Refresh patches

2019-06-23 22:11:48 +02:00
parent 4793149a12
commit 084a543a03
8 changed files with 45 additions and 61 deletions
--- a/debian/patches/008_login_log_failure_in_FTMP
+++ b/debian/patches/008_login_log_failure_in_FTMP
@@ -4,11 +4,9 @@ Notes:
 * I'm not sure login should add an entry in the FTMP file when PAM is used.
   (but nothing in /etc/login.defs indicates that the failure is not logged)

-Index: shadow-4.4/src/login.c
-===================================================================
--- shadow-4.4.orig/src/login.c
-+++ shadow-4.4/src/login.c
-@@ -834,6 +834,24 @@ int main (int argc, char **argv)
+--- a/src/login.c
+++ b/src/login.c
+@@ -849,6 +849,24 @@
 			(void) puts ("");
 			(void) puts (_("Login incorrect"));
 
@@ -33,11 +31,9 @@ Index: shadow-4.4/src/login.c
 			if (failcount >= retries) {
 				SYSLOG ((LOG_NOTICE,
 				         "TOO MANY LOGIN TRIES (%u)%s FOR '%s'",
-Index: shadow-4.4/lib/getdef.c
-===================================================================
--- shadow-4.4.orig/lib/getdef.c
-+++ shadow-4.4/lib/getdef.c
-@@ -57,7 +57,6 @@ struct itemdef {
+--- a/lib/getdef.c
+++ b/lib/getdef.c
+@@ -57,7 +57,6 @@
 	{"ENVIRON_FILE", NULL},			\
 	{"ENV_TZ", NULL},			\
 	{"FAILLOG_ENAB", NULL},			\
@@ -45,7 +41,7 @@ Index: shadow-4.4/lib/getdef.c
 	{"ISSUE_FILE", NULL},			\
 	{"LASTLOG_ENAB", NULL},			\
 	{"LOGIN_STRING", NULL},			\
-@@ -88,6 +87,7 @@ static struct itemdef def_table[] = {
+@@ -88,6 +87,7 @@
 	{"ERASECHAR", NULL},
 	{"FAIL_DELAY", NULL},
 	{"FAKE_SHELL", NULL},
--- a/debian/patches/401_cppw_src.dpatch
+++ b/debian/patches/401_cppw_src.dpatch
@@ -256,7 +256,7 @@
 	chgpasswd \
 	chpasswd \
 	groupadd \
-@@ -92,6 +93,7 @@
+@@ -94,6 +95,7 @@
 chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT)
 chsh_LDADD     = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
 chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT)
--- a/debian/patches/429_login_FAILLOG_ENAB
+++ b/debian/patches/429_login_FAILLOG_ENAB
@@ -7,13 +7,11 @@ Fixes: #192849
 Note: It could be removed if pam_tally could report the number of failures
      preceding a successful login.

-Index: shadow-4.4/src/login.c
-===================================================================
--- shadow-4.4.orig/src/login.c
-+++ shadow-4.4/src/login.c
-@@ -131,9 +131,9 @@ static void update_utmp (const char *use
-                          const char *host,
-                          /*@null@*/const struct utmp *utent);
+--- a/src/login.c
+++ b/src/login.c
+@@ -136,9 +136,9 @@
+ #endif
+ 			);
 
 -#ifndef USE_PAM
 static struct faillog faillog;
@@ -22,7 +20,7 @@ Index: shadow-4.4/src/login.c
 static void bad_time_notify (void);
 static void check_nologin (bool login_to_root);
 #else
-@@ -794,6 +794,9 @@ int main (int argc, char **argv)
+@@ -809,6 +809,9 @@
 				SYSLOG ((LOG_NOTICE,
 				         "TOO MANY LOGIN TRIES (%u)%s FOR '%s'",
 				         failcount, fromhost, failent_user));
@@ -32,7 +30,7 @@ Index: shadow-4.4/src/login.c
 				fprintf (stderr,
 				         _("Maximum number of tries exceeded (%u)\n"),
 				         failcount);
-@@ -811,6 +814,14 @@ int main (int argc, char **argv)
+@@ -826,6 +829,14 @@
 				         pam_strerror (pamh, retcode)));
 				failed = true;
 			}
@@ -47,7 +45,7 @@ Index: shadow-4.4/src/login.c
 
 			if (!failed) {
 				break;
-@@ -834,6 +845,10 @@ int main (int argc, char **argv)
+@@ -849,6 +860,10 @@
 			(void) puts ("");
 			(void) puts (_("Login incorrect"));
 
