Compare commits

...

21 Commits

Author SHA1 Message Date
Chris Hofstaedtler 92410b1c76 Update changelog for 1:4.16.0-7 release 2024-12-06 13:51:45 +01:00
Chris Hofstaedtler c91a226797 Update changelog for 1:4.16.0-6 release 2024-12-06 13:51:02 +01:00
Florent 'Skia' Jacquet b0619a14cd d/patches: fix 'upstream' test suite
Those two missing spaces made the build of the libsubid/04_nss test
to fail.
2024-12-03 16:15:27 +01:00
Chris Hofstaedtler 6605806a6d Add NEWS entry about faillog
Closes: #1074320
2024-11-16 15:49:18 +01:00
Chris Hofstaedtler e649b28033 Update changelog for 1:4.16.0-5 release 2024-11-15 20:38:00 +01:00
Chris Hofstaedtler 4f3dfcdadd login.defs: remove info about write(1)
Which is not part of Debian trixie.

Gbp-Dch: full

Closes: #1087519
2024-11-15 20:38:00 +01:00
Chris Hofstaedtler ccaa7ea01e Merge branch 'non-linux' into 'master'
Include <utmpx.h>, fixing the build on GNU/Hurd

See merge request debian/shadow!26
2024-09-12 23:19:21 +00:00
Pino Toscano 1eaf9012b1 Include <utmpx.h>, fixing the build on GNU/Hurd 2024-09-12 19:15:27 +02:00
Chris Hofstaedtler a5e0d00442 Customize debian/salsa-ci.yml
Gbp-Dch: ignore
2024-08-23 12:13:24 +02:00
Chris Hofstaedtler ade65b0204 debputy.manifest: merge path-metadata entries 2024-08-13 09:48:15 +02:00
Chris Hofstaedtler a23a040247 Always build with btrfs support on linux-any
Closes: #856557
2024-08-06 01:07:16 +02:00
Chris Hofstaedtler f11f8581f2 Update changelog for 1:4.16.0-4 release 2024-08-06 00:50:53 +02:00
Chris Hofstaedtler 4885f58fde Stop building programs we do not install 2024-08-06 00:50:53 +02:00
Chris Hofstaedtler 68624ca168 Add debian/gbp.conf
Gbp-Dch: ignore
2024-08-06 00:50:53 +02:00
Chris Hofstaedtler 8d8becfddb Remove libsystemd-dev Build-Depends
Only necessary for login(1).

Gbp-Dch: full
2024-08-06 00:50:53 +02:00
Chris Hofstaedtler d390695b6d Define LOGIN_NAME_MAX on HURD 2024-08-06 00:50:53 +02:00
Chris Hofstaedtler 70bb4db51c Rebase patch
Gbp-Dch: ignore
2024-08-06 00:50:53 +02:00
Chris Hofstaedtler 5a17bd19ad Stop patching login, not installed anymore 2024-08-06 00:50:53 +02:00
Chris Hofstaedtler b44052751e Drop Debian-only cppw, cpgr tools
Closes: #750752
2024-08-06 00:50:53 +02:00
Chris Hofstaedtler d7383961f5 Update changelog for 1:4.16.0-3 release 2024-08-05 17:21:41 +02:00
Chris Hofstaedtler a7e5816642 Fix FTBFS on hurd
DEB_HOST_ARCH_OS was unset.

Gbp-Dch: full
2024-08-05 03:34:01 +02:00
23 changed files with 735 additions and 548 deletions
Vendored
+9
View File
@@ -1,3 +1,12 @@
shadow (1:4.16.0-5) unstable; urgency=medium
/var/log/faillog and the programs to read it are no longer part since
1:4.15.2-2.
The file isn't cleaned up automatically, which should be done manually,
unless it is still needed for special reasons.
-- Chris Hofstaedtler <zeha@debian.org> Sat, 16 Nov 2024 15:48:35 +0100
shadow (1:4.13+dfsg1-2) unstable; urgency=medium
The previous entry falsely states that PREVENT_NO_AUTH in /etc/login.defs
+45
View File
@@ -1,3 +1,48 @@
shadow (1:4.16.0-7) unstable; urgency=medium
[ Florent 'Skia' Jacquet ]
* d/patches: fix 'upstream' test suite
-- Chris Hofstaedtler <zeha@debian.org> Fri, 06 Dec 2024 13:51:40 +0100
shadow (1:4.16.0-6) unstable; urgency=medium
* Add NEWS entry about faillog (Closes: #1074320)
-- Chris Hofstaedtler <zeha@debian.org> Fri, 06 Dec 2024 13:29:54 +0100
shadow (1:4.16.0-5) unstable; urgency=medium
[ Chris Hofstaedtler ]
* Always build with btrfs support on linux-any (Closes: #856557)
* debputy.manifest: merge path-metadata entries
* login.defs: remove info about write(1)
Which is not part of Debian trixie. (Closes: #1087519)
[ Pino Toscano ]
* Include <utmpx.h>, fixing the build on GNU/Hurd
-- Chris Hofstaedtler <zeha@debian.org> Fri, 15 Nov 2024 20:30:32 +0100
shadow (1:4.16.0-4) unstable; urgency=medium
* Drop Debian-only cppw, cpgr tools (Closes: #750752)
* Stop patching login, not installed anymore
* Define LOGIN_NAME_MAX on HURD
* Remove libsystemd-dev Build-Depends.
Only necessary for login(1).
* Stop building programs we do not install
-- Chris Hofstaedtler <zeha@debian.org> Tue, 06 Aug 2024 00:29:18 +0200
shadow (1:4.16.0-3) unstable; urgency=medium
* Upload to unstable.
* Fix FTBFS on hurd.
DEB_HOST_ARCH_OS was unset.
-- Chris Hofstaedtler <zeha@debian.org> Mon, 05 Aug 2024 17:21:27 +0200
shadow (1:4.16.0-2) experimental; urgency=medium
* passwd: switch Depends from login to login.defs
-1
View File
@@ -23,7 +23,6 @@ Build-Depends:
libpam0g-dev,
libselinux1-dev [linux-any],
libsemanage-dev [linux-any],
libsystemd-dev [linux-any],
libxml2-utils <!nodoc>,
pkgconf,
quilt,
-5
View File
@@ -137,11 +137,6 @@ Copyright: 1999-2001, Ben Collins <bcollins@debian.org>
2017-2022 Balint Reczey <balint@balintreczey.hu>
License: BSD-3-clause
Files: debian/patches/cppw-Add-tool.patch
Copyright: 1997, Guy Maor <maor@ece.utexas.edu>
1999, Stephen Frost <sfrost@snowman.net>
License: GPL-2+
Files: debian/passwd.expire.cron
Copyright: 1999, Ben Collins <bcollins@debian.org>
License: BSD-3-clause
-1
View File
@@ -1 +0,0 @@
.so man8/cppw.8
-27
View File
@@ -1,27 +0,0 @@
.TH CPPW 8 "7 Apr 2005"
.SH NAME
cppw, cpgr \- copy with locking the given file to the password or group file
.SH SYNOPSIS
\fBcppw\fR [\fB\-h\fR] [\fB\-s\fR] password_file
.br
\fBcpgr\fR [\fB\-h\fR] [\fB\-s\fR] group_file
.SH DESCRIPTION
.BR cppw " and " cpgr
will copy, with locking, the given file to
.IR /etc/passwd " and " /etc/group ", respectively."
