[Pkg-shadow-commits] r980 - trunk/debian/patches
Christian Perrier
bubulle at costa.debian.org
Sun May 7 17:16:15 UTC 2006
Author: bubulle
Date: 2006-05-07 17:16:14 +0000 (Sun, 07 May 2006)
New Revision: 980
Added:
trunk/debian/patches/326_grpck_group-gshadow_members_consistency
Removed:
trunk/debian/patches/426_grpck_group-gshadow_members_consistency
Modified:
trunk/debian/patches/series
Log:
Patch 426 has been applied upstream
Copied: trunk/debian/patches/326_grpck_group-gshadow_members_consistency (from rev 978, trunk/debian/patches/426_grpck_group-gshadow_members_consistency)
===================================================================
--- trunk/debian/patches/426_grpck_group-gshadow_members_consistency 2006-05-07 06:04:01 UTC (rev 978)
+++ trunk/debian/patches/326_grpck_group-gshadow_members_consistency 2006-05-07 17:16:14 UTC (rev 980)
@@ -0,0 +1,336 @@
+Goal: Warn when the members of a group differ in /etc/groups and /etc/gshadow.
+Fixes: #75181
+
+Status wrt upstream: Will be in 4.0.16
+
+Note: With this patch, the user will be asked to add an entry to the shadowed
+ files (/etc/shadow for pwck or /etc/gshadow for grpck) when this entry is
+ present in non-shadowed file and not present in the shadowed file.
+
+Index: shadow-4.0.15/src/grpck.c
+===================================================================
+--- shadow-4.0.15.orig/src/grpck.c 2006-03-08 19:33:12.227661587 +0100
++++ shadow-4.0.15/src/grpck.c 2006-03-08 19:33:37.719497666 +0100
+@@ -137,7 +137,7 @@
+ {
+ int arg;
+ int errors = 0;
+- int deleted = 0;
++ int changed = 0;
+ int i;
+ int prune = 0;
+ struct commonio_entry *gre, *tgre;
+@@ -317,7 +317,7 @@
+ delete_gr:
+ SYSLOG ((LOG_INFO, "delete group line `%s'",
+ gre->line));
+- deleted++;
++ changed++;
+
+ __gr_del_entry (gre);
+ continue;
+@@ -402,11 +402,78 @@
+
+ SYSLOG ((LOG_INFO, "delete member `%s' group `%s'",
+ grp->gr_mem[i], grp->gr_name));
+- deleted++;
++ changed++;
+ delete_member (grp->gr_mem, grp->gr_mem[i]);
+ gre->changed = 1;
+ __gr_set_changed ();
+ }
++
++#ifdef SHADOWGRP
++ /*
++ * Make sure this entry exists in the /etc/gshadow file.
++ */
++
++ if (is_shadow)
++ {
++ sgr = (struct sgrp *)sgr_locate (grp->gr_name);
++ if (sgr == NULL) {
++ printf (_("no matching group file entry in %s\n"), sgr_file);
++ printf (_("add group `%s' in %s? "),
++ grp->gr_name, sgr_file);
++ errors++;
++ if (yes_or_no ())
++ {
++ struct sgrp sg;
++ struct group gr;
++ static char *empty = NULL;
++ sg.sg_name = grp->gr_name;
++ sg.sg_passwd = grp->gr_passwd;
++ sg.sg_adm = ∅
++ sg.sg_mem = grp->gr_mem;
++ SYSLOG ((LOG_INFO, "add group `%s' to `%s'",
++ grp->gr_name, sgr_file));
++ changed++;
++
++ if (!sgr_update(&sg))
++ {
++ fprintf (stderr,
++ _("%s: can't update shadow entry for %s\n"),
++ Prog, sg.sg_name);
++ exit (E_CANT_UPDATE);
++ }
++ /* remove password from /etc/group */
++ gr = *grp;
++ gr.gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
++ if (!gr_update (&gr)) {
++ fprintf (stderr,
++ _("%s: can't update entry for group %s\n"),
++ Prog, gr.gr_name);
++ exit (E_CANT_UPDATE);
++ }
++ }
++ } else {
++ /**
++ * Verify that the all members defined in /etc/group are also
++ * present in /etc/gshadow.
