Compare commits

...

11 Commits

Author SHA1 Message Date
Chris Hofstaedtler 03ab41b0a9 Update changelog for 1:4.17.2-6 release 2025-02-24 12:16:51 +01:00
Chris Hofstaedtler da9ad99cc7 configure: always pick /usr/bin/passwd
Improve reproducibility, without Build-Depend:ing on ourselves.

Thanks: Jochen Sprickerhof <jspricke@debian.org>
2025-02-24 12:02:34 +01:00
Chris Hofstaedtler 677d61be14 d/rules: ensure lib/getdate.c gets rebuilt 2025-02-18 12:47:27 +01:00
Chris Hofstaedtler 5afd832ec6 Update changelog for 1:4.17.2-5 release 2025-02-17 20:03:09 +01:00
Chris Hofstaedtler a68ce238bd Remove "shadowconfig off"
If needed please run pwunconv, grpunconv manually, but please understand
you are on your own.

Gbp-Dch: full
2025-02-17 20:03:09 +01:00
Chris Hofstaedtler 1c472beabb Add regression test for #1095430 2025-02-17 19:41:26 +01:00
Chris Hofstaedtler 6eb4f265cf Add regression test for #1096187 2025-02-17 19:41:26 +01:00
Chris Hofstaedtler 32a244b0ce Import upstream patch to fix chfn (#1096187)
https://github.com/shadow-maint/shadow/pull/1212
2025-02-17 19:41:19 +01:00
Chris Hofstaedtler fea713992d Warn about future --badname removal
Upstream PR 1158 plans to remove this flag, probably in the forky
timeframe. Warn users now.

Gbp-Dch: full
2025-02-17 18:20:54 +01:00
Chris Hofstaedtler 94385da1c2 Update changelog for 1:4.17.2-4 release 2025-02-17 12:28:59 +01:00
Chris Hofstaedtler a143aca1c9 Revert upstreams chfn.c strsep change
Closes: #1096187
2025-02-17 12:28:14 +01:00
15 changed files with 396 additions and 193 deletions
+7 -6
View File
@@ -1,13 +1,14 @@
Read this file first for a brief overview of the new versions of login
and passwd.
Read this file first for a brief overview of the current version
of passwd.
---Shadow passwords
The command `shadowconfig on' will turn on shadow password support.
`shadowconfig off' will turn it back off. If you turn on shadow
password support, you'll gain the ability to set password ages and
expirations with chage(1).
This is the default. Turning off shadow passwords is not supported
anymore.
Together with shadow passwords, you get the ability to set password ages
and expirations with chage(1).
NOTE: If you use the nscd package, you may have problems with a
slight delay in updating the password information. You may notice
@@ -27,7 +28,7 @@ support. PAM documentation is available in several formats in the
libpam-doc package.
---MD5 Encryption
---Encryption
This is enabled now using the /etc/pam.d/* files. Examples are given.
+28
View File
@@ -1,3 +1,31 @@
shadow (1:4.17.2-6) unstable; urgency=medium
* d/rules: ensure lib/getdate.c gets rebuilt
* configure: always pick /usr/bin/passwd.
Thanks to Jochen Sprickerhof <jspricke@debian.org>
-- Chris Hofstaedtler <zeha@debian.org> Mon, 24 Feb 2025 12:16:49 +0100
shadow (1:4.17.2-5) unstable; urgency=medium
* Warn about future --badname removal.
Upstream PR 1158 plans to remove this flag, probably in the forky
timeframe. Warn users now.
* Import upstream patch to fix chfn (#1096187)
* Add regression test for #1096187
* Add regression test for #1095430
* Remove "shadowconfig off"
If needed please run pwunconv, grpunconv manually, but please understand
you are on your own.
