shadow-utils-newxidmap/shadow-4.1.5.1-selinux.patch

diff -up shadow-4.1.5.1/src/useradd.c.selinux shadow-4.1.5.1/src/useradd.c
--- shadow-4.1.5.1/src/useradd.c.selinux	2014-08-28 16:36:09.889422103 +0200
+++ shadow-4.1.5.1/src/useradd.c	2014-08-28 17:28:04.828166192 +0200
@@ -1850,6 +1850,7 @@ static void create_mail (void)
  */
 int main (int argc, char **argv)
 {
+	int rv = E_SUCCESS;
 #ifdef ACCT_TOOLS_SETUID
 #ifdef USE_PAM
 	pam_handle_t *pamh = NULL;
@@ -2037,10 +2038,33 @@ int main (int argc, char **argv)
 
 	usr_update ();
 
+	close_files ();
+
+	nscd_flush_cache ("passwd");
+	nscd_flush_cache ("group");
+
+#ifdef WITH_SELINUX
+	if (Zflg && *user_selinux) {
+		if (is_selinux_enabled () > 0) {
+		    if (set_seuser (user_name, user_selinux) != 0) {
+			fprintf (stderr,
+			         _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
+			         Prog, user_name, user_selinux);
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_ADD_USER, Prog,
+			              "adding SELinux user mapping",
+			              user_name, (unsigned int) user_id, 0);
+#endif				/* WITH_AUDIT */
+			rv = E_SE_UPDATE;
+		    }
+		}
+	}
+#endif
+
 	if (mflg) {
 		create_home ();
 		if (home_added) {
-			copy_tree (def_template, user_home, false, false,
+			copy_tree (def_template, user_home, false, true,
 			           (uid_t)-1, user_id, (gid_t)-1, user_gid);
 		} else {
 			fprintf (stderr,
@@ -2056,27 +2080,6 @@ int main (int argc, char **argv)
 		create_mail ();
 	}
 
-	close_files ();
-
-#ifdef WITH_SELINUX
-	if (Zflg) {
-		if (set_seuser (user_name, user_selinux) != 0) {
-			fprintf (stderr,
-			         _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
-			         Prog, user_name, user_selinux);
-#ifdef WITH_AUDIT
-			audit_logger (AUDIT_ADD_USER, Prog,
-			              "adding SELinux user mapping",
-			              user_name, (unsigned int) user_id, 0);
-#endif				/* WITH_AUDIT */
-			fail_exit (E_SE_UPDATE);
-		}
-	}
-#endif				/* WITH_SELINUX */
-
-	nscd_flush_cache ("passwd");
-	nscd_flush_cache ("group");
-
-	return E_SUCCESS;
+	return rv;
 }
new upstream version - use the original file permissions when creating backup (#853102) 2012-09-19 18:33:30 +00:00			`diff -up shadow-4.1.5.1/src/useradd.c.selinux shadow-4.1.5.1/src/useradd.c`
Multiple fixes - label the newly created home dir correctly (#1077809) - mention that chage -d 0 forces password change (#1135010) - improve date parsing and error detecting in chage - avoid full group database scanning in newgrp in most common case - report error if usermod asked for moving homedir and it does not exist 2014-08-29 12:28:48 +00:00			`--- shadow-4.1.5.1/src/useradd.c.selinux 2014-08-28 16:36:09.889422103 +0200`
			`+++ shadow-4.1.5.1/src/useradd.c 2014-08-28 17:28:04.828166192 +0200`
			`@@ -1850,6 +1850,7 @@ static void create_mail (void)`
			`*/`
			`int main (int argc, char **argv)`
			`{`
			`+ int rv = E_SUCCESS;`
			`#ifdef ACCT_TOOLS