[Pkg-shadow-commits] r593 - trunk/debian/patches
Nicolas FRANCOIS
nekral-guest at costa.debian.org
Wed Oct 12 19:42:59 UTC 2005
Author: nekral-guest
Date: 2005-10-12 19:42:58 +0000 (Wed, 12 Oct 2005)
New Revision: 593
Added:
trunk/debian/patches/457_commonio_group_shadow
Log:
Fixes #166793: pwconv should create /etc/shadow 0440 root.shadow.
Added: trunk/debian/patches/457_commonio_group_shadow
===================================================================
--- trunk/debian/patches/457_commonio_group_shadow 2005-10-12 19:41:39 UTC (rev 592)
+++ trunk/debian/patches/457_commonio_group_shadow 2005-10-12 19:42:58 UTC (rev 593)
@@ -0,0 +1,39 @@
+Goal: save the [g]shadow files with the 'shadow' group and mode 0440
+
+Fixes: #166793
+
+Index: shadow-4.0.13/lib/commonio.c
+===================================================================
+--- shadow-4.0.13.orig/lib/commonio.c 2005-09-24 14:22:50.000000000 +0200
++++ shadow-4.0.13/lib/commonio.c 2005-10-12 19:24:36.000000000 +0200
+@@ -11,6 +11,7 @@
+ #include <stdio.h>
+ #include <signal.h>
+ #include <pwd.h>
++#include <grp.h>
+ #include <nscd.h>
+ #ifdef HAVE_SHADOW_H
+ #include <shadow.h>
+@@ -669,13 +670,20 @@
+ goto fail;
+ }
+ } else {
++ struct group *grp;
+ /*
+ * Default permissions for new [g]shadow files.
+ * (passwd and group always exist...)
+ */
+- sb.st_mode = 0400;
++ sb.st_mode = 0440;
+ sb.st_uid = 0;
+- sb.st_gid = 0;
++ /*
++ * Try to retrieve the shadow's GID, and fall back to GID 0.
++ */
++ if ((grp = getgrnam("shadow")) != NULL)
++ sb.st_gid = grp->gr_gid;
++ else
++ sb.st_gid = 0;
+ }
+
+ snprintf (buf, sizeof buf, "%s+", db->filename);
More information about the Pkg-shadow-commits
mailing list