-- Chris Hofstaedtler <zeha@debian.org> Mon, 17 Feb 2025 19:54:09 +0100
shadow (1:4.17.2-4) unstable; urgency=medium
* Revert upstreams chfn.c strsep change (Closes: #1096187)
-- Chris Hofstaedtler <zeha@debian.org> Mon, 17 Feb 2025 12:28:56 +0100
shadow (1:4.17.2-3) unstable; urgency=medium
* Revert upstreams strtoday calculation "fix" (Closes: #1095430)
-1
View File
@@ -21,7 +21,6 @@ usr/share/man/*/man8/newusers.8
usr/share/man/*/man8/pwck.8
usr/share/man/*/man8/pwconv.8
usr/share/man/*/man8/pwunconv.8
usr/share/man/*/man8/shadowconfig.8
usr/share/man/*/man8/useradd.8
usr/share/man/*/man8/userdel.8
usr/share/man/*/man8/usermod.8
@@ -0,0 +1,104 @@
From: Chris Hofstaedtler <zeha@debian.org>
Date: Mon, 17 Feb 2025 18:17:15 +0100
Subject: Warn when --badname (and variants) are given
Upstream PR 1158 will remove them, probably in the forky timeframe.
---
src/newusers.c | 5 ++++-
src/pwck.c | 5 ++++-
src/useradd.c | 5 ++++-
src/usermod.c | 5 ++++-
4 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/src/newusers.c b/src/newusers.c
index 5e78dd9..964e668 100644
--- a/src/newusers.c
+++ b/src/newusers.c
@@ -125,7 +125,7 @@ static void usage (int status)
"\n"
"Options:\n"),
Prog);
- (void) fputs (_(" -b, --badname allow bad names\n"), usageout);
+ (void) fputs (_(" -b, --badname allow bad names (DEPRECATED)\n"), usageout);
#ifndef USE_PAM
(void) fprintf (usageout,
_(" -c, --crypt-method METHOD the crypt method (one of %s)\n"),
@@ -658,6 +658,9 @@ static void process_flags (int argc, char **argv)
switch (c) {
case 'b':
allow_bad_names = true;
+ fprintf (stderr,
+ _("%s: WARNING: -b and --badname are deprecated and will be removed\n"),
+ Prog);
break;
#ifndef USE_PAM
case 'c':
diff --git a/src/pwck.c b/src/pwck.c
index ae7ddad..8805422 100644
--- a/src/pwck.c
+++ b/src/pwck.c
@@ -133,7 +133,7 @@ usage (int status)
"Options:\n"),
Prog);
}
- (void) fputs (_(" -b, --badname allow bad names\n"), usageout);
+ (void) fputs (_(" -b, --badname allow bad names (DEPRECATED)\n"), usageout);
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
(void) fputs (_(" -q, --quiet report errors only\n"), usageout);
(void) fputs (_(" -r, --read-only display errors and warnings\n"
@@ -175,6 +175,9 @@ static void process_flags (int argc, char **argv)
switch (c) {
case 'b':
allow_bad_names = true;
+ fprintf (stderr,
+ _("%s: WARNING: --badname is deprecated and will be removed\n"),
+ Prog);
break;
case 'h':
usage (E_SUCCESS);
diff --git a/src/useradd.c b/src/useradd.c
index 92f8054..f5169b3 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -894,7 +894,7 @@ static void usage (int status)
"\n"
"Options:\n"),
Prog, Prog, Prog);
- (void) fputs (_(" --badname do not check for bad names\n"), usageout);
+ (void) fputs (_(" --badname do not check for bad names (DEPRECATED)\n"), usageout);
(void) fputs (_(" -b, --base-dir BASE_DIR base directory for the home directory of the\n"
" new account\n"), usageout);
#ifdef WITH_BTRFS
@@ -1240,6 +1240,9 @@ static void process_flags (int argc, char **argv)
break;
case 201:
allow_bad_names = true;
+ fprintf (stderr,
+ _("%s: WARNING: --badname is deprecated and will be removed\n"),
+ Prog);
break;
case 'c':