With the \fB\-s\fR flag, they will copy the shadow versions of those files,
.IR /etc/shadow " and " /etc/gshadow ", respectively."
With the \fB\-h\fR flag, the commands display a short help message and exit
silently.
.SH "SEE ALSO"
.BR vipw (8),
.BR vigr (8),
.BR group (5),
.BR passwd (5),
.BR shadow (5),
.BR gshadow (5)
.SH AUTHOR
\fBcppw\fR and \fBcpgr\fR were written by Stephen Frost, based on
\fBvipw\fR and \fBvigr\fR written by Guy Maor.
+11 -19
View File
@@ -3,30 +3,22 @@ packages:
passwd:
transformations:
- path-metadata:
path: usr/bin/chfn
paths:
- usr/bin/chfn
- usr/bin/chsh
- usr/bin/gpasswd
- usr/bin/passwd
mode: "u=rwxs,go=rx"
- path-metadata:
path: usr/bin/chsh
mode: "u=rwxs,go=rx"
- path-metadata:
path: usr/bin/gpasswd
mode: "u=rwxs,go=rx"
- path-metadata:
path: usr/bin/passwd
mode: "u=rwxs,go=rx"
- path-metadata:
path: usr/bin/chage
group: "shadow"
mode: "u=rwx,go=rxs"
- path-metadata:
path: usr/bin/expiry
paths:
- usr/bin/chage
- usr/bin/expiry
group: "shadow"
mode: "u=rwx,go=rxs"
uidmap:
transformations:
- path-metadata:
path: usr/bin/newgidmap
mode: "u=rwxs,go=rx"
- path-metadata:
path: usr/bin/newuidmap
paths:
- usr/bin/newgidmap
- usr/bin/newuidmap
mode: "u=rwxs,go=rx"
+2
View File
@@ -0,0 +1,2 @@
[pq]
patch-numbers = False
-1
View File
@@ -8,7 +8,6 @@ usr/bin/gpasswd
usr/bin/passwd
usr/sbin/chgpasswd
usr/sbin/chpasswd
usr/sbin/cppw
usr/sbin/groupadd
usr/sbin/groupdel
usr/sbin/groupmod
-1
View File
@@ -1,2 +1 @@
usr/sbin/cppw usr/sbin/cpgr
usr/sbin/vipw usr/sbin/vigr
-2
View File
@@ -1,5 +1,3 @@
debian/cpgr.8
debian/cppw.8
usr/share/man/*/man1/chage.1
usr/share/man/*/man1/chfn.1
usr/share/man/*/man1/chsh.1
+27 -24
View File
@@ -5,12 +5,13 @@ Subject: Adapt login.defs for Debian
Remove settings only applicable to shadow's su, which we do not use.
Remove settings only applicable without PAM support enabled.
Remove obscure commented-out settings.
Remove explanation about write(1), which Debian does not ship anymore.
---
etc/login.defs | 372 ++++++++-------------------------------------------------
1 file changed, 51 insertions(+), 321 deletions(-)
etc/login.defs | 375 ++++++++-------------------------------------------------
1 file changed, 47 insertions(+), 328 deletions(-)
diff --git a/etc/login.defs b/etc/login.defs
index 33622c2..f44f381 100644
index 33622c2..91d3ec4 100644
--- a/etc/login.defs
+++ b/etc/login.defs
@@ -1,24 +1,38 @@
@@ -176,7 +177,7 @@ index 33622c2..f44f381 100644
#
# If defined, file which inhibits all the usual chatter during the login
# sequence. If a full pathname, then hushed mode will be enabled if the
@@ -139,27 +55,12 @@ MAIL_DIR /var/spool/mail
@@ -139,40 +55,21 @@ MAIL_DIR /var/spool/mail
HUSHLOGIN_FILE .hushlogin
#HUSHLOGIN_FILE /etc/hushlogins
@@ -205,22 +206,24 @@ index 33622c2..f44f381 100644
+ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
#
# Terminal permissions
@@ -172,6 +73,13 @@ ENV_PATH PATH=/bin:/usr/bin
# and TTYPERM as 0620. Otherwise leave TTYGROUP commented out and
# set TTYPERM to either 622 or 600.
-# Terminal permissions
+# Terminal permissions for terminals after login(1).
+# These settings are ignored for remote and other logins.
#
+# In Debian, write(1) similar programs are setgid tty.
+# However, the default and recommended value for TTYPERM is still 0600
+# to not allow anyone to write to anyone else console or terminal.
+#
+# Users can still allow other people to write them by issuing
+# the "mesg y" command.
+#
TTYGROUP tty
# TTYGROUP Login tty will be assigned this group ownership.
# TTYPERM Login tty will be set to this permission.
#
-# If you have a write(1) program which is "setgid" to a special group
-# which owns the terminals, define TTYGROUP as the number of such group
-# and TTYPERM as 0620. Otherwise leave TTYGROUP commented out and
-# set TTYPERM to either 622 or 600.
