[Pkg-shadow-commits] r355 - branches/experimental/debian/patches
Nicolas FRANCOIS
pkg-shadow-devel@lists.alioth.debian.org
Thu, 07 Jul 2005 00:52:43 +0000
Author: nekral-guest
Date: 2005-07-07 00:52:42 +0000 (Thu, 07 Jul 2005)
New Revision: 355
Modified:
branches/experimental/debian/patches/333_shadow.5-typo_312430
branches/experimental/debian/patches/345_shadowconfig.8
branches/experimental/debian/patches/432_login_cancel_timout_after_authentication
branches/experimental/debian/patches/436_libmisc_chowntty_ro_root_fs
branches/experimental/debian/patches/440_manpages-login.1
branches/experimental/debian/patches/441_manpages-shadow.5
branches/experimental/debian/patches/series
Log:
Update some patches to 4.0.10 and comment the ones already applied.
Modified: branches/experimental/debian/patches/333_shadow.5-typo_312430
===================================================================
--- branches/experimental/debian/patches/333_shadow.5-typo_312430 2005-07-07 00:17:03 UTC (rev 354)
+++ branches/experimental/debian/patches/333_shadow.5-typo_312430 2005-07-07 00:52:42 UTC (rev 355)
@@ -1,31 +1,31 @@
-Goal: fix typos
-Fixes: #312430
+Goal: fix typo
+Fixes:
-Status wrt upstream: Applied (should enter 4.0.10)
+Status wrt upstream: should be reported
-s/64 characters alphabet/64 character alphabet/ is missing
-
-Index: shadow-4.0.9/man/shadow.5
+Index: shadow-4.0.10/man/shadow.5
===================================================================
---- shadow-4.0.9.orig/man/shadow.5 2005-06-19 16:20:49.000000000 +0200
-+++ shadow-4.0.9/man/shadow.5 2005-06-20 01:57:56.000000000 +0200
-@@ -50,8 +50,8 @@
- .IP "" .5i
- A reserved field
+--- shadow-4.0.10.orig/man/shadow.5 2005-07-07 02:19:03.000000000 +0200
++++ shadow-4.0.10/man/shadow.5 2005-07-07 02:48:48.000000000 +0200
+@@ -55,7 +55,7 @@
+ .LP
+
.PP
--The password field must be filled. The encryped password consists of 13 to
--24 characters from the 64 characters alphabet a thru z, A thru Z, 0 thru 9,
-+The password field must be filled. The encrypted password consists of 13 to
-+24 characters from the 64 character alphabet a thru z, A thru Z, 0 thru 9,
- \&\. and /. Optionally it can start with a "$" character. This means the
- encrypted password was generated using another (not DES) algorithm. For
- example if it starts with "$1$" it means the MD5\-based algorithm was used.
-@@ -73,7 +73,7 @@
- An account will also be disabled on the specified day regardless of other
- password expiration information.
+-The password field must be filled\&. The encrypted password consists of 13 to 24 characters from the 64 characters alphabet a thru z, A thru Z, 0 thru 9, \\\&. and /\&. Optionally it can start with a "$" character\&. This means the encrypted password was generated using another (not DES) algorithm\&. For example if it starts with "$1$" it means the MD5\-based algorithm was used\&.
++The password field must be filled\&. The encrypted password consists of 13 to 24 characters from the 64 character alphabet a thru z, A thru Z, 0 thru 9, \\\&. and /\&. Optionally it can start with a "$" character\&. This means the encrypted password was generated using another (not DES) algorithm\&. For example if it starts with "$1$" it means the MD5\-based algorithm was used\&.
+
.PP
--This information supercedes any password or password age information present
-+This information supersedes any password or password age information present
- in \fI/etc/passwd\fR.
- .PP
- This file must not be readable by regular users if password security is to
+ Refer to \fBcrypt\fR(3) for details on how this string is interpreted\&.
