[Pkg-shadow-commits] r275 - branches/experimental/debian/patches
Nicolas FRANCOIS
pkg-shadow-devel@lists.alioth.debian.org
Mon, 20 Jun 2005 00:16:31 +0000
Author: nekral-guest
Date: 2005-06-20 00:16:30 +0000 (Mon, 20 Jun 2005)
New Revision: 275
Modified:
branches/experimental/debian/patches/006_libmisc_chowntty_ro_root_fs
branches/experimental/debian/patches/008_login_MAXHOSTNAMELEN
branches/experimental/debian/patches/008_login_more_LOG_UNKFAIL_ENAB
branches/experimental/debian/patches/008_userdel_remove_group_from_gshadow
branches/experimental/debian/patches/332_grpck.8-type_and_section
branches/experimental/debian/patches/333_shadow.5-typo_312430
branches/experimental/debian/patches/350_su_syslog_old:new
branches/experimental/debian/patches/series
Log:
Update some patches to 4.0.9.
Comment aplied patches in series.
Also comment too complicated patches,
and l10n patches (those should be checked latter, with gettext tools).
Modified: branches/experimental/debian/patches/006_libmisc_chowntty_ro_root_fs
===================================================================
--- branches/experimental/debian/patches/006_libmisc_chowntty_ro_root_fs 2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/006_libmisc_chowntty_ro_root_fs 2005-06-20 00:16:30 UTC (rev 275)
@@ -3,20 +3,20 @@
(in fact, the patch proposed in the bug report has evolved a lot)
Status wrt upstream: submitted upstream.
- We first need to check how an ordinary useris expected to
+ We first need to check how an ordinary user is expected to
work with a tty she doesn't own.
http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2005-June/001397.html
-Index: shadow-4.0.3/libmisc/chowntty.c
+Index: shadow-4.0.9/libmisc/chowntty.c
===================================================================
---- shadow-4.0.3.orig/libmisc/chowntty.c 2005-06-10 01:16:39.262729000 +0200
-+++ shadow-4.0.3/libmisc/chowntty.c 2005-06-10 01:17:42.422729000 +0200
-@@ -116,7 +116,7 @@
- tty, info->pw_name));
- closelog();
+--- shadow-4.0.9.orig/libmisc/chowntty.c 2005-03-31 07:14:50.000000000 +0200
++++ shadow-4.0.9/libmisc/chowntty.c 2005-06-19 16:38:45.000000000 +0200
+@@ -110,7 +110,7 @@
+ info->pw_name));
+ closelog ();
- if (!(err == EROFS && info->pw_uid == 0))
+ if (err != EROFS)
- exit(1);
+ exit (1);
}
-
+ #ifdef __linux__
Modified: branches/experimental/debian/patches/008_login_MAXHOSTNAMELEN
===================================================================
--- branches/experimental/debian/patches/008_login_MAXHOSTNAMELEN 2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/008_login_MAXHOSTNAMELEN 2005-06-20 00:16:30 UTC (rev 275)
@@ -1,6 +1,9 @@
Goal: ???
+I think it should be dropped. The MAXHOSTNAMELEN macro is not used.
+It is usually used for the gethostname buffer.
+
Index: shadow-4.0.3/src/login.c
===================================================================
--- shadow-4.0.3.orig/src/login.c 2005-05-29 11:07:14.638975000 +0200
Modified: branches/experimental/debian/patches/008_login_more_LOG_UNKFAIL_ENAB
===================================================================
--- branches/experimental/debian/patches/008_login_more_LOG_UNKFAIL_ENAB 2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/008_login_more_LOG_UNKFAIL_ENAB 2005-06-20 00:16:30 UTC (rev 275)
@@ -19,11 +19,11 @@
* a HAVE_PAM_FAIL_DELAY is missing
-Index: shadow-4.0.3/src/login.c
+Index: shadow-4.0.9/src/login.c
===================================================================
---- shadow-4.0.3.orig/src/login.c 2005-05-29 00:06:16.954189000 +0200
-+++ shadow-4.0.3/src/login.c 2005-05-29 00:06:56.174189000 +0200
-@@ -775,49 +775,68 @@
+--- shadow-4.0.9.orig/src/login.c 2005-06-20 02:10:30.000000000 +0200
++++ shadow-4.0.9/src/login.c 2005-06-20 02:10:41.000000000 +0200
+@@ -643,47 +643,68 @@
* MAX_LOGIN_TRIES?