++ */
++ char **pgrp_mem,**psgr_mem;
++ for (pgrp_mem=grp->gr_mem; *pgrp_mem; pgrp_mem++)
++ {
++ for (psgr_mem=sgr->sg_mem; *psgr_mem; psgr_mem++)
++ {
++ if (strcmp(*pgrp_mem, *psgr_mem) == 0)
++ break;
++ }
++ if (*psgr_mem == NULL)
++ {
++ printf ("'%s' is a member of the '%s' group in %s but not in %s\n",
++ *pgrp_mem, sgr->sg_name, grp_file, sgr_file);
++ }
++ }
++ }
++ }
++#endif
++
+ }
+
+ #ifdef SHADOWGRP
+@@ -448,7 +515,7 @@
+ delete_sg:
+ SYSLOG ((LOG_INFO, "delete shadow line `%s'",
+ sge->line));
+- deleted++;
++ changed++;
+
+ __sgr_del_entry (sge);
+ continue;
+@@ -499,12 +566,32 @@
+ /*
+ * Make sure this entry exists in the /etc/group file.
+ */
+- if (!gr_locate (sgr->sg_name)) {
+- printf (_("no matching group file entry\n"));
++ grp = (struct group *)gr_locate (sgr->sg_name);
++ if (grp == NULL) {
++ printf (_("no matching group file entry in %s\n"), grp_file);
+ printf (_("delete line `%s'? "), sge->line);
+ errors++;
+ if (yes_or_no ())
+ goto delete_sg;
++ } else {
++ /**
++ * Verify that the all members defined in /etc/gshadow are also
++ * present in /etc/group.
++ */
++ char **pgrp_mem,**psgr_mem;
++ for (psgr_mem=sgr->sg_mem; *psgr_mem; psgr_mem++)
++ {
++ for (pgrp_mem=grp->gr_mem; *pgrp_mem; pgrp_mem++)
++ {
++ if (strcmp(*pgrp_mem, *psgr_mem) == 0)
++ break;
++ }
++ if (*pgrp_mem == NULL)
++ {
++ printf ("'%s' is a member of the '%s' group in %s but not in %s\n",
++ *psgr_mem, sgr->sg_name, sgr_file, grp_file);
++ }
++ }
+ }
+
+ /*
+@@ -530,7 +617,7 @@
+ SYSLOG ((LOG_INFO,
+ "delete admin `%s' from shadow group `%s'",
+ sgr->sg_adm[i], sgr->sg_name));
+- deleted++;
++ changed++;
+ delete_member (sgr->sg_adm, sgr->sg_adm[i]);
+ sge->changed = 1;
+ __sgr_set_changed ();
+@@ -557,7 +644,7 @@
+ SYSLOG ((LOG_INFO,
+ "delete member `%s' from shadow group `%s'",
+ sgr->sg_mem[i], sgr->sg_name));
+- deleted++;
++ changed++;
+ delete_member (sgr->sg_mem, sgr->sg_mem[i]);
+ sge->changed = 1;
+ __sgr_set_changed ();
+@@ -568,10 +655,10 @@
+ #endif /* SHADOWGRP */
+
+ /*
+- * All done. If there were no deletions we can just abandon any
++ * All done. If there were no change we can just abandon any
+ * changes to the files.
+ */
+- if (deleted) {
++ if (changed) {
+ write_and_bye:
+ if (!gr_close ()) {
+ fprintf (stderr, _("%s: cannot update file %s\n"),
+@@ -602,7 +689,7 @@
+ * Tell the user what we did and exit.
+ */
+ if (errors)
+- printf (deleted ?
++ printf (changed ?
