Compare commits
11 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 03ab41b0a9 | |||
| da9ad99cc7 | |||
| 677d61be14 | |||
| 5afd832ec6 | |||
| a68ce238bd | |||
| 1c472beabb | |||
| 6eb4f265cf | |||
| 32a244b0ce | |||
| fea713992d | |||
| 94385da1c2 | |||
| a143aca1c9 |
Vendored
+7
-6
@@ -1,13 +1,14 @@
|
||||
Read this file first for a brief overview of the new versions of login
|
||||
and passwd.
|
||||
Read this file first for a brief overview of the current version
|
||||
of passwd.
|
||||
|
||||
|
||||
---Shadow passwords
|
||||
|
||||
The command `shadowconfig on' will turn on shadow password support.
|
||||
`shadowconfig off' will turn it back off. If you turn on shadow
|
||||
password support, you'll gain the ability to set password ages and
|
||||
expirations with chage(1).
|
||||
This is the default. Turning off shadow passwords is not supported
|
||||
anymore.
|
||||
Together with shadow passwords, you get the ability to set password ages
|
||||
and expirations with chage(1).
|
||||
|
||||
NOTE: If you use the nscd package, you may have problems with a
|
||||
slight delay in updating the password information. You may notice
|
||||
@@ -27,7 +28,7 @@ support. PAM documentation is available in several formats in the
|
||||
libpam-doc package.
|
||||
|
||||
|
||||
---MD5 Encryption
|
||||
---Encryption
|
||||
|
||||
This is enabled now using the /etc/pam.d/* files. Examples are given.
|
||||
|
||||
|
||||
Vendored
+28
@@ -1,3 +1,31 @@
|
||||
shadow (1:4.17.2-6) unstable; urgency=medium
|
||||
|
||||
* d/rules: ensure lib/getdate.c gets rebuilt
|
||||
* configure: always pick /usr/bin/passwd.
|
||||
Thanks to Jochen Sprickerhof <jspricke@debian.org>
|
||||
|
||||
-- Chris Hofstaedtler <zeha@debian.org> Mon, 24 Feb 2025 12:16:49 +0100
|
||||
|
||||
shadow (1:4.17.2-5) unstable; urgency=medium
|
||||
|
||||
* Warn about future --badname removal.
|
||||
Upstream PR 1158 plans to remove this flag, probably in the forky
|
||||
timeframe. Warn users now.
|
||||
* Import upstream patch to fix chfn (#1096187)
|
||||
* Add regression test for #1096187
|
||||
* Add regression test for #1095430
|
||||
* Remove "shadowconfig off"
|
||||
If needed please run pwunconv, grpunconv manually, but please understand
|
||||
you are on your own.
|
||||
|
||||
-- Chris Hofstaedtler <zeha@debian.org> Mon, 17 Feb 2025 19:54:09 +0100
|
||||
|
||||
shadow (1:4.17.2-4) unstable; urgency=medium
|
||||
|
||||
* Revert upstreams chfn.c strsep change (Closes: #1096187)
|
||||
|
||||
-- Chris Hofstaedtler <zeha@debian.org> Mon, 17 Feb 2025 12:28:56 +0100
|
||||
|
||||
shadow (1:4.17.2-3) unstable; urgency=medium
|
||||
|
||||
* Revert upstreams strtoday calculation "fix" (Closes: #1095430)
|
||||
|
||||
Vendored
-1
@@ -21,7 +21,6 @@ usr/share/man/*/man8/newusers.8
|
||||
usr/share/man/*/man8/pwck.8
|
||||
usr/share/man/*/man8/pwconv.8
|
||||
usr/share/man/*/man8/pwunconv.8
|
||||
usr/share/man/*/man8/shadowconfig.8
|
||||
usr/share/man/*/man8/useradd.8
|
||||
usr/share/man/*/man8/userdel.8
|
||||
usr/share/man/*/man8/usermod.8
|
||||
|
||||
@@ -0,0 +1,104 @@
|
||||
From: Chris Hofstaedtler <zeha@debian.org>
|
||||
Date: Mon, 17 Feb 2025 18:17:15 +0100
|
||||
Subject: Warn when --badname (and variants) are given
|
||||
|
||||
Upstream PR 1158 will remove them, probably in the forky timeframe.