+Index: shadow-4.0.10/man/shadow.5.xml
+===================================================================
+--- shadow-4.0.10.orig/man/shadow.5.xml 2005-07-07 02:19:03.000000000 +0200
++++ shadow-4.0.10/man/shadow.5.xml 2005-07-07 02:48:56.000000000 +0200
+@@ -49,7 +49,7 @@
+ </itemizedlist>
+
+ <para>The password field must be filled. The encrypted password consists
+- of 13 to 24 characters from the 64 characters alphabet a thru z, A
++ of 13 to 24 characters from the 64 character alphabet a thru z, A
+ thru Z, 0 thru 9, \. and /. Optionally it can start with a "$"
+ character. This means the encrypted password was generated using
+ another (not DES) algorithm. For example if it starts with "$1$" it
Modified: branches/experimental/debian/patches/345_shadowconfig.8
===================================================================
--- branches/experimental/debian/patches/345_shadowconfig.8 2005-07-07 00:17:03 UTC (rev 354)
+++ branches/experimental/debian/patches/345_shadowconfig.8 2005-07-07 00:52:42 UTC (rev 355)
@@ -3,16 +3,29 @@
Status wrt upstream: The following is not aplied (2005/06/18)
It is very Debian specific IMHO.
-Index: shadow-4.0.9/man/shadowconfig.8
+Index: shadow-4.0.10/man/shadowconfig.8
===================================================================
---- shadow-4.0.9.orig/man/shadowconfig.8 2004-12-11 21:05:01.000000000 +0100
-+++ shadow-4.0.9/man/shadowconfig.8 2005-06-19 01:58:08.000000000 +0200
-@@ -15,7 +15,7 @@
- passwords on when they are already on, or off when they are already off, is
- harmless.
- .P
--Read \fI/usr/share/doc/passwd/README.debian\fR for a brief introduction
-+Read \fI/usr/share/doc/passwd/README.Debian\fR for a brief introduction
- to shadow passwords and related features.
- .P
- Note that turning shadow passwords off and on again will lose all password
+--- shadow-4.0.10.orig/man/shadowconfig.8 2005-06-21 11:22:55.000000000 +0200
++++ shadow-4.0.10/man/shadowconfig.8 2005-07-04 18:27:47.000000000 +0200
+@@ -34,7 +34,7 @@
+ \fBshadowconfig\fR on will turn shadow passwords on; \fIshadowconfig off\fR will turn shadow passwords off\&. \fBshadowconfig\fR will print an error message and exit with a nonzero code if it finds anything awry\&. If that happens, you should correct the error and run it again\&. Turning shadow passwords on when they are already on, or off when they are already off, is harmless\&.
+
+ .PP
+-Read \fI/usr/share/doc/passwd/README\&.debian\fR for a brief introduction to shadow passwords and related features\&.
++Read \fI/usr/share/doc/passwd/README\&.Debian\fR for a brief introduction to shadow passwords and related features\&.
+
+ .PP
+ Note that turning shadow passwords off and on again will lose all password aging information\&.
+Index: shadow-4.0.10/man/shadowconfig.8.xml
+===================================================================
+--- shadow-4.0.10.orig/man/shadowconfig.8.xml 2005-06-15 14:39:27.000000000 +0200
++++ shadow-4.0.10/man/shadowconfig.8.xml 2005-07-04 18:27:53.000000000 +0200
+@@ -39,7 +39,7 @@
+ </para>
+
+ <para>
+- Read <filename>/usr/share/doc/passwd/README.debian</filename> for a
++ Read <filename>/usr/share/doc/passwd/README.Debian</filename> for a
+ brief introduction
+ to shadow passwords and related features.
+ </para>
Modified: branches/experimental/debian/patches/432_login_cancel_timout_after_authentication
===================================================================
--- branches/experimental/debian/patches/432_login_cancel_timout_after_authentication 2005-07-07 00:17:03 UTC (rev 354)
+++ branches/experimental/debian/patches/432_login_cancel_timout_after_authentication 2005-07-07 00:52:42 UTC (rev 355)
@@ -5,14 +5,14 @@
Status wrt upstream: It should be forwarded to upstream.