if (!VALID (optarg)) {
diff --git a/src/usermod.c b/src/usermod.c
index 24c5a4d..a06f2dc 100644
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -383,7 +383,7 @@ usage (int status)
(void) fputs (_(" -a, --append append the user to the supplemental GROUPS\n"
" mentioned by the -G option without removing\n"
" the user from other groups\n"), usageout);
- (void) fputs (_(" -b, --badname allow bad names\n"), usageout);
+ (void) fputs (_(" -b, --badname allow bad names (DEPRECATED)\n"), usageout);
(void) fputs (_(" -c, --comment COMMENT new value of the GECOS field\n"), usageout);
(void) fputs (_(" -d, --home HOME_DIR new home directory for the user account\n"), usageout);
(void) fputs (_(" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"), usageout);
@@ -1043,6 +1043,9 @@ process_flags(int argc, char **argv)
break;
case 'b':
allow_bad_names = true;
+ fprintf (stderr,
+ _("%s: WARNING: -b, --badname and --badnames are deprecated and will be removed\n"),
+ Prog);
break;
case 'c':
if (!VALID (optarg)) {
+11 -157
View File
@@ -6,19 +6,10 @@ Status wrt upstream: The shadowconfig utility is Debian-specific.
The man page is Debian-specific, but it used to be distributed by
upstream.
---
man/Makefile.am | 1 +
man/fr/Makefile.am | 1 +
man/fr/man8/shadowconfig.8 | 26 ++++++++++++++++++++++++++
man/ja/Makefile.am | 1 +
man/ja/man8/shadowconfig.8 | 25 +++++++++++++++++++++++++
man/man8/shadowconfig.8 | 39 +++++++++++++++++++++++++++++++++++++++
man/pl/Makefile.am | 1 +
man/pl/man8/shadowconfig.8 | 27 +++++++++++++++++++++++++++
8 files changed, 121 insertions(+)
create mode 100644 man/fr/man8/shadowconfig.8
create mode 100644 man/ja/man8/shadowconfig.8
man/Makefile.am | 1 +
man/man8/shadowconfig.8 | 34 ++++++++++++++++++++++++++++++++++
2 files changed, 35 insertions(+)
create mode 100644 man/man8/shadowconfig.8
create mode 100644 man/pl/man8/shadowconfig.8
diff --git a/man/Makefile.am b/man/Makefile.am
index 1405509..0e88fea 100644
@@ -32,116 +23,25 @@ index 1405509..0e88fea 100644
man1/sg.1 \
man3/shadow.3 \
man5/shadow.5 \
diff --git a/man/fr/Makefile.am b/man/fr/Makefile.am
index 2365e23..e175a15 100644
--- a/man/fr/Makefile.am
+++ b/man/fr/Makefile.am
@@ -31,6 +31,7 @@ man_MANS = \
man8/pwck.8 \
man8/pwconv.8 \
man8/pwunconv.8 \
+ man8/shadowconfig.8 \
man1/sg.1 \
man3/shadow.3 \
man5/shadow.5 \
diff --git a/man/fr/man8/shadowconfig.8 b/man/fr/man8/shadowconfig.8
new file mode 100644
index 0000000..784da70
--- /dev/null
+++ b/man/fr/man8/shadowconfig.8
@@ -0,0 +1,26 @@
+.\" This file was generated with po4a. Translate the source file.
+.\"
+.\"$Id: shadowconfig.8,v 1.4 2001/08/23 23:10:48 kloczek Exp $
+.TH SHADOWCONFIG 8 "19 avril 1997" "Debian GNU/Linux"
+.SH NOM
+shadowconfig \- active ou désactive les mots de passe cachés
+.SH SYNOPSIS
+\fBshadowconfig\fP \fIon\fP | \fIoff\fP
+.SH DESCRIPTION
+.PP
+\fBshadowconfig on\fP active les mots de passe cachés («\ shadow passwords\ »)\ ; \fBshadowconfig off\fP les désactive. \fBShadowconfig\fP affiche un message
+d'erreur et quitte avec une valeur de retour non nulle s'il rencontre
+quelque chose d'inattendu. Dans ce cas, vous devrez corriger l'erreur avant
+de recommencer.
