @@ static int do_lock_file (const char *fil
|
||||||
|
if (log) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: %s file write error: %s\n",
|
||||||
|
- Prog, file, strerror (errno));
|
||||||
|
+ shadow_progname, file, strerror (errno));
|
||||||
|
}
|
||||||
|
(void) close (fd);
|
||||||
|
unlink (file);
|
||||||
|
@@ -169,7 +169,7 @@ static int do_lock_file (const char *fil
|
||||||
|
if (log) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: %s file sync error: %s\n",
|
||||||
|
- Prog, file, strerror (errno));
|
||||||
|
+ shadow_progname, file, strerror (errno));
|
||||||
|
}
|
||||||
|
(void) close (fd);
|
||||||
|
unlink (file);
|
||||||
|
@@ -182,7 +182,7 @@ static int do_lock_file (const char *fil
|
||||||
|
if ((0==retval) && log) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: %s: lock file already used\n",
|
||||||
|
- Prog, file);
|
||||||
|
+ shadow_progname, file);
|
||||||
|
}
|
||||||
|
unlink (file);
|
||||||
|
return retval;
|
||||||
|
@@ -193,7 +193,7 @@ static int do_lock_file (const char *fil
|
||||||
|
if (log) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: %s: %s\n",
|
||||||
|
- Prog, lock, strerror (errno));
|
||||||
|
+ shadow_progname, lock, strerror (errno));
|
||||||
|
}
|
||||||
|
unlink (file);
|
||||||
|
errno = EINVAL;
|
||||||
|
@@ -205,7 +205,7 @@ static int do_lock_file (const char *fil
|
||||||
|
if (log) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: existing lock file %s without a PID\n",
|
||||||
|
- Prog, lock);
|
||||||
|
+ shadow_progname, lock);
|
||||||
|
}
|
||||||
|
unlink (file);
|
||||||
|
errno = EINVAL;
|
||||||
|
@@ -216,7 +216,7 @@ static int do_lock_file (const char *fil
|
||||||
|
if (log) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: existing lock file %s with an invalid PID '%s'\n",
|
||||||
|
- Prog, lock, buf);
|
||||||
|
+ shadow_progname, lock, buf);
|
||||||
|
}
|
||||||
|
unlink (file);
|
||||||
|
errno = EINVAL;
|
||||||
|
@@ -226,7 +226,7 @@ static int do_lock_file (const char *fil
|
||||||
|
if (log) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: lock %s already used by PID %lu\n",
|
||||||
|
- Prog, lock, (unsigned long) pid);
|
||||||
|
+ shadow_progname, lock, (unsigned long) pid);
|
||||||
|
}
|
||||||
|
unlink (file);
|
||||||
|
errno = EEXIST;
|
||||||
|
@@ -236,7 +236,7 @@ static int do_lock_file (const char *fil
|
||||||
|
if (log) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: cannot get lock %s: %s\n",
|
||||||
|
- Prog, lock, strerror (errno));
|
||||||
|
+ shadow_progname, lock, strerror (errno));
|
||||||
|
}
|
||||||
|
unlink (file);
|
||||||
|
return 0;
|
||||||
|
@@ -248,13 +248,13 @@ static int do_lock_file (const char *fil
|
||||||
|
if ((0==retval) && log) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: %s: lock file already used\n",
|
||||||
|
- Prog, file);
|
||||||
|
+ shadow_progname, file);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (log) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: cannot get lock %s: %s\n",
|
||||||
|
- Prog, lock, strerror (errno));
|
||||||
|
+ shadow_progname, lock, strerror (errno));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -449,7 +449,7 @@ int commonio_lock (struct commonio_db *d
|
||||||
|
if (geteuid () != 0) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: Permission denied.\n",
|
||||||
|
- Prog);
|
||||||
|
+ shadow_progname);
|
||||||
|
}
|
||||||
|
return 0; /* failure */
|
||||||
|
}
|
||||||
|
@@ -484,7 +484,7 @@ int commonio_lock (struct commonio_db *d
|
||||||
|
/* no unnecessary retries on "permission denied" errors */
|
||||||
|
if (geteuid () != 0) {
|
||||||
|
(void) fprintf (shadow_logfd, "%s: Permission denied.\n",
|
||||||
|
- Prog);
|
||||||
|
+ shadow_progname);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
diff -up shadow-4.9/lib/nscd.c.debug2 shadow-4.9/lib/nscd.c
|
||||||
|
--- shadow-4.9/lib/nscd.c.debug2 2022-01-10 10:57:47.537238536 +0100
|
||||||
|
+++ shadow-4.9/lib/nscd.c 2022-01-10 10:57:47.544238586 +0100
|
||||||
|
@@ -26,7 +26,7 @@ int nscd_flush_cache (const char *servic
|
||||||
|
|
||||||
|
if (run_command (cmd, spawnedArgs, spawnedEnv, &status) != 0) {
|
||||||
|
/* run_command writes its own more detailed message. */
|
||||||
|
- (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
|
||||||
|
+ (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), shadow_progname);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -34,7 +34,7 @@ int nscd_flush_cache (const char *servic
|
||||||
|
if (!WIFEXITED (status)) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
_("%s: nscd did not terminate normally (signal %d)\n"),
|
||||||
|
- Prog, WTERMSIG (status));
|
||||||
|
+ shadow_progname, WTERMSIG (status));
|
||||||
|
return -1;
|
||||||
|
} else if (code == E_CMD_NOTFOUND) {
|
||||||
|
/* nscd is not installed, or it is installed but uses an
|
||||||
|
@@ -45,8 +45,8 @@ int nscd_flush_cache (const char *servic
|
||||||
|
return 0;
|
||||||
|
} else if (code != 0) {
|
||||||
|
(void) fprintf (shadow_logfd, _("%s: nscd exited with status %d\n"),
|
||||||
|
- Prog, code);
|
||||||
|
- (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
|
||||||
|
+ shadow_progname, code);
|
||||||
|
+ (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), shadow_progname);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff -up shadow-4.9/lib/selinux.c.debug2 shadow-4.9/lib/selinux.c
|
||||||
|
--- shadow-4.9/lib/selinux.c.debug2 2022-01-10 10:57:47.538238543 +0100
|
||||||
|
+++ shadow-4.9/lib/selinux.c 2022-01-10 10:57:47.544238586 +0100
|
||||||
|
@@ -216,7 +216,7 @@ int check_selinux_permit (const char *pe
|
||||||
|
if (getprevcon_raw (&user_context_raw) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: can not get previous SELinux process context: %s\n"),
|
||||||
|
- Prog, strerror (errno));
|
||||||
|
+ shadow_progname, strerror (errno));
|
||||||
|
SYSLOG ((LOG_WARN,
|
||||||
|
"can not get previous SELinux process context: %s",
|
||||||
|
strerror (errno)));
|
||||||
|
diff -up shadow-4.9/lib/shadowlog.c.debug2 shadow-4.9/lib/shadowlog.c
|
||||||
|
--- shadow-4.9/lib/shadowlog.c.debug2 2022-01-10 10:57:47.538238543 +0100
|
||||||
|
+++ shadow-4.9/lib/shadowlog.c 2022-01-10 10:57:47.544238586 +0100
|
||||||
|
@@ -2,14 +2,17 @@
|
||||||
|
|
||||||
|
#include "lib/shadowlog_internal.h"
|
||||||
|
|
||||||
|
+const char *shadow_progname;
|
||||||
|
+FILE *shadow_logfd;
|
||||||
|
+
|
||||||
|
void log_set_progname(const char *progname)
|
||||||
|
{
|
||||||
|
- Prog = progname;
|
||||||
|
+ shadow_progname = progname;
|
||||||
|
}
|
||||||
|
|
||||||
|
const char *log_get_progname(void)
|
||||||
|
{
|
||||||
|
- return Prog;
|
||||||
|
+ return shadow_progname;
|
||||||
|
}
|
||||||
|
|
||||||
|
void log_set_logfd(FILE *fd)
|
||||||
|
diff -up shadow-4.9/lib/shadowlog_internal.h.debug2 shadow-4.9/lib/shadowlog_internal.h
|
||||||
|
--- shadow-4.9/lib/shadowlog_internal.h.debug2 2022-01-10 10:57:47.538238543 +0100
|
||||||
|
+++ shadow-4.9/lib/shadowlog_internal.h 2022-01-10 10:57:47.544238586 +0100
|
||||||
|
@@ -1,2 +1,2 @@
|
||||||
|
-const char *Prog; /* Program name showed in error messages */
|
||||||
|
-FILE *shadow_logfd; /* file descripter to which error messages are printed */
|
||||||
|
+extern const char *shadow_progname; /* Program name showed in error messages */