-Index: shadow-4.0.3/src/login.c
+Index: shadow-4.0.10/src/login.c
===================================================================
---- shadow-4.0.3.orig/src/login.c 2005-05-28 22:21:15.794189000 +0200
-+++ shadow-4.0.3/src/login.c 2005-05-28 22:21:22.214189000 +0200
+--- shadow-4.0.10.orig/src/login.c 2005-05-28 22:21:15.794189000 +0200
++++ shadow-4.0.10/src/login.c 2005-05-28 22:21:22.214189000 +0200
@@ -866,6 +866,7 @@
+ exit (0);
}
- /* We don't get here unless they were authenticated above */
+ alarm(0);
retcode = pam_acct_mgmt (pamh, 0);
Modified: branches/experimental/debian/patches/436_libmisc_chowntty_ro_root_fs
===================================================================
--- branches/experimental/debian/patches/436_libmisc_chowntty_ro_root_fs 2005-07-07 00:17:03 UTC (rev 354)
+++ branches/experimental/debian/patches/436_libmisc_chowntty_ro_root_fs 2005-07-07 00:52:42 UTC (rev 355)
@@ -7,16 +7,16 @@
work with a tty she doesn't own.
http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2005-June/001397.html
-Index: shadow-4.0.3/libmisc/chowntty.c
+Index: shadow-4.0.10/libmisc/chowntty.c
===================================================================
---- shadow-4.0.3.orig/libmisc/chowntty.c 2005-06-10 01:16:39.262729000 +0200
-+++ shadow-4.0.3/libmisc/chowntty.c 2005-06-10 01:17:42.422729000 +0200
-@@ -116,7 +116,7 @@
- tty, info->pw_name));
- closelog();
+--- shadow-4.0.10.orig/libmisc/chowntty.c 2005-06-14 22:27:35.000000000 +0200
++++ shadow-4.0.10/libmisc/chowntty.c 2005-07-07 02:29:41.000000000 +0200
+@@ -110,7 +110,7 @@
+ info->pw_name));
+ closelog ();
- if (!(err == EROFS && info->pw_uid == 0))
+ if (err != EROFS)
- exit(1);
+ exit (1);
}
-
+ #ifdef __linux__
Modified: branches/experimental/debian/patches/440_manpages-login.1
===================================================================
--- branches/experimental/debian/patches/440_manpages-login.1 2005-07-07 00:17:03 UTC (rev 354)
+++ branches/experimental/debian/patches/440_manpages-login.1 2005-07-07 00:52:42 UTC (rev 355)
@@ -2,29 +2,17 @@
to the utmp file
Give correct location of some files
-Status wrt upstream: Forwarded but not completely applied yet
- (the files locations patches are already applied)
-
-Index: shadow-4.0.3/man/login.1
+Status wrt upstream: Forwarded but not completely applied yet
+ (the files locations patches are already applied)
+
+Index: shadow-4.0.10/man/login.1
===================================================================
---- shadow-4.0.3.orig/man/login.1 2005-05-12 12:12:08.887059874 +0200
-+++ shadow-4.0.3/man/login.1 2005-05-12 12:12:18.802578367 +0200
-@@ -95,9 +95,9 @@ executed.
- Please see the appropriate manual section for more information on
- this function.
+--- shadow-4.0.10.orig/man/login.1 2005-06-16 18:02:31.000000000 +0200
++++ shadow-4.0.10/man/login.1 2005-07-04 18:17:38.000000000 +0200
+@@ -94,6 +94,15 @@
+
.PP
--A subsystem login is indicated by the presense of a "*" as the first
-+A subsystem login is indicated by the presence of a "*" as the first
- character of the login shell. The given home directory will be used as
--the root of a new filesystem which the user is actually logged into.
-+the root of a new file system which the user is actually logged into.
- .SH OPTIONS
- .TP
- .B -p
-@@ -119,11 +119,20 @@ This version of \fBlogin\fR has many com
- may be in use at any particular site.
- .PP
- The location of files is subject to differences in system configuration.
+ The location of files is subject to differences in system configuration\&.