+
+Activer les mots de passe cachés lorsqu'ils sont déjà activés, ou les
+désactiver lorsqu'ils ne sont pas actifs est sans effet.
+
+Lisez \fI/usr/share/doc/passwd/README.Debian\fP pour une brève introduction aux
+mots de passe cachés et à leurs fonctionnalités.
+
+Notez que désactiver puis réactiver les mots de passe cachés aura pour
+conséquence la perte des informations d'âge sur les mots de passe.
+.SH TRADUCTION
+Nicolas FRANÇOIS, 2004.
+Veuillez signaler toute erreur à <\fIdebian\-l10\-french@lists.debian.org\fR>.
diff --git a/man/ja/Makefile.am b/man/ja/Makefile.am
index b759726..b9f1df0 100644
--- a/man/ja/Makefile.am
+++ b/man/ja/Makefile.am
@@ -26,6 +26,7 @@ man_MANS = \
man8/pwck.8 \
man8/pwconv.8 \
man8/pwunconv.8 \
+ man8/shadowconfig.8 \
man1/sg.1 \
man5/shadow.5 \
man1/su.1 \
diff --git a/man/ja/man8/shadowconfig.8 b/man/ja/man8/shadowconfig.8
new file mode 100644
index 0000000..a75c6f7
--- /dev/null
+++ b/man/ja/man8/shadowconfig.8
@@ -0,0 +1,25 @@
+.\" all right reserved,
+.\" Translated Tue Oct 30 11:59:11 JST 2001
+.\" by Maki KURODA <mkuroda@aisys-jp.com>
+.\"
+.TH SHADOWCONFIG 8 "19 Apr 1997" "Debian GNU/Linux"
+.SH 名前
+shadowconfig \- shadow パスワードの設定をオン及びオフに切替える
+.SH 書式
+.B "shadowconfig"
+.IR on " | " off
+.SH 説明
+.PP
+.B shadowconfig on
+は shadow パスワードを有効にする。
+.B shadowconfig off
+は shadow パスワードを無効にする。
+.B shadowconfig
+は何らかの間違いがあると、エラーメッセージを表示し、
+ゼロではない返り値を返す。
+もしそのようなことが起こった場合、エラーを修正し、再度実行しなければならない。
+shadow パスワードの設定がすでにオンの場合にオンに設定したり、
+すでにオフの場合にオフに設定しても、何の影響もない。
+
+.I /usr/share/doc/passwd/README.debian.gz
+には shadow パスワードとそれに関する特徴の簡単な紹介が書かれている。
diff --git a/man/man8/shadowconfig.8 b/man/man8/shadowconfig.8
new file mode 100644
index 0000000..ec11fc6
index 0000000..a463a92
--- /dev/null
+++ b/man/man8/shadowconfig.8
@@ -0,0 +1,39 @@
+.TH shadowconfig 8 2025-01-01 "Debian shadow-utils"
@@ -0,0 +1,34 @@
+.TH shadowconfig 8 2025-02-17 "Debian shadow-utils"
+.SH Name
+shadowconfig \- toggle shadow passwords on and off
+shadowconfig \- turn shadow passwords on
+.
+.
+.SH Synopsis
+.SY shadowconfig
+.BR on | off
+.SY shadowconfig on
+.YS
+.
+.
+.SH Description
+.I shadowconfig\ on
+will turn shadow passwords on.
+.P
+.I shadowconfig\ off
+will turn shadow passwords off.
+.
+.
+.SH Errors
@@ -150,62 +50,16 @@ index 0000000..ec11fc6
+if it finds anything awry.
+If that happens,
+you should correct the error and run it again.