|
||||
---
|
||||
src/newusers.c | 5 ++++-
|
||||
src/pwck.c | 5 ++++-
|
||||
src/useradd.c | 5 ++++-
|
||||
src/usermod.c | 5 ++++-
|
||||
4 files changed, 16 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/newusers.c b/src/newusers.c
|
||||
index 5e78dd9..964e668 100644
|
||||
--- a/src/newusers.c
|
||||
+++ b/src/newusers.c
|
||||
@@ -125,7 +125,7 @@ static void usage (int status)
|
||||
"\n"
|
||||
"Options:\n"),
|
||||
Prog);
|
||||
- (void) fputs (_(" -b, --badname allow bad names\n"), usageout);
|
||||
+ (void) fputs (_(" -b, --badname allow bad names (DEPRECATED)\n"), usageout);
|
||||
#ifndef USE_PAM
|
||||
(void) fprintf (usageout,
|
||||
_(" -c, --crypt-method METHOD the crypt method (one of %s)\n"),
|
||||
@@ -658,6 +658,9 @@ static void process_flags (int argc, char **argv)
|
||||
switch (c) {
|
||||
case 'b':
|
||||
allow_bad_names = true;
|
||||
+ fprintf (stderr,
|
||||
+ _("%s: WARNING: -b and --badname are deprecated and will be removed\n"),
|
||||
+ Prog);
|
||||
break;
|
||||
#ifndef USE_PAM
|
||||
case 'c':
|
||||
diff --git a/src/pwck.c b/src/pwck.c
|
||||
index ae7ddad..8805422 100644
|
||||
--- a/src/pwck.c
|
||||
+++ b/src/pwck.c
|
||||
@@ -133,7 +133,7 @@ usage (int status)
|
||||
"Options:\n"),
|
||||
Prog);
|
||||
}
|
||||
- (void) fputs (_(" -b, --badname allow bad names\n"), usageout);
|
||||
+ (void) fputs (_(" -b, --badname allow bad names (DEPRECATED)\n"), usageout);
|
||||
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
|
||||
(void) fputs (_(" -q, --quiet report errors only\n"), usageout);
|
||||
(void) fputs (_(" -r, --read-only display errors and warnings\n"
|
||||
@@ -175,6 +175,9 @@ static void process_flags (int argc, char **argv)
|
||||
switch (c) {
|
||||
case 'b':
|
||||
allow_bad_names = true;
|
||||
+ fprintf (stderr,
|
||||
+ _("%s: WARNING: --badname is deprecated and will be removed\n"),
|
||||
+ Prog);
|
||||
break;
|
||||
case 'h':
|
||||
usage (E_SUCCESS);
|
||||
diff --git a/src/useradd.c b/src/useradd.c
|
||||
index 92f8054..f5169b3 100644
|
||||
--- a/src/useradd.c
|
||||
+++ b/src/useradd.c
|
||||
@@ -894,7 +894,7 @@ static void usage (int status)
|
||||
"\n"
|
||||
"Options:\n"),
|
||||
Prog, Prog, Prog);
|
||||
- (void) fputs (_(" --badname do not check for bad names\n"), usageout);
|
||||
+ (void) fputs (_(" --badname do not check for bad names (DEPRECATED)\n"), usageout);
|
||||
(void) fputs (_(" -b, --base-dir BASE_DIR base directory for the home directory of the\n"
|
||||
" new account\n"), usageout);
|
||||
#ifdef WITH_BTRFS
|
||||
@@ -1240,6 +1240,9 @@ static void process_flags (int argc, char **argv)
|
||||
break;
|
||||
case 201:
|
||||
allow_bad_names = true;
|
||||
+ fprintf (stderr,
|
||||
+ _("%s: WARNING: --badname is deprecated and will be removed\n"),
|
||||
+ Prog);
|
||||
break;
|
||||
case 'c':
|
||||
if (!VALID (optarg)) {
|
||||
diff --git a/src/usermod.c b/src/usermod.c
|
||||
index 24c5a4d..a06f2dc 100644
|
||||
--- a/src/usermod.c
|
||||
+++ b/src/usermod.c
|
||||
@@ -383,7 +383,7 @@ usage (int status)
|
||||
(void) fputs (_(" -a, --append append the user to the supplemental GROUPS\n"
|
||||
" mentioned by the -G option without removing\n"
|
||||
" the user from other groups\n"), usageout);
|
||||
- (void) fputs (_(" -b, --badname allow bad names\n"), usageout);
|
||||
+ (void) fputs (_(" -b, --badname allow bad names (DEPRECATED)\n"), usageout);
|
||||
(void) fputs (_(" -c, --comment COMMENT new value of the GECOS field\n"), usageout);
|
||||
(void) fputs (_(" -d, --home HOME_DIR new home directory for the user account\n"), usageout);
|
||||
(void) fputs (_(" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"), usageout);
|
||||
@@ -1043,6 +1043,9 @@ process_flags(int argc, char **argv)
|
||||
break;
|
||||
case 'b':
|
||||
allow_bad_names = true;
|
||||
+ fprintf (stderr,
|
||||
+ _("%s: WARNING: -b, --badname and --badnames are deprecated and will be removed\n"),
|
||||
+ Prog);
|
||||
break;
|
||||
case 'c':
|
||||
if (!VALID (optarg)) {
|
||||
+11
-157
@@ -6,19 +6,10 @@ Status wrt upstream: The shadowconfig utility is Debian-specific.
|
||||
The man page is Debian-specific, but it used to be distributed by
|
||||
upstream.