|
||||||
|
+extern FILE *shadow_logfd; /* file descripter to which error messages are printed */
|
||||||
|
diff -up shadow-4.9/lib/spawn.c.debug2 shadow-4.9/lib/spawn.c
|
||||||
|
--- shadow-4.9/lib/spawn.c.debug2 2022-01-10 10:57:47.538238543 +0100
|
||||||
|
+++ shadow-4.9/lib/spawn.c 2022-01-10 10:57:47.544238586 +0100
|
||||||
|
@@ -60,11 +60,11 @@ int run_command (const char *cmd, const
|
||||||
|
exit (E_CMD_NOTFOUND);
|
||||||
|
}
|
||||||
|
fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
|
||||||
|
- Prog, cmd, strerror (errno));
|
||||||
|
+ shadow_progname, cmd, strerror (errno));
|
||||||
|
exit (E_CMD_NOEXEC);
|
||||||
|
} else if ((pid_t)-1 == pid) {
|
||||||
|
fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
|
||||||
|
- Prog, cmd, strerror (errno));
|
||||||
|
+ shadow_progname, cmd, strerror (errno));
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -77,7 +77,7 @@ int run_command (const char *cmd, const
|
||||||
|
|
||||||
|
if ((pid_t)-1 == wpid) {
|
||||||
|
fprintf (shadow_logfd, "%s: waitpid (status: %d): %s\n",
|
||||||
|
- Prog, *status, strerror (errno));
|
||||||
|
+ shadow_progname, *status, strerror (errno));
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff -up shadow-4.9/lib/sssd.c.debug2 shadow-4.9/lib/sssd.c
|
||||||
|
--- shadow-4.9/lib/sssd.c.debug2 2022-01-10 10:57:47.538238543 +0100
|
||||||
|
+++ shadow-4.9/lib/sssd.c 2022-01-10 10:57:47.544238586 +0100
|
||||||
|
@@ -48,22 +48,22 @@ int sssd_flush_cache (int dbflags)
|
||||||
|
free(sss_cache_args);
|
||||||
|
if (rv != 0) {
|
||||||
|
/* run_command writes its own more detailed message. */
|
||||||
|
- SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, Prog));
|
||||||
|
+ SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, shadow_progname));
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
code = WEXITSTATUS (status);
|
||||||
|
if (!WIFEXITED (status)) {
|
||||||
|
SYSLOG ((LOG_WARN, "%s: sss_cache did not terminate normally (signal %d)",
|
||||||
|
- Prog, WTERMSIG (status)));
|
||||||
|
+ shadow_progname, WTERMSIG (status)));
|
||||||
|
return -1;
|
||||||
|
} else if (code == E_CMD_NOTFOUND) {
|
||||||
|
/* sss_cache is not installed, or it is installed but uses an
|
||||||
|
interpreter that is missing. Probably the former. */
|
||||||
|
return 0;
|
||||||
|
} else if (code != 0) {
|
||||||
|
- SYSLOG ((LOG_WARN, "%s: sss_cache exited with status %d", Prog, code));
|
||||||
|
- SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, Prog));
|
||||||
|
+ SYSLOG ((LOG_WARN, "%s: sss_cache exited with status %d", shadow_progname, code));
|
||||||
|
+ SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, shadow_progname));
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff -up shadow-4.9/lib/tcbfuncs.c.debug2 shadow-4.9/lib/tcbfuncs.c
|
||||||
|
--- shadow-4.9/lib/tcbfuncs.c.debug2 2022-01-10 10:57:47.538238543 +0100
|
||||||
|
+++ shadow-4.9/lib/tcbfuncs.c 2022-01-10 10:59:01.228764507 +0100
|
||||||
|
@@ -74,7 +74,7 @@ shadowtcb_status shadowtcb_gain_priv (vo
|
||||||
|
* to exit soon.
|
||||||
|
*/
|
||||||
|
#define OUT_OF_MEMORY do { \
|
||||||
|
- fprintf (shadow_logfd, _("%s: out of memory\n"), Prog); \
|
||||||
|
+ fprintf (shadow_logfd, _("%s: out of memory\n"), shadow_progname); \
|
||||||
|
(void) fflush (shadow_logfd); \
|
||||||
|
} while (false)
|
||||||
|
|
||||||
|
@@ -120,7 +120,7 @@ static /*@null@*/ char *shadowtcb_path_r
|
||||||
|
if (lstat (path, &st) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot stat %s: %s\n"),
|
||||||
|
- Prog, path, strerror (errno));
|
||||||
|
+ shadow_progname, path, strerror (errno));
|
||||||
|
free (path);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
@@ -136,7 +136,7 @@ static /*@null@*/ char *shadowtcb_path_r
|
||||||
|
if (!S_ISLNK (st.st_mode)) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: %s is neither a directory, nor a symlink.\n"),
|
||||||
|
- Prog, path);
|
||||||
|
+ shadow_progname, path);
|
||||||
|
free (path);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
@@ -144,7 +144,7 @@ static /*@null@*/ char *shadowtcb_path_r
|
||||||
|
if (-1 == ret) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot read symbolic link %s: %s\n"),
|
||||||
|
- Prog, path, strerror (errno));
|
||||||
|
+ shadow_progname, path, strerror (errno));
|
||||||
|
free (path);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
@@ -153,7 +153,7 @@ static /*@null@*/ char *shadowtcb_path_r
|
||||||
|
link[sizeof(link) - 1] = '\0';
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Suspiciously long symlink: %s\n"),
|
||||||
|
- Prog, link);
|
||||||
|
+ shadow_progname, link);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
link[(size_t)ret] = '\0';
|
||||||
|
@@ -211,7 +211,7 @@ static shadowtcb_status mkdir_leading (c
|
||||||
|
if (stat (TCB_DIR, &st) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot stat %s: %s\n"),
|
||||||
|
- Prog, TCB_DIR, strerror (errno));
|
||||||
|
+ shadow_progname, TCB_DIR, strerror (errno));
|
||||||
|
goto out_free_path;
|
||||||
|
}
|
||||||
|
while ((ind = strchr (ptr, '/'))) {
|
||||||
|
@@ -223,19 +223,19 @@ static shadowtcb_status mkdir_leading (c
|
||||||
|
if ((mkdir (dir, 0700) != 0) && (errno != EEXIST)) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot create directory %s: %s\n"),
|
||||||
|
- Prog, dir, strerror (errno));
|
||||||
|
+ shadow_progname, dir, strerror (errno));
|
||||||
|
goto out_free_dir;
|
||||||
|
}
|
||||||
|
if (chown (dir, 0, st.st_gid) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot change owner of %s: %s\n"),
|
||||||
|
- Prog, dir, strerror (errno));
|
||||||
|
+ shadow_progname, dir, strerror (errno));
|
||||||
|
goto out_free_dir;
|
||||||
|
}
|
||||||
|
if (chmod (dir, 0711) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot change mode of %s: %s\n"),
|
||||||
|
- Prog, dir, strerror (errno));
|
||||||
|
+ shadow_progname, dir, strerror (errno));
|
||||||
|
goto out_free_dir;
|
||||||
|
}
|
||||||
|
free (dir);
|
||||||
|
@@ -265,7 +265,7 @@ static shadowtcb_status unlink_suffs (co
|
||||||
|
if ((unlink (tmp) != 0) && (errno != ENOENT)) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: unlink: %s: %s\n"),
|
||||||
|
- Prog, tmp, strerror (errno));
|
||||||
|
+ shadow_progname, tmp, strerror (errno));
|
||||||
|
free (tmp);
|
||||||
|
return SHADOWTCB_FAILURE;
|
||||||
|
}
|
||||||
|
@@ -290,7 +290,7 @@ static shadowtcb_status rmdir_leading (c
|
||||||
|
if (errno != ENOTEMPTY) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot remove directory %s: %s\n"),
|
||||||
|
- Prog, dir, strerror (errno));
|
||||||
|
+ shadow_progname, dir, strerror (errno));
|
||||||
|
ret = SHADOWTCB_FAILURE;
|
||||||
|
}
|
||||||
|
free (dir);
|
||||||
|
@@ -319,7 +319,7 @@ static shadowtcb_status move_dir (const
|
||||||
|
if (stat (olddir, &oldmode) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot stat %s: %s\n"),
|
||||||
|
- Prog, olddir, strerror (errno));
|
||||||
|
+ shadow_progname, olddir, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
old_uid = oldmode.st_uid;
|
||||||
|
@@ -346,7 +346,7 @@ static shadowtcb_status move_dir (const
|
||||||
|
if (rename (real_old_dir, real_new_dir) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot rename %s to %s: %s\n"),
|
||||||
|
- Prog, real_old_dir, real_new_dir, strerror (errno));