+Turning shadow passwords on when they are already on,
+or off when they are already off,
+Turning shadow passwords on when they are already on
+is harmless.
+.
+.
+.SH Caveats
+Turning shadow passwords off and on again
+will lose all password aging information.
+Turning shadow passwords off using shadowconfig
+is not supported anymore.
+.
+.
+.SH See also
+Read
+.I /usr/share/doc/passwd/README.Debian
+for a brief introduction to shadow passwords and related features.
diff --git a/man/pl/Makefile.am b/man/pl/Makefile.am
index 2a015f3..04093ec 100644
--- a/man/pl/Makefile.am
+++ b/man/pl/Makefile.am
@@ -17,6 +17,7 @@ man_MANS = \
man8/logoutd.8 \
man1/newgrp.1 \
man1/sg.1 \
+ man8/shadowconfig.8 \
man3/shadow.3 \
man8/userdel.8 \
man8/usermod.8 \
diff --git a/man/pl/man8/shadowconfig.8 b/man/pl/man8/shadowconfig.8
new file mode 100644
index 0000000..2016c9f
--- /dev/null
+++ b/man/pl/man8/shadowconfig.8
@@ -0,0 +1,27 @@
+.\" $Id: shadowconfig.8,v 1.3 2001/08/23 23:10:51 kloczek Exp $
+.\" {PTM/WK/1999-09-14}
+.TH SHADOWCONFIG 8 "19 kwietnia 1997" "Debian GNU/Linux"
+.SH NAZWA
+shadowconfig - przełącza ochronę haseł i grup przez pliki shadow
+.SH SKŁADNIA
+.B "shadowconfig"
+.IR on " | " off
+.SH OPIS
+.PP
+.B shadowconfig on
+włącza ochronę haseł i grup przez dodatkowe, przesłaniane pliki (shadow);
+.B shadowconfig off
+wyłącza dodatkowe pliki haseł i grup.
+.B shadowconfig
+wyświetla komunikat o błędzie i kończy pracę z niezerowym kodem jeśli
+znajdzie coś nieprawidłowego. W takim wypadku powinieneś poprawić błąd
+.\" if it finds anything awry.
+i uruchomić program ponownie.
+
+Włączenie ochrony haseł, gdy jest ona już włączona lub jej wyłączenie,
+gdy jest wyłączona jest nieszkodliwe.
+
+Przeczytaj
+.IR /usr/share/doc/passwd/README.debian.gz ,
+gdzie znajdziesz krótkie wprowadzenie do ochrony haseł z użyciem dodatkowych
+plików haseł przesłanianych (shadow passwords) i związanych tematów.
@@ -176,10 +176,10 @@ index d3a6d6c..59602aa 100644
man8/userdel.8 \
man8/usermod.8 \
diff --git a/man/fr/Makefile.am b/man/fr/Makefile.am
index e175a15..d4cb276 100644
index 2365e23..6cbaadc 100644
--- a/man/fr/Makefile.am
+++ b/man/fr/Makefile.am
@@ -8,35 +8,25 @@ man_MANS = \
@@ -8,34 +8,24 @@ man_MANS = \
man8/chpasswd.8 \
man1/chsh.1 \
man1/expiry.1 \
@@ -206,7 +206,6 @@ index e175a15..d4cb276 100644
