[Pkg-shadow-commits] r275 - branches/experimental/debian/patches

Nicolas FRANCOIS pkg-shadow-devel@lists.alioth.debian.org
Mon, 20 Jun 2005 00:16:31 +0000


Author: nekral-guest
Date: 2005-06-20 00:16:30 +0000 (Mon, 20 Jun 2005)
New Revision: 275

Modified:
   branches/experimental/debian/patches/006_libmisc_chowntty_ro_root_fs
   branches/experimental/debian/patches/008_login_MAXHOSTNAMELEN
   branches/experimental/debian/patches/008_login_more_LOG_UNKFAIL_ENAB
   branches/experimental/debian/patches/008_userdel_remove_group_from_gshadow
   branches/experimental/debian/patches/332_grpck.8-type_and_section
   branches/experimental/debian/patches/333_shadow.5-typo_312430
   branches/experimental/debian/patches/350_su_syslog_old:new
   branches/experimental/debian/patches/series
Log:
Update some patches to 4.0.9.
Comment aplied patches in series.
Also comment too complicated patches,
and l10n patches (those should be checked latter, with gettext tools).


Modified: branches/experimental/debian/patches/006_libmisc_chowntty_ro_root_fs
===================================================================
--- branches/experimental/debian/patches/006_libmisc_chowntty_ro_root_fs	2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/006_libmisc_chowntty_ro_root_fs	2005-06-20 00:16:30 UTC (rev 275)
@@ -3,20 +3,20 @@
        (in fact, the patch proposed in the bug report has evolved a lot)
 
 Status wrt upstream: submitted upstream.
-                     We first need to check how an ordinary useris expected to
+                     We first need to check how an ordinary user is expected to
                      work with a tty she doesn't own.
 http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2005-June/001397.html
 
-Index: shadow-4.0.3/libmisc/chowntty.c
+Index: shadow-4.0.9/libmisc/chowntty.c
 ===================================================================
---- shadow-4.0.3.orig/libmisc/chowntty.c	2005-06-10 01:16:39.262729000 +0200
-+++ shadow-4.0.3/libmisc/chowntty.c	2005-06-10 01:17:42.422729000 +0200
-@@ -116,7 +116,7 @@
- 			tty, info->pw_name));
- 		closelog();
+--- shadow-4.0.9.orig/libmisc/chowntty.c	2005-03-31 07:14:50.000000000 +0200
++++ shadow-4.0.9/libmisc/chowntty.c	2005-06-19 16:38:45.000000000 +0200
+@@ -110,7 +110,7 @@
+ 			 info->pw_name));
+ 		closelog ();
  
 -		if (!(err == EROFS && info->pw_uid == 0))
 +		if (err != EROFS)
- 			exit(1);
+ 			exit (1);
  	}
- 
+ #ifdef __linux__

Modified: branches/experimental/debian/patches/008_login_MAXHOSTNAMELEN
===================================================================
--- branches/experimental/debian/patches/008_login_MAXHOSTNAMELEN	2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/008_login_MAXHOSTNAMELEN	2005-06-20 00:16:30 UTC (rev 275)
@@ -1,6 +1,9 @@
 Goal: ???
 
+I think it should be dropped. The MAXHOSTNAMELEN macro is not used.
+It is usually used for the gethostname buffer.
 
+
 Index: shadow-4.0.3/src/login.c
 ===================================================================
 --- shadow-4.0.3.orig/src/login.c	2005-05-29 11:07:14.638975000 +0200

Modified: branches/experimental/debian/patches/008_login_more_LOG_UNKFAIL_ENAB
===================================================================
--- branches/experimental/debian/patches/008_login_more_LOG_UNKFAIL_ENAB	2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/008_login_more_LOG_UNKFAIL_ENAB	2005-06-20 00:16:30 UTC (rev 275)
@@ -19,11 +19,11 @@
  * a HAVE_PAM_FAIL_DELAY is missing
 
