[Pkg-shadow-commits] r1206 - in trunk/debian: . patches

bubulle at alioth.debian.org bubulle at alioth.debian.org
Thu Jun 21 00:29:51 UTC 2007 

Author: bubulle
Date: 2007-06-21 00:29:51 +0000 (Thu, 21 Jun 2007)
New Revision: 1206

Added:
   trunk/debian/patches/494_passwd_lock
Modified:
   trunk/debian/changelog
   trunk/debian/patches/series
Log:
Set account expiry field when using "passwd -l/-u"


Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog	2007-06-21 00:13:29 UTC (rev 1205)
+++ trunk/debian/changelog	2007-06-21 00:29:51 UTC (rev 1206)
@@ -19,6 +19,8 @@
       fails in passwd, su and newgrp. Closes: #384164
     - 414_remove-unwise-advices: Remove not so wise advices about choosing
       passwords. Closes: #386818
+    - 494_passwd_lock: set the account expiry field when using
+      "passwd -l/-u". Closes: #389183
   * Debian packaging fixes:
     - 506_relaxed_usernames: do not allow spaces in usernames. This was at
       least broken with username starting with a space or tabulation (the user

Added: trunk/debian/patches/494_passwd_lock
===================================================================
--- trunk/debian/patches/494_passwd_lock	                        (rev 0)
+++ trunk/debian/patches/494_passwd_lock	2007-06-21 00:29:51 UTC (rev 1206)
@@ -0,0 +1,45 @@
+Index: shadow-4.0.18.1/man/passwd.1.xml
+===================================================================
+--- shadow-4.0.18.1.orig/man/passwd.1.xml	2007-06-21 02:04:59.531851133 +0200
++++ shadow-4.0.18.1/man/passwd.1.xml	2007-06-21 02:28:19.460572933 +0200
+@@ -188,7 +188,8 @@
+ 	<listitem>
+ 	  <para>
+ 	    Lock the named account. This option disables an account by changing
+-	    the password to a value which matches no possible encrypted value.
++	    the password to a value which matches no possible encrypted value,
++	    and by setting the account expiry field to 1.
+ 	  </para>
+ 	</listitem>
+       </varlistentry>
+@@ -249,7 +250,8 @@
+ 	  <para>
+ 	    Unlock the named account. This option re-enables an account by
+ 	    changing the password back to its previous value (to value before
+-	    using <option>-l</option> option).
++	    using <option>-l</option> option), and by resetting the account
++	    expiry field.
+ 	  </para>
+ 	</listitem>
+       </varlistentry>
+Index: shadow-4.0.18.1/src/passwd.c
+===================================================================
+--- shadow-4.0.18.1.orig/src/passwd.c	2007-06-21 02:05:36.029992809 +0200
++++ shadow-4.0.18.1/src/passwd.c	2007-06-21 02:28:19.460572933 +0200
+@@ -531,6 +531,16 @@
+ 		nsp->sp_inact = (inact * DAY) / SCALE;
+ 	if (do_update_age)
+ 		nsp->sp_lstchg = time ((time_t *) 0) / SCALE;
++	if (lflg)
++	{
++		/* Set the account expiry field to 1.
++		 * Some PAM implementation consider zero as a non expired
++		 * account.
++		 */
++		nsp->sp_expire = 1;
++	}
++	if (uflg)
++		nsp->sp_expire = -1;
+ 
+ 	/*
+ 	 * Force change on next login, like SunOS 4.x passwd -e or Solaris

Modified: trunk/debian/patches/series
===================================================================
--- trunk/debian/patches/series	2007-06-21 00:13:29 UTC (rev 1205)
+++ trunk/debian/patches/series	2007-06-21 00:29:51 UTC (rev 1206)
@@ -63,3 +63,4 @@
 411_chpasswd_document_no_pam
 412_lastlog_-u_numerical_range
 414_remove-unwise-advices
+494_passwd_lock

More information about the Pkg-shadow-commits mailing list