+ _("%s: the files have been updated\n") :
+ _("%s: no changes\n"), Prog);
+
+Index: shadow-4.0.15/src/pwck.c
+===================================================================
+--- shadow-4.0.15.orig/src/pwck.c 2006-03-08 19:32:11.059052606 +0100
++++ shadow-4.0.15/src/pwck.c 2006-03-08 19:33:37.722497059 +0100
+@@ -41,6 +41,7 @@
+ #include "prototypes.h"
+ #include "pwio.h"
+ #include "shadowio.h"
++#include "getdef.h"
+ #include "nscd.h"
+ extern void __pw_del_entry (const struct commonio_entry *);
+ extern struct commonio_entry *__pw_get_head (void);
+@@ -116,7 +117,7 @@
+ {
+ int arg;
+ int errors = 0;
+- int deleted = 0;
++ int changed = 0;
+ struct commonio_entry *pfe, *tpfe;
+ struct passwd *pwd;
+ int sort_mode = 0;
+@@ -272,7 +273,7 @@
+ delete_pw:
+ SYSLOG ((LOG_INFO, "delete passwd line `%s'",
+ pfe->line));
+- deleted++;
++ changed++;
+
+ __pw_del_entry (pfe);
+ continue;
+@@ -367,6 +368,55 @@
+ pwd->pw_name, pwd->pw_shell);
+ errors++;
+ }
++#ifdef SHADOWPWD
++ /*
++ * Make sure this entry exists in the /etc/gshadow file.
++ */
++
++ if (is_shadow)
++ {
++ spw = (struct spwd *) spw_locate(pwd->pw_name);
++ if (spw == NULL) {
++ printf (_("no matching password file entry in %s\n"),
++ spw_file);
++ printf (_("add user `%s' in %s? "),
++ pwd->pw_name, spw_file);
++ errors++;
++ if (yes_or_no ())
++ {
++ struct spwd sp;
++ struct passwd pw;
++ sp.sp_namp = pwd->pw_name;
++ sp.sp_pwdp = pwd->pw_passwd;
++ sp.sp_min = getdef_num ("PASS_MIN_DAYS", -1);
++ sp.sp_max = getdef_num ("PASS_MAX_DAYS", -1);
++ sp.sp_warn = getdef_num ("PASS_WARN_AGE", -1);
++ sp.sp_inact = -1;
++ sp.sp_expire = -1;
++ sp.sp_flag = -1;
++ sp.sp_lstchg = time ((time_t *) 0) / (24L * 3600L);
++ changed++;
++
++ if (!spw_update (&sp))
++ {
++ fprintf (stderr,
++ _("%s: can't update shadow entry for %s\n"),
++ Prog, sp.sp_namp);
++ exit (E_CANTUPDATE);
++ }
++ /* remove password from /etc/passwd */
++ pw = *pwd;
++ pw.pw_passwd = SHADOW_PASSWD_STRING;/* XXX warning: const */
++ if (!pw_update (&pw)) {
++ fprintf (stderr,
++ _("%s: can't update passwd entry for %s\n"),
++ Prog, pw.pw_name);
++ exit (E_CANTUPDATE);
++ }
++ }
++ }
++ }
++#endif
+ }
+
+ if (!is_shadow)
+@@ -377,6 +427,13 @@
+ */
+ for (spe = __spw_get_head (); spe; spe = spe->next) {
+ /*
++ * Do not treat lines which were missing in gshadow
++ * and were added earlier.
++ */
++ if (spe->line == NULL)
++ continue;
++
++ /*
+ * If this is a NIS line, skip it. You can't "know" what NIS
+ * is going to do without directly asking NIS ...
+ */
+@@ -412,7 +469,7 @@
+ delete_spw:
+ SYSLOG ((LOG_INFO, "delete shadow line `%s'",
+ spe->line));
+- deleted++;
++ changed++;
+
+ __spw_del_entry (spe);
+ continue;
+@@ -468,7 +525,8 @@
+ * Tell the user this entry has no matching
+ * /etc/passwd entry and ask them to delete it.
+ */
+- printf (_("no matching password file entry\n"));
++ printf (_("no matching password file entry in %s\n"),
++ pwd_file);
+ printf (_("delete line `%s'? "), spe->line);
+ errors++;
+
+@@ -493,10 +551,10 @@
+ shadow_done:
+
+ /*
+- * All done. If there were no deletions we can just abandon any
++ * All done. If there were no change we can just abandon any
+ * changes to the files.
+ */
+- if (deleted) {
++ if (changed) {
+ write_and_bye:
+ if (!pw_close ()) {
+ fprintf (stderr, _("%s: cannot update file %s\n"),
+@@ -527,7 +585,7 @@
+ * Tell the user what we did and exit.
+ */
+ if (errors)
+- printf (deleted ?
++ printf (changed ?