|
||||||
|
+ shadow_progname, real_old_dir, real_new_dir, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
if (rmdir_leading (real_old_dir_rel) == SHADOWTCB_FAILURE) {
|
||||||
|
@@ -355,7 +355,7 @@ static shadowtcb_status move_dir (const
|
||||||
|
if ((unlink (olddir) != 0) && (errno != ENOENT)) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot remove %s: %s\n"),
|
||||||
|
- Prog, olddir, strerror (errno));
|
||||||
|
+ shadow_progname, olddir, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
if (asprintf (&newdir, TCB_DIR "/%s", user_newname) == -1) {
|
||||||
|
@@ -369,7 +369,7 @@ static shadowtcb_status move_dir (const
|
||||||
|
&& (symlink (real_new_dir_rel, newdir) != 0)) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot create symbolic link %s: %s\n"),
|
||||||
|
- Prog, real_new_dir_rel, strerror (errno));
|
||||||
|
+ shadow_progname, real_new_dir_rel, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
ret = SHADOWTCB_SUCCESS;
|
||||||
|
@@ -468,31 +468,31 @@ shadowtcb_status shadowtcb_move (/*@NULL
|
||||||
|
if (stat (tcbdir, &dirmode) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot stat %s: %s\n"),
|
||||||
|
- Prog, tcbdir, strerror (errno));
|
||||||
|
+ shadow_progname, tcbdir, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
if (chown (tcbdir, 0, 0) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot change owners of %s: %s\n"),
|
||||||
|
- Prog, tcbdir, strerror (errno));
|
||||||
|
+ shadow_progname, tcbdir, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
if (chmod (tcbdir, 0700) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot change mode of %s: %s\n"),
|
||||||
|
- Prog, tcbdir, strerror (errno));
|
||||||
|
+ shadow_progname, tcbdir, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
if (lstat (shadow, &filemode) != 0) {
|
||||||
|
if (errno != ENOENT) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot lstat %s: %s\n"),
|
||||||
|
- Prog, shadow, strerror (errno));
|
||||||
|
+ shadow_progname, shadow, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Warning, user %s has no tcb shadow file.\n"),
|
||||||
|
- Prog, user_newname);
|
||||||
|
+ shadow_progname, user_newname);
|
||||||
|
} else {
|
||||||
|
if (!S_ISREG (filemode.st_mode) ||
|
||||||
|
filemode.st_nlink != 1) {
|
||||||
|
@@ -500,19 +500,19 @@ shadowtcb_status shadowtcb_move (/*@NULL
|
||||||
|
_("%s: Emergency: %s's tcb shadow is not a "
|
||||||
|
"regular file with st_nlink=1.\n"
|
||||||
|
"The account is left locked.\n"),
|
||||||
|
- Prog, user_newname);
|
||||||
|
+ shadow_progname, user_newname);
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
if (chown (shadow, user_newid, filemode.st_gid) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot change owner of %s: %s\n"),
|
||||||
|
- Prog, shadow, strerror (errno));
|
||||||
|
+ shadow_progname, shadow, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
if (chmod (shadow, filemode.st_mode & 07777) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot change mode of %s: %s\n"),
|
||||||
|
- Prog, shadow, strerror (errno));
|
||||||
|
+ shadow_progname, shadow, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -522,7 +522,7 @@ shadowtcb_status shadowtcb_move (/*@NULL
|
||||||
|
if (chown (tcbdir, user_newid, dirmode.st_gid) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot change owner of %s: %s\n"),
|
||||||
|
- Prog, tcbdir, strerror (errno));
|
||||||
|
+ shadow_progname, tcbdir, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
ret = SHADOWTCB_SUCCESS;
|
||||||
|
@@ -547,7 +547,7 @@ shadowtcb_status shadowtcb_create (const
|
||||||
|
if (stat (TCB_DIR, &tcbdir_stat) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot stat %s: %s\n"),
|
||||||
|
- Prog, TCB_DIR, strerror (errno));
|
||||||
|
+ shadow_progname, TCB_DIR, strerror (errno));
|
||||||
|
return SHADOWTCB_FAILURE;
|
||||||
|
}
|
||||||
|
shadowgid = tcbdir_stat.st_gid;
|
||||||
|
@@ -567,39 +567,39 @@ shadowtcb_status shadowtcb_create (const
|
||||||
|
if (mkdir (dir, 0700) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: mkdir: %s: %s\n"),
|
||||||
|
- Prog, dir, strerror (errno));
|
||||||
|
+ shadow_progname, dir, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
fd = open (shadow, O_RDWR | O_CREAT | O_TRUNC, 0600);
|
||||||
|
if (fd < 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot open %s: %s\n"),
|
||||||
|
- Prog, shadow, strerror (errno));
|
||||||
|
+ shadow_progname, shadow, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
close (fd);
|
||||||
|
if (chown (shadow, 0, authgid) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot change owner of %s: %s\n"),
|
||||||
|
- Prog, shadow, strerror (errno));
|
||||||
|
+ shadow_progname, shadow, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
if (chmod (shadow, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot change mode of %s: %s\n"),
|
||||||
|
- Prog, shadow, strerror (errno));
|
||||||
|
+ shadow_progname, shadow, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
if (chown (dir, 0, authgid) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot change owner of %s: %s\n"),
|
||||||
|
- Prog, dir, strerror (errno));
|
||||||
|
+ shadow_progname, dir, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
if (chmod (dir, (mode_t) ((authgid == shadowgid) ? 02700 : 02710)) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot change mode of %s: %s\n"),
|
||||||
|
- Prog, dir, strerror (errno));
|
||||||
|
+ shadow_progname, dir, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
if ( (shadowtcb_set_user (name) == SHADOWTCB_FAILURE)
|
30
shadow-4.9-revert-useradd-fix-memleak.patch
Normal file
30
shadow-4.9-revert-useradd-fix-memleak.patch
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
From 4624e9fca1b02b64e25e8b2280a0186182ab73ba Mon Sep 17 00:00:00 2001
|
||||||
|
From: Serge Hallyn <serge@hallyn.com>
|
||||||
|
Date: Sat, 14 Aug 2021 19:37:24 -0500
|
||||||
|
Subject: [PATCH] Revert "useradd.c:fix memleaks of grp"
|
||||||
|
|
||||||
|
In some cases, the value which was being freed is not actually
|
||||||
|
safe to free.
|
||||||
|
|
||||||
|
Closes #394
|
||||||
|
|
||||||
|
This reverts commit c44b71cec25d60efc51aec9de3abce1f6efbfcf5.
|
||||||
|
---
|
||||||
|
src/useradd.c | 1 -
|
||||||
|
1 file changed, 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/useradd.c b/src/useradd.c
|
||||||
|
index f90127cd..0d3f390d 100644
|
||||||
|
--- a/src/useradd.c
|
||||||
|
+++ b/src/useradd.c
|
||||||
|
@@ -413,7 +413,6 @@ static void get_defaults (void)
|
||||||
|
} else {
|
||||||
|
def_group = grp->gr_gid;
|
||||||
|
def_gname = xstrdup (grp->gr_name);
|
||||||
|
- gr_free(grp);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
61
shadow-4.9-semanage-close-the-selabel-handle.patch
Normal file
61
shadow-4.9-semanage-close-the-selabel-handle.patch
Normal file
@ -0,0 +1,61 @@
|
|||||||
|
From 234af5cf67fc1a3ba99fc246ba65869a3c416545 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
Date: Fri, 8 Oct 2021 13:13:13 +0200
|
||||||
|
Subject: [PATCH] semanage: close the selabel handle
|
||||||
|
|
||||||
|
Close the selabel handle to update the file_context. This means that the
|
||||||
|
file_context will be remmaped and used by selabel_lookup() to return
|
||||||
|
the appropriate context to label the home folder.