-#
-TTYGROUP tty
+#TTYGROUP tty
TTYPERM 0600
@@ -180,61 +88,35 @@ TTYPERM 0600
#
@@ -180,61 +77,35 @@ TTYPERM 0600
#
# ERASECHAR Terminal ERASE character ('\010' = backspace).
# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
@@ -285,7 +288,7 @@ index 33622c2..f44f381 100644
# Extra per user uids
SUB_UID_MIN 100000
SUB_UID_MAX 600100000
@@ -246,8 +128,8 @@ SUB_UID_COUNT 65536
@@ -246,8 +117,8 @@ SUB_UID_COUNT 65536
GID_MIN 1000
GID_MAX 60000
# System accounts
@@ -296,7 +299,7 @@ index 33622c2..f44f381 100644
# Extra per user group ids
SUB_GID_MIN 100000
SUB_GID_MAX 600100000
@@ -255,6 +137,9 @@ SUB_GID_COUNT 65536
@@ -255,6 +126,9 @@ SUB_GID_COUNT 65536
#
# Max number of login(1) retries if password is bad
@@ -306,7 +309,7 @@ index 33622c2..f44f381 100644
#
LOGIN_RETRIES 5
@@ -263,28 +148,6 @@ LOGIN_RETRIES 5
@@ -263,28 +137,6 @@ LOGIN_RETRIES 5
#
LOGIN_TIMEOUT 60
@@ -335,7 +338,7 @@ index 33622c2..f44f381 100644
#
# Which fields may be changed by regular users using chfn(1) - use
# any combination of letters "frwh" (full name, room number, work
@@ -294,29 +157,6 @@ CHFN_AUTH yes
@@ -294,29 +146,6 @@ CHFN_AUTH yes
CHFN_RESTRICT rwh
#
@@ -365,7 +368,7 @@ index 33622c2..f44f381 100644
# If set to MD5, MD5-based algorithm will be used for encrypting password
# If set to SHA256, SHA256-based algorithm will be used for encrypting password
# If set to SHA512, SHA512-based algorithm will be used for encrypting password
@@ -326,66 +166,10 @@ CHFN_RESTRICT rwh
@@ -326,66 +155,10 @@ CHFN_RESTRICT rwh
# MD5 and DES should not be used for new hashes, see crypt(5) for recommendations.
# Overrides the MD5_CRYPT_ENAB option
#
@@ -434,7 +437,7 @@ index 33622c2..f44f381 100644
#
# Should login be allowed if we can't cd to the home directory?
@@ -401,12 +185,6 @@ DEFAULT_HOME yes
@@ -401,12 +174,6 @@ DEFAULT_HOME yes
#
NONEXISTENT /nonexistent
@@ -447,7 +450,7 @@ index 33622c2..f44f381 100644
#
# If defined, this command is run when removing a user.
# It should remove any at/cron/print jobs etc. owned by
@@ -415,59 +193,11 @@ ENVIRON_FILE /etc/environment
@@ -415,59 +182,11 @@ ENVIRON_FILE /etc/environment
#USERDEL_CMD /usr/sbin/userdel_local
#
@@ -0,0 +1,25 @@
From: Chris Hofstaedtler <zeha@debian.org>
Date: Tue, 6 Aug 2024 00:16:59 +0200
Subject: Define LOGIN_NAME_MAX on HURD
---
lib/chkname.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/lib/chkname.c b/lib/chkname.c
index 9954410..751fdf0 100644
--- a/lib/chkname.c
+++ b/lib/chkname.c
@@ -26,6 +26,12 @@
#include <stddef.h>
#include <unistd.h>
+#ifdef __GNU__
+#ifndef LOGIN_NAME_MAX
+#define LOGIN_NAME_MAX 256
+#endif
+#endif
+
#include "defines.h"
#include "chkname.h"
@@ -1,106 +0,0 @@
From: Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>
Date: Sat, 22 Jun 2024 17:39:41 +0200
Subject: Let pam_unix handle login failure delays
Fixes: #87648
Status wrt upstream: Forwarded but not applied yet
Note: If removed, FAIL_DELAY must be re-added to /etc/login.defs
---
lib/getdef.c | 1 -
src/login.c | 19 +++++--------------
2 files changed, 5 insertions(+), 15 deletions(-)
diff --git a/lib/getdef.c b/lib/getdef.c
index 30f54ba..21307bb 100644
--- a/lib/getdef.c
+++ b/lib/getdef.c
@@ -84,7 +84,6 @@ static struct itemdef def_table[] = {
{"ENV_PATH", NULL},
{"ENV_SUPATH", NULL},
{"ERASECHAR", NULL},
- {"FAIL_DELAY", NULL},
{"FAKE_SHELL", NULL},
{"GID_MAX", NULL},
{"GID_MIN", NULL},
diff --git a/src/login.c b/src/login.c
index 3a30298..4428907 100644
--- a/src/login.c
+++ b/src/login.c
@@ -458,7 +458,6 @@ int main (int argc, char **argv)
const char *tmptty;
const char *cp;
const char *tmp;
- unsigned int delay;
unsigned int retries;
unsigned int timeout;
struct passwd *pwd = NULL;
@@ -468,6 +467,7 @@ int main (int argc, char **argv)
char *pam_user = NULL;
pid_t child;
#else
+ unsigned int delay;
bool is_console;
struct spwd *spwd = NULL;
# if defined(ENABLE_LASTLOG)
@@ -610,7 +610,6 @@ int main (int argc, char **argv)
}
environ = newenvp; /* make new environment active */
- delay = getdef_unum ("FAIL_DELAY", 1);
retries = getdef_unum ("LOGIN_RETRIES", RETRIES);
#ifdef USE_PAM
@@ -626,8 +625,7 @@ int main (int argc, char **argv)
/*
* hostname & tty are either set to NULL or their correct values,
- * depending on how much we know. We also set PAM's fail delay to
- * ours.
+ * depending on how much we know.
*
* PAM_RHOST and PAM_TTY are used for authentication, only use
* information coming from login or from the caller (e.g. no utmp)
@@ -636,10 +634,6 @@ int main (int argc, char **argv)
PAM_FAIL_CHECK;
retcode = pam_set_item (pamh, PAM_TTY, tty);
PAM_FAIL_CHECK;
-#ifdef HAS_PAM_FAIL_DELAY
- retcode = pam_fail_delay (pamh, 1000000 * delay);
- PAM_FAIL_CHECK;
-#endif
/* if fflg, then the user has already been authenticated */
if (!fflg) {
char hostn[256];
@@ -677,12 +671,6 @@ int main (int argc, char **argv)
bool failed = false;
failcount++;
-#ifdef HAS_PAM_FAIL_DELAY
- if (delay > 0) {
- retcode = pam_fail_delay(pamh, 1000000*delay);
- PAM_FAIL_CHECK;
- }
-#endif
retcode = pam_authenticate (pamh, 0);
@@ -973,14 +961,17 @@ int main (int argc, char **argv)
free (username);
username = NULL;
+#ifndef USE_PAM
/*
* Wait a while (a la SVR4 /usr/bin/login) before attempting
* to login the user again. If the earlier alarm occurs
* before the sleep() below completes, login will exit.