+.PP
+The \fBlogin\fR program is NOT responsible for removing users from the utmp file.
+It is the responsibility of
@@ -34,13 +22,29 @@
+to clean up apparent ownership of a terminal session. If you use \fBlogin\fR
+from the shell prompt without \fBexec\fR, the user you use will
+continue to appear to be logged in even after you log out of the "subsession".
- .SH FILES
- .br
--/etc/utmp \- list of current login sessions
-+/var/run/utmp \- list of current login sessions
- .br
--/etc/wtmp \- list of previous login sessions
-+/var/log/wtmp \- list of previous login sessions
- .br
- /etc/passwd \- user account information
- .br
+
+ .SH "FILES"
+
+Index: shadow-4.0.10/man/login.1.xml
+===================================================================
+--- shadow-4.0.10.orig/man/login.1.xml 2005-06-15 14:39:27.000000000 +0200
++++ shadow-4.0.10/man/login.1.xml 2005-07-04 18:17:03.000000000 +0200
+@@ -152,6 +152,18 @@
+ <para>The location of files is subject to differences in system
+ configuration.
+ </para>
++
++ <para>The <command>login</command> program is NOT responsible for removing
++ users from the utmp file. It is the responsibility of <citerefentry>
++ <refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum>
++ </citerefentry> and <citerefentry>
++ <refentrytitle>init</refentrytitle><manvolnum>8</manvolnum>
++ </citerefentry> to clean up apparent ownership of a terminal session.
++ If you use <command>login</command>
++ from the shell prompt without <command>exec</command>, the user you use
++ will continue to appear to be logged in even after you log out of the
++ "subsession".
++ </para>
+ </refsect1>
+
+ <refsect1 id='files'>
Modified: branches/experimental/debian/patches/441_manpages-shadow.5
===================================================================
--- branches/experimental/debian/patches/441_manpages-shadow.5 2005-07-07 00:17:03 UTC (rev 354)
+++ branches/experimental/debian/patches/441_manpages-shadow.5 2005-07-07 00:52:42 UTC (rev 355)
@@ -3,17 +3,42 @@
Status wrt upstream: Forwarded but not applied yet
-Index: shadow-4.0.3/man/shadow.5
+Index: shadow-4.0.10/man/shadow.5
===================================================================
---- shadow-4.0.3.orig/man/shadow.5 2005-05-12 12:12:08.909056587 +0200
-+++ shadow-4.0.3/man/shadow.5 2005-05-12 12:12:18.805577919 +0200
-@@ -58,6 +58,9 @@ The encryped password consists of 13 to
- a thru z, A thru Z, 0 thru 9, \. and /.
- Refer to \fBcrypt\fR(3) for details on how this string is
- interpreted.
+--- shadow-4.0.10.orig/man/shadow.5 2005-06-16 19:37:46.000000000 +0200
++++ shadow-4.0.10/man/shadow.5 2005-07-04 18:05:27.000000000 +0200
+@@ -61,6 +61,11 @@
+ Refer to \fBcrypt\fR(3) for details on how this string is interpreted\&.
+
+ .PP
+If the password field contains some string that is not valid result
+of \fBcrypt\fR(3), for instance ! or *, the user will not be able to use
+a unix password to log in, subject to \fBpam\fR(7).
++
++.PP
+ The date of the last password change is given as the number of days since Jan 1, 1970\&. The password may not be changed again until the proper number of days have passed, and must be changed after the maximum number of days\&. If the minimum number of days required is greater than the maximum number of day allowed, this password may not be changed by the user\&.
+
.PP
- The date of the last password change is given as the number
- of days since Jan 1, 1970.
+Index: shadow-4.0.10/man/shadow.5.xml
+===================================================================
+--- shadow-4.0.10.orig/man/shadow.5.xml 2005-06-16 19:37:40.000000000 +0200
++++ shadow-4.0.10/man/shadow.5.xml 2005-07-04 18:08:33.000000000 +0200
+@@ -64,6 +64,18 @@
+ for details on how this string is interpreted.