|
||||||
|
|
||||||
|
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1993081
|
||||||
|
|
||||||
|
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
---
|
||||||
|
lib/prototypes.h | 1 +
|
||||||
|
lib/selinux.c | 5 +++++
|
||||||
|
lib/semanage.c | 1 +
|
||||||
|
3 files changed, 7 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/lib/prototypes.h b/lib/prototypes.h
|
||||||
|
index 1d1586d4..b697e0ec 100644
|
||||||
|
--- a/lib/prototypes.h
|
||||||
|
+++ b/lib/prototypes.h
|
||||||
|
@@ -392,6 +392,7 @@ extern /*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const
|
||||||
|
/* selinux.c */
|
||||||
|
#ifdef WITH_SELINUX
|
||||||
|
extern int set_selinux_file_context (const char *dst_name, mode_t mode);
|
||||||
|
+extern void reset_selinux_handle (void);
|
||||||
|
extern int reset_selinux_file_context (void);
|
||||||
|
extern int check_selinux_permit (const char *perm_name);
|
||||||
|
#endif
|
||||||
|
diff --git a/lib/selinux.c b/lib/selinux.c
|
||||||
|
index c83545f9..b075d4c0 100644
|
||||||
|
--- a/lib/selinux.c
|
||||||
|
+++ b/lib/selinux.c
|
||||||
|
@@ -50,6 +50,11 @@ static void cleanup(void)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+void reset_selinux_handle (void)
|
||||||
|
+{
|
||||||
|
+ cleanup();
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* set_selinux_file_context - Set the security context before any file or
|
||||||
|
* directory creation.
|
||||||
|
diff --git a/lib/semanage.c b/lib/semanage.c
|
||||||
|
index 0d30456a..a5bf9218 100644
|
||||||
|
--- a/lib/semanage.c
|
||||||
|
+++ b/lib/semanage.c
|
||||||
|
@@ -293,6 +293,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = 0;
|
||||||
|
+ reset_selinux_handle();
|
||||||
|
|
||||||
|
done:
|
||||||
|
semanage_seuser_key_free (key);
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
39
shadow-4.9-shadow-progname-default-init.patch
Normal file
39
shadow-4.9-shadow-progname-default-init.patch
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
diff -up shadow-4.9/lib/shadowlog.c.debug3 shadow-4.9/lib/shadowlog.c
|
||||||
|
--- shadow-4.9/lib/shadowlog.c.debug3 2022-01-10 11:16:31.636261531 +0100
|
||||||
|
+++ shadow-4.9/lib/shadowlog.c 2022-01-10 11:16:31.637261538 +0100
|
||||||
|
@@ -2,8 +2,8 @@
|
||||||
|
|
||||||
|
#include "lib/shadowlog_internal.h"
|
||||||
|
|
||||||
|
-const char *shadow_progname;
|
||||||
|
-FILE *shadow_logfd;
|
||||||
|
+const char *shadow_progname = "libshadow";
|
||||||
|
+FILE *shadow_logfd = NULL;
|
||||||
|
|
||||||
|
void log_set_progname(const char *progname)
|
||||||
|
{
|
||||||
|
diff -up shadow-4.9/libsubid/api.c.debug3 shadow-4.9/libsubid/api.c
|
||||||
|
--- shadow-4.9/libsubid/api.c.debug3 2022-01-10 11:16:31.637261538 +0100
|
||||||
|
+++ shadow-4.9/libsubid/api.c 2022-01-10 11:17:15.431574120 +0100
|
||||||
|
@@ -40,17 +40,16 @@
|
||||||
|
#include "subid.h"
|
||||||
|
#include "shadowlog.h"
|
||||||
|
|
||||||
|
-const char *Prog = "(libsubid)";
|
||||||
|
-
|
||||||
|
bool libsubid_init(const char *progname, FILE * logfd)
|
||||||
|
{
|
||||||
|
FILE *shadow_logfd;
|
||||||
|
if (progname) {
|
||||||
|
progname = strdup(progname);
|
||||||
|
- if (progname)
|
||||||
|
- Prog = progname;
|
||||||
|
- else
|
||||||
|
+ if (!progname)
|
||||||
|
return false;
|
||||||
|
+ log_set_progname(progname);
|
||||||
|
+ } else {
|
||||||
|
+ log_set_progname("(libsubid)");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (logfd) {
|
79
shadow-4.9-useradd-avoid-generating-empty-subid-range.patch
Normal file
79
shadow-4.9-useradd-avoid-generating-empty-subid-range.patch
Normal file
@ -0,0 +1,79 @@
|
|||||||
|
diff --git a/src/useradd.c b/src/useradd.c
|
||||||
|
index baeffb35..9abeea6e 100644
|
||||||
|
--- a/src/useradd.c
|
||||||
|
+++ b/src/useradd.c
|
||||||
|
@@ -142,9 +142,7 @@ static bool is_sub_gid = false;
|
||||||
|
static bool sub_uid_locked = false;
|
||||||
|
static bool sub_gid_locked = false;
|
||||||
|
static uid_t sub_uid_start; /* New subordinate uid range */
|
||||||
|
-static unsigned long sub_uid_count;
|
||||||
|
static gid_t sub_gid_start; /* New subordinate gid range */
|
||||||
|
-static unsigned long sub_gid_count;
|
||||||
|
#endif /* ENABLE_SUBIDS */
|
||||||
|
static bool pw_locked = false;
|
||||||
|
static bool gr_locked = false;
|
||||||
|
@@ -234,7 +232,7 @@ static void open_shadow (void);
|
||||||
|
static void faillog_reset (uid_t);
|
||||||
|
static void lastlog_reset (uid_t);
|
||||||
|
static void tallylog_reset (const char *);
|
||||||
|
-static void usr_update (void);
|
||||||
|
+static void usr_update (unsigned long subuid_count, unsigned long subgid_count);
|
||||||
|
static void create_home (void);
|
||||||
|
static void create_mail (void);
|
||||||
|
static void check_uid_range(int rflg, uid_t user_id);
|
||||||
|
@@ -2092,7 +2090,7 @@ static void tallylog_reset (const char *user_name)
|
||||||
|
* usr_update() creates the password file entries for this user
|
||||||
|
* and will update the group entries if required.