|
||||
---
|
||||
man/Makefile.am | 1 +
|
||||
man/fr/Makefile.am | 1 +
|
||||
man/fr/man8/shadowconfig.8 | 26 ++++++++++++++++++++++++++
|
||||
man/ja/Makefile.am | 1 +
|
||||
man/ja/man8/shadowconfig.8 | 25 +++++++++++++++++++++++++
|
||||
man/man8/shadowconfig.8 | 39 +++++++++++++++++++++++++++++++++++++++
|
||||
man/pl/Makefile.am | 1 +
|
||||
man/pl/man8/shadowconfig.8 | 27 +++++++++++++++++++++++++++
|
||||
8 files changed, 121 insertions(+)
|
||||
create mode 100644 man/fr/man8/shadowconfig.8
|
||||
create mode 100644 man/ja/man8/shadowconfig.8
|
||||
man/Makefile.am | 1 +
|
||||
man/man8/shadowconfig.8 | 34 ++++++++++++++++++++++++++++++++++
|
||||
2 files changed, 35 insertions(+)
|
||||
create mode 100644 man/man8/shadowconfig.8
|
||||
create mode 100644 man/pl/man8/shadowconfig.8
|
||||
|
||||
diff --git a/man/Makefile.am b/man/Makefile.am
|
||||
index 1405509..0e88fea 100644
|
||||
@@ -32,116 +23,25 @@ index 1405509..0e88fea 100644
|
||||
man1/sg.1 \
|
||||
man3/shadow.3 \
|
||||
man5/shadow.5 \
|
||||
diff --git a/man/fr/Makefile.am b/man/fr/Makefile.am
|
||||
index 2365e23..e175a15 100644
|
||||
--- a/man/fr/Makefile.am
|
||||
+++ b/man/fr/Makefile.am
|
||||
@@ -31,6 +31,7 @@ man_MANS = \
|
||||
man8/pwck.8 \
|
||||
man8/pwconv.8 \
|
||||
man8/pwunconv.8 \
|
||||
+ man8/shadowconfig.8 \
|
||||
man1/sg.1 \
|
||||
man3/shadow.3 \
|
||||
man5/shadow.5 \
|
||||
diff --git a/man/fr/man8/shadowconfig.8 b/man/fr/man8/shadowconfig.8
|
||||
new file mode 100644
|
||||
index 0000000..784da70
|
||||
--- /dev/null
|
||||
+++ b/man/fr/man8/shadowconfig.8
|
||||
@@ -0,0 +1,26 @@
|
||||
+.\" This file was generated with po4a. Translate the source file.
|
||||
+.\"
|
||||
+.\"$Id: shadowconfig.8,v 1.4 2001/08/23 23:10:48 kloczek Exp $
|
||||
+.TH SHADOWCONFIG 8 "19 avril 1997" "Debian GNU/Linux"
|
||||
+.SH NOM
|
||||
+shadowconfig \- active ou désactive les mots de passe cachés
|
||||
+.SH SYNOPSIS
|
||||
+\fBshadowconfig\fP \fIon\fP | \fIoff\fP
|
||||
+.SH DESCRIPTION
|
||||
+.PP
|
||||
+\fBshadowconfig on\fP active les mots de passe cachés («\ shadow passwords\ »)\ ; \fBshadowconfig off\fP les désactive. \fBShadowconfig\fP affiche un message
|
||||
+d'erreur et quitte avec une valeur de retour non nulle s'il rencontre
|
||||
+quelque chose d'inattendu. Dans ce cas, vous devrez corriger l'erreur avant
|
||||
+de recommencer.
|
||||
+
|
||||
+Activer les mots de passe cachés lorsqu'ils sont déjà activés, ou les
|
||||
+désactiver lorsqu'ils ne sont pas actifs est sans effet.
|
||||
+
|
||||
+Lisez \fI/usr/share/doc/passwd/README.Debian\fP pour une brève introduction aux
|
||||
+mots de passe cachés et à leurs fonctionnalités.
|
||||
+
|
||||
+Notez que désactiver puis réactiver les mots de passe cachés aura pour
|
||||
+conséquence la perte des informations d'âge sur les mots de passe.
|
||||
+.SH TRADUCTION
|
||||
+Nicolas FRANÇOIS, 2004.
|
||||
+Veuillez signaler toute erreur à <\fIdebian\-l10\-french@lists.debian.org\fR>.