*/
+ delay = getdef_unum ("FAIL_DELAY", 1);
if (delay > 0) {
(void) sleep (delay);
}
+#endif
(void) puts (_("Login incorrect"));
@@ -0,0 +1,537 @@
From: Chris Hofstaedtler <zeha@debian.org>
Date: Tue, 6 Aug 2024 00:27:13 +0200
Subject: Stop building programs we do not install
---
man/Makefile.am | 19 -------------------
man/cs/Makefile.am | 5 -----
man/da/Makefile.am | 4 ----
man/de/Makefile.am | 9 ---------
man/fr/Makefile.am | 10 ----------
man/it/Makefile.am | 10 ----------
man/ja/Makefile.am | 8 --------
man/ko/Makefile.am | 2 --
man/pl/Makefile.am | 5 -----
man/ru/Makefile.am | 8 --------
man/sv/Makefile.am | 7 -------
man/tr/Makefile.am | 2 --
man/uk/Makefile.am | 10 ----------
man/zh_CN/Makefile.am | 9 ---------
man/zh_TW/Makefile.am | 2 --
src/Makefile.am | 7 +++----
16 files changed, 3 insertions(+), 114 deletions(-)
diff --git a/man/Makefile.am b/man/Makefile.am
index dab98f4..2beb0e4 100644
--- a/man/Makefile.am
+++ b/man/Makefile.am
@@ -13,35 +13,26 @@ man_MANS = \
man8/chpasswd.8 \
man1/chsh.1 \
man1/expiry.1 \
- man5/faillog.5 \
- man8/faillog.8 \
man3/getspnam.3 \
man1/gpasswd.1 \
man8/groupadd.8 \
man8/groupdel.8 \
man8/groupmems.8 \
man8/groupmod.8 \
- man1/groups.1 \
man8/grpck.8 \
man8/grpconv.8 \
man8/grpunconv.8 \
man5/gshadow.5 \
- man1/login.1 \
man5/login.defs.5 \
- man8/logoutd.8 \
- man1/newgrp.1 \
man8/newusers.8 \
- man8/nologin.8 \
man1/passwd.1 \
man5/passwd.5 \
man8/pwck.8 \
man8/pwconv.8 \
man8/pwunconv.8 \
man8/shadowconfig.8 \
- man1/sg.1 \
man3/shadow.3 \
man5/shadow.5 \
- man5/suauth.5 \
man8/useradd.8 \
man8/userdel.8 \
man8/usermod.8 \
@@ -83,27 +74,20 @@ man_XMANS = \
chpasswd.8.xml \
chsh.1.xml \
expiry.1.xml \
- faillog.5.xml \
- faillog.8.xml \
getsubids.1.xml \
gpasswd.1.xml \
groupadd.8.xml \
groupdel.8.xml \
groupmems.8.xml \
groupmod.8.xml \
- groups.1.xml \
grpck.8.xml \
gshadow.5.xml \
limits.5.xml \
- login.1.xml \
login.access.5.xml \
login.defs.5.xml \
- logoutd.8.xml \
newgidmap.1.xml \
- newgrp.1.xml \
newuidmap.1.xml \
newusers.8.xml \
- nologin.8.xml \
passwd.1.xml \
passwd.5.xml \
porttime.5.xml \
@@ -112,9 +96,6 @@ man_XMANS = \
shadowconfig.8.xml \
shadow.3.xml \
shadow.5.xml \
- sg.1.xml \
- su.1.xml \
- suauth.5.xml \
subgid.5.xml \
subuid.5.xml \
useradd.8.xml \
diff --git a/man/cs/Makefile.am b/man/cs/Makefile.am
index 84407d7..42638c4 100644
--- a/man/cs/Makefile.am
+++ b/man/cs/Makefile.am
@@ -3,19 +3,14 @@ mandir = @mandir@/cs
man_MANS = \
man1/expiry.1 \
- man5/faillog.5 \
- man8/faillog.8 \
man1/gpasswd.1 \
man8/groupadd.8 \
man8/groupdel.8 \
man8/groupmod.8 \
- man1/groups.1 \
man8/grpck.8 \
man5/gshadow.5 \
- man8/nologin.8 \
man5/passwd.5 \
man5/shadow.5 \
- man1/su.1 \
man8/vipw.8
if ENABLE_LASTLOG
diff --git a/man/da/Makefile.am b/man/da/Makefile.am
index a3b0922..f8e957d 100644
--- a/man/da/Makefile.am
+++ b/man/da/Makefile.am
@@ -5,12 +5,8 @@ mandir = @mandir@/da
man_MANS = \
man1/chfn.1 \
man8/groupdel.8 \
- man1/groups.1 \
man5/gshadow.5 \
- man8/logoutd.8 \
man1/newgrp.1 \
- man8/nologin.8 \
- man1/sg.1 \
man8/vigr.8 \
man8/vipw.8
diff --git a/man/de/Makefile.am b/man/de/Makefile.am
index 671432d..777e5bf 100644
--- a/man/de/Makefile.am
+++ b/man/de/Makefile.am
@@ -8,8 +8,6 @@ man_MANS = \
man8/chpasswd.8 \
man1/chsh.1 \
man1/expiry.1 \
- man5/faillog.5 \
- man8/faillog.8 \
man3/getspnam.3 \
man1/gpasswd.1 \
man8/groupadd.8 \
@@ -21,22 +19,15 @@ man_MANS = \
man8/grpconv.8 \
man8/grpunconv.8 \
man5/gshadow.5 \
- man1/login.1 \
man5/login.defs.5 \
- man8/logoutd.8 \
- man1/newgrp.1 \
man8/newusers.8 \
- man8/nologin.8 \
man1/passwd.1 \
man5/passwd.5 \
man8/pwck.8 \
man8/pwconv.8 \
man8/pwunconv.8 \
- man1/sg.1 \
man3/shadow.3 \
man5/shadow.5 \
- man1/su.1 \
- man5/suauth.5 \
man8/useradd.8 \
man8/userdel.8 \
man8/usermod.8 \
diff --git a/man/fr/Makefile.am b/man/fr/Makefile.am
index 78aee9a..b454b94 100644
--- a/man/fr/Makefile.am
+++ b/man/fr/Makefile.am
@@ -8,36 +8,26 @@ man_MANS = \
man8/chpasswd.8 \
man1/chsh.1 \
man1/expiry.1 \
- man5/faillog.5 \
- man8/faillog.8 \
man3/getspnam.3 \
man1/gpasswd.1 \
man8/groupadd.8 \
man8/groupdel.8 \
man8/groupmems.8 \
man8/groupmod.8 \
- man1/groups.1 \
man8/grpck.8 \
man8/grpconv.8 \
man8/grpunconv.8 \
man5/gshadow.5 \
- man1/login.1 \
man5/login.defs.5 \
- man8/logoutd.8 \
- man1/newgrp.1 \
man8/newusers.8 \
- man8/nologin.8 \
man1/passwd.1 \
man5/passwd.5 \
man8/pwck.8 \
man8/pwconv.8 \