|
||||||
|
*/
|
||||||
|
-static void usr_update (void)
|
||||||
|
+static void usr_update (unsigned long subuid_count, unsigned long subgid_count)
|
||||||
|
{
|
||||||
|
struct passwd pwent;
|
||||||
|
struct spwd spent;
|
||||||
|
@@ -2155,14 +2153,14 @@ static void usr_update (void)
|
||||||
|
}
|
||||||
|
#ifdef ENABLE_SUBIDS
|
||||||
|
if (is_sub_uid &&
|
||||||
|
- (sub_uid_add(user_name, sub_uid_start, sub_uid_count) == 0)) {
|
||||||
|
+ (sub_uid_add(user_name, sub_uid_start, subuid_count) == 0)) {
|
||||||
|
fprintf (stderr,
|
||||||
|
_("%s: failed to prepare the new %s entry\n"),
|
||||||
|
Prog, sub_uid_dbname ());
|
||||||
|
fail_exit (E_SUB_UID_UPDATE);
|
||||||
|
}
|
||||||
|
if (is_sub_gid &&
|
||||||
|
- (sub_gid_add(user_name, sub_gid_start, sub_gid_count) == 0)) {
|
||||||
|
+ (sub_gid_add(user_name, sub_gid_start, subgid_count) == 0)) {
|
||||||
|
fprintf (stderr,
|
||||||
|
_("%s: failed to prepare the new %s entry\n"),
|
||||||
|
Prog, sub_uid_dbname ());
|
||||||
|
@@ -2624,16 +2622,16 @@ int main (int argc, char **argv)
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef ENABLE_SUBIDS
|
||||||
|
- if (is_sub_uid && sub_uid_count != 0) {
|
||||||
|
- if (find_new_sub_uids(&sub_uid_start, &sub_uid_count) < 0) {
|
||||||
|
+ if (is_sub_uid && subuid_count != 0) {
|
||||||
|
+ if (find_new_sub_uids(&sub_uid_start, &subuid_count) < 0) {
|
||||||
|
fprintf (stderr,
|
||||||
|
_("%s: can't create subordinate user IDs\n"),
|
||||||
|
Prog);
|
||||||
|
fail_exit(E_SUB_UID_UPDATE);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
- if (is_sub_gid && sub_gid_count != 0) {
|
||||||
|
- if (find_new_sub_gids(&sub_gid_start, &sub_gid_count) < 0) {
|
||||||
|
+ if (is_sub_gid && subgid_count != 0) {
|
||||||
|
+ if (find_new_sub_gids(&sub_gid_start, &subgid_count) < 0) {
|
||||||
|
fprintf (stderr,
|
||||||
|
_("%s: can't create subordinate group IDs\n"),
|
||||||
|
Prog);
|
||||||
|
@@ -2642,7 +2640,7 @@ int main (int argc, char **argv)
|
||||||
|
}
|
||||||
|
#endif /* ENABLE_SUBIDS */
|
||||||
|
|
||||||
|
- usr_update ();
|
||||||
|
+ usr_update (subuid_count, subgid_count);
|
||||||
|
|
||||||
|
close_files ();
|
||||||
|
|
13
shadow-4.9-useradd-copy-tree-argument.patch
Normal file
13
shadow-4.9-useradd-copy-tree-argument.patch
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
diff --git a/src/useradd.c b/src/useradd.c
|
||||||
|
index b463a170..f7c97958 100644
|
||||||
|
--- a/src/useradd.c
|
||||||
|
+++ b/src/useradd.c
|
||||||
|
@@ -2704,7 +2704,7 @@ int main (int argc, char **argv)
|
||||||
|
if (mflg) {
|
||||||
|
create_home ();
|
||||||
|
if (home_added) {
|
||||||
|
- copy_tree (def_template, prefix_user_home, false, false,
|
||||||
|
+ copy_tree (def_template, prefix_user_home, false, true,
|
||||||
|
(uid_t)-1, user_id, (gid_t)-1, user_gid);
|
||||||
|
} else {
|
||||||
|
fprintf (stderr,
|
322
shadow-4.9-usermod-allow-all-group-types.patch
Normal file
322
shadow-4.9-usermod-allow-all-group-types.patch
Normal file
@ -0,0 +1,322 @@
|
|||||||
|
From e481437ab9ebe9a8bf8fbaabe986d42b2f765991 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
Date: Tue, 3 Aug 2021 08:57:20 +0200
|
||||||
|
Subject: [PATCH] usermod: allow all group types with -G option
|
||||||
|
|
||||||
|
The only way of removing a group from the supplementary list is to use
|
||||||
|
-G option, and list all groups that the user is a member of except for
|
||||||
|
the one that wants to be removed. The problem lies when there's a user
|
||||||
|
that contains both local and remote groups, and the group to be removed
|
||||||
|
is a local one. As we need to include the remote group with -G option
|
||||||
|
the command will fail.
|
||||||
|
|
||||||
|
This reverts commit 140510de9de4771feb3af1d859c09604043a4c9b. This way,
|
||||||
|
it would be possible to remove the remote groups from the supplementary
|
||||||
|
list.
|
||||||
|
|
||||||
|
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1967641
|
||||||
|
Resolves: https://github.com/shadow-maint/shadow/issues/338
|
||||||
|
|
||||||
|
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
---
|
||||||
|
src/usermod.c | 220 ++++++++++++++++++--------------------------------
|
||||||
|
1 file changed, 77 insertions(+), 143 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/usermod.c b/src/usermod.c
|
||||||
|
index 03bb9b9d..a0c03afa 100644
|
||||||
|
--- a/src/usermod.c
|
||||||
|
+++ b/src/usermod.c
|
||||||
|
@@ -187,7 +187,6 @@ static bool sub_gid_locked = false;
|
||||||
|
static void date_to_str (/*@unique@*//*@out@*/char *buf, size_t maxsize,
|
||||||
|
long int date);
|
||||||
|
static int get_groups (char *);
|
||||||
|
-static struct group * get_local_group (char * grp_name);
|
||||||
|
static /*@noreturn@*/void usage (int status);
|
||||||
|
static void new_pwent (struct passwd *);
|
||||||
|
static void new_spent (struct spwd *);
|
||||||
|
@@ -201,9 +200,7 @@ static void grp_update (void);
|
||||||
|
|
||||||
|
static void process_flags (int, char **);
|
||||||
|
static void close_files (void);
|
||||||
|
-static void close_group_files (void);
|
||||||
|
static void open_files (void);
|
||||||
|
-static void open_group_files (void);
|
||||||
|
static void usr_update (void);
|
||||||
|
static void move_home (void);
|
||||||
|
static void update_lastlog (void);
|
||||||
|
@@ -260,11 +257,6 @@ static int get_groups (char *list)
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
- /*
|
||||||
|
- * Open the group files
|
||||||
|
- */
|
||||||
|
- open_group_files ();
|
||||||
|
-
|
||||||
|
/*
|
||||||
|
* So long as there is some data to be converted, strip off each
|
||||||
|
* name and look it up. A mix of numerical and string values for
|
||||||
|
@@ -284,7 +276,7 @@ static int get_groups (char *list)
|
||||||
|
* Names starting with digits are treated as numerical GID
|
||||||
|
* values, otherwise the string is looked up as is.
|
||||||
|
*/
|
||||||
|
- grp = get_local_group (list);
|
||||||
|
+ grp = prefix_getgr_nam_gid (list);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* There must be a match, either by GID value or by
|
||||||
|
@@ -334,8 +326,6 @@ static int get_groups (char *list)
|
||||||
|
gr_free ((struct group *)grp);
|
||||||
|
} while (NULL != list);
|
||||||
|
|
||||||
|
- close_group_files ();
|
||||||
|
-
|
||||||
|
user_groups[ngroups] = (char *) 0;
|
||||||
|
|
||||||
|
/*
|
||||||
|
@@ -348,44 +338,6 @@ static int get_groups (char *list)
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
-/*
|
||||||
|
- * get_local_group - checks if a given group name exists locally
|
||||||
|
- *
|
||||||
|
- * get_local_group() checks if a given group name exists locally.
|
||||||
|
- * If the name exists the group information is returned, otherwise NULL is
|
||||||
|
- * returned.
|
||||||
|
- */
|
||||||
|
-static struct group * get_local_group(char * grp_name)
|
||||||
|
-{
|
||||||
|
- const struct group *grp;
|
||||||
|
- struct group *result_grp = NULL;
|
||||||
|
- long long int gid;
|
||||||
|
- char *endptr;
|
||||||
|
-
|
||||||
|
- gid = strtoll (grp_name, &endptr, 10);
|
||||||
|
- if ( ('\0' != *grp_name)
|
||||||
|
- && ('\0' == *endptr)
|
||||||
|
- && (ERANGE != errno)
|
||||||
|
- && (gid == (gid_t)gid)) {
|
||||||
|
- grp = gr_locate_gid ((gid_t) gid);
|
||||||
|
- }
|
||||||
|
- else {
|
||||||
|
- grp = gr_locate(grp_name);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- if (grp != NULL) {
|
||||||
|
- result_grp = __gr_dup (grp);
|
||||||
|
- if (NULL == result_grp) {
|
||||||
|
- fprintf (stderr,
|
||||||
|
- _("%s: Out of memory. Cannot find group '%s'.\n"),
|
||||||
|
- Prog, grp_name);
|
||||||
|
- fail_exit (E_GRP_UPDATE);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- return result_grp;
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
#ifdef ENABLE_SUBIDS
|
||||||
|
struct ulong_range
|
||||||
|
{
|
||||||
|
@@ -1523,7 +1475,50 @@ static void close_files (void)
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Gflg || lflg) {
|
||||||
|
- close_group_files ();
|
||||||
|
+ if (gr_close () == 0) {
|
||||||
|
+ fprintf (stderr,
|
||||||
|
+ _("%s: failure while writing changes to %s\n"),
|
||||||
|
+ Prog, gr_dbname ());
|
||||||
|
+ SYSLOG ((LOG_ERR,
|
||||||
|
+ "failure while writing changes to %s",
|
||||||
|
+ gr_dbname ()));
|
||||||
|
+ fail_exit (E_GRP_UPDATE);
|
||||||
|
+ }
|
||||||
|
+#ifdef SHADOWGRP
|
||||||
|
+ if (is_shadow_grp) {
|
||||||
|
+ if (sgr_close () == 0) {
|
||||||
|
+ fprintf (stderr,
|
||||||
|
+ _("%s: failure while writing changes to %s\n"),
|
||||||
|
+ Prog, sgr_dbname ());
|
||||||
|
+ SYSLOG ((LOG_ERR,
|
||||||
|
+ "failure while writing changes to %s",
|
||||||
|
+ sgr_dbname ()));
|
||||||
|
+ fail_exit (E_GRP_UPDATE);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
+#ifdef SHADOWGRP
|
||||||
|
+ if (is_shadow_grp) {
|
||||||
|
+ if (sgr_unlock () == 0) {
|
||||||
|
+ fprintf (stderr,
|
||||||
|
+ _("%s: failed to unlock %s\n"),
|
||||||
|
+ Prog, sgr_dbname ());
|
||||||
|
+ SYSLOG ((LOG_ERR,
|
||||||
|
+ "failed to unlock %s",
|
||||||
|
+ sgr_dbname ()));
|
||||||
|
+ /* continue */
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
+ if (gr_unlock () == 0) {
|
||||||
|
+ fprintf (stderr,
|
||||||
|
+ _("%s: failed to unlock %s\n"),
|
||||||
|
+ Prog, gr_dbname ());
|
||||||
|
+ SYSLOG ((LOG_ERR,
|
||||||
|
+ "failed to unlock %s",
|
||||||
|
+ gr_dbname ()));
|
||||||
|
+ /* continue */
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
if (is_shadow_pwd) {
|
||||||
|
@@ -1592,60 +1587,6 @@ static void close_files (void)
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
-/*
|
||||||
|
- * close_group_files - close all of the files that were opened
|
||||||
|
- *
|
||||||
|
- * close_group_files() closes all of the files that were opened related
|
||||||
|
- * with groups. This causes any modified entries to be written out.