|
||||
diff --git a/man/ja/Makefile.am b/man/ja/Makefile.am
|
||||
index b759726..b9f1df0 100644
|
||||
--- a/man/ja/Makefile.am
|
||||
+++ b/man/ja/Makefile.am
|
||||
@@ -26,6 +26,7 @@ man_MANS = \
|
||||
man8/pwck.8 \
|
||||
man8/pwconv.8 \
|
||||
man8/pwunconv.8 \
|
||||
+ man8/shadowconfig.8 \
|
||||
man1/sg.1 \
|
||||
man5/shadow.5 \
|
||||
man1/su.1 \
|
||||
diff --git a/man/ja/man8/shadowconfig.8 b/man/ja/man8/shadowconfig.8
|
||||
new file mode 100644
|
||||
index 0000000..a75c6f7
|
||||
--- /dev/null
|
||||
+++ b/man/ja/man8/shadowconfig.8
|
||||
@@ -0,0 +1,25 @@
|
||||
+.\" all right reserved,
|
||||
+.\" Translated Tue Oct 30 11:59:11 JST 2001
|
||||
+.\" by Maki KURODA <mkuroda@aisys-jp.com>
|
||||
+.\"
|
||||
+.TH SHADOWCONFIG 8 "19 Apr 1997" "Debian GNU/Linux"
|
||||
+.SH 名前
|
||||
+shadowconfig \- shadow パスワードの設定をオン及びオフに切替える
|
||||
+.SH 書式
|
||||
+.B "shadowconfig"
|
||||
+.IR on " | " off
|
||||
+.SH 説明
|
||||
+.PP
|
||||
+.B shadowconfig on
|
||||
+は shadow パスワードを有効にする。
|
||||
+.B shadowconfig off
|
||||
+は shadow パスワードを無効にする。
|
||||
+.B shadowconfig
|
||||
+は何らかの間違いがあると、エラーメッセージを表示し、
|
||||
+ゼロではない返り値を返す。
|
||||
+もしそのようなことが起こった場合、エラーを修正し、再度実行しなければならない。
|
||||
+shadow パスワードの設定がすでにオンの場合にオンに設定したり、
|
||||
+すでにオフの場合にオフに設定しても、何の影響もない。
|
||||
+
|
||||
+.I /usr/share/doc/passwd/README.debian.gz
|
||||
+には shadow パスワードとそれに関する特徴の簡単な紹介が書かれている。
|
||||
diff --git a/man/man8/shadowconfig.8 b/man/man8/shadowconfig.8
|
||||
new file mode 100644
|
||||
index 0000000..ec11fc6
|
||||
index 0000000..a463a92
|
||||
--- /dev/null
|
||||
+++ b/man/man8/shadowconfig.8
|
||||
@@ -0,0 +1,39 @@
|
||||
+.TH shadowconfig 8 2025-01-01 "Debian shadow-utils"
|
||||
@@ -0,0 +1,34 @@
|
||||
+.TH shadowconfig 8 2025-02-17 "Debian shadow-utils"
|
||||
+.SH Name
|
||||
+shadowconfig \- toggle shadow passwords on and off
|
||||
+shadowconfig \- turn shadow passwords on
|
||||
+.
|
||||
+.
|
||||
+.SH Synopsis
|
||||
+.SY shadowconfig
|
||||
+.BR on | off
|
||||
+.SY shadowconfig on
|
||||
+.YS
|
||||
+.
|
||||
+.
|
||||
+.SH Description
|
||||
+.I shadowconfig\ on
|
||||
+will turn shadow passwords on.
|
||||
+.P
|
||||
+.I shadowconfig\ off
|
||||
+will turn shadow passwords off.
|
||||
+.
|
||||
+.
|
||||
+.SH Errors
|
||||
@@ -150,62 +50,16 @@ index 0000000..ec11fc6
|
||||
+if it finds anything awry.
|
||||
+If that happens,
|
||||
+you should correct the error and run it again.
|
||||
+Turning shadow passwords on when they are already on,
|
||||
+or off when they are already off,
|
||||
+Turning shadow passwords on when they are already on
|
||||
+is harmless.
|
||||
+.
|
||||
+.
|
||||
+.SH Caveats
|
||||
+Turning shadow passwords off and on again
|
||||
+will lose all password aging information.
|
||||
+Turning shadow passwords off using shadowconfig
|
||||
+is not supported anymore.
|
||||
+.
|
||||
+.
|
||||
+.SH See also
|
||||
+Read
|
||||
+.I /usr/share/doc/passwd/README.Debian
|
||||
+for a brief introduction to shadow passwords and related features.