man8/pwck.8 \
man8/pwconv.8 \
man8/pwunconv.8 \
man8/shadowconfig.8 \
- man1/sg.1 \
man3/shadow.3 \
man5/shadow.5 \
@@ -283,7 +282,7 @@ index 736576c..3312232 100644
man8/userdel.8 \
man8/usermod.8 \
diff --git a/man/ja/Makefile.am b/man/ja/Makefile.am
index b9f1df0..07fa208 100644
index b759726..1e22da2 100644
--- a/man/ja/Makefile.am
+++ b/man/ja/Makefile.am
@@ -7,8 +7,6 @@ man_MANS = \
@@ -295,7 +294,7 @@ index b9f1df0..07fa208 100644
man1/gpasswd.1 \
man8/groupadd.8 \
man8/groupdel.8 \
@@ -16,10 +14,7 @@ man_MANS = \
@@ -16,20 +14,14 @@ man_MANS = \
man8/grpck.8 \
man8/grpconv.8 \
man8/grpunconv.8 \
@@ -306,10 +305,9 @@ index b9f1df0..07fa208 100644
man8/newusers.8 \
man1/passwd.1 \
man5/passwd.5 \
@@ -27,10 +22,7 @@ man_MANS = \
man8/pwck.8 \
man8/pwconv.8 \
man8/pwunconv.8 \
man8/shadowconfig.8 \
- man1/sg.1 \
man5/shadow.5 \
- man1/su.1 \
@@ -332,7 +330,7 @@ index 4f73651..0f17a17 100644
man8/vipw.8
# newgrp.1 must be updated
diff --git a/man/pl/Makefile.am b/man/pl/Makefile.am
index 04093ec..ba91f47 100644
index 2a015f3..02f4533 100644
--- a/man/pl/Makefile.am
+++ b/man/pl/Makefile.am
@@ -6,17 +6,11 @@ man_MANS = \
@@ -350,9 +348,9 @@ index 04093ec..ba91f47 100644
- man8/logoutd.8 \
- man1/newgrp.1 \
- man1/sg.1 \
man8/shadowconfig.8 \
man3/shadow.3 \
man8/userdel.8 \
man8/usermod.8 \
diff --git a/man/ru/Makefile.am b/man/ru/Makefile.am
index 845a603..9afcb22 100644
--- a/man/ru/Makefile.am
@@ -0,0 +1,28 @@
From: Chris Hofstaedtler <zeha@debian.org>
Date: Mon, 24 Feb 2025 12:01:18 +0100
Subject: configure: always pick /usr/bin/passwd
Improve reproducibility, without Build-Depend:ing on ourselves.
---
configure.ac | 8 +-------
1 file changed, 1 insertion(+), 7 deletions(-)
diff --git a/configure.ac b/configure.ac
index a7388e7..2a6591a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -150,13 +150,7 @@ AC_DEFINE_UNQUOTED(LASTLOG_FILE, "$shadow_cv_logdir/lastlog",
AC_DEFINE_UNQUOTED(FAILLOG_FILE, "$shadow_cv_logdir/faillog",
[Path for faillog file.])
-AC_CACHE_CHECK([location of the passwd program], shadow_cv_passwd_dir,
-[if test -f /usr/bin/passwd; then
- shadow_cv_passwd_dir=/usr/bin
-else
- shadow_cv_passwd_dir=/bin
-fi])
-AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
+AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$prefix/bin/passwd",
[Path to passwd program.])