|
||||||
|
- */
|
||||||
|
-static void close_group_files (void)
|
||||||
|
-{
|
||||||
|
- if (gr_close () == 0) {
|
||||||
|
- fprintf (stderr,
|
||||||
|
- _("%s: failure while writing changes to %s\n"),
|
||||||
|
- Prog, gr_dbname ());
|
||||||
|
- SYSLOG ((LOG_ERR,
|
||||||
|
- "failure while writing changes to %s",
|
||||||
|
- gr_dbname ()));
|
||||||
|
- fail_exit (E_GRP_UPDATE);
|
||||||
|
- }
|
||||||
|
-#ifdef SHADOWGRP
|
||||||
|
- if (is_shadow_grp) {
|
||||||
|
- if (sgr_close () == 0) {
|
||||||
|
- fprintf (stderr,
|
||||||
|
- _("%s: failure while writing changes to %s\n"),
|
||||||
|
- Prog, sgr_dbname ());
|
||||||
|
- SYSLOG ((LOG_ERR,
|
||||||
|
- "failure while writing changes to %s",
|
||||||
|
- sgr_dbname ()));
|
||||||
|
- fail_exit (E_GRP_UPDATE);
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-#endif
|
||||||
|
-#ifdef SHADOWGRP
|
||||||
|
- if (is_shadow_grp) {
|
||||||
|
- if (sgr_unlock () == 0) {
|
||||||
|
- fprintf (stderr,
|
||||||
|
- _("%s: failed to unlock %s\n"),
|
||||||
|
- Prog, sgr_dbname ());
|
||||||
|
- SYSLOG ((LOG_ERR,
|
||||||
|
- "failed to unlock %s",
|
||||||
|
- sgr_dbname ()));
|
||||||
|
- /* continue */
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
-#endif
|
||||||
|
- if (gr_unlock () == 0) {
|
||||||
|
- fprintf (stderr,
|
||||||
|
- _("%s: failed to unlock %s\n"),
|
||||||
|
- Prog, gr_dbname ());
|
||||||
|
- SYSLOG ((LOG_ERR,
|
||||||
|
- "failed to unlock %s",
|
||||||
|
- gr_dbname ()));
|
||||||
|
- /* continue */
|
||||||
|
- }
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
/*
|
||||||
|
* open_files - lock and open the password files
|
||||||
|
*
|
||||||
|
@@ -1681,7 +1622,38 @@ static void open_files (void)
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Gflg || lflg) {
|
||||||
|
- open_group_files ();
|
||||||
|
+ /*
|
||||||
|
+ * Lock and open the group file. This will load all of the
|
||||||
|
+ * group entries.
|
||||||
|
+ */
|
||||||
|
+ if (gr_lock () == 0) {
|
||||||
|
+ fprintf (stderr,
|
||||||
|
+ _("%s: cannot lock %s; try again later.\n"),
|
||||||
|
+ Prog, gr_dbname ());
|
||||||
|
+ fail_exit (E_GRP_UPDATE);
|
||||||
|
+ }
|
||||||
|
+ gr_locked = true;
|
||||||
|
+ if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||||
|
+ fprintf (stderr,
|
||||||
|
+ _("%s: cannot open %s\n"),
|
||||||
|
+ Prog, gr_dbname ());
|
||||||
|
+ fail_exit (E_GRP_UPDATE);
|
||||||
|
+ }
|
||||||
|
+#ifdef SHADOWGRP
|
||||||
|
+ if (is_shadow_grp && (sgr_lock () == 0)) {
|
||||||
|
+ fprintf (stderr,
|
||||||
|
+ _("%s: cannot lock %s; try again later.\n"),
|
||||||
|
+ Prog, sgr_dbname ());
|
||||||
|
+ fail_exit (E_GRP_UPDATE);
|
||||||
|
+ }
|
||||||
|
+ sgr_locked = true;
|
||||||
|
+ if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) {
|
||||||
|
+ fprintf (stderr,
|
||||||
|
+ _("%s: cannot open %s\n"),
|
||||||
|
+ Prog, sgr_dbname ());
|
||||||
|
+ fail_exit (E_GRP_UPDATE);
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
}
|
||||||
|
#ifdef ENABLE_SUBIDS
|
||||||
|
if (vflg || Vflg) {
|
||||||
|
@@ -1717,44 +1689,6 @@ static void open_files (void)
|
||||||
|
#endif /* ENABLE_SUBIDS */
|
||||||
|
}
|
||||||
|
|
||||||
|
-/*
|
||||||
|
- * open_group_files - lock and open the group files
|
||||||
|
- *
|
||||||
|
- * open_group_files() loads all of the group entries.
|
||||||
|
- */
|
||||||
|
-static void open_group_files (void)
|
||||||
|
-{
|
||||||
|
- if (gr_lock () == 0) {
|
||||||
|
- fprintf (stderr,
|
||||||
|
- _("%s: cannot lock %s; try again later.\n"),
|
||||||
|
- Prog, gr_dbname ());
|
||||||
|
- fail_exit (E_GRP_UPDATE);
|
||||||
|
- }
|
||||||
|
- gr_locked = true;
|
||||||
|
- if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||||
|
- fprintf (stderr,
|
||||||
|
- _("%s: cannot open %s\n"),
|
||||||
|
- Prog, gr_dbname ());
|
||||||
|
- fail_exit (E_GRP_UPDATE);
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
-#ifdef SHADOWGRP
|
||||||
|
- if (is_shadow_grp && (sgr_lock () == 0)) {
|
||||||
|
- fprintf (stderr,
|
||||||
|
- _("%s: cannot lock %s; try again later.\n"),
|
||||||
|
- Prog, sgr_dbname ());
|
||||||
|
- fail_exit (E_GRP_UPDATE);
|
||||||
|
- }
|
||||||
|
- sgr_locked = true;
|
||||||
|
- if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) {
|
||||||
|
- fprintf (stderr,
|
||||||
|
- _("%s: cannot open %s\n"),
|
||||||
|
- Prog, sgr_dbname ());
|
||||||
|
- fail_exit (E_GRP_UPDATE);