*/
@@ -46,42 +46,20 @@
- pam_set_item (pamh, PAM_USER, NULL);
- retcode = pam_authenticate (pamh, 0);
- }
--
-- if (retcode != PAM_SUCCESS) {
-- pam_get_item (pamh, PAM_USER,
-- (const void **) &pam_user);
--
-- if (retcode == PAM_MAXTRIES)
-- syslog (LOG_NOTICE,
-- "TOO MANY LOGIN TRIES (%d) FROM %s FOR %s, %s",
-- failcount, hostname,
-- pam_user,
-- pam_strerror (pamh,
-- retcode));
-- else
-- syslog (LOG_NOTICE,
-- "FAILED LOGIN SESSION FROM %s FOR %s, %s",
-- hostname, pam_user,
-- pam_strerror (pamh,
-- retcode));
--
-- fprintf (stderr, "\nLogin incorrect\n");
-- pam_end (pamh, retcode);
-- exit (0);
+ failcount = 0;
+ while (1) {
+ const char *failent_user;
+ failed = 0;
-+
++
+ failcount++;
+ if (delay > 0)
+ retcode = pam_fail_delay(pamh, 1000000*delay);
-+
++
+ retcode = pam_authenticate (pamh, 0);
-+
++
+ pam_get_item (pamh, PAM_USER,
+ (const void **) &pam_user);
-+
++
+ if (pam_user && pam_user[0]) {
+ pwd = getpwnam(pam_user);
+ if (pwd) {
@@ -97,7 +75,7 @@
+ pwd = NULL;
+ failent_user = "UNKNOWN";
+ }
-+
++
+ if (retcode == PAM_MAXTRIES || failcount >= retries) {
+ syslog (LOG_NOTICE,
+ _("TOO MANY LOGIN TRIES (%d)%s FOR `%s'"),
@@ -119,12 +97,31 @@
+ pam_strerror (pamh, retcode));
+ failed = 1;
+ }
-+
+
+- if (retcode != PAM_SUCCESS) {
+- pam_get_item (pamh, PAM_USER,
+- (const void **) &pam_user);
+-
+- if (retcode == PAM_MAXTRIES)
+- syslog (LOG_NOTICE,
+- "TOO MANY LOGIN TRIES (%d) FROM %s FOR %s, %s",
+- failcount, hostname,
+- pam_user,
+- pam_strerror (pamh, retcode));
+- else
+- syslog (LOG_NOTICE,
+- "FAILED LOGIN SESSION FROM %s FOR %s, %s",
+- hostname, pam_user,
+- pam_strerror (pamh, retcode));
+-
+- fprintf (stderr, "\nLogin incorrect\n");
+- pam_end (pamh, retcode);
+- exit (0);
+ if (!failed)
+ break;
-+
++
+ fprintf(stderr,"Login incorrect\n\n");
-+
++
+ /* Let's give it another go around */
+ pam_set_item(pamh,PAM_USER,NULL);
}
Modified: branches/experimental/debian/patches/008_userdel_remove_group_from_gshadow
===================================================================
--- branches/experimental/debian/patches/008_userdel_remove_group_from_gshadow 2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/008_userdel_remove_group_from_gshadow 2005-06-20 00:16:30 UTC (rev 275)
@@ -4,11 +4,11 @@
Status wrt upstream: It could certainly be submitted to upstream.
-Index: shadow-4.0.3/src/userdel.c
+Index: shadow-4.0.9/src/userdel.c
===================================================================
---- shadow-4.0.3.orig/src/userdel.c 2005-05-22 22:41:28.837167000 +0200
-+++ shadow-4.0.3/src/userdel.c 2005-05-22 23:02:35.137167000 +0200
-@@ -147,6 +147,7 @@
+--- shadow-4.0.9.orig/src/userdel.c 2005-04-06 06:26:06.000000000 +0200
++++ shadow-4.0.9/src/userdel.c 2005-06-19 23:53:04.000000000 +0200
+@@ -126,6 +126,7 @@
struct group *ngrp;
#ifdef SHADOWGRP
@@ -16,7 +16,7 @@
const struct sgrp *sgrp;
struct sgrp *nsgrp;
#endif /* SHADOWGRP */
-@@ -209,6 +210,10 @@
+@@ -178,6 +179,10 @@
gr_remove (grp->gr_name);
@@ -24,17 +24,16 @@
+ deleted_user_group = 1;
+#endif
+
- /*
- * Update the DBM group file with the new entry as well.