|
||||
diff --git a/man/pl/Makefile.am b/man/pl/Makefile.am
|
||||
index 2a015f3..04093ec 100644
|
||||
--- a/man/pl/Makefile.am
|
||||
+++ b/man/pl/Makefile.am
|
||||
@@ -17,6 +17,7 @@ man_MANS = \
|
||||
man8/logoutd.8 \
|
||||
man1/newgrp.1 \
|
||||
man1/sg.1 \
|
||||
+ man8/shadowconfig.8 \
|
||||
man3/shadow.3 \
|
||||
man8/userdel.8 \
|
||||
man8/usermod.8 \
|
||||
diff --git a/man/pl/man8/shadowconfig.8 b/man/pl/man8/shadowconfig.8
|
||||
new file mode 100644
|
||||
index 0000000..2016c9f
|
||||
--- /dev/null
|
||||
+++ b/man/pl/man8/shadowconfig.8
|
||||
@@ -0,0 +1,27 @@
|
||||
+.\" $Id: shadowconfig.8,v 1.3 2001/08/23 23:10:51 kloczek Exp $
|
||||
+.\" {PTM/WK/1999-09-14}
|
||||
+.TH SHADOWCONFIG 8 "19 kwietnia 1997" "Debian GNU/Linux"
|
||||
+.SH NAZWA
|
||||
+shadowconfig - przełącza ochronę haseł i grup przez pliki shadow
|
||||
+.SH SKŁADNIA
|
||||
+.B "shadowconfig"
|
||||
+.IR on " | " off
|
||||
+.SH OPIS
|
||||
+.PP
|
||||
+.B shadowconfig on
|
||||
+włącza ochronę haseł i grup przez dodatkowe, przesłaniane pliki (shadow);
|
||||
+.B shadowconfig off
|
||||
+wyłącza dodatkowe pliki haseł i grup.
|
||||
+.B shadowconfig
|
||||
+wyświetla komunikat o błędzie i kończy pracę z niezerowym kodem jeśli
|
||||
+znajdzie coś nieprawidłowego. W takim wypadku powinieneś poprawić błąd
|
||||
+.\" if it finds anything awry.
|
||||
+i uruchomić program ponownie.
|
||||
+
|
||||
+Włączenie ochrony haseł, gdy jest ona już włączona lub jej wyłączenie,
|
||||
+gdy jest wyłączona jest nieszkodliwe.
|
||||
+
|
||||
+Przeczytaj
|
||||
+.IR /usr/share/doc/passwd/README.debian.gz ,
|
||||
+gdzie znajdziesz krótkie wprowadzenie do ochrony haseł z użyciem dodatkowych
|
||||
+plików haseł przesłanianych (shadow passwords) i związanych tematów.
|
||||
|
||||
@@ -176,10 +176,10 @@ index d3a6d6c..59602aa 100644
|
||||
man8/userdel.8 \
|
||||
man8/usermod.8 \
|
||||
diff --git a/man/fr/Makefile.am b/man/fr/Makefile.am
|
||||
index e175a15..d4cb276 100644
|
||||
index 2365e23..6cbaadc 100644
|
||||
--- a/man/fr/Makefile.am
|
||||
+++ b/man/fr/Makefile.am
|
||||
@@ -8,35 +8,25 @@ man_MANS = \
|
||||
@@ -8,34 +8,24 @@ man_MANS = \
|
||||
man8/chpasswd.8 \
|
||||
man1/chsh.1 \
|
||||
man1/expiry.1 \
|
||||
@@ -206,7 +206,6 @@ index e175a15..d4cb276 100644
|
||||
man8/pwck.8 \
|
||||
man8/pwconv.8 \
|
||||
man8/pwunconv.8 \
|
||||
man8/shadowconfig.8 \
|
||||
- man1/sg.1 \
|
||||
man3/shadow.3 \
|
||||
man5/shadow.5 \
|
||||
@@ -283,7 +282,7 @@ index 736576c..3312232 100644
|
||||
man8/userdel.8 \
|
||||
man8/usermod.8 \
|
||||
diff --git a/man/ja/Makefile.am b/man/ja/Makefile.am
|
||||
index b9f1df0..07fa208 100644
|
||||
index b759726..1e22da2 100644
|
||||
--- a/man/ja/Makefile.am
|
||||
+++ b/man/ja/Makefile.am
|
||||
@@ -7,8 +7,6 @@ man_MANS = \
|
||||
@@ -295,7 +294,7 @@ index b9f1df0..07fa208 100644
|
||||
man1/gpasswd.1 \
|
||||
man8/groupadd.8 \
|
||||
man8/groupdel.8 \
|
||||
@@ -16,10 +14,7 @@ man_MANS = \
|
||||
@@ -16,20 +14,14 @@ man_MANS = \
|
||||
man8/grpck.8 \
|
||||
man8/grpconv.8 \
|
||||
man8/grpunconv.8 \
|
||||
@@ -306,10 +305,9 @@ index b9f1df0..07fa208 100644
|
||||
man8/newusers.8 \
|
||||
man1/passwd.1 \
|
||||
man5/passwd.5 \
|
||||
@@ -27,10 +22,7 @@ man_MANS = \
|
||||
man8/pwck.8 \
|
||||
man8/pwconv.8 \
|
||||
man8/pwunconv.8 \
|
||||
man8/shadowconfig.8 \
|
||||
- man1/sg.1 \
|
||||
man5/shadow.5 \
|
||||
- man1/su.1 \
|
||||
@@ -332,7 +330,7 @@ index 4f73651..0f17a17 100644
|
||||
man8/vipw.8
|
||||
# newgrp.1 must be updated
|
||||
diff --git a/man/pl/Makefile.am b/man/pl/Makefile.am
|
||||
index 04093ec..ba91f47 100644
|
||||
index 2a015f3..02f4533 100644
|
||||
--- a/man/pl/Makefile.am
|
||||
+++ b/man/pl/Makefile.am
|
||||
@@ -6,17 +6,11 @@ man_MANS = \
|
||||
@@ -350,9 +348,9 @@ index 04093ec..ba91f47 100644
|
||||
- man8/logoutd.8 \
|
||||
- man1/newgrp.1 \
|
||||
- man1/sg.1 \
|
||||
man8/shadowconfig.8 \
|
||||
man3/shadow.3 \
|
||||
man8/userdel.8 \
|
||||
man8/usermod.8 \
|
||||
diff --git a/man/ru/Makefile.am b/man/ru/Makefile.am
|
||||
index 845a603..9afcb22 100644
|
||||
--- a/man/ru/Makefile.am
|
||||
|
||||
@@ -0,0 +1,28 @@
|
||||
From: Chris Hofstaedtler <zeha@debian.org>
|
||||
Date: Mon, 24 Feb 2025 12:01:18 +0100
|
||||
Subject: configure: always pick /usr/bin/passwd
|
||||
|
||||
Improve reproducibility, without Build-Depend:ing on ourselves.