 
-Index: shadow-4.0.3/src/login.c
+Index: shadow-4.0.9/src/login.c
 ===================================================================
---- shadow-4.0.3.orig/src/login.c	2005-05-29 00:06:16.954189000 +0200
-+++ shadow-4.0.3/src/login.c	2005-05-29 00:06:56.174189000 +0200
-@@ -775,49 +775,68 @@
+--- shadow-4.0.9.orig/src/login.c	2005-06-20 02:10:30.000000000 +0200
++++ shadow-4.0.9/src/login.c	2005-06-20 02:10:41.000000000 +0200
+@@ -643,47 +643,68 @@
  			 * MAX_LOGIN_TRIES?
  			 */
  
@@ -46,42 +46,20 @@
 -				pam_set_item (pamh, PAM_USER, NULL);
 -				retcode = pam_authenticate (pamh, 0);
 -			}
--
--			if (retcode != PAM_SUCCESS) {
--				pam_get_item (pamh, PAM_USER,
--					      (const void **) &pam_user);
--
--				if (retcode == PAM_MAXTRIES)
--					syslog (LOG_NOTICE,
--						"TOO MANY LOGIN TRIES (%d) FROM %s FOR %s, %s",
--						failcount, hostname,
--						pam_user,
--						pam_strerror (pamh,
--							      retcode));
--				else
--					syslog (LOG_NOTICE,
--						"FAILED LOGIN SESSION FROM %s FOR %s, %s",
--						hostname, pam_user,
--						pam_strerror (pamh,
--							      retcode));
--
--				fprintf (stderr, "\nLogin incorrect\n");
--				pam_end (pamh, retcode);
--				exit (0);
 +			failcount = 0;
 +			while (1) {
 +			  const char *failent_user;
 +			  failed = 0;
-+			  
++
 +			  failcount++;
 +			  if (delay > 0)
 +			    retcode = pam_fail_delay(pamh, 1000000*delay);
-+			  
++
 +			  retcode = pam_authenticate (pamh, 0);
-+			  
++
 +			  pam_get_item (pamh, PAM_USER,
 +					(const void **) &pam_user);
-+			  
++
 +			  if (pam_user && pam_user[0]) {
 +			    pwd = getpwnam(pam_user);
 +			    if (pwd) {
@@ -97,7 +75,7 @@
 +			    pwd = NULL;
 +			    failent_user = "UNKNOWN";
 +			  }
-+			  
++
 +			  if (retcode == PAM_MAXTRIES || failcount >= retries) {
 +			    syslog (LOG_NOTICE,
 +				    _("TOO MANY LOGIN TRIES (%d)%s FOR `%s'"),
@@ -119,12 +97,31 @@
 +				   pam_strerror (pamh, retcode));
 +			    failed = 1;
 +			  }
-+
+ 
+-			if (retcode != PAM_SUCCESS) {
+-				pam_get_item (pamh, PAM_USER,
+-					      (const void **) &pam_user);
+-
+-				if (retcode == PAM_MAXTRIES)
+-					syslog (LOG_NOTICE,
+-						"TOO MANY LOGIN TRIES (%d) FROM %s FOR %s, %s",
+-						failcount, hostname,
+-						pam_user,
+-						pam_strerror (pamh, retcode));
+-				else
+-					syslog (LOG_NOTICE,
+-						"FAILED LOGIN SESSION FROM %s FOR %s, %s",
+-						hostname, pam_user,
+-						pam_strerror (pamh, retcode));
+-
+-				fprintf (stderr, "\nLogin incorrect\n");
+-				pam_end (pamh, retcode);
+-				exit (0);
 +			  if (!failed)
 +			    break;
-+			  
++
 +			  fprintf(stderr,"Login incorrect\n\n");
-+			  
++
 +			  /* Let's give it another go around */
 +			  pam_set_item(pamh,PAM_USER,NULL);
  			}

Modified: branches/experimental/debian/patches/008_userdel_remove_group_from_gshadow
===================================================================
--- branches/experimental/debian/patches/008_userdel_remove_group_from_gshadow	2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/008_userdel_remove_group_from_gshadow	2005-06-20 00:16:30 UTC (rev 275)
@@ -4,11 +4,11 @@
 
 Status wrt upstream: It could certainly be submitted to upstream.
 