man8/pwunconv.8 \
man8/shadowconfig.8 \
- man1/sg.1 \
man3/shadow.3 \
man5/shadow.5 \
- man1/su.1 \
- man5/suauth.5 \
man8/useradd.8 \
man8/userdel.8 \
man8/usermod.8 \
diff --git a/man/it/Makefile.am b/man/it/Makefile.am
index b76187f..cf220b7 100644
--- a/man/it/Makefile.am
+++ b/man/it/Makefile.am
@@ -8,35 +8,25 @@ man_MANS = \
man8/chpasswd.8 \
man1/chsh.1 \
man1/expiry.1 \
- man5/faillog.5 \
- man8/faillog.8 \
man3/getspnam.3 \
man1/gpasswd.1 \
man8/groupadd.8 \
man8/groupdel.8 \
man8/groupmems.8 \
man8/groupmod.8 \
- man1/groups.1 \
man8/grpck.8 \
man8/grpconv.8 \
man8/grpunconv.8 \
man5/gshadow.5 \
- man1/login.1 \
man5/login.defs.5 \
- man8/logoutd.8 \
- man1/newgrp.1 \
man8/newusers.8 \
- man8/nologin.8 \
man1/passwd.1 \
man5/passwd.5 \
man8/pwck.8 \
man8/pwconv.8 \
man8/pwunconv.8 \
- man1/sg.1 \
man3/shadow.3 \
man5/shadow.5 \
- man1/su.1 \
- man5/suauth.5 \
man8/useradd.8 \
man8/userdel.8 \
man8/usermod.8 \
diff --git a/man/ja/Makefile.am b/man/ja/Makefile.am
index c72097f..374adee 100644
--- a/man/ja/Makefile.am
+++ b/man/ja/Makefile.am
@@ -7,8 +7,6 @@ man_MANS = \
man8/chpasswd.8 \
man1/chsh.1 \
man1/expiry.1 \
- man5/faillog.5 \
- man8/faillog.8 \
man1/gpasswd.1 \
man8/groupadd.8 \
man8/groupdel.8 \
@@ -17,10 +15,7 @@ man_MANS = \
man8/grpck.8 \
man8/grpconv.8 \
man8/grpunconv.8 \
- man1/login.1 \
man5/login.defs.5 \
- man8/logoutd.8 \
- man1/newgrp.1 \
man8/newusers.8 \
man1/passwd.1 \
man5/passwd.5 \
@@ -28,10 +23,7 @@ man_MANS = \
man8/pwconv.8 \
man8/pwunconv.8 \
man8/shadowconfig.8 \
- man1/sg.1 \
man5/shadow.5 \
- man1/su.1 \
- man5/suauth.5 \
man8/useradd.8 \
man8/userdel.8 \
man8/usermod.8 \
diff --git a/man/ko/Makefile.am b/man/ko/Makefile.am
index c269f0b..6d15190 100644
--- a/man/ko/Makefile.am
+++ b/man/ko/Makefile.am
@@ -5,9 +5,7 @@ man_MANS = \
man1/chfn.1 \
man1/chsh.1 \
man1/groups.1 \
- man1/login.1 \
man5/passwd.5 \
- man1/su.1 \
man8/vigr.8 \
man8/vipw.8
# newgrp.1 must be updated
diff --git a/man/pl/Makefile.am b/man/pl/Makefile.am
index aa79af2..df11bf6 100644
--- a/man/pl/Makefile.am
+++ b/man/pl/Makefile.am
@@ -6,8 +6,6 @@ man_MANS = \
man1/chage.1 \
man1/chsh.1 \
man1/expiry.1 \
- man5/faillog.5 \
- man8/faillog.8 \
man3/getspnam.3 \
man8/groupadd.8 \
man8/groupdel.8 \
@@ -15,9 +13,6 @@ man_MANS = \
man8/groupmod.8 \
man1/groups.1 \
man8/grpck.8 \
- man8/logoutd.8 \
- man1/newgrp.1 \
- man1/sg.1 \
man8/shadowconfig.8 \
man3/shadow.3 \
man8/userdel.8 \
diff --git a/man/ru/Makefile.am b/man/ru/Makefile.am
index 84d55d9..42c58b9 100644
--- a/man/ru/Makefile.am
+++ b/man/ru/Makefile.am
@@ -8,8 +8,6 @@ man_MANS = \
man8/chpasswd.8 \
man1/chsh.1 \
man1/expiry.1 \
- man5/faillog.5 \
- man8/faillog.8 \
man3/getspnam.3 \
man1/gpasswd.1 \
man8/groupadd.8 \
@@ -21,10 +19,7 @@ man_MANS = \
man8/grpconv.8 \
man8/grpunconv.8 \
man5/gshadow.5 \
- man1/login.1 \
man5/login.defs.5 \
- man8/logoutd.8 \
- man1/newgrp.1 \
man8/newusers.8 \
man8/nologin.8 \
man1/passwd.1 \
@@ -32,11 +27,8 @@ man_MANS = \
man8/pwck.8 \
man8/pwconv.8 \
man8/pwunconv.8 \
- man1/sg.1 \
man3/shadow.3 \
man5/shadow.5 \
- man1/su.1 \
- man5/suauth.5 \
man8/useradd.8 \
man8/userdel.8 \
man8/usermod.8 \
diff --git a/man/sv/Makefile.am b/man/sv/Makefile.am
index 70329ed..5ae9272 100644
--- a/man/sv/Makefile.am
+++ b/man/sv/Makefile.am
@@ -5,8 +5,6 @@ man_MANS = \
man1/chage.1 \
man1/chsh.1 \
man1/expiry.1 \
- man5/faillog.5 \
- man8/faillog.8 \
man3/getspnam.3 \
man8/groupadd.8 \
man8/groupdel.8 \
@@ -15,15 +13,10 @@ man_MANS = \
man1/groups.1 \
man8/grpck.8 \
man5/gshadow.5 \
- man8/logoutd.8 \
- man1/newgrp.1 \
- man8/nologin.8 \
man1/passwd.1 \
man5/passwd.5 \
man8/pwck.8 \
- man1/sg.1 \
man3/shadow.3 \
- man5/suauth.5 \
man8/userdel.8 \
man8/vigr.8 \
man8/vipw.8
diff --git a/man/tr/Makefile.am b/man/tr/Makefile.am
index 8d8b916..8b2aa2d 100644
--- a/man/tr/Makefile.am
+++ b/man/tr/Makefile.am
@@ -6,11 +6,9 @@ man_MANS = \
man8/groupadd.8 \
man8/groupdel.8 \
man8/groupmod.8 \
- man1/login.1 \
man1/passwd.1 \
man5/passwd.5 \
man5/shadow.5 \
- man1/su.1 \
man8/useradd.8 \
man8/userdel.8 \
man8/usermod.8
diff --git a/man/uk/Makefile.am b/man/uk/Makefile.am
index 3fb5ffb..e5ae706 100644
--- a/man/uk/Makefile.am
+++ b/man/uk/Makefile.am
@@ -8,35 +8,25 @@ man_MANS = \
man8/chpasswd.8 \
man1/chsh.1 \
man1/expiry.1 \
- man5/faillog.5 \
- man8/faillog.8 \
man3/getspnam.3 \
man1/gpasswd.1 \
man8/groupadd.8 \
