From 6d365f80cabf46761090e715da167789fe1f4876 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Honza=20Hor=C3=A1k?= Date: Wed, 4 Sep 2013 13:37:34 +0200 Subject: [PATCH] Read MINUID and MINGID values from /etc/login.defs RHBZ#1004090 --- ypserv-minuid.patch | 28 ++++++++++++++++++++++++++++ ypserv.spec | 4 ++++ 2 files changed, 32 insertions(+) create mode 100644 ypserv-minuid.patch diff --git a/ypserv-minuid.patch b/ypserv-minuid.patch new file mode 100644 index 0000000..69d94f6 --- /dev/null +++ b/ypserv-minuid.patch @@ -0,0 +1,28 @@ +MINUID and MINGID should match the values UID_MIN and GID_MIN in +/etc/login.defs to be consistent and to not distribute uids and gids +used by the linux system. + +However, we can't simply change values to 1000 since on upgraded systems +that keep using UIDs 501+ and haven't changed /var/yp/Makefile, the Makefile +would actually be updated and UIDs lower than 1000 won't be included in maps. + +Thus, we will read MINUID and MINGID values from /etc/login.defs + +RHBZ#1004090 + +diff -up ypserv-2.31/scripts/ypMakefile.in.minuid ypserv-2.31/scripts/ypMakefile.in +--- ypserv-2.31/scripts/ypMakefile.in.minuid 2013-09-04 13:29:12.294945130 +0200 ++++ ypserv-2.31/scripts/ypMakefile.in 2013-09-04 13:31:07.308820321 +0200 +@@ -37,8 +37,10 @@ YPPUSH_ARGS = + # the passwd file. If no entry is found, this shadow entry is + # ignored. + # MINGID is the lowest gid that will be included in the group maps. +-MINUID=500 +-MINGID=500 ++# You can either set values directly (e.g. MINUID=1000) or pick up ++# current values from /etc/login.defs ++MINUID=$(shell TMP=`egrep '^UID_MIN\s+[0-9]+' /etc/login.defs|sed -e 's/^UID_MIN//'` ; [ -n "$$TMP" ] && echo "$$TMP" || echo 1000) ++MINGID=$(shell TMP=`egrep '^GID_MIN\s+[0-9]+' /etc/login.defs|sed -e 's/^GID_MIN//'` ; [ -n "$$TMP" ] && echo "$$TMP" || echo 1000) + + # Don't export this uid/guid (nfsnobody). + # Set to 0 if you want to diff --git a/ypserv.spec b/ypserv.spec index 245a799..93fea0f 100644 --- a/ypserv.spec +++ b/ypserv.spec @@ -32,6 +32,7 @@ Patch8: ypserv-2.27-confpost.patch Patch9: ypserv-2.29-relro.patch Patch10: ypserv-2.31-netgrprecur.patch Patch11: ypserv-tcopenfail.patch +Patch12: ypserv-minuid.patch BuildRequires: tokyocabinet-devel BuildRequires: systemd @@ -68,6 +69,7 @@ machines. %patch9 -p1 -b .relro %patch10 -p1 -b .netgrprecur %patch11 -p1 -b .tcopenfail +%patch12 -p1 -b .minuid autoreconf @@ -227,6 +229,8 @@ fi * Wed Sep 4 2013 Honza Horak - 2.31-5 - Return proper error code when map file opening did not succeeded RHBZ#1004110 +- Read MINUID and MINGID values from /etc/login.defs + RHBZ#1004090 * Mon Jul 29 2013 Honza Horak - 2.31-4 - Remove systemd-units and systemd-sysv requirements