AC_ARG_ENABLE(shadowgrp,
+6
View File
@@ -6,7 +6,13 @@ debian/tests-disable-su.patch
debian/Adapt-login.defs-for-Debian.patch
debian/Define-LOGIN_NAME_MAX-on-HURD.patch
debian/Stop-building-programs-we-do-not-install.patch
debian/configure-always-pick-usr-bin-passwd.patch
upstream/a015e919834c90b99947829c6c823f7fe93a8097-E_BAD_NAME.patch
upstream/man-useradd.8.xml-Document-new-exit-code-19-E_BAD_NAME.patch
upstream/Revert-lib-src-Use-local-time-for-human-readable-dates.patch
Revert-lib-strtoday.c-strtoday-Fix-calculation.patch
Warn-when-badname-and-variants-are-given.patch
upstream/src-chfn.c-Partially-revert-lib-src-Use-strsep-3-instead-.patch
upstream/src-chfn.c-Use-stpsep-instead-of-its-pattern.patch
upstream/src-chfn.c-Add-local-variable-to-refer-to-the-separated-f.patch
upstream/src-chfn.c-copy_field-Rename-local-variable.patch
@@ -0,0 +1,37 @@
From: Alejandro Colomar <alx@kernel.org>
Date: Mon, 17 Feb 2025 13:44:55 +0100
Subject: src/chfn.c: Add local variable to refer to the separated field
Signed-off-by: Alejandro Colomar <alx@kernel.org>
---
src/chfn.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/chfn.c b/src/chfn.c
index 1799d6b..3fc94dc 100644
--- a/src/chfn.c
+++ b/src/chfn.c
@@ -220,18 +220,20 @@ static char *copy_field (char *in, char *out, char *extra)
char *cp = NULL;
while (NULL != in) {
+ const char *f;
+
+ f = in;
cp = stpsep(in, ",");
- if (strchr (in, '=') == NULL) {
+ if (strchr(f, '=') == NULL)
break;
- }
if (NULL != extra) {
if (!streq(extra, "")) {
strcat (extra, ",");
}
- strcat (extra, in);
+ strcat(extra, f);
}
in = cp;
}
@@ -0,0 +1,67 @@
From: Alejandro Colomar <alx@kernel.org>
Date: Mon, 17 Feb 2025 13:23:37 +0100
Subject: src/chfn.c: Partially revert "lib/,
src/: Use strsep(3) instead of its pattern"
This partially reverts commit 16cb664865541162c504a6f5ef5ca4b38b5e0c9a.
I'll try to reintroduce this change more carefully.
For now, let's revert to a known-good state.
The problem was due to accidentally ignoring the effects of the 'break'
on the 'cp' variable.
Fixes: 16cb66486554 (2024-07-01; "lib/, src/: Use strsep(3) instead of its pattern")
Closes: <https://github.com/shadow-maint/shadow/issues/1210>
Link: <https://github.com/shadow-maint/shadow/pull/1213>
Link: <https://github.com/shadow-maint/shadow/pull/1212>
Reported-by: Chris Hofstaedtler <zeha@debian.org>
Suggested-by: Chris Hofstaedtler <zeha@debian.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
---
src/chfn.c | 17 +++++++++++------
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git a/src/chfn.c b/src/chfn.c
index 4c96fba..f06cb44 100644
--- a/src/chfn.c
+++ b/src/chfn.c
@@ -216,27 +216,32 @@ static void new_fields (void)
*/
static char *copy_field (char *in, char *out, char *extra)
{
- while (NULL != in) {
- char *f;
+ char *cp = NULL;
- f = strsep(&in, ",");
+ while (NULL != in) {
+ cp = strchr (in, ',');
+ if (NULL != cp) {
+ *cp++ = '\0';
+ }
- if (strchr(f, '=') == NULL)
+ if (strchr (in, '=') == NULL) {
break;
+ }
if (NULL != extra) {
if (!streq(extra, "")) {
strcat (extra, ",");
}
- strcat(extra, f);
+ strcat (extra, in);
}
+ in = cp;
}
if ((NULL != in) && (NULL != out)) {
strcpy (out, in);
}
- return in;
+ return cp;
}
/*
@@ -0,0 +1,33 @@
From: Alejandro Colomar <alx@kernel.org>
Date: Mon, 17 Feb 2025 13:40:02 +0100
Subject: src/chfn.c: Use stpsep() instead of its pattern
Signed-off-by: Alejandro Colomar <alx@kernel.org>
---
src/chfn.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/src/chfn.c b/src/chfn.c
index f06cb44..1799d6b 100644
--- a/src/chfn.c
+++ b/src/chfn.c
@@ -36,6 +36,7 @@
#include "string/strcmp/streq.h"
#include "string/strcpy/strtcpy.h"
#include "string/strdup/xstrdup.h"
+#include "string/strtok/stpsep.h"
/*
@@ -219,10 +220,7 @@ static char *copy_field (char *in, char *out, char *extra)
char *cp = NULL;
while (NULL != in) {
- cp = strchr (in, ',');
- if (NULL != cp) {
- *cp++ = '\0';
- }
+ cp = stpsep(in, ",");
if (strchr (in, '=') == NULL) {
break;
@@ -0,0 +1,47 @@
From: Alejandro Colomar <alx@kernel.org>
Date: Mon, 17 Feb 2025 15:33:46 +0100
Subject: src/chfn.c: copy_field(): Rename local variable
This makes it more obvious what that pointer is.