|
||||||
|
- }
|
||||||
|
-#endif
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
/*
|
||||||
|
* usr_update - create the user entries
|
||||||
|
*
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
@ -293,13 +293,3 @@ CREATE_HOME yes
|
|||||||
# missing.
|
# missing.
|
||||||
#
|
#
|
||||||
#FORCE_SHADOW yes
|
#FORCE_SHADOW yes
|
||||||
|
|
||||||
#
|
|
||||||
# Select the HMAC cryptography algorithm.
|
|
||||||
# Used in pam_timestamp module to calculate the keyed-hash message
|
|
||||||
# authentication code.
|
|
||||||
#
|
|
||||||
# Note: It is recommended to check hmac(3) to see the possible algorithms
|
|
||||||
# that are available in your system.
|
|
||||||
#
|
|
||||||
HMAC_CRYPTO_ALGO SHA512
|
|
||||||
|
@ -1,12 +1,12 @@
|
|||||||
Summary: Utilities for managing accounts and shadow password files
|
Summary: Utilities for managing accounts and shadow password files
|
||||||
Name: shadow-utils
|
Name: shadow-utils
|
||||||
Version: 4.11.1
|
Version: 4.9
|
||||||
Release: 4%{?dist}
|
Release: 9%{?dist}
|
||||||
Epoch: 2
|
Epoch: 2
|
||||||
License: BSD and GPLv2+
|
License: BSD and GPLv2+
|
||||||
URL: https://github.com/shadow-maint/shadow
|
URL: https://github.com/shadow-maint/shadow
|
||||||
Source0: https://github.com/shadow-maint/shadow/releases/download/v%{version}/shadow-%{version}.tar.xz
|
Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz
|
||||||
Source1: https://github.com/shadow-maint/shadow/releases/download/v%{version}/shadow-%{version}.tar.xz.asc
|
Source1: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz.asc
|
||||||
Source2: shadow-utils.useradd
|
Source2: shadow-utils.useradd
|
||||||
Source3: shadow-utils.login.defs
|
Source3: shadow-utils.login.defs
|
||||||
Source4: shadow-bsd.txt
|
Source4: shadow-bsd.txt
|
||||||
@ -18,9 +18,11 @@ Source6: shadow-utils.HOME_MODE.xml
|
|||||||
|
|
||||||
### Patches ###
|
### Patches ###
|
||||||
# Misc small changes - most probably non-upstreamable
|
# Misc small changes - most probably non-upstreamable
|
||||||
Patch0: shadow-4.11.1-redhat.patch
|
Patch0: shadow-4.9-redhat.patch
|
||||||
# Be more lenient with acceptable user/group names - non upstreamable
|
# Be more lenient with acceptable user/group names - non upstreamable
|
||||||
Patch1: shadow-4.8-goodname.patch
|
Patch1: shadow-4.8-goodname.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/09c752f00f9dfc610f66d68be38c9e5be8ca7f15
|
||||||
|
Patch2: shadow-4.9-move-create-home.patch
|
||||||
# SElinux related - upstreamability unknown
|
# SElinux related - upstreamability unknown
|
||||||
Patch3: shadow-4.9-default-range.patch
|
Patch3: shadow-4.9-default-range.patch
|
||||||
# Misc manual page changes - non-upstreamable
|
# Misc manual page changes - non-upstreamable
|
||||||
@ -30,23 +32,50 @@ Patch5: shadow-4.2.1-date-parsing.patch
|
|||||||
# Additional error message - could be upstreamed
|
# Additional error message - could be upstreamed
|
||||||
Patch6: shadow-4.6-move-home.patch
|
Patch6: shadow-4.6-move-home.patch
|
||||||
# Audit message changes - upstreamability unknown
|
# Audit message changes - upstreamability unknown
|
||||||
Patch7: shadow-4.11.1-audit-update.patch
|
Patch7: shadow-4.9-audit-update.patch
|
||||||
# Changes related to password unlocking - could be upstreamed
|
# Changes related to password unlocking - could be upstreamed
|
||||||
Patch8: shadow-4.5-usermod-unlock.patch
|
Patch8: shadow-4.5-usermod-unlock.patch
|
||||||
# Additional SElinux related changes - upstreamability unknown
|
# Additional SElinux related changes - upstreamability unknown
|
||||||
Patch9: shadow-4.8-selinux-perms.patch
|
Patch9: shadow-4.8-selinux-perms.patch
|
||||||
# Handle NULL return from *time funcs - upstreamable
|
# Handle NULL return from *time funcs - could be upstreamed
|
||||||
Patch10: shadow-4.11.1-null-tm.patch
|
Patch10: shadow-4.9-null-tm.patch
|
||||||
# Handle /etc/passwd corruption - could be upstreamed
|
# Handle /etc/passwd corruption - could be upstreamed
|
||||||
Patch11: shadow-4.8-long-entry.patch
|
Patch11: shadow-4.8-long-entry.patch
|
||||||
# Limit uid/gid allocation to non-zero - could be upstreamed
|
# Limit uid/gid allocation to non-zero - could be upstreamed
|
||||||
Patch12: shadow-4.6-sysugid-min-limit.patch
|
Patch12: shadow-4.6-sysugid-min-limit.patch
|
||||||
# Ignore LOGIN_PLAIN_PROMPT in login.defs - upstreamability unknown
|
# Ignore LOGIN_PLAIN_PROMPT in login.defs - upstreamability unknown
|
||||||
Patch13: shadow-4.8-ignore-login-prompt.patch
|
Patch13: shadow-4.8-ignore-login-prompt.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/c6847011e8b656adacd9a0d2a78418cad0de34cb
|
||||||
|
Patch14: shadow-4.9-newuidmap-libeconf-dependency.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/e481437ab9ebe9a8bf8fbaabe986d42b2f765991
|
||||||
|
Patch15: shadow-4.9-usermod-allow-all-group-types.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/9dd720a28578eef5be8171697aae0906e4c53249
|
||||||
|
Patch16: shadow-4.9-useradd-avoid-generating-empty-subid-range.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/234e8fa7b134d1ebabfdad980a3ae5b63c046c62
|
||||||
|
Patch17: shadow-4.9-libmisc-fix-default-value-in-SHA_get_salt_rounds.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/234af5cf67fc1a3ba99fc246ba65869a3c416545
|
||||||
|
Patch18: shadow-4.9-semanage-close-the-selabel-handle.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/4624e9fca1b02b64e25e8b2280a0186182ab73ba
|
||||||
|
Patch19: shadow-4.9-revert-useradd-fix-memleak.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/06eb4e4d76ac7f1ac86e68a89b2dc9be7c7323a2
|
||||||
|
Patch20: shadow-4.9-useradd-copy-tree-argument.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/d8e54618feea201987c1f3cb402ed50d1d8b604f
|
||||||
|
Patch21: shadow-4.9-pwck-fix-segfault-when-calling-fprintf.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/497e90751bc0d95cc998b0f06305040563903948
|
||||||
|
Patch22: shadow-4.9-newgrp-fix-segmentation-fault.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/3b6ccf642c6bb2b7db087f09ee563ae9318af734
|
||||||
|
Patch23: shadow-4.9-getsubids.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/a757b458ffb4fb9a40bcbb4f7869449431c67f83
|
||||||
|
Patch24: shadow-4.9-groupdel-fix-sigsegv-when-passwd-does-not-exist.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/79157cbad87f42cdc2068d72e798488572c68bb2
|
||||||
|
Patch25: shadow-4.9-make-shadow-logfd-and-prog-not-extern.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/0e6fe5e728a45baff3977d73e81a27adb6ae30c6
|
||||||
|
Patch26: shadow-4.9-rename-prog-to-shadow-progname.patch
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/2b0bdef6f9a18382e92b0fb6d893c4339123ffac
|
||||||
|
# https://github.com/shadow-maint/shadow/commit/9750fd681919ed558a9b044248a284d567cddf1a
|
||||||
|
Patch27: shadow-4.9-shadow-progname-default-init.patch
|
||||||
# https://github.com/shadow-maint/shadow/commit/e101219ad71de11da3fdd1b3ec2620fd1a97b92c
|
# https://github.com/shadow-maint/shadow/commit/e101219ad71de11da3fdd1b3ec2620fd1a97b92c
|
||||||
Patch14: shadow-4.9-nss-get-shadow-logfd-with-log-get-logfd.patch
|
Patch28: shadow-4.9-nss-get-shadow-logfd-with-log-get-logfd.patch
|
||||||
# https://github.com/shadow-maint/shadow/commit/f1f1678e13aa3ae49bdb139efaa2c5bc53dcfe92
|
|
||||||
Patch15: shadow-4.11.1-useradd-modify-check-ID-range-for-system-users.patch
|
|
||||||
|
|
||||||
### Dependencies ###
|
### Dependencies ###
|
||||||
Requires: audit-libs >= 1.6.5
|
Requires: audit-libs >= 1.6.5
|
||||||
@ -100,7 +129,6 @@ Utility library that provides a way to manage subid ranges.