+ </para>
+
++ <para>If the password field contains some string that is not valid result
++ of
++ <citerefentry>
++ <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
++ </citerefentry>,
++ for instance ! or *, the user will not be able to use
++ a unix password to log in, subject to
++ <citerefentry>
++ <refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum>
++ </citerefentry>.
++ </para>
++
+ <para>The date of the last password change is given as the number of
+ days since Jan 1, 1970. The password may not be changed again until
+ the proper number of days have passed, and must be changed after the
Modified: branches/experimental/debian/patches/series
===================================================================
--- branches/experimental/debian/patches/series 2005-07-07 00:17:03 UTC (rev 354)
+++ branches/experimental/debian/patches/series 2005-07-07 00:52:42 UTC (rev 355)
@@ -7,10 +7,10 @@
# 337_chpasswd.8 # applied
# 338_lastlog.8 # applied
441_manpages-shadow.5
-335_usermod.8-better-document--f
+# 335_usermod.8-better-document--f # applied
440_manpages-login.1
# 339_newusers.8 # applied
-340_passwd.1
+# 340_passwd.1 # mostly applied. The remaining parts can be ignored
# 341_passwd.5 # applied
# 342_pw_auth.3 # applied
# 343_pwck.8 # applied
@@ -19,7 +19,7 @@
# 346_suauth.5 # applied
# 352_userdel.8 # applied
# 353_groupdel.8 # applied
-351_libmisc_failure_UTMPX
+# 351_libmisc_failure_UTMPX # applied
436_libmisc_chowntty_ro_root_fs
435_su_addenv_HOME_and_SHELL
431_su_uid_0_not_root
@@ -31,22 +31,22 @@
008_su_get_PAM_username
#
# 439_su_PAM_session # This one is complicated. keep it for latter.
-350_su_syslog_old:new
+# 350_su_syslog_old:new # applied
#
# 008_login_MAXHOSTNAMELEN # It should probably be dropped.
428_grpck_add_prune_option
434_login_stop_checking_args_after--
-349_login_opt-f_with_username_after--
-433_login_more_LOG_UNKFAIL_ENAB
-008_login_log_failure_in_FTMP
+# 349_login_opt-f_with_username_after-- # applied
+# 433_login_more_LOG_UNKFAIL_ENAB # This one is complicated. keep it for latter.
+# 008_login_log_failure_in_FTMP # This one requiers 433
#
# 429_login_FAILLOG_ENAB # Ignore it for now (see patch's header)
432_login_cancel_timout_after_authentication
-355_login_close_session_as_root
-347_login_log_pam_user_if_USE_PAM
-348_login_PAM_SILENT_if_hushed_login
-359_usermod_warn_old_home_not_removed
-358_userdel_remove_group_from_gshadow
+# 355_login_close_session_as_root # applied
+# 347_login_log_pam_user_if_USE_PAM # applied
+# 348_login_PAM_SILENT_if_hushed_login # applied
+# 359_usermod_warn_old_home_not_removed # applied
+# 358_userdel_remove_group_from_gshadow # applied
#
# 360_newgrp_preserve_env # not needed
438_su_GNU_origin
@@ -100,7 +100,7 @@
#
# 311_high-uids.dpatch # upstream uses AC_SYS_LARGEFILE in configure.in
# 312_usermod-302388.dpatch # applied
-313_pam_access_with_preauth.dpatch
+# 313_pam_access_with_preauth.dpatch # applied
# 314_passwd.1_formatting.dpatch # applied
# 315_chage.1_document_expiration_removal.dpatch # applied
# 316_vipw-race-242407.dpatch # applied
@@ -118,7 +118,7 @@
# 329_libmisc_failure_ngettext # applied
# 330_CAN-2004-1001_passwd_check # applied
# 331_chpasswd-md5.dpatch # applied
-332_grpck.8-type_and_section
+# 332_grpck.8-type_and_section # applied
333_shadow.5-typo_312430
# 334_chage.1-typo # applied
401_cppw_src.dpatch