+ _("%s: the files have been updated\n") :
+ _("%s: no changes\n"), Prog);
+
Deleted: trunk/debian/patches/426_grpck_group-gshadow_members_consistency
===================================================================
--- trunk/debian/patches/426_grpck_group-gshadow_members_consistency 2006-05-07 17:15:20 UTC (rev 979)
+++ trunk/debian/patches/426_grpck_group-gshadow_members_consistency 2006-05-07 17:16:14 UTC (rev 980)
@@ -1,336 +0,0 @@
-Goal: Warn when the members of a group differ in /etc/groups and /etc/gshadow.
-Fixes: #75181
-
-Status wrt upstream: It should be forwarded to upstream.
-
-Note: With this patch, the user will be asked to add an entry to the shadowed
- files (/etc/shadow for pwck or /etc/gshadow for grpck) when this entry is
- present in non-shadowed file and not present in the shadowed file.
-
-Index: shadow-4.0.15/src/grpck.c
-===================================================================
---- shadow-4.0.15.orig/src/grpck.c 2006-03-08 19:33:12.227661587 +0100
-+++ shadow-4.0.15/src/grpck.c 2006-03-08 19:33:37.719497666 +0100
-@@ -137,7 +137,7 @@
- {
- int arg;
- int errors = 0;
-- int deleted = 0;
-+ int changed = 0;
- int i;
- int prune = 0;
- struct commonio_entry *gre, *tgre;
-@@ -317,7 +317,7 @@
- delete_gr:
- SYSLOG ((LOG_INFO, "delete group line `%s'",
- gre->line));
-- deleted++;
-+ changed++;
-
- __gr_del_entry (gre);
- continue;
-@@ -402,11 +402,78 @@
-
- SYSLOG ((LOG_INFO, "delete member `%s' group `%s'",
- grp->gr_mem[i], grp->gr_name));
-- deleted++;
-+ changed++;
- delete_member (grp->gr_mem, grp->gr_mem[i]);
- gre->changed = 1;
- __gr_set_changed ();
- }
-+
-+#ifdef SHADOWGRP
-+ /*
-+ * Make sure this entry exists in the /etc/gshadow file.
-+ */
-+
-+ if (is_shadow)
-+ {
-+ sgr = (struct sgrp *)sgr_locate (grp->gr_name);
-+ if (sgr == NULL) {
-+ printf (_("no matching group file entry in %s\n"), sgr_file);
-+ printf (_("add group `%s' in %s? "),
-+ grp->gr_name, sgr_file);
-+ errors++;
-+ if (yes_or_no ())
-+ {
-+ struct sgrp sg;
-+ struct group gr;
-+ static char *empty = NULL;
-+ sg.sg_name = grp->gr_name;
-+ sg.sg_passwd = grp->gr_passwd;
-+ sg.sg_adm = ∅
-+ sg.sg_mem = grp->gr_mem;
-+ SYSLOG ((LOG_INFO, "add group `%s' to `%s'",
-+ grp->gr_name, sgr_file));
-+ changed++;
-+
-+ if (!sgr_update(&sg))
-+ {
-+ fprintf (stderr,
-+ _("%s: can't update shadow entry for %s\n"),
-+ Prog, sg.sg_name);
-+ exit (E_CANT_UPDATE);
-+ }
-+ /* remove password from /etc/group */
-+ gr = *grp;
-+ gr.gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
-+ if (!gr_update (&gr)) {
-+ fprintf (stderr,
-+ _("%s: can't update entry for group %s\n"),
-+ Prog, gr.gr_name);
-+ exit (E_CANT_UPDATE);
-+ }
-+ }
-+ } else {
-+ /**
-+ * Verify that the all members defined in /etc/group are also
-+ * present in /etc/gshadow.
-+ */
-+ char **pgrp_mem,**psgr_mem;
-+ for (pgrp_mem=grp->gr_mem; *pgrp_mem; pgrp_mem++)
-+ {
-+ for (psgr_mem=sgr->sg_mem; *psgr_mem; psgr_mem++)
-+ {
-+ if (strcmp(*pgrp_mem, *psgr_mem) == 0)
-+ break;
-+ }
-+ if (*psgr_mem == NULL)
-+ {
-+ printf ("'%s' is a member of the '%s' group in %s but not in %s\n",
-+ *pgrp_mem, sgr->sg_name, grp_file, sgr_file);
-+ }
-+ }
-+ }
-+ }
-+#endif
-+
- }
-
- #ifdef SHADOWGRP
-@@ -448,7 +515,7 @@
- delete_sg:
- SYSLOG ((LOG_INFO, "delete shadow line `%s'",
- sge->line));
-- deleted++;
-+ changed++;
-
- __sgr_del_entry (sge);
- continue;
-@@ -499,12 +566,32 @@
- /*
- * Make sure this entry exists in the /etc/group file.