man8/groupdel.8 \
man8/groupmems.8 \
man8/groupmod.8 \
- man1/groups.1 \
man8/grpck.8 \
man8/grpconv.8 \
man8/grpunconv.8 \
man5/gshadow.5 \
- man1/login.1 \
man5/login.defs.5 \
- man8/logoutd.8 \
- man1/newgrp.1 \
man8/newusers.8 \
- man8/nologin.8 \
man1/passwd.1 \
man5/passwd.5 \
man8/pwck.8 \
man8/pwconv.8 \
man8/pwunconv.8 \
- man1/sg.1 \
man3/shadow.3 \
man5/shadow.5 \
- man1/su.1 \
- man5/suauth.5 \
man8/useradd.8 \
man8/userdel.8 \
man8/usermod.8 \
diff --git a/man/zh_CN/Makefile.am b/man/zh_CN/Makefile.am
index a8b93a5..96230e4 100644
--- a/man/zh_CN/Makefile.am
+++ b/man/zh_CN/Makefile.am
@@ -8,8 +8,6 @@ man_MANS = \
man8/chpasswd.8 \
man1/chsh.1 \
man1/expiry.1 \
- man5/faillog.5 \
- man8/faillog.8 \
man3/getspnam.3 \
man1/gpasswd.1 \
man8/groupadd.8 \
@@ -21,22 +19,15 @@ man_MANS = \
man8/grpconv.8 \
man8/grpunconv.8 \
man5/gshadow.5 \
- man1/login.1 \
man5/login.defs.5 \
- man8/logoutd.8 \
- man1/newgrp.1 \
man8/newusers.8 \
- man8/nologin.8 \
man1/passwd.1 \
man5/passwd.5 \
man8/pwck.8 \
man8/pwconv.8 \
man8/pwunconv.8 \
- man1/sg.1 \
man3/shadow.3 \
man5/shadow.5 \
- man1/su.1 \
- man5/suauth.5 \
man8/useradd.8 \
man8/userdel.8 \
man8/usermod.8 \
diff --git a/man/zh_TW/Makefile.am b/man/zh_TW/Makefile.am
index c36ed2c..6fb6a15 100644
--- a/man/zh_TW/Makefile.am
+++ b/man/zh_TW/Makefile.am
@@ -5,12 +5,10 @@ man_MANS = \
man1/chfn.1 \
man1/chsh.1 \
man8/chpasswd.8 \
- man1/newgrp.1 \
man8/groupadd.8 \
man8/groupdel.8 \
man8/groupmod.8 \
man5/passwd.5 \
- man1/su.1 \
man8/useradd.8 \
man8/userdel.8 \
man8/usermod.8
diff --git a/src/Makefile.am b/src/Makefile.am
index b6cb09e..f517d1e 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -26,8 +26,8 @@ AM_CFLAGS = $(LIBBSD_CFLAGS)
# and installation would be much simpler (just two directories,
# $prefix/bin and $prefix/sbin, no install-data hacks...)
-bin_PROGRAMS = groups login
-sbin_PROGRAMS = nologin
+bin_PROGRAMS =
+sbin_PROGRAMS =
ubin_PROGRAMS = faillog chage chfn chsh expiry gpasswd newgrp passwd
if ENABLE_SUBIDS
ubin_PROGRAMS += newgidmap newuidmap
@@ -48,7 +48,6 @@ usbin_PROGRAMS = \
grpck \
grpconv \
grpunconv \
- logoutd \
newusers \
pwck \
pwconv \
@@ -59,7 +58,7 @@ usbin_PROGRAMS = \
vipw
# id and groups are from gnu, sulogin from sysvinit
-noinst_PROGRAMS = id sulogin
+noinst_PROGRAMS =
suidusbins =
suidbins =
-287
View File
@@ -1,287 +0,0 @@
From: Nicolas FRANCOIS <nicolas.francois@centraliens.net>
Date: Sat, 22 Jun 2024 17:39:41 +0200
Subject: cppw: Add tool
---
po/POTFILES.in | 1 +
src/Makefile.am | 2 +
src/cppw.c | 238 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 241 insertions(+)
create mode 100644 src/cppw.c
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 6d2c052..1c7ffe3 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -85,6 +85,7 @@ src/chfn.c
src/chgpasswd.c
src/chpasswd.c
src/chsh.c
+src/cppw.c
src/expiry.c
src/faillog.c
src/gpasswd.c
diff --git a/src/Makefile.am b/src/Makefile.am
index b6cb09e..c86ba52 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -39,6 +39,7 @@ if WITH_SU
bin_PROGRAMS += su
endif
usbin_PROGRAMS = \
+ cppw \
chgpasswd \
chpasswd \
groupadd \
@@ -104,6 +105,7 @@ newuidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) $(LIBECONF) -l
newgidmap_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCAP) $(LIBECONF) -ldl
chfn_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF)
+cppw_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX)
chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF) -ldl
expiry_LDADD = $(LDADD) $(LIBECONF)
diff --git a/src/cppw.c b/src/cppw.c
new file mode 100644
index 0000000..beb4c36
--- /dev/null
+++ b/src/cppw.c
@@ -0,0 +1,238 @@
+/*
+ cppw, cpgr copy with locking given file over the password or group file
+ with -s will copy with locking given file over shadow or gshadow file
+
+ Copyright (C) 1999 Stephen Frost <sfrost@snowman.net>
+
+ Based on vipw, vigr by:
+ Copyright (C) 1997 Guy Maor <maor@ece.utexas.edu>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+ */
+
+#include <config.h>
+#include "defines.h"
+
+#include <errno.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <signal.h>
+#include <utime.h>
+#include "exitcodes.h"
+#include "prototypes.h"
+#include "pwio.h"
+#include "shadowio.h"
+#include "groupio.h"
+#include "sgroupio.h"
+
+
+const char *Prog;
+
+const char *filename, *filenewname;
+static bool filelocked = false;