- */
-@@ -279,6 +284,10 @@
+ SYSLOG ((LOG_INFO, "removed group `%s' owned by `%s'\n",
+ grp->gr_name, user_name));
+ }
+@@ -222,6 +227,9 @@
SYSLOG ((LOG_INFO, "delete `%s' from shadow group `%s'\n",
user_name, nsgrp->sg_name));
}
+
+ if (deleted_user_group)
+ sgr_remove(user_name);
-+
- #ifdef NDBM
- endsgent ();
- #endif /* NDBM */
+ #endif /* SHADOWGRP */
+ }
+
Modified: branches/experimental/debian/patches/332_grpck.8-type_and_section
===================================================================
--- branches/experimental/debian/patches/332_grpck.8-type_and_section 2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/332_grpck.8-type_and_section 2005-06-20 00:16:30 UTC (rev 275)
@@ -1,27 +1,20 @@
Goal: fix typos and use the correct section number
Fixes: #312431
-Status wrt upstream: Applied
+Status wrt upstream: Applied (should enter 4.0.10)
-Index: shadow-4.0.3/man/grpck.8
+The category should be checked in Debian (was set to 9)
+
+Index: shadow-4.0.9/man/grpck.8
===================================================================
---- shadow-4.0.3.orig/man/grpck.8 2005-06-08 22:46:33.000000000 +0200
-+++ shadow-4.0.3/man/grpck.8 2005-06-08 22:47:02.000000000 +0200
-@@ -25,7 +25,7 @@
- .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- .\" SUCH DAMAGE.
--.TH GRPCK 1
-+.TH GRPCK 9
- .SH NAME
- grpck \- verify integrity of group files
- .SH SYNOPSIS
+--- shadow-4.0.9.orig/man/grpck.8 2005-06-20 02:07:26.000000000 +0200
++++ shadow-4.0.9/man/grpck.8 2005-06-20 02:07:34.000000000 +0200
@@ -35,7 +35,7 @@
All entries in the \fI/etc/group\fR and \fI/etc/gshadow\fR are checked to
- see that the entry has the proper format and valid data in each field.
- The user is prompted to delete entries that are improperly formatted or
--which have other incorrectable errors.
-+which have other uncorrectable errors.
- .P
- Checks are made to verify that each entry has
+ see that the entry has the proper format and valid data in each field. The
+ user is prompted to delete entries that are improperly formatted or which
+-have other incorrectable errors.
++have other uncorrectable errors.
+ .PP
+ Checks are made to verify that each entry has:
.sp
Modified: branches/experimental/debian/patches/333_shadow.5-typo_312430
===================================================================
--- branches/experimental/debian/patches/333_shadow.5-typo_312430 2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/333_shadow.5-typo_312430 2005-06-20 00:16:30 UTC (rev 275)
@@ -1,27 +1,31 @@
Goal: fix typos
Fixes: #312430
-Status wrt upstream: Applied
+Status wrt upstream: Applied (should enter 4.0.10)
-Index: shadow-4.0.3/man/shadow.5
+s/64 characters alphabet/64 character alphabet/ is missing
+
+Index: shadow-4.0.9/man/shadow.5
===================================================================
---- shadow-4.0.3.orig/man/shadow.5 2005-06-08 23:00:31.000000000 +0200
-+++ shadow-4.0.3/man/shadow.5 2005-06-08 23:03:37.000000000 +0200
-@@ -53,7 +53,7 @@
+--- shadow-4.0.9.orig/man/shadow.5 2005-06-19 16:20:49.000000000 +0200
++++ shadow-4.0.9/man/shadow.5 2005-06-20 01:57:56.000000000 +0200
+@@ -50,8 +50,8 @@
+ .IP "" .5i
A reserved field
.PP
- The password field must be filled.
--The encryped password consists of 13 to 24 characters from the
-+The encrypted password consists of 13 to 24 characters from the
- 64 character alphabet
- a thru z, A thru Z, 0 thru 9, \. and /.
- Refer to \fBcrypt\fR(3) for details on how this string is
-@@ -77,7 +77,7 @@
- An account will also be disabled on the specified day
- regardless of other password expiration information.
+-The password field must be filled. The encryped password consists of 13 to
+-24 characters from the 64 characters alphabet a thru z, A thru Z, 0 thru 9,
++The password field must be filled. The encrypted password consists of 13 to
++24 characters from the 64 character alphabet a thru z, A thru Z, 0 thru 9,
+ \&\. and /. Optionally it can start with a "$" character. This means the
+ encrypted password was generated using another (not DES) algorithm. For
+ example if it starts with "$1$" it means the MD5\-based algorithm was used.
+@@ -73,7 +73,7 @@
+ An account will also be disabled on the specified day regardless of other
+ password expiration information.
