VesperOS/shadow
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,071 Commits 10 Branches 149 Tags
buildtime-tests
Commit Graph

188 Commits

Author SHA1 Message Date
Chris Hofstaedtler 43bf5f3b39 Fix setup of test libsubid-04_nss 2024-07-06 23:37:02 +02:00
Chris Hofstaedtler a6f8d25673 Rebase patches 2024-07-06 22:48:07 +02:00
Serge Hallyn aad21d4486 Add upstream tests to run in autopkgtests 
Disable the su tests, since su in debian comes from util-linux.

[zeha@d.o: rebase on top of upstream applied patch, rework
debian/tests/*]
 2024-06-27 01:27:24 +02:00
Chris Hofstaedtler 29f0e1dcf4 patches: fix gbp-pq topic annotation 
Gbp-Dch: ignore
 2024-06-27 01:20:09 +02:00
Chris Hofstaedtler e0d410ad6a Add upstream patch easing running testsuite 2024-06-27 01:18:32 +02:00
Chris Hofstaedtler 999c14c87b Revert "Use upstream's restrictions on user- and group names again" 
This reverts commit 019ffd5126.
 2024-06-26 12:40:15 +02:00
Chris Hofstaedtler 712f360fcd shadowconfig.8: actually install again 2024-06-23 15:57:14 +02:00
Chris Hofstaedtler 0a96fd2bf0 Drop useradd's backwards-compatibility -O flag 
No users appear left in Debian.
 2024-06-23 14:57:28 +02:00
Chris Hofstaedtler 019ffd5126 Use upstream's restrictions on user- and group names again 
Upstream started supporting mixed-case names some time ago.
Purely numeric names (#79682) are now forbidden again, as there is no
way of distinguishing them from user/group IDs otherwise.

Gbp-Dch: full
 2024-06-23 14:50:55 +02:00
Chris Hofstaedtler 771535fa07 useradd(8): Fix missing paragraph on username length 2024-06-22 18:05:22 +02:00
Chris Hofstaedtler 527b684a18 Rebase patches 2024-06-22 17:55:55 +02:00
Chris Hofstaedtler c154cb50fa Rename remaining patches to end with ".patch" 
Gbp-Dch: ignore
 2024-06-22 15:12:39 +02:00
Chris Hofstaedtler 3bf1270130 Rebase patch 542_useradd-O_option 2024-06-22 15:12:39 +02:00
Chris Hofstaedtler e3549c3f90 Rebase patch 506_relaxed_usernames 2024-06-22 15:12:39 +02:00
Chris Hofstaedtler ad3a822529 Rebase patch 502_debian_useradd_defaults 2024-06-22 15:12:39 +02:00
Chris Hofstaedtler 10c72480c0 Rebase patch 501_commonio_group_shadow 2024-06-22 15:12:39 +02:00
Chris Hofstaedtler 6c1c44f0fc Rebase patch 463_login_delay_obeys_to_PAM 2024-06-22 15:12:39 +02:00
Chris Hofstaedtler 23d33f4922 Use upstream FAILLOG_ENAB code, incompatible with PAM 2024-06-22 15:12:39 +02:00
Chris Hofstaedtler 0c8f801a7a Rename patch 402_cppw_selinux 2024-06-22 15:12:39 +02:00
Chris Hofstaedtler 4a109337ab Rebase patch 401_cppw_src.dpatch 2024-06-22 15:12:39 +02:00
Chris Hofstaedtler 584b0b6a36 Disable FTMP_FILE by default, drop login failure logging 
lastb is gone, so it is pointless to write to the btmp file.
 2024-06-22 15:12:39 +02:00
Chris Hofstaedtler 4e48f059e7 Drop upstream applied patches 2024-06-22 15:12:39 +02:00
Balint Reczey 9f285306f3 Fix valid_field() that regressed in upstream's first CVE fix 
cherry-picking upstream's regression fix.

Follow-up for commit 50defcfa5d .

Gbp-Dch: Ignore
 2023-09-26 12:19:29 +02:00
Balint Reczey 50defcfa5d Cherry-pick upstream patch to fix chfn vulnerability 
(CVE-2023-29383)

Closes: #1034482
 2023-09-25 18:13:40 +02:00
Balint Reczey 56c7502686 Cherry-pick upstream patch to fix gpasswd passwd leak 
(CVE-2023-4641)

