[Pkg-shadow-commits] r683 - trunk/debian/patches

Christian Perrier bubulle at costa.debian.org
Sat Dec 3 06:56:26 UTC 2005 

Author: bubulle
Date: 2005-12-03 06:56:23 +0000 (Sat, 03 Dec 2005)
New Revision: 683

Added:
   trunk/debian/patches/345_su_password_expired
Removed:
   trunk/debian/patches/445_su_password_expired
Log:
Move fixed patch to 3xx series

Copied: trunk/debian/patches/345_su_password_expired (from rev 682, trunk/debian/patches/445_su_password_expired)

Deleted: trunk/debian/patches/445_su_password_expired
===================================================================
--- trunk/debian/patches/445_su_password_expired	2005-12-03 06:55:51 UTC (rev 682)
+++ trunk/debian/patches/445_su_password_expired	2005-12-03 06:56:23 UTC (rev 683)
@@ -1,46 +0,0 @@
-Goal: If an password is expired, su should propose to change this password.
-      This is important in systems without ssh, sudo and where root can't
-      login in console.
-Fix: #321384
-
-Status wrt upstream: Fixed in 4.0.14
-
-Note: When su is not compiled with PAM, there is no syslog messages.
-
-Index: shadow-4.0.13/src/su.c
-===================================================================
---- shadow-4.0.13.orig/src/su.c	2005-10-04 08:07:34.443312955 +0200
-+++ shadow-4.0.13/src/su.c	2005-10-04 08:07:38.039580199 +0200
-@@ -702,6 +702,16 @@
- 		if (amroot) {
- 			fprintf (stderr, _("%s: %s\n(Ignored)\n"), Prog,
- 				 pam_strerror (pamh, ret));
-+		} else if (ret == PAM_NEW_AUTHTOK_REQD) {
-+			ret = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
-+			if (ret != PAM_SUCCESS) {
-+				SYSLOG ((LOG_ERR, "pam_chauthtok: %s",
-+				         pam_strerror (pamh, ret)));
-+				fprintf (stderr, _("%s: %s\n"), Prog,
-+				         pam_strerror (pamh, ret));
-+				pam_end (pamh, ret);
-+				su_failure (tty);
-+			}
- 		} else {
- 			SYSLOG ((LOG_ERR, "pam_acct_mgmt: %s",
- 				 pam_strerror (pamh, ret)));
-@@ -747,10 +757,11 @@
- 		if (!spwd)
- 			spwd = pwd_to_spwd (&pwent);
- 
--		if (isexpired (&pwent, spwd)) {
--			SYSLOG ((pwent.pw_uid ? LOG_WARN : LOG_CRIT,
--				 "Expired account %s", name));
--			su_failure (tty);
-+		if (expire (&pwent, spwd)) {
-+			struct passwd *pwd = getpwnam (name);
-+			spwd = getspnam (name);
-+			if (pwd)
-+				pwent = *pwd;
- 		}
- 	}
-

More information about the Pkg-shadow-commits mailing list