|
||||
---
|
||||
configure.ac | 8 +-------
|
||||
1 file changed, 1 insertion(+), 7 deletions(-)
|
||||
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index a7388e7..2a6591a 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -150,13 +150,7 @@ AC_DEFINE_UNQUOTED(LASTLOG_FILE, "$shadow_cv_logdir/lastlog",
|
||||
AC_DEFINE_UNQUOTED(FAILLOG_FILE, "$shadow_cv_logdir/faillog",
|
||||
[Path for faillog file.])
|
||||
|
||||
-AC_CACHE_CHECK([location of the passwd program], shadow_cv_passwd_dir,
|
||||
-[if test -f /usr/bin/passwd; then
|
||||
- shadow_cv_passwd_dir=/usr/bin
|
||||
-else
|
||||
- shadow_cv_passwd_dir=/bin
|
||||
-fi])
|
||||
-AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
|
||||
+AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$prefix/bin/passwd",
|
||||
[Path to passwd program.])
|
||||
|
||||
AC_ARG_ENABLE(shadowgrp,
|
||||
Vendored
+6
@@ -6,7 +6,13 @@ debian/tests-disable-su.patch
|
||||
debian/Adapt-login.defs-for-Debian.patch
|
||||
debian/Define-LOGIN_NAME_MAX-on-HURD.patch
|
||||
debian/Stop-building-programs-we-do-not-install.patch
|
||||
debian/configure-always-pick-usr-bin-passwd.patch
|
||||
upstream/a015e919834c90b99947829c6c823f7fe93a8097-E_BAD_NAME.patch
|
||||
upstream/man-useradd.8.xml-Document-new-exit-code-19-E_BAD_NAME.patch
|
||||
upstream/Revert-lib-src-Use-local-time-for-human-readable-dates.patch
|
||||
Revert-lib-strtoday.c-strtoday-Fix-calculation.patch
|
||||
Warn-when-badname-and-variants-are-given.patch
|
||||
upstream/src-chfn.c-Partially-revert-lib-src-Use-strsep-3-instead-.patch
|
||||
upstream/src-chfn.c-Use-stpsep-instead-of-its-pattern.patch
|
||||
upstream/src-chfn.c-Add-local-variable-to-refer-to-the-separated-f.patch
|
||||
upstream/src-chfn.c-copy_field-Rename-local-variable.patch
|
||||
|
||||
+37
@@ -0,0 +1,37 @@
|
||||
From: Alejandro Colomar <alx@kernel.org>
|
||||
Date: Mon, 17 Feb 2025 13:44:55 +0100
|
||||
Subject: src/chfn.c: Add local variable to refer to the separated field
|
||||
|
||||
Signed-off-by: Alejandro Colomar <alx@kernel.org>
|
||||
---
|
||||
src/chfn.c | 8 +++++---
|
||||
1 file changed, 5 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/chfn.c b/src/chfn.c
|
||||
index 1799d6b..3fc94dc 100644
|
||||
--- a/src/chfn.c
|
||||
+++ b/src/chfn.c
|
||||
@@ -220,18 +220,20 @@ static char *copy_field (char *in, char *out, char *extra)
|
||||
char *cp = NULL;
|
||||
|
||||
while (NULL != in) {
|
||||
+ const char *f;
|
||||
+
|
||||
+ f = in;
|
||||
cp = stpsep(in, ",");
|
||||
|
||||
- if (strchr (in, '=') == NULL) {
|
||||
+ if (strchr(f, '=') == NULL)
|
||||
break;
|
||||
- }
|
||||
|
||||
if (NULL != extra) {
|
||||
if (!streq(extra, "")) {
|
||||
strcat (extra, ",");
|
||||
}
|
||||
|
||||
- strcat (extra, in);
|
||||
+ strcat(extra, f);
|
||||
}
|
||||
in = cp;
|
||||
}
|
||||
+67
@@ -0,0 +1,67 @@
|
||||
From: Alejandro Colomar <alx@kernel.org>
|
||||
Date: Mon, 17 Feb 2025 13:23:37 +0100
|
||||
Subject: src/chfn.c: Partially revert "lib/,
|
||||
src/: Use strsep(3) instead of its pattern"
|
||||
|
||||
This partially reverts commit 16cb664865541162c504a6f5ef5ca4b38b5e0c9a.