-Index: shadow-4.0.3/src/userdel.c
+Index: shadow-4.0.9/src/userdel.c
 ===================================================================
---- shadow-4.0.3.orig/src/userdel.c	2005-05-22 22:41:28.837167000 +0200
-+++ shadow-4.0.3/src/userdel.c	2005-05-22 23:02:35.137167000 +0200
-@@ -147,6 +147,7 @@
+--- shadow-4.0.9.orig/src/userdel.c	2005-04-06 06:26:06.000000000 +0200
++++ shadow-4.0.9/src/userdel.c	2005-06-19 23:53:04.000000000 +0200
+@@ -126,6 +126,7 @@
  	struct group *ngrp;
  
  #ifdef	SHADOWGRP
@@ -16,7 +16,7 @@
  	const struct sgrp *sgrp;
  	struct sgrp *nsgrp;
  #endif				/* SHADOWGRP */
-@@ -209,6 +210,10 @@
+@@ -178,6 +179,10 @@
  
  		gr_remove (grp->gr_name);
  
@@ -24,17 +24,16 @@
 +		deleted_user_group = 1;
 +#endif
 +
- 		/*
- 		 * Update the DBM group file with the new entry as well.
- 		 */
-@@ -279,6 +284,10 @@
+ 		SYSLOG ((LOG_INFO, "removed group `%s' owned by `%s'\n",
+ 			 grp->gr_name, user_name));
+ 	}
+@@ -222,6 +227,9 @@
  		SYSLOG ((LOG_INFO, "delete `%s' from shadow group `%s'\n",
  			 user_name, nsgrp->sg_name));
  	}
 +
 +	if (deleted_user_group)
 +		sgr_remove(user_name);
-+
- #ifdef	NDBM
- 	endsgent ();
- #endif				/* NDBM */
+ #endif				/* SHADOWGRP */
+ }
+ 

Modified: branches/experimental/debian/patches/332_grpck.8-type_and_section
===================================================================
--- branches/experimental/debian/patches/332_grpck.8-type_and_section	2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/332_grpck.8-type_and_section	2005-06-20 00:16:30 UTC (rev 275)
@@ -1,27 +1,20 @@
 Goal: fix typos and use the correct section number
 Fixes: #312431
 
-Status wrt upstream: Applied
+Status wrt upstream: Applied (should enter 4.0.10)
 
-Index: shadow-4.0.3/man/grpck.8
+The category should be checked in Debian (was set to 9)
+
+Index: shadow-4.0.9/man/grpck.8
 ===================================================================
---- shadow-4.0.3.orig/man/grpck.8	2005-06-08 22:46:33.000000000 +0200
-+++ shadow-4.0.3/man/grpck.8	2005-06-08 22:47:02.000000000 +0200
-@@ -25,7 +25,7 @@
- .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- .\" SUCH DAMAGE.
--.TH GRPCK 1
-+.TH GRPCK 9
- .SH NAME
- grpck \- verify integrity of group files
- .SH SYNOPSIS
+--- shadow-4.0.9.orig/man/grpck.8	2005-06-20 02:07:26.000000000 +0200
++++ shadow-4.0.9/man/grpck.8	2005-06-20 02:07:34.000000000 +0200
 @@ -35,7 +35,7 @@
  All entries in the \fI/etc/group\fR and \fI/etc/gshadow\fR are checked to
- see that the entry has the proper format and valid data in each field.
- The user is prompted to delete entries that are improperly formatted or
--which have other incorrectable errors.
-+which have other uncorrectable errors.
- .P
- Checks are made to verify that each entry has
+ see that the entry has the proper format and valid data in each field. The
+ user is prompted to delete entries that are improperly formatted or which
+-have other incorrectable errors.
++have other uncorrectable errors.
+ .PP
+ Checks are made to verify that each entry has:
  .sp