+static int (*unlock) (void);
+
+/* local function prototypes */
+static int create_copy (FILE *fp, const char *dest, struct stat *sb);
+static void cppwexit (const char *msg, int syserr, int ret);
+static void cppwcopy (const char *file,
+ const char *in_file,
+ int (*file_lock) (void),
+ int (*file_unlock) (void));
+
+static int create_copy (FILE *fp, const char *dest, struct stat *sb)
+{
+ struct utimbuf ub;
+ FILE *bkfp;
+ int c;
+ mode_t mask;
+
+ mask = umask (077);
+ bkfp = fopen (dest, "w");
+ (void) umask (mask);
+ if (NULL == bkfp) {
+ return -1;
+ }
+
+ rewind (fp);
+ while ((c = getc (fp)) != EOF) {
+ if (putc (c, bkfp) == EOF) {
+ break;
+ }
+ }
+
+ if ( (c != EOF)
+ || (fflush (bkfp) != 0)) {
+ (void) fclose (bkfp);
+ (void) unlink (dest);
+ return -1;
+ }
+ if ( (fsync (fileno (bkfp)) != 0)
+ || (fclose (bkfp) != 0)) {
+ (void) unlink (dest);
+ return -1;
+ }
+
+ ub.actime = sb->st_atime;
+ ub.modtime = sb->st_mtime;
+ if ( (utime (dest, &ub) != 0)
+ || (chmod (dest, sb->st_mode) != 0)
+ || (chown (dest, sb->st_uid, sb->st_gid) != 0)) {
+ (void) unlink (dest);
+ return -1;
+ }
+ return 0;
+}
+
+static void cppwexit (const char *msg, int syserr, int ret)
+{
+ int err = errno;
+ if (filelocked) {
+ (*unlock) ();
+ }
+ if (NULL != msg) {
+ fprintf (stderr, "%s: %s", Prog, msg);
+ if (0 != syserr) {
+ fprintf (stderr, ": %s", strerror (err));
+ }
+ (void) fputs ("\n", stderr);
+ }
+ if (NULL != filename) {
+ fprintf (stderr, _("%s: %s is unchanged\n"), Prog, filename);
+ } else {
+ fprintf (stderr, _("%s: no changes\n"), Prog);
+ }
+
+ exit (ret);
+}
+
+static void cppwcopy (const char *file,
+ const char *in_file,
+ int (*file_lock) (void),
+ int (*file_unlock) (void))
+{
+ struct stat st1;
+ FILE *f;
+ char filenew[1024];
+
+ snprintf (filenew, sizeof filenew, "%s.new", file);
+ unlock = file_unlock;
+ filename = file;
+ filenewname = filenew;
+
+ if (access (file, F_OK) != 0) {
+ cppwexit (file, 1, 1);
+ }
+ if (file_lock () == 0) {
+ cppwexit (_("Couldn't lock file"), 0, 5);
+ }
+ filelocked = true;
+
+ /* file to copy has same owners, perm */
+ if (stat (file, &st1) != 0) {
+ cppwexit (file, 1, 1);
+ }
+ f = fopen (in_file, "r");
+ if (NULL == f) {
+ cppwexit (in_file, 1, 1);
+ }
+ if (create_copy (f, filenew, &st1) != 0) {
+ cppwexit (_("Couldn't make copy"), errno, 1);
+ }
+
+ /* XXX - here we should check filenew for errors; if there are any,
+ * fail w/ an appropriate error code and let the user manually fix
+ * it. Use pwck or grpck to do the check. - Stephen (Shamelessly
+ * stolen from '--marekm's comment) */
+
+ if (rename (filenew, file) != 0) {
+ fprintf (stderr, _("%s: can't copy %s: %s)\n"),
+ Prog, filenew, strerror (errno));
+ cppwexit (NULL,0,1);
+ }
+
+ (*file_unlock) ();
+}
+
+int main (int argc, char **argv)
+{
+ int flag;
+ bool cpshadow = false;
+ char *in_file;
+ int e = E_USAGE;
+ bool do_cppw = true;
+
+ (void) setlocale (LC_ALL, "");
+ (void) bindtextdomain (PACKAGE, LOCALEDIR);
+ (void) textdomain (PACKAGE);
+
+ Prog = Basename (argv[0]);
+ if (strcmp (Prog, "cpgr") == 0) {
+ do_cppw = false;
+ }
+
+ while ((flag = getopt (argc, argv, "ghps")) != EOF) {
+ switch (flag) {
+ case 'p':
+ do_cppw = true;
+ break;
+ case 'g':
+ do_cppw = false;
+ break;
+ case 's':
+ cpshadow = true;
+ break;
+ case 'h':
+ e = E_SUCCESS;
+ /*pass through*/
+ default:
+ (void) fputs (_("Usage:\n\
+`cppw <file>' copys over /etc/passwd `cppw -s <file>' copys over /etc/shadow\n\
+`cpgr <file>' copys over /etc/group `cpgr -s <file>' copys over /etc/gshadow\n\
+"), (E_SUCCESS != e) ? stderr : stdout);
+ exit (e);
+ }
+ }
+
+ if (argc != optind + 1) {
+ cppwexit (_("wrong number of arguments, -h for usage"),0,1);
+ }
+
+ in_file = argv[optind];
+
+ if (do_cppw) {
+ if (cpshadow) {
+ cppwcopy (SHADOW_FILE, in_file, spw_lock, spw_unlock);
+ } else {
+ cppwcopy (PASSWD_FILE, in_file, pw_lock, pw_unlock);
+ }
+ } else {
+#ifdef SHADOWGRP
+ if (cpshadow) {
+ cppwcopy (SGROUP_FILE, in_file, sgr_lock, sgr_unlock);
+ } else
+#endif /* SHADOWGRP */
+ {
+ cppwcopy (GROUP_FILE, in_file, gr_lock, gr_unlock);
+ }
+ }
+
+ return 0;
+}
+
-63
View File
@@ -1,63 +0,0 @@
From: Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>
Date: Sat, 22 Jun 2024 17:39:41 +0200
Subject: cppw: add selinux support
Status wrt upstream: cppw is not available upstream.
Needs to be reviewed by an SE-Linux aware person.