Signed-off-by: Alejandro Colomar <alx@kernel.org>
---
src/chfn.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/chfn.c b/src/chfn.c
index 3fc94dc..d62bb8a 100644
--- a/src/chfn.c
+++ b/src/chfn.c
@@ -217,13 +217,13 @@ static void new_fields (void)
*/
static char *copy_field (char *in, char *out, char *extra)
{
- char *cp = NULL;
+ char *next = NULL;
while (NULL != in) {
const char *f;
f = in;
- cp = stpsep(in, ",");
+ next = stpsep(in, ",");
if (strchr(f, '=') == NULL)
break;
@@ -235,13 +235,13 @@ static char *copy_field (char *in, char *out, char *extra)
strcat(extra, f);
}
- in = cp;
+ in = next;
}
if ((NULL != in) && (NULL != out)) {
strcpy (out, in);
}
- return cp;
+ return next;
}
/*
+4
View File
@@ -42,6 +42,10 @@ CFLAGS += -DDEFAULT_EDITOR="\"sensible-editor\""
%:
dh $@
execute_after_dh_auto_clean:
# rebuild lib/getdate.c
rm -f lib/getdate.c
override_dh_auto_configure:
dh_auto_configure -- $(DEB_CONFIGURE_EXTRA_FLAGS)
+4 -18
View File
@@ -1,5 +1,5 @@
#!/bin/sh
# turn shadow passwords on or off on a Debian system
# turn shadow passwords on on a Debian system
set -e
@@ -36,16 +36,6 @@ shadowon () {
chmod 640 "${DPKG_ROOT}/etc/shadow" "${DPKG_ROOT}/etc/gshadow"
}
shadowoff () {
set -e
pwck -q -r
grpck -r
pwunconv
grpunconv
# sometimes the passwd perms get munged
chown root:root /etc/passwd /etc/group
chmod 644 /etc/passwd /etc/group
}
case "$1" in
"on")
@@ -57,14 +47,10 @@ case "$1" in
fi
;;
"off")
if shadowoff ; then
echo Shadow passwords are now off.
else
echo Please correct the error and rerun \`$0 off\'
exit 1
fi
echo E: Turning shadow passwords off is no longer supported.
exit 1
;;
*)
echo Usage: $0 on \| off
echo Usage: $0 on
;;
esac
+13 -2
View File
@@ -2,12 +2,23 @@
set -e
echo "Adding an user works"
echo "Adding a user works"
useradd shadow-test-user
grep '^shadow-test-user:x:' /etc/passwd
grep '^shadow-test-user:!:' /etc/shadow
echo "Removing an user works"
# Regression test for #1096187. adduser uses this sequence.
echo "Changing a users name and work phone number works"
chfn "-f" "foo" "-r" "" shadow-test-user
chfn -w "" shadow-test-user
# Regression test for #1095430
TZ=Asia/Tokyo usermod --expiredate 1970-01-02 shadow-test-user
TZ=Asia/Tokyo LC_ALL=C chage -l shadow-test-user | grep 'Account expires'
# We expect 1970-01-02, as passed.
TZ=Asia/Tokyo LC_ALL=C chage -l shadow-test-user | grep -P '^Account expires.*Jan 02, 1970'
echo "Removing a user works"
userdel shadow-test-user
! grep 'shadow-test-user' /etc/passwd
! grep 'shadow-test-user' /etc/shadow