83ef3ff76d
Remove Debian patch to relax username checks
...
Per discussion d-devel, with upstream, and the adduser maintainer.
2024-12-22 20:14:43 +01:00
d14cb1acb3
Forbid purely numeric user/group names, and "." and ".."
2024-12-06 19:55:29 +01:00
32d53642f0
Refresh patches
2024-12-06 19:37:04 +01:00
24c35ea945
Add upstream patch for new return-code for bad usernames
2024-12-06 19:37:04 +01:00
b0619a14cd
d/patches: fix 'upstream' test suite
...
Those two missing spaces made the build of the libsubid/04_nss test
to fail.
2024-12-03 16:15:27 +01:00
4f3dfcdadd
login.defs: remove info about write(1)
...
Which is not part of Debian trixie.
Gbp-Dch: full
Closes : #1087519
2024-11-15 20:38:00 +01:00
1eaf9012b1
Include <utmpx.h>, fixing the build on GNU/Hurd
2024-09-12 19:15:27 +02:00
4885f58fde
Stop building programs we do not install
2024-08-06 00:50:53 +02:00
d390695b6d
Define LOGIN_NAME_MAX on HURD
2024-08-06 00:50:53 +02:00
70bb4db51c
Rebase patch
...
Gbp-Dch: ignore
2024-08-06 00:50:53 +02:00
5a17bd19ad
Stop patching login, not installed anymore
2024-08-06 00:50:53 +02:00
b44052751e
Drop Debian-only cppw, cpgr tools
...
Closes : #750752
2024-08-06 00:50:53 +02:00
75eb23ace8
Re-add workarounds for tests in tests/tests directory
...
4.15.3 fixed this, but 4.16.0 happened earlier.
Gbp-Dch: full
2024-08-05 02:58:01 +02:00
9966b2ae50
Merge 4.16.0 from experimental
2024-08-05 00:30:29 +02:00
08e5e0a148
Forbid backslashes in user/group-names
...
They can still be used with --force-badname, but it's a start. In the
long run I want to remove our relax patch, and upstream should fix the
line continuation too. For #1076619 .
Gbp-Dch: full
2024-07-21 21:02:52 +02:00
e9cceb62ce
login.defs: remove obscure, defaulted vars
2024-07-07 15:22:58 +02:00
75904cfd05
login.defs: resync comments with upstream
2024-07-07 14:56:37 +02:00
f8e81f7293
login.defs: remove CONSOLE, ignored with PAM
2024-07-07 14:26:10 +02:00
d0c5da8cf1
login.defs: remove CONSOLE_GROUPS, ignored with PAM
2024-07-07 14:24:12 +02:00
5f784b3ef3
login.defs: remove vars ignored by su(1)
2024-07-07 14:21:33 +02:00
fd652cdf40
login.defs: remove incomplete list of unused vars
2024-07-07 14:14:13 +02:00
a5d765523b
login.defs: remove obsolete/confusing comments
2024-07-07 14:13:45 +02:00
9b4bfac4ef
Turn login.defs file into a patch
...
Gbp-Dch: ignore
2024-07-07 14:08:10 +02:00
43bf5f3b39
Fix setup of test libsubid-04_nss
2024-07-06 23:37:02 +02:00
a6f8d25673
Rebase patches
2024-07-06 22:48:07 +02:00
aad21d4486
Add upstream tests to run in autopkgtests
...
Disable the su tests, since su in debian comes from util-linux.
[zeha@d.o: rebase on top of upstream applied patch, rework
debian/tests/*]
2024-06-27 01:27:24 +02:00
29f0e1dcf4
patches: fix gbp-pq topic annotation
...
Gbp-Dch: ignore
2024-06-27 01:20:09 +02:00
e0d410ad6a
Add upstream patch easing running testsuite
2024-06-27 01:18:32 +02:00
999c14c87b
Revert "Use upstream's restrictions on user- and group names again"
...
This reverts commit 019ffd5126
2024-06-26 12:40:15 +02:00
b214d3fb51
Rebase patches
2024-06-25 20:12:39 +02:00
712f360fcd
shadowconfig.8: actually install again
2024-06-23 15:57:14 +02:00
0a96fd2bf0
Drop useradd's backwards-compatibility -O flag
...
No users appear left in Debian.
2024-06-23 14:57:28 +02:00
019ffd5126
Use upstream's restrictions on user- and group names again
...
Upstream started supporting mixed-case names some time ago.
Purely numeric names (#79682 ) are now forbidden again, as there is no
way of distinguishing them from user/group IDs otherwise.
Gbp-Dch: full
2024-06-23 14:50:55 +02:00
771535fa07
useradd(8): Fix missing paragraph on username length
2024-06-22 18:05:22 +02:00
527b684a18
Rebase patches
2024-06-22 17:55:55 +02:00
c154cb50fa
Rename remaining patches to end with ".patch"
...
Gbp-Dch: ignore
2024-06-22 15:12:39 +02:00
3bf1270130
Rebase patch 542_useradd-O_option
2024-06-22 15:12:39 +02:00
e3549c3f90
Rebase patch 506_relaxed_usernames
2024-06-22 15:12:39 +02:00
ad3a822529
Rebase patch 502_debian_useradd_defaults
2024-06-22 15:12:39 +02:00
10c72480c0
Rebase patch 501_commonio_group_shadow
2024-06-22 15:12:39 +02:00
6c1c44f0fc
Rebase patch 463_login_delay_obeys_to_PAM
2024-06-22 15:12:39 +02:00
23d33f4922
Use upstream FAILLOG_ENAB code, incompatible with PAM
2024-06-22 15:12:39 +02:00
0c8f801a7a
Rename patch 402_cppw_selinux
2024-06-22 15:12:39 +02:00
4a109337ab
Rebase patch 401_cppw_src.dpatch
2024-06-22 15:12:39 +02:00
584b0b6a36
Disable FTMP_FILE by default, drop login failure logging
...
lastb is gone, so it is pointless to write to the btmp file.
2024-06-22 15:12:39 +02:00
4e48f059e7
Drop upstream applied patches
2024-06-22 15:12:39 +02:00
9f285306f3
Fix valid_field() that regressed in upstream's first CVE fix
...
cherry-picking upstream's regression fix.
Follow-up for commit 50defcfa5d
2023-09-26 12:19:29 +02:00
50defcfa5d
Cherry-pick upstream patch to fix chfn vulnerability
...
(CVE-2023-29383)
Closes : #1034482
2023-09-25 18:13:40 +02:00
56c7502686
Cherry-pick upstream patch to fix gpasswd passwd leak
...
(CVE-2023-4641)
Closes : #1051062
2023-09-25 17:55:00 +02:00
b4c00e119f
debian/patches/506_relaxed_usernames: Fix refreshing the patch
...
Gbp-Dch: Ignore
2022-11-11 12:59:33 +01:00
Chris Hofstaedtler
Florent 'Skia' Jacquet
Pino Toscano
Serge Hallyn
Balint Reczey