|
||||
|
||||
I'll try to reintroduce this change more carefully.
|
||||
For now, let's revert to a known-good state.
|
||||
|
||||
The problem was due to accidentally ignoring the effects of the 'break'
|
||||
on the 'cp' variable.
|
||||
|
||||
Fixes: 16cb66486554 (2024-07-01; "lib/, src/: Use strsep(3) instead of its pattern")
|
||||
Closes: <https://github.com/shadow-maint/shadow/issues/1210>
|
||||
Link: <https://github.com/shadow-maint/shadow/pull/1213>
|
||||
Link: <https://github.com/shadow-maint/shadow/pull/1212>
|
||||
Reported-by: Chris Hofstaedtler <zeha@debian.org>
|
||||
Suggested-by: Chris Hofstaedtler <zeha@debian.org>
|
||||
Signed-off-by: Alejandro Colomar <alx@kernel.org>
|
||||
---
|
||||
src/chfn.c | 17 +++++++++++------
|
||||
1 file changed, 11 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/chfn.c b/src/chfn.c
|
||||
index 4c96fba..f06cb44 100644
|
||||
--- a/src/chfn.c
|
||||
+++ b/src/chfn.c
|
||||
@@ -216,27 +216,32 @@ static void new_fields (void)
|
||||
*/
|
||||
static char *copy_field (char *in, char *out, char *extra)
|
||||
{
|
||||
- while (NULL != in) {
|
||||
- char *f;
|
||||
+ char *cp = NULL;
|
||||
|
||||
- f = strsep(&in, ",");
|
||||
+ while (NULL != in) {
|
||||
+ cp = strchr (in, ',');
|
||||
+ if (NULL != cp) {
|
||||
+ *cp++ = '\0';
|
||||
+ }
|
||||
|
||||
- if (strchr(f, '=') == NULL)
|
||||
+ if (strchr (in, '=') == NULL) {
|
||||
break;
|
||||
+ }
|
||||
|
||||
if (NULL != extra) {
|
||||
if (!streq(extra, "")) {
|
||||
strcat (extra, ",");
|
||||
}
|
||||
|
||||
- strcat(extra, f);
|
||||
+ strcat (extra, in);
|
||||
}
|
||||
+ in = cp;
|
||||
}
|
||||
if ((NULL != in) && (NULL != out)) {
|
||||
strcpy (out, in);
|
||||
}
|
||||
|
||||
- return in;
|
||||
+ return cp;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -0,0 +1,33 @@
|
||||
From: Alejandro Colomar <alx@kernel.org>
|
||||
Date: Mon, 17 Feb 2025 13:40:02 +0100
|
||||
Subject: src/chfn.c: Use stpsep() instead of its pattern
|
||||
|
||||
Signed-off-by: Alejandro Colomar <alx@kernel.org>
|
||||
---
|
||||
src/chfn.c | 6 ++----
|
||||
1 file changed, 2 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/chfn.c b/src/chfn.c
|
||||
index f06cb44..1799d6b 100644
|
||||
--- a/src/chfn.c
|
||||
+++ b/src/chfn.c
|
||||
@@ -36,6 +36,7 @@
|
||||
#include "string/strcmp/streq.h"
|
||||
#include "string/strcpy/strtcpy.h"
|
||||
#include "string/strdup/xstrdup.h"
|
||||
+#include "string/strtok/stpsep.h"
|
||||
|
||||
|
||||
/*
|
||||
@@ -219,10 +220,7 @@ static char *copy_field (char *in, char *out, char *extra)
|
||||
char *cp = NULL;
|
||||
|
||||
while (NULL != in) {
|
||||
- cp = strchr (in, ',');
|
||||
- if (NULL != cp) {
|
||||
- *cp++ = '\0';
|
||||
- }
|
||||
+ cp = stpsep(in, ",");
|
||||
|
||||
if (strchr (in, '=') == NULL) {
|
||||
break;
|
||||
@@ -0,0 +1,47 @@
|
||||
From: Alejandro Colomar <alx@kernel.org>
|
||||
Date: Mon, 17 Feb 2025 15:33:46 +0100
|
||||
Subject: src/chfn.c: copy_field(): Rename local variable
|
||||
|
||||
This makes it more obvious what that pointer is.