.PP
--This information supercedes any password or password age
-+This information supersedes any password or password age
- information present in \fI/etc/passwd\fR.
+-This information supercedes any password or password age information present
++This information supersedes any password or password age information present
+ in \fI/etc/passwd\fR.
.PP
- This file must not be readable by regular users if password
+ This file must not be readable by regular users if password security is to
Modified: branches/experimental/debian/patches/350_su_syslog_old:new
===================================================================
--- branches/experimental/debian/patches/350_su_syslog_old:new 2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/350_su_syslog_old:new 2005-06-20 00:16:30 UTC (rev 275)
@@ -3,27 +3,27 @@
ambiguous.
Fixes: #213592
-Status wrt upstream: Applied upstream.
+Status wrt upstream: Applied upstream. (should enter 4.0.10)
-Index: shadow-4.0.3/src/su.c
+Index: shadow-4.0.9/src/su.c
===================================================================
---- shadow-4.0.3.orig/src/su.c 2005-05-29 12:11:25.560552000 +0200
-+++ shadow-4.0.3/src/su.c 2005-05-29 12:12:22.910552000 +0200
-@@ -228,7 +228,7 @@
+--- shadow-4.0.9.orig/src/su.c 2005-06-19 16:48:03.000000000 +0200
++++ shadow-4.0.9/src/su.c 2005-06-19 17:31:20.000000000 +0200
+@@ -125,7 +125,7 @@
#ifdef USE_SYSLOG
if (getdef_bool ("SYSLOG_SU_ENAB"))
SYSLOG ((pwent.pw_uid ? LOG_INFO : LOG_NOTICE,
- "- %s %s-%s", tty,
+ "- %s %s:%s", tty,
- oldname[0] ? oldname : "???",
- name[0] ? name : "???"));
+ oldname[0] ? oldname : "???", name[0] ? name : "???"));
closelog ();
-@@ -678,7 +678,7 @@
#endif
+@@ -645,7 +645,7 @@
+ #endif
#ifdef USE_SYSLOG
if (getdef_bool ("SYSLOG_SU_ENAB"))
- SYSLOG ((LOG_INFO, "+ %s %s-%s", tty,
+ SYSLOG ((LOG_INFO, "+ %s %s:%s", tty,
- oldname[0] ? oldname : "???",
- name[0] ? name : "???"));
+ oldname[0] ? oldname : "???", name[0] ? name : "???"));
#endif
+
Modified: branches/experimental/debian/patches/series
===================================================================
--- branches/experimental/debian/patches/series 2005-06-19 14:31:15 UTC (rev 274)
+++ branches/experimental/debian/patches/series 2005-06-20 00:16:30 UTC (rev 275)
@@ -23,94 +23,105 @@
006_libmisc_chowntty_ro_root_fs
008_su_addenv_HOME_and_SHELL
008_su_uid_0_not_root
-008_su_add_GNU_options
+#
+# 008_su_add_GNU_options # This one is complicated. keep it for latter.
008_su_ignore_SIGINT
008_su_check_user_earlier
008_su_no_sanitize_env
008_su_get_PAM_username
-008_su_PAM_session
+#
+# 008_su_PAM_session # This one is complicated. keep it for latter.
350_su_syslog_old:new
-008_login_MAXHOSTNAMELEN
+#
+# 008_login_MAXHOSTNAMELEN # It should probably be dropped.
008_grpck_add_prune_option
008_login_stop_checking_args_after--
349_login_opt-f_with_username_after--
008_login_more_LOG_UNKFAIL_ENAB
008_login_log_failure_in_FTMP
-008_login_FAILLOG_ENAB
+#
+# 008_login_FAILLOG_ENAB # Ignore it for now (see patch's header)
008_login_cancel_timout_after_authentication
355_login_close_session_as_root
347_login_log_pam_user_if_USE_PAM
348_login_PAM_SILENT_if_hushed_login
008_usermod_warn_old_home_not_removed
008_userdel_remove_group_from_gshadow
-008_newgrp_preserve_env
+#
+# 008_newgrp_preserve_env # not needed
008_su_GNU_origin
# 009 is patching login.defs file we don't use, actually..:-)
# 009_etc.dpatch
-100_LINGUAS.dpatch
-100_shadow.pot
-101_cs.dpatch
-102_de.dpatch
-103_el.dpatch
-104_fr.dpatch
-105_ja.dpatch
-106_ko.dpatch
-107_pl.dpatch
-108_sv.dpatch
-109_uk.dpatch
-110_bs.dpatch
-111_ca.dpatch
-112_da.dpatch
-113_es.dpatch
-114_eu
-115_fi.dpatch
-116_he.dpatch
-117_id.dpatch
-118_it.dpatch
-119_nb.dpatch
-120_nl.dpatch
-121_nn.dpatch
-122_pt.dpatch
-123_pt_BR.dpatch
-124_ru.dpatch
-125_sk.dpatch
-126_tr.dpatch
-127_zh_CN.dpatch
-128_sq.dpatch
-129_ro.dpatch
-130_zh_TW.dpatch
-131_tl.dpatch
-132_vi.dpatch
-200_de-manpages.dpatch
-200_de-manpages-2.dpatch
-200_de-manpages-passwd.1.dpatch
-201_fr-manpages.dpatch
-202_ja_manpages.dpatch
-203_pl_manpages.dpatch
-204_pt_BR-manpages.dpatch
-205_it-manpages.dpatch
-311_high-uids.dpatch
-312_usermod-302388.dpatch
+# 100_LINGUAS.dpatch # Is it needed?