---
src/cppw.c | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff --git a/src/cppw.c b/src/cppw.c
index beb4c36..2cbbbc0 100644
--- a/src/cppw.c
+++ b/src/cppw.c
@@ -34,6 +34,9 @@
#include <sys/types.h>
#include <signal.h>
#include <utime.h>
+#ifdef WITH_SELINUX
+#include <selinux/selinux.h>
+#endif /* WITH_SELINUX */
#include "exitcodes.h"
#include "prototypes.h"
#include "pwio.h"
@@ -139,6 +142,22 @@ static void cppwcopy (const char *file,
if (access (file, F_OK) != 0) {
cppwexit (file, 1, 1);
}
+#ifdef WITH_SELINUX
+ /* if SE Linux is enabled then set the context of all new files
+ * to be the context of the file we are editing */
+ if (is_selinux_enabled () > 0) {
+ security_context_t passwd_context=NULL;
+ int ret = 0;
+ if (getfilecon (file, &passwd_context) < 0) {
+ cppwexit (_("Couldn't get file context"), errno, 1);
+ }
+ ret = setfscreatecon (passwd_context);
+ freecon (passwd_context);
+ if (0 != ret) {
+ cppwexit (_("setfscreatecon () failed"), errno, 1);
+ }
+ }
+#endif /* WITH_SELINUX */
if (file_lock () == 0) {
cppwexit (_("Couldn't lock file"), 0, 5);
}
@@ -167,6 +186,15 @@ static void cppwcopy (const char *file,
cppwexit (NULL,0,1);
}
+#ifdef WITH_SELINUX
+ /* unset the fscreatecon */
+ if (is_selinux_enabled () > 0) {
+ if (setfscreatecon (NULL)) {
+ cppwexit (_("setfscreatecon() failed"), errno, 1);
+ }
+ }
+#endif /* WITH_SELINUX */
+
(*file_unlock) ();
}
@@ -3,13 +3,13 @@ Date: Sat, 6 Jul 2024 23:35:51 +0200
Subject: tests/libsubid/04_nss: fix setting basedir
---
tests/libsubid/04_nss/Makefile | 4 ++--
tests/tests/libsubid/04_nss/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Index: shadow/tests/tests/libsubid/04_nss/Makefile
===================================================================
--- shadow.orig/tests/tests/libsubid/04_nss/Makefile
+++ shadow/tests/tests/libsubid/04_nss/Makefile
diff --git a/tests/tests/libsubid/04_nss/Makefile b/tests/tests/libsubid/04_nss/Makefile
index 79c2fc9..bf2699f 100644
--- a/tests/tests/libsubid/04_nss/Makefile
+++ b/tests/tests/libsubid/04_nss/Makefile
@@ -1,7 +1,7 @@
all: test_nss libsubid_zzz.so
@@ -19,4 +19,4 @@ Index: shadow/tests/tests/libsubid/04_nss/Makefile
+basedir := $(BUILD_BASE_DIR)
test_nss: test_nss.c $(basedir)/lib/nss.c
gcc -c -I$(basedir)/lib/ -I$(basedir)-o test_nss.o test_nss.c
gcc -c -I$(basedir)/lib/ -I$(basedir) -o test_nss.o test_nss.c
+3 -3
View File
@@ -1,6 +1,3 @@
debian/cppw-Add-tool.patch
debian/cppw-add-selinux-support.patch
debian/Let-pam_unix-handle-login-failure-delays.patch
debian/Set-group-and-mode-for-g-shadow-files.patch
debian/Keep-using-Debian-adduser-defaults.patch
debian/Document-the-shadowconfig-utility.patch
@@ -10,3 +7,6 @@ upstream/tests-Support-run_some-from-exported-tarball.patch
debian/tests-disable-su.patch
debian/tests-libsubid-04_nss-fix-setting-basedir.patch
debian/Adapt-login.defs-for-Debian.patch
debian/Define-LOGIN_NAME_MAX-on-HURD.patch
debian/Stop-building-programs-we-do-not-install.patch
upstream/lib-user_busy.c-Include-utmpx.h.patch
@@ -0,0 +1,27 @@
From: Pino Toscano <toscano.pino@tiscali.it>
Date: Tue, 10 Sep 2024 14:36:49 +0200
Subject: [PATCH] lib/user_busy.c: Include <utmpx.h>
Since:
- utmpx APIs are used in non-Linux code blocks
- <utmpx.h> is already unconditionally included in Linux parts in other
files
then unconditionally include it in this file as well.
Signed-off-by: Pino Toscano <toscano.pino@tiscali.it>
---
lib/user_busy.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/user_busy.c b/lib/user_busy.c
index a622376..b559405 100644
--- a/lib/user_busy.c
+++ b/lib/user_busy.c
@@ -17,6 +17,7 @@
#include <dirent.h>
#include <fcntl.h>
#include <unistd.h>
+#include <utmpx.h>
#include "defines.h"
#include "prototypes.h"
#ifdef ENABLE_SUBIDS
@@ -80,7 +80,7 @@ index dd5acf7..79c2fc9 100644
+basedir := $(BASE_TEST_DIR)
+
+test_nss: test_nss.c $(basedir)/lib/nss.c
+ gcc -c -I$(basedir)/lib/ -I$(basedir)-o test_nss.o test_nss.c
+ gcc -c -I$(basedir)/lib/ -I$(basedir) -o test_nss.o test_nss.c
+ gcc -o test_nss test_nss.o $(basedir)/lib/.libs/libshadow.a -ldl
libsubid_zzz.so: libsubid_zzz.c
+2 -1
View File
@@ -4,6 +4,7 @@
# Enable PIE, BINDNOW, and possible future flags.
export DEB_BUILD_MAINT_OPTIONS = hardening=+all
DPKG_EXPORT_BUILDFLAGS = 1
include /usr/share/dpkg/architecture.mk
include /usr/share/dpkg/buildflags.mk
include /usr/share/debhelper/dh_package_notes/package-notes.mk
@@ -25,8 +26,8 @@ DEB_CONFIGURE_EXTRA_FLAGS := \
ifeq ($(DEB_HOST_ARCH_OS),linux)
DEB_CONFIGURE_EXTRA_FLAGS += --enable-logind
DEB_CONFIGURE_EXTRA_FLAGS += --with-audit
DEB_CONFIGURE_EXTRA_FLAGS += --with-btrfs
endif
ifneq ($(filter nodoc,$(DEB_BUILD_PROFILES)),)
+40
View File
@@ -0,0 +1,40 @@
---
include: https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml
extract-source:
extends: .provisioning-extract-source
variables:
RELEASE: 'unstable'
build:
extends: .build-package
test-build-any:
extends: .test-build-package-any
test-build-all:
extends: .test-build-package-all
lintian:
extends: .test-lintian
autopkgtest:
extends: .test-autopkgtest
blhc:
extends: .test-blhc
reprotest:
extends: .test-reprotest
variables:
SALSA_CI_ENABLE_BUILD_PACKAGE_PROFILES: 1
test-build-profiles:
extends: .test-build-package-profiles
parallel:
matrix:
- BUILD_PROFILES: nocheck
- BUILD_PROFILES: nodoc