Modified: branches/experimental/debian/patches/333_shadow.5-typo_312430
===================================================================
--- branches/experimental/debian/patches/333_shadow.5-typo_312430	2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/333_shadow.5-typo_312430	2005-06-20 00:16:30 UTC (rev 275)
@@ -1,27 +1,31 @@
 Goal: fix typos 
 Fixes: #312430
 
-Status wrt upstream: Applied
+Status wrt upstream: Applied (should enter 4.0.10)
 
-Index: shadow-4.0.3/man/shadow.5
+s/64 characters alphabet/64 character alphabet/ is missing
+
+Index: shadow-4.0.9/man/shadow.5
 ===================================================================
---- shadow-4.0.3.orig/man/shadow.5	2005-06-08 23:00:31.000000000 +0200
-+++ shadow-4.0.3/man/shadow.5	2005-06-08 23:03:37.000000000 +0200
-@@ -53,7 +53,7 @@
+--- shadow-4.0.9.orig/man/shadow.5	2005-06-19 16:20:49.000000000 +0200
++++ shadow-4.0.9/man/shadow.5	2005-06-20 01:57:56.000000000 +0200
+@@ -50,8 +50,8 @@
+ .IP "" .5i
  A reserved field
  .PP
- The password field must be filled.
--The encryped password consists of 13 to 24 characters from the
-+The encrypted password consists of 13 to 24 characters from the
- 64 character alphabet
- a thru z, A thru Z, 0 thru 9, \. and /.
- Refer to \fBcrypt\fR(3) for details on how this string is
-@@ -77,7 +77,7 @@
- An account will also be disabled on the specified day
- regardless of other password expiration information.
+-The password field must be filled. The encryped password consists of 13 to
+-24 characters from the 64 characters alphabet a thru z, A thru Z, 0 thru 9,
++The password field must be filled. The encrypted password consists of 13 to
++24 characters from the 64 character alphabet a thru z, A thru Z, 0 thru 9,
+ \&\. and /. Optionally it can start with a "$" character. This means the
+ encrypted password was generated using another (not DES) algorithm. For
+ example if it starts with "$1$" it means the MD5\-based algorithm was used.
+@@ -73,7 +73,7 @@
+ An account will also be disabled on the specified day regardless of other
+ password expiration information.
  .PP
--This information supercedes any password or password age
-+This information supersedes any password or password age
- information present in \fI/etc/passwd\fR.
+-This information supercedes any password or password age information present
++This information supersedes any password or password age information present
+ in \fI/etc/passwd\fR.
  .PP
- This file must not be readable by regular users if password
+ This file must not be readable by regular users if password security is to

Modified: branches/experimental/debian/patches/350_su_syslog_old:new
===================================================================
--- branches/experimental/debian/patches/350_su_syslog_old:new	2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/350_su_syslog_old:new	2005-06-20 00:16:30 UTC (rev 275)
@@ -3,27 +3,27 @@
       ambiguous.
 Fixes: #213592
 
-Status wrt upstream: Applied upstream.
+Status wrt upstream: Applied upstream. (should enter 4.0.10)
 