|
|||||||
%package subid-devel
|
%package subid-devel
|
||||||
Summary: Development package for shadow-utils-subid
|
Summary: Development package for shadow-utils-subid
|
||||||
License: BSD and GPLv2+
|
License: BSD and GPLv2+
|
||||||
Requires: shadow-utils-subid = %{epoch}:%{version}-%{release}
|
|
||||||
|
|
||||||
%description subid-devel
|
%description subid-devel
|
||||||
Development files for shadow-utils-subid.
|
Development files for shadow-utils-subid.
|
||||||
@ -109,6 +137,7 @@ Development files for shadow-utils-subid.
|
|||||||
%setup -q -n shadow-%{version}
|
%setup -q -n shadow-%{version}
|
||||||
%patch0 -p1 -b .redhat
|
%patch0 -p1 -b .redhat
|
||||||
%patch1 -p1 -b .goodname
|
%patch1 -p1 -b .goodname
|
||||||
|
%patch2 -p1 -b .move-create-home
|
||||||
%patch3 -p1 -b .default-range
|
%patch3 -p1 -b .default-range
|
||||||
%patch4 -p1 -b .manfix
|
%patch4 -p1 -b .manfix
|
||||||
%patch5 -p1 -b .date-parsing
|
%patch5 -p1 -b .date-parsing
|
||||||
@ -120,8 +149,21 @@ Development files for shadow-utils-subid.
|
|||||||
%patch11 -p1 -b .long-entry
|
%patch11 -p1 -b .long-entry
|
||||||
%patch12 -p1 -b .sysugid-min-limit
|
%patch12 -p1 -b .sysugid-min-limit
|
||||||
%patch13 -p1 -b .login-prompt
|
%patch13 -p1 -b .login-prompt
|
||||||
%patch14 -p1 -b .nss-get-shadow-logfd-with-log-get-logfd
|
%patch14 -p1 -b .newuidmap-libeconf-dependency
|
||||||
%patch15 -p1 -b .useradd-modify-check-ID-range-for-system-users
|
%patch15 -p1 -b .usermod-allow-all-group-types
|
||||||
|
%patch16 -p1 -b .useradd-avoid-generating-empty-subid-range
|
||||||
|
%patch17 -p1 -b .libmisc-fix-default-value-in-SHA_get_salt_rounds
|
||||||
|
%patch18 -p1 -b .semanage-close-the-selabel-handle
|
||||||
|
%patch19 -p1 -b .revert-useradd-fix-memleak
|
||||||
|
%patch20 -p1 -b .useradd-copy-tree-argument
|
||||||
|
%patch21 -p1 -b .pwck-fix-segfault-when-calling-fprintf
|
||||||
|
%patch22 -p1 -b .newgrp-fix-segmentation-fault
|
||||||
|
%patch23 -p1 -b .getsubids
|
||||||
|
%patch24 -p1 -b .groupdel-fix-sigsegv-when-passwd-does-not-exist
|
||||||
|
%patch25 -p1 -b .make-shadow-logfd-and-prog-not-extern
|
||||||
|
%patch26 -p1 -b .rename-prog-to-shadow-progname
|
||||||
|
%patch27 -p1 -b .shadow-progname-default-init
|
||||||
|
%patch28 -p1 -b .nss-get-shadow-logfd-with-log-get-logfd
|
||||||
|
|
||||||
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
|
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
|
||||||
cp -f doc/HOWTO.utf8 doc/HOWTO
|
cp -f doc/HOWTO.utf8 doc/HOWTO
|
||||||
@ -233,9 +275,8 @@ echo $(ls)
|
|||||||
mkdir -p $RPM_BUILD_ROOT/%{includesubiddir}
|
mkdir -p $RPM_BUILD_ROOT/%{includesubiddir}
|
||||||
install -m 644 libsubid/subid.h $RPM_BUILD_ROOT/%{includesubiddir}/
|
install -m 644 libsubid/subid.h $RPM_BUILD_ROOT/%{includesubiddir}/
|
||||||
|
|
||||||
# Remove .la and .a files created by libsubid
|
# Remove .la files created by libsubid
|
||||||
rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la
|
rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la
|
||||||
rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.a
|
|
||||||
|
|
||||||
%files -f shadow.lang
|
%files -f shadow.lang
|
||||||
%doc NEWS doc/HOWTO README
|
%doc NEWS doc/HOWTO README
|
||||||
@ -295,23 +336,6 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.a
|
|||||||
%{_libdir}/libsubid.so
|
%{_libdir}/libsubid.so
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Mon Aug 1 2022 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.11.1-4
|
|
||||||
- useradd: modify check ID range for system users. Resolves: #2093692
|
|
||||||
|
|
||||||
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2:4.11.1-3
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
|
||||||
|
|
||||||
* Thu Feb 10 2022 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.11.1-2
|
|
||||||
- Fix explicit subid requirement for subid-devel
|
|
||||||
|
|
||||||
* Tue Jan 25 2022 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.11.1-1
|
|
||||||
- Rebase to version 4.11.1 (#2034038)
|
|
||||||
- Fix release sources
|
|
||||||
- Add explicit subid requirement for subid-devel
|
|
||||||
|
|
||||||
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2:4.9-10
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
|
||||||
|
|
||||||
* Mon Jan 17 2022 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-9
|
* Mon Jan 17 2022 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-9
|
||||||
- nss: get shadow_logfd with log_get_logfd() (#2038811)
|
- nss: get shadow_logfd with log_get_logfd() (#2038811)
|
||||||
- lib: make shadow_logfd and Prog not extern
|
- lib: make shadow_logfd and Prog not extern
|
||||||
@ -328,14 +352,11 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.a
|
|||||||
* Fri Nov 12 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-7
|
* Fri Nov 12 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-7
|
||||||
- useradd: change SELinux labels for home files (#2022658)
|
- useradd: change SELinux labels for home files (#2022658)
|
||||||
|
|
||||||
* Thu Nov 4 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-6
|
* Tue Nov 9 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-6
|
||||||
- useradd: revert fix memleak of grp (#2018697)
|
- useradd: revert fix memleak of grp (#2018697)
|
||||||
|
|
||||||
* Wed Oct 27 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-5
|
* Tue Nov 2 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-5
|
||||||
- useradd: generate home and mail directories with selinux user attribute
|
- useradd: generate home and mail directories with selinux user attribute
|
||||||
|
|
||||||
* Thu Sep 23 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-4
|
|
||||||
- login.defs: include HMAC_CRYPTO_ALGO key
|
|
||||||
- Clean spec file: organize dependencies and move License location
|
- Clean spec file: organize dependencies and move License location
|
||||||
|
|
||||||
* Tue Aug 17 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-3
|
* Tue Aug 17 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-3
|
||||||
|
4
sources
4
sources
@ -1,2 +1,2 @@
|
|||||||
SHA512 (shadow-4.11.1.tar.xz) = 12fbe4d6ac929ad3c21525ed0f1026b5b678ccec9762f2ec7e611d9c180934def506325f2835fb750dd30af035b592f827ff151cd6e4c805aaaf8e01425c279f
|
SHA512 (shadow-4.9.tar.xz) = 254cda49bb14505a7604821e7fa898bf4bf317d648e9ddc881ab80a6860d52053dfffacad6feab87c7d16608c35ed6b6cee99e7757eac930da3a7b31cdcd4b95
|
||||||
SHA512 (shadow-4.11.1.tar.xz.asc) = 4594189678cc9bcc8831f62a5d42c605b085be4a3b540429d7c800f4304e2e8fe04358547917eb90c1513646fade7c714611bfdc98af7dec5321a3dc3e65c4fd
|
SHA512 (shadow-4.9.tar.xz.asc) = 16c0ff7be263c9d471b05656c9a1d14da8ec9b17544910323ca6ab854126d1a03ece221e0caf610e65a9b1d080b4cd1b8b46973f20e3ae45ea0e5581ce6c90d9
|
||||||
|
Loading…
Reference in New Issue
Block a user