- */
-- if (!gr_locate (sgr->sg_name)) {
-- printf (_("no matching group file entry\n"));
-+ grp = (struct group *)gr_locate (sgr->sg_name);
-+ if (grp == NULL) {
-+ printf (_("no matching group file entry in %s\n"), grp_file);
- printf (_("delete line `%s'? "), sge->line);
- errors++;
- if (yes_or_no ())
- goto delete_sg;
-+ } else {
-+ /**
-+ * Verify that the all members defined in /etc/gshadow are also
-+ * present in /etc/group.
-+ */
-+ char **pgrp_mem,**psgr_mem;
-+ for (psgr_mem=sgr->sg_mem; *psgr_mem; psgr_mem++)
-+ {
-+ for (pgrp_mem=grp->gr_mem; *pgrp_mem; pgrp_mem++)
-+ {
-+ if (strcmp(*pgrp_mem, *psgr_mem) == 0)
-+ break;
-+ }
-+ if (*pgrp_mem == NULL)
-+ {
-+ printf ("'%s' is a member of the '%s' group in %s but not in %s\n",
-+ *psgr_mem, sgr->sg_name, sgr_file, grp_file);
-+ }
-+ }
- }
-
- /*
-@@ -530,7 +617,7 @@
- SYSLOG ((LOG_INFO,
- "delete admin `%s' from shadow group `%s'",
- sgr->sg_adm[i], sgr->sg_name));
-- deleted++;
-+ changed++;
- delete_member (sgr->sg_adm, sgr->sg_adm[i]);
- sge->changed = 1;
- __sgr_set_changed ();
-@@ -557,7 +644,7 @@
- SYSLOG ((LOG_INFO,
- "delete member `%s' from shadow group `%s'",
- sgr->sg_mem[i], sgr->sg_name));
-- deleted++;
-+ changed++;
- delete_member (sgr->sg_mem, sgr->sg_mem[i]);
- sge->changed = 1;
- __sgr_set_changed ();
-@@ -568,10 +655,10 @@
- #endif /* SHADOWGRP */
-
- /*
-- * All done. If there were no deletions we can just abandon any
-+ * All done. If there were no change we can just abandon any
- * changes to the files.
- */
-- if (deleted) {
-+ if (changed) {
- write_and_bye:
- if (!gr_close ()) {
- fprintf (stderr, _("%s: cannot update file %s\n"),
-@@ -602,7 +689,7 @@
- * Tell the user what we did and exit.
- */
- if (errors)
-- printf (deleted ?
-+ printf (changed ?
- _("%s: the files have been updated\n") :
- _("%s: no changes\n"), Prog);
-
-Index: shadow-4.0.15/src/pwck.c
-===================================================================
---- shadow-4.0.15.orig/src/pwck.c 2006-03-08 19:32:11.059052606 +0100
-+++ shadow-4.0.15/src/pwck.c 2006-03-08 19:33:37.722497059 +0100
-@@ -41,6 +41,7 @@
- #include "prototypes.h"
- #include "pwio.h"
- #include "shadowio.h"
-+#include "getdef.h"
- #include "nscd.h"
- extern void __pw_del_entry (const struct commonio_entry *);
- extern struct commonio_entry *__pw_get_head (void);
-@@ -116,7 +117,7 @@
- {
- int arg;
- int errors = 0;
-- int deleted = 0;
-+ int changed = 0;
- struct commonio_entry *pfe, *tpfe;
- struct passwd *pwd;
- int sort_mode = 0;
-@@ -272,7 +273,7 @@
- delete_pw:
- SYSLOG ((LOG_INFO, "delete passwd line `%s'",
- pfe->line));
-- deleted++;
-+ changed++;
-
- __pw_del_entry (pfe);
- continue;
-@@ -367,6 +368,55 @@
- pwd->pw_name, pwd->pw_shell);
- errors++;
- }
-+#ifdef SHADOWPWD
-+ /*
-+ * Make sure this entry exists in the /etc/gshadow file.