-Index: shadow-4.0.3/src/su.c
+Index: shadow-4.0.9/src/su.c
 ===================================================================
---- shadow-4.0.3.orig/src/su.c	2005-05-29 12:11:25.560552000 +0200
-+++ shadow-4.0.3/src/su.c	2005-05-29 12:12:22.910552000 +0200
-@@ -228,7 +228,7 @@
+--- shadow-4.0.9.orig/src/su.c	2005-06-19 16:48:03.000000000 +0200
++++ shadow-4.0.9/src/su.c	2005-06-19 17:31:20.000000000 +0200
+@@ -125,7 +125,7 @@
  #ifdef USE_SYSLOG
  	if (getdef_bool ("SYSLOG_SU_ENAB"))
  		SYSLOG ((pwent.pw_uid ? LOG_INFO : LOG_NOTICE,
 -			 "- %s %s-%s", tty,
 +			 "- %s %s:%s", tty,
- 			 oldname[0] ? oldname : "???",
- 			 name[0] ? name : "???"));
+ 			 oldname[0] ? oldname : "???", name[0] ? name : "???"));
  	closelog ();
-@@ -678,7 +678,7 @@
  #endif
+@@ -645,7 +645,7 @@
+ #endif
  #ifdef USE_SYSLOG
  	if (getdef_bool ("SYSLOG_SU_ENAB"))
 -		SYSLOG ((LOG_INFO, "+ %s %s-%s", tty,
 +		SYSLOG ((LOG_INFO, "+ %s %s:%s", tty,
- 			 oldname[0] ? oldname : "???",
- 			 name[0] ? name : "???"));
+ 			 oldname[0] ? oldname : "???", name[0] ? name : "???"));
  #endif
+ 