Closes: #1051062
 2023-09-25 17:55:00 +02:00
Balint Reczey b4c00e119f debian/patches/506_relaxed_usernames: Fix refreshing the patch 
Gbp-Dch: Ignore
 2022-11-11 12:59:33 +01:00
Balint Reczey f960334281 Refresh patches 2022-11-10 22:07:00 +01:00
Balint Reczey 8f8e8c66d6 Fix tree copying regressions introduced in 4.12.2. 
Closes: #1023132
 2022-11-05 14:46:09 +01:00
Balint Reczey 220f9aac4d Cherry-pick upstream patch to fix regression in expiration date handling 
Closes: #1021697
 2022-10-22 20:09:51 +02:00
Balint Reczey f7c5ed7e44 debian/patches: Reorder patches in series to make it look sane 2022-09-11 23:16:27 +02:00
Balint Reczey 71b57931c8 debian/patches/502_debian_useradd_defaults: Update useradd.8.xml, too 
Gbp-Dch: Ignore
 2022-09-11 23:05:00 +02:00
Johannes Schauer Marin Rodrigues 840aa7a980 useradd: avoid creating several GB worth of sparse lastlog and faillog files 
Closes: #1019245
 2022-09-06 10:01:45 +02:00
Balint Reczey 56751ea5fa Refresh patches 2022-08-20 18:37:02 +02:00
Balint Reczey b96c915fb6 useradd: Restore defaults used up to 4.8.1 version 
Also fix /etc/default/useradd to state that mail spool directories are
not created.
 2022-02-11 13:14:04 +01:00
Balint Reczey d9490db020 Refresh patches 2022-01-22 21:53:04 +01:00
Balint Reczey e225d71e7f Install nologin /usr/sbin without patching makefiles 2021-11-14 13:17:32 +01:00
Balint Reczey 2d2f190b5f Refresh patches 2020-02-06 23:33:56 +01:00
Andreas Henriksson e34706dd5b Cherry-pick upstream patch reverting bindir/sbindir 
From:
https://github.com/shadow-maint/shadow/commit/3cc3948d719d3b9dedaaf2e96221e4b5b96ea380.patch
 2019-12-05 15:12:17 +01:00
Andreas Henriksson 787ebc3336 Refresh and massage patches to apply 
The following needed massaging to apply:
* debian/patches/508_nologin_in_usr_sbin
* debian/patches/401_cppw_src.dpatch

The remaining patches just got trivial quilt refresh updates,
except debian/patches/506_relaxed_usernames which needed
special attention to be correctly refreshed.
 2019-12-05 15:08:29 +01:00
Balint Reczey 084a543a03 Refresh patches 2019-06-23 22:11:48 +02:00
Balint Reczey 089560d90e Refresh patches 2019-03-03 23:40:55 +01:00
Balint Reczey ba18b6cab2 Cut redundant information from Debian-specific README files 2017-08-12 18:48:09 -04:00
Balint Reczey b43b5a89d1 Drop patches manipulating su argument concatenation: 
- 523_su_arguments_are_concatenated
- su_arguments_are_no_more_concatenated_by_default
 2017-08-11 11:16:45 -04:00
Balint Reczey 591aa8debe Refresh patches 
Dropped patches:
- 0001-Typos-fix-in-german-translation-of-man-pages.patch
- 0002-Last-bits-of-enabling-subuids.patch
- 0003-Dutch-translation-update.patch
- 0004-Updated-Czech-translation.patch
- 0005-Update-for-German-man-pages.patch
- 0006-French-manpage-translation.patch
- 0007-Fix-some-spelling-issues-in-the-Norwegian-translatio.patch
- 0008-su-properly-clear-child-PID.patch
- 1010_vietnamese_translation
- 301-Reset-pid_child-only-if-waitpid-was-successful.patch
 2017-08-10 18:36:48 -04:00
Salvatore Bonaccorso d7f24f954e Import Debian changes 1:4.4-4.1 
shadow (1:4.4-4.1) unstable; urgency=high

  * Non-maintainer upload.
  * Reset pid_child only if waitpid was successful.
    This is a regression fix for CVE-2017-2616. If su receives a signal like
    SIGTERM, it is not propagated to the child. (Closes: #862806)
 2017-08-10 18:25:45 -04:00
Balint Reczey bc6cd09194 su: properly clear child PID (CVE-2017-2616) 
Closes: #855943
 2017-02-24 01:50:09 +01:00
Lars Bahner 182a8cf464 Fix some spelling issues in the Norwegian translation 
Closes: #800553
 2017-01-19 18:55:28 +01:00
Thomas Blein b20639f055 French manpage translation 
Closes: #805182
 2017-01-19 18:25:01 +01:00
Holger Wansing 0531cb85a4 Update for German man pages 2017-01-19 18:25:00 +01:00
Miroslav Kuře 19ebc9d55a Updated Czech translation 
Closes: #759113
 2017-01-19 18:24:54 +01:00