-+ */
-+
-+ if (is_shadow)
-+ {
-+ spw = (struct spwd *) spw_locate(pwd->pw_name);
-+ if (spw == NULL) {
-+ printf (_("no matching password file entry in %s\n"),
-+ spw_file);
-+ printf (_("add user `%s' in %s? "),
-+ pwd->pw_name, spw_file);
-+ errors++;
-+ if (yes_or_no ())
-+ {
-+ struct spwd sp;
-+ struct passwd pw;
-+ sp.sp_namp = pwd->pw_name;
-+ sp.sp_pwdp = pwd->pw_passwd;
-+ sp.sp_min = getdef_num ("PASS_MIN_DAYS", -1);
-+ sp.sp_max = getdef_num ("PASS_MAX_DAYS", -1);
-+ sp.sp_warn = getdef_num ("PASS_WARN_AGE", -1);
-+ sp.sp_inact = -1;
-+ sp.sp_expire = -1;
-+ sp.sp_flag = -1;
-+ sp.sp_lstchg = time ((time_t *) 0) / (24L * 3600L);
-+ changed++;
-+
-+ if (!spw_update (&sp))
-+ {
-+ fprintf (stderr,
-+ _("%s: can't update shadow entry for %s\n"),
-+ Prog, sp.sp_namp);
-+ exit (E_CANTUPDATE);
-+ }
-+ /* remove password from /etc/passwd */
-+ pw = *pwd;
-+ pw.pw_passwd = SHADOW_PASSWD_STRING;/* XXX warning: const */
-+ if (!pw_update (&pw)) {
-+ fprintf (stderr,
-+ _("%s: can't update passwd entry for %s\n"),
-+ Prog, pw.pw_name);
-+ exit (E_CANTUPDATE);
-+ }
-+ }
-+ }
-+ }
-+#endif
- }
-
- if (!is_shadow)
-@@ -377,6 +427,13 @@
- */
- for (spe = __spw_get_head (); spe; spe = spe->next) {
- /*
-+ * Do not treat lines which were missing in gshadow
-+ * and were added earlier.
-+ */
-+ if (spe->line == NULL)
-+ continue;
-+
-+ /*
- * If this is a NIS line, skip it. You can't "know" what NIS
- * is going to do without directly asking NIS ...
- */
-@@ -412,7 +469,7 @@
- delete_spw:
- SYSLOG ((LOG_INFO, "delete shadow line `%s'",
- spe->line));
-- deleted++;
-+ changed++;
-
- __spw_del_entry (spe);
- continue;
-@@ -468,7 +525,8 @@
- * Tell the user this entry has no matching
- * /etc/passwd entry and ask them to delete it.
- */
-- printf (_("no matching password file entry\n"));
-+ printf (_("no matching password file entry in %s\n"),
-+ pwd_file);
- printf (_("delete line `%s'? "), spe->line);
- errors++;
-
-@@ -493,10 +551,10 @@
- shadow_done:
-
- /*
-- * All done. If there were no deletions we can just abandon any
-+ * All done. If there were no change we can just abandon any
- * changes to the files.
- */
-- if (deleted) {
-+ if (changed) {
- write_and_bye:
- if (!pw_close ()) {
- fprintf (stderr, _("%s: cannot update file %s\n"),
-@@ -527,7 +585,7 @@
- * Tell the user what we did and exit.
- */
- if (errors)
-- printf (deleted ?
-+ printf (changed ?
- _("%s: the files have been updated\n") :
- _("%s: no changes\n"), Prog);
-
Modified: trunk/debian/patches/series
===================================================================
--- trunk/debian/patches/series 2006-05-07 17:15:20 UTC (rev 979)
+++ trunk/debian/patches/series 2006-05-07 17:16:14 UTC (rev 980)
@@ -19,7 +19,7 @@
404_undef_USE_PAM.nolibpam
406_good_name.dpatch
407_32char_grnames.dpatch
-426_grpck_group-gshadow_members_consistency
+326_grpck_group-gshadow_members_consistency
542_useradd-O_option
451_login_PATH
352_doc_password_check_order
More information about the Pkg-shadow-commits
mailing list