+# 100_shadow.pot # Is it needed?
+#
+#I comment out all languages patch for now.
+# 101_cs.dpatch
+# 102_de.dpatch
+# 103_el.dpatch
+# 104_fr.dpatch
+# 105_ja.dpatch
+# 106_ko.dpatch
+# 107_pl.dpatch
+# 108_sv.dpatch
+# 109_uk.dpatch
+# 110_bs.dpatch
+# 111_ca.dpatch
+# 112_da.dpatch
+# 113_es.dpatch
+# 114_eu
+# 115_fi.dpatch
+# 116_he.dpatch
+# 117_id.dpatch
+# 118_it.dpatch
+# 119_nb.dpatch
+# 120_nl.dpatch
+# 121_nn.dpatch
+# 122_pt.dpatch
+# 123_pt_BR.dpatch
+# 124_ru.dpatch
+# 125_sk.dpatch
+# 126_tr.dpatch
+# 127_zh_CN.dpatch
+# 128_sq.dpatch
+# 129_ro.dpatch
+# 130_zh_TW.dpatch
+# 131_tl.dpatch
+# 132_vi.dpatch
+#
+#Ditto for man pages translations.
+# 200_de-manpages.dpatch
+# 200_de-manpages-2.dpatch
+# 200_de-manpages-passwd.1.dpatch
+# 201_fr-manpages.dpatch
+# 202_ja_manpages.dpatch
+# 203_pl_manpages.dpatch
+# 204_pt_BR-manpages.dpatch
+# 205_it-manpages.dpatch
+#
+# 311_high-uids.dpatch # upstream uses AC_SYS_LARGEFILE in configure.in
+# 312_usermod-302388.dpatch # applied
313_pam_access_with_preauth.dpatch
-314_passwd.1_formatting.dpatch
-315_chage.1_document_expiration_removal.dpatch
-316_vipw-race-242407.dpatch
-317_lastlog_usage_249611.dpatch
-318_passwd_src_warning.dpatch
-319_time_structures.dpatch
-320_nscd_header.dpatch
-321_remove_malloc_definition.dpatch
-324_configure.in-no-debian-dir.dpatch
-325_gshadow_5_manpage
-326_su.1_pwconv.8-typos
-327_newgrp_162303
-328_successful_password_change
-329_libmisc_failure_ngettext
-330_CAN-2004-1001_passwd_check
-331_chpasswd-md5.dpatch
+# 314_passwd.1_formatting.dpatch # applied
+# 315_chage.1_document_expiration_removal.dpatch # applied
+# 316_vipw-race-242407.dpatch # applied
+# 317_lastlog_usage_249611.dpatch # applied
+# 318_passwd_src_warning.dpatch # applied
+#
+# 319_time_structures.dpatch # must be checked another time
+# 320_nscd_header.dpatch # applied
+# 321_remove_malloc_definition.dpatch # applied
+# 324_configure.in-no-debian-dir.dpatch # applied
+# 325_gshadow_5_manpage # applied
+# 326_su.1_pwconv.8-typos # applied
+# 327_newgrp_162303 # applied
+# 328_successful_password_change # applied
+# 329_libmisc_failure_ngettext # applied
+# 330_CAN-2004-1001_passwd_check # applied
+# 331_chpasswd-md5.dpatch # applied
332_grpck.8-type_and_section
333_shadow.5-typo_312430
-334_chage.1-typo
+# 334_chage.1-typo # applied
401_cppw_src.dpatch
403_sg_symlink_162339_163652.dpatch
404_undef_USE_PAM.dpatch