|
||||
|
||||
Signed-off-by: Alejandro Colomar <alx@kernel.org>
|
||||
---
|
||||
src/chfn.c | 8 ++++----
|
||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/chfn.c b/src/chfn.c
|
||||
index 3fc94dc..d62bb8a 100644
|
||||
--- a/src/chfn.c
|
||||
+++ b/src/chfn.c
|
||||
@@ -217,13 +217,13 @@ static void new_fields (void)
|
||||
*/
|
||||
static char *copy_field (char *in, char *out, char *extra)
|
||||
{
|
||||
- char *cp = NULL;
|
||||
+ char *next = NULL;
|
||||
|
||||
while (NULL != in) {
|
||||
const char *f;
|
||||
|
||||
f = in;
|
||||
- cp = stpsep(in, ",");
|
||||
+ next = stpsep(in, ",");
|
||||
|
||||
if (strchr(f, '=') == NULL)
|
||||
break;
|
||||
@@ -235,13 +235,13 @@ static char *copy_field (char *in, char *out, char *extra)
|
||||
|
||||
strcat(extra, f);
|
||||
}
|
||||
- in = cp;
|
||||
+ in = next;
|
||||
}
|
||||
if ((NULL != in) && (NULL != out)) {
|
||||
strcpy (out, in);
|
||||
}
|
||||
|
||||
- return cp;
|
||||
+ return next;
|
||||
}
|
||||
|
||||
/*
|
||||
Vendored
+4
@@ -42,6 +42,10 @@ CFLAGS += -DDEFAULT_EDITOR="\"sensible-editor\""
|
||||
%:
|
||||
dh $@
|
||||
|
||||
execute_after_dh_auto_clean:
|
||||
# rebuild lib/getdate.c
|
||||
rm -f lib/getdate.c
|
||||
|
||||
override_dh_auto_configure:
|
||||
dh_auto_configure -- $(DEB_CONFIGURE_EXTRA_FLAGS)
|
||||
|
||||
|
||||
Vendored
+4
-18
@@ -1,5 +1,5 @@
|
||||
#!/bin/sh
|
||||
# turn shadow passwords on or off on a Debian system
|
||||
# turn shadow passwords on on a Debian system
|
||||
|
||||
set -e
|
||||
|
||||
@@ -36,16 +36,6 @@ shadowon () {
|
||||
chmod 640 "${DPKG_ROOT}/etc/shadow" "${DPKG_ROOT}/etc/gshadow"
|
||||
}
|
||||
|
||||
shadowoff () {
|
||||
set -e
|
||||
pwck -q -r
|
||||
grpck -r
|
||||
pwunconv
|
||||
grpunconv
|
||||
# sometimes the passwd perms get munged
|
||||
chown root:root /etc/passwd /etc/group
|
||||
chmod 644 /etc/passwd /etc/group
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
"on")
|
||||
@@ -57,14 +47,10 @@ case "$1" in
|
||||
fi
|
||||
;;
|
||||
"off")
|
||||
if shadowoff ; then
|
||||
echo Shadow passwords are now off.
|
||||
else
|
||||
echo Please correct the error and rerun \`$0 off\'
|
||||
exit 1
|
||||
fi
|
||||
echo E: Turning shadow passwords off is no longer supported.
|
||||
exit 1
|
||||
;;
|
||||
*)
|
||||
echo Usage: $0 on \| off
|
||||
echo Usage: $0 on
|
||||
;;
|
||||
esac
|
||||
|
||||
Vendored
+13
-2
@@ -2,12 +2,23 @@
|
||||
|
||||
set -e
|
||||
|
||||
echo "Adding an user works"
|
||||
echo "Adding a user works"
|
||||
useradd shadow-test-user
|
||||
grep '^shadow-test-user:x:' /etc/passwd
|
||||
grep '^shadow-test-user:!:' /etc/shadow
|
||||
|
||||
echo "Removing an user works"
|
||||
# Regression test for #1096187. adduser uses this sequence.
|
||||
echo "Changing a users name and work phone number works"
|
||||
chfn "-f" "foo" "-r" "" shadow-test-user
|
||||
chfn -w "" shadow-test-user
|
||||
|
||||
# Regression test for #1095430
|
||||
TZ=Asia/Tokyo usermod --expiredate 1970-01-02 shadow-test-user
|
||||
TZ=Asia/Tokyo LC_ALL=C chage -l shadow-test-user | grep 'Account expires'
|
||||
# We expect 1970-01-02, as passed.
|
||||
TZ=Asia/Tokyo LC_ALL=C chage -l shadow-test-user | grep -P '^Account expires.*Jan 02, 1970'
|
||||
|
||||
echo "Removing a user works"
|
||||
userdel shadow-test-user
|
||||
! grep 'shadow-test-user' /etc/passwd
|
||||
! grep 'shadow-test-user' /etc/shadow
|
||||
|
||||
Reference in New Issue
Block a user