@@ -58,7 +56,7 @@ Index: shadow-4.4/src/login.c
 			if (getdef_str("FTMP_FILE") != NULL) {
 #ifdef USE_UTMPX
 				struct utmpx *failent =
-@@ -1288,6 +1303,7 @@ int main (int argc, char **argv)
+@@ -1305,6 +1320,7 @@
 		 */
 #ifndef USE_PAM
 		motd ();	/* print the message of the day */
@@ -66,19 +64,17 @@ Index: shadow-4.4/src/login.c
 		if (   getdef_bool ("FAILLOG_ENAB")
 		    && (0 != faillog.fail_cnt)) {
 			failprint (&faillog);
-@@ -1300,6 +1316,7 @@ int main (int argc, char **argv)
+@@ -1317,6 +1333,7 @@
 				         username, (int) faillog.fail_cnt));
 			}
 		}
 +#ifndef USE_PAM
 		if (   getdef_bool ("LASTLOG_ENAB")
+ 		    && pwd->pw_uid <= (uid_t) getdef_ulong ("LASTLOG_UID_MAX", 0xFFFFFFFFUL)
 		    && (ll.ll_time != 0)) {
- 			time_t ll_time = ll.ll_time;
-Index: shadow-4.4/lib/getdef.c
-===================================================================
--- shadow-4.4.orig/lib/getdef.c
-+++ shadow-4.4/lib/getdef.c
-@@ -86,6 +86,7 @@ static struct itemdef def_table[] = {
+--- a/lib/getdef.c
+++ b/lib/getdef.c
+@@ -86,6 +86,7 @@
 	{"ENV_SUPATH", NULL},
 	{"ERASECHAR", NULL},
 	{"FAIL_DELAY", NULL},
--- a/debian/patches/463_login_delay_obeys_to_PAM
+++ b/debian/patches/463_login_delay_obeys_to_PAM
@@ -7,11 +7,9 @@ Status wrt upstream: Forwarded but not applied yet

 Note: If removed, FAIL_DELAY must be re-added to /etc/login.defs

-Index: shadow-4.4/src/login.c
-===================================================================
--- shadow-4.4.orig/src/login.c
-+++ shadow-4.4/src/login.c
-@@ -525,7 +525,6 @@ int main (int argc, char **argv)
+--- a/src/login.c
+++ b/src/login.c
+@@ -536,7 +536,6 @@
 #if defined(HAVE_STRFTIME) && !defined(USE_PAM)
 	char ptime[80];
 #endif
@@ -19,7 +17,7 @@ Index: shadow-4.4/src/login.c
 	unsigned int retries;
 	bool subroot = false;
 #ifndef USE_PAM
-@@ -546,6 +545,7 @@ int main (int argc, char **argv)
+@@ -561,6 +560,7 @@
 	pid_t child;
 	char *pam_user = NULL;
 #else
@@ -27,7 +25,7 @@ Index: shadow-4.4/src/login.c
 	struct spwd *spwd = NULL;
 #endif
 	/*
-@@ -708,7 +708,6 @@ int main (int argc, char **argv)
+@@ -723,7 +723,6 @@
 	}
 
 	environ = newenvp;	/* make new environment active */
@@ -35,7 +33,7 @@ Index: shadow-4.4/src/login.c
 	retries = getdef_unum ("LOGIN_RETRIES", RETRIES);
 
 #ifdef USE_PAM
-@@ -724,8 +723,7 @@ int main (int argc, char **argv)
+@@ -739,8 +738,7 @@
 
 	/*
 	 * hostname & tty are either set to NULL or their correct values,
@@ -45,7 +43,7 @@ Index: shadow-4.4/src/login.c
 	 *
 	 * PAM_RHOST and PAM_TTY are used for authentication, only use
 	 * information coming from login or from the caller (e.g. no utmp)
-@@ -734,10 +732,6 @@ int main (int argc, char **argv)
+@@ -749,10 +747,6 @@
 	PAM_FAIL_CHECK;
 	retcode = pam_set_item (pamh, PAM_TTY, tty);
 	PAM_FAIL_CHECK;
@@ -56,7 +54,7 @@ Index: shadow-4.4/src/login.c
 	/* if fflg, then the user has already been authenticated */
 	if (!fflg) {
 		unsigned int failcount = 0;
-@@ -778,12 +772,6 @@ int main (int argc, char **argv)
+@@ -793,12 +787,6 @@
 			bool failed = false;
 
 			failcount++;
@@ -69,7 +67,7 @@ Index: shadow-4.4/src/login.c
 
 			retcode = pam_authenticate (pamh, 0);
 