Modified: branches/experimental/debian/patches/series
===================================================================
--- branches/experimental/debian/patches/series	2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/series	2005-06-20 00:16:30 UTC (rev 275)
@@ -23,94 +23,105 @@
 006_libmisc_chowntty_ro_root_fs
 008_su_addenv_HOME_and_SHELL
 008_su_uid_0_not_root
-008_su_add_GNU_options
+#
+# 008_su_add_GNU_options  # This one is complicated. keep it for latter.
 008_su_ignore_SIGINT
 008_su_check_user_earlier
 008_su_no_sanitize_env
 008_su_get_PAM_username
-008_su_PAM_session
+#
+# 008_su_PAM_session      # This one is complicated. keep it for latter.
 350_su_syslog_old:new
-008_login_MAXHOSTNAMELEN
+#
+# 008_login_MAXHOSTNAMELEN # It should probably be dropped.
 008_grpck_add_prune_option
 008_login_stop_checking_args_after--
 349_login_opt-f_with_username_after--
 008_login_more_LOG_UNKFAIL_ENAB
 008_login_log_failure_in_FTMP
-008_login_FAILLOG_ENAB
+#
+# 008_login_FAILLOG_ENAB # Ignore it for now (see patch's header)
 008_login_cancel_timout_after_authentication
 355_login_close_session_as_root
 347_login_log_pam_user_if_USE_PAM
 348_login_PAM_SILENT_if_hushed_login
 008_usermod_warn_old_home_not_removed
 008_userdel_remove_group_from_gshadow
-008_newgrp_preserve_env
+#
+# 008_newgrp_preserve_env # not needed
 008_su_GNU_origin
 # 009 is patching login.defs file we don't use, actually..:-)
 # 009_etc.dpatch
-100_LINGUAS.dpatch
-100_shadow.pot
-101_cs.dpatch
-102_de.dpatch
-103_el.dpatch
-104_fr.dpatch
-105_ja.dpatch
-106_ko.dpatch
-107_pl.dpatch
-108_sv.dpatch
-109_uk.dpatch
-110_bs.dpatch
-111_ca.dpatch
-112_da.dpatch
-113_es.dpatch
-114_eu
-115_fi.dpatch
-116_he.dpatch
-117_id.dpatch
-118_it.dpatch
-119_nb.dpatch
-120_nl.dpatch
-121_nn.dpatch
-122_pt.dpatch
-123_pt_BR.dpatch
-124_ru.dpatch
-125_sk.dpatch
-126_tr.dpatch
-127_zh_CN.dpatch
-128_sq.dpatch
-129_ro.dpatch
-130_zh_TW.dpatch
-131_tl.dpatch
-132_vi.dpatch
-200_de-manpages.dpatch
-200_de-manpages-2.dpatch
-200_de-manpages-passwd.1.dpatch
-201_fr-manpages.dpatch
-202_ja_manpages.dpatch
-203_pl_manpages.dpatch
-204_pt_BR-manpages.dpatch
-205_it-manpages.dpatch
-311_high-uids.dpatch
-312_usermod-302388.dpatch
+# 100_LINGUAS.dpatch # Is it needed?
+# 100_shadow.pot     # Is it needed?
+#
+#I comment out all languages patch for now.
+# 101_cs.dpatch
+# 102_de.dpatch
+# 103_el.dpatch
+# 104_fr.dpatch
+# 105_ja.dpatch
+# 106_ko.dpatch
+# 107_pl.dpatch
+# 108_sv.dpatch
+# 109_uk.dpatch
+# 110_bs.dpatch
+# 111_ca.dpatch
+# 112_da.dpatch
+# 113_es.dpatch
+# 114_eu
+# 115_fi.dpatch
+# 116_he.dpatch
+# 117_id.dpatch
+# 118_it.dpatch
+# 119_nb.dpatch
+# 120_nl.dpatch
+# 121_nn.dpatch
+# 122_pt.dpatch
+# 123_pt_BR.dpatch
+# 124_ru.dpatch
+# 125_sk.dpatch
+# 126_tr.dpatch
+# 127_zh_CN.dpatch
+# 128_sq.dpatch
+# 129_ro.dpatch
+# 130_zh_TW.dpatch
+# 131_tl.dpatch
+# 132_vi.dpatch
+#
+#Ditto for man pages translations.
+# 200_de-manpages.dpatch
+# 200_de-manpages-2.dpatch
+# 200_de-manpages-passwd.1.dpatch
+# 201_fr-manpages.dpatch
+# 202_ja_manpages.dpatch
+# 203_pl_manpages.dpatch
+# 204_pt_BR-manpages.dpatch
+# 205_it-manpages.dpatch
+#
+# 311_high-uids.dpatch       # upstream uses AC_SYS_LARGEFILE in configure.in
+# 312_usermod-302388.dpatch  # applied
 313_pam_access_with_preauth.dpatch
-314_passwd.1_formatting.dpatch
-315_chage.1_document_expiration_removal.dpatch
-316_vipw-race-242407.dpatch
-317_lastlog_usage_249611.dpatch
-318_passwd_src_warning.dpatch
-319_time_structures.dpatch
-320_nscd_header.dpatch
-321_remove_malloc_definition.dpatch
-324_configure.in-no-debian-dir.dpatch
-325_gshadow_5_manpage
-326_su.1_pwconv.8-typos
-327_newgrp_162303
-328_successful_password_change
-329_libmisc_failure_ngettext
-330_CAN-2004-1001_passwd_check
-331_chpasswd-md5.dpatch
+# 314_passwd.1_formatting.dpatch                 # applied
+# 315_chage.1_document_expiration_removal.dpatch # applied
+# 316_vipw-race-242407.dpatch                    # applied
+# 317_lastlog_usage_249611.dpatch                # applied
+# 318_passwd_src_warning.dpatch                  # applied
+#
+# 319_time_structures.dpatch  # must be checked another time
+# 320_nscd_header.dpatch                         # applied
+# 321_remove_malloc_definition.dpatch            # applied
+# 324_configure.in-no-debian-dir.dpatch          # applied
+# 325_gshadow_5_manpage                          # applied
+# 326_su.1_pwconv.8-typos                        # applied
+# 327_newgrp_162303                              # applied
+# 328_successful_password_change                 # applied
+# 329_libmisc_failure_ngettext                   # applied
+# 330_CAN-2004-1001_passwd_check                 # applied
+# 331_chpasswd-md5.dpatch                        # applied
 332_grpck.8-type_and_section
 333_shadow.5-typo_312430
-334_chage.1-typo
+# 334_chage.1-typo                               # applied
 401_cppw_src.dpatch
 403_sg_symlink_162339_163652.dpatch
 404_undef_USE_PAM.dpatch