-@@ -1106,14 +1094,17 @@ int main (int argc, char **argv)
+@@ -1121,14 +1109,17 @@
 		free (username);
 		username = NULL;
 
@@ -87,11 +85,9 @@ Index: shadow-4.4/src/login.c
 
 		(void) puts (_("Login incorrect"));
 
-Index: shadow-4.4/lib/getdef.c
-===================================================================
--- shadow-4.4.orig/lib/getdef.c
-+++ shadow-4.4/lib/getdef.c
-@@ -85,7 +85,6 @@ static struct itemdef def_table[] = {
+--- a/lib/getdef.c
+++ b/lib/getdef.c
+@@ -85,7 +85,6 @@
 	{"ENV_PATH", NULL},
 	{"ENV_SUPATH", NULL},
 	{"ERASECHAR", NULL},
--- a/debian/patches/501_commonio_group_shadow
+++ b/debian/patches/501_commonio_group_shadow
@@ -10,9 +10,9 @@ Fixes: #166793
 #include <signal.h>
 +#include <grp.h>
 #include "nscd.h"
+ #include "sssd.h"
 #ifdef WITH_TCB
- #include <tcb.h>
-@@ -983,12 +984,23 @@
+@@ -986,12 +987,23 @@
 			goto fail;
 		}
 	} else {
--- a/debian/patches/505_useradd_recommend_adduser
+++ b/debian/patches/505_useradd_recommend_adduser
@@ -4,11 +4,9 @@ Fixes: #406046

 Status wrt upstream: Debian specific patch.

-Index: git/man/useradd.8.xml
-===================================================================
--- git.orig/man/useradd.8.xml
-+++ git/man/useradd.8.xml
-@@ -105,6 +105,12 @@
+--- a/man/useradd.8.xml
+++ b/man/useradd.8.xml
+@@ -106,6 +106,12 @@
   <refsect1 id='description'>
     <title>DESCRIPTION</title>
       <para>
@@ -21,10 +19,8 @@ Index: git/man/useradd.8.xml
 	When invoked without the <option>-D</option> option, the
 	<command>useradd</command> command creates a new user account using
 	the values specified on the command line plus the default values from
-Index: git/man/userdel.8.xml
-===================================================================
--- git.orig/man/userdel.8.xml
-+++ git/man/userdel.8.xml
+--- a/man/userdel.8.xml
+++ b/man/userdel.8.xml
@@ -83,6 +83,12 @@
   <refsect1 id='description'>
     <title>DESCRIPTION</title>
--- a/debian/patches/506_relaxed_usernames
+++ b/debian/patches/506_relaxed_usernames
@@ -54,7 +54,7 @@ Details:
 }
 --- a/man/useradd.8.xml
 +++ b/man/useradd.8.xml
-@@ -650,12 +650,20 @@
+@@ -651,12 +651,20 @@
     </para>
 
     <para>
--- a/debian/patches/542_useradd-O_option
+++ b/debian/patches/542_useradd-O_option
@@ -7,7 +7,7 @@ Status wrt upstream: not included as this is just specific

 --- a/man/useradd.8.xml
 +++ b/man/useradd.8.xml
-@@ -329,6 +329,11 @@
+@@ -330,6 +330,11 @@
 	    databases are reset to avoid reusing the entry from a previously
 	    deleted user.
 	  </para>
@@ -21,7 +21,7 @@ Status wrt upstream: not included as this is just specific
       <varlistentry>
 --- a/src/useradd.c
 +++ b/src/useradd.c
-@@ -1114,9 +1114,9 @@
+@@ -1138,9 +1138,9 @@
 		};
 		while ((c = getopt_long (argc, argv,
 #ifdef WITH_SELINUX
@@ -33,7 +33,7 @@ Status wrt upstream: not included as this is just specific
 #endif				/* !WITH_SELINUX */
 		                         long_options, NULL)) != -1) {
 			switch (c) {
-@@ -1239,6 +1239,7 @@
+@@ -1266,6 +1266,7 @@
 				kflg = true;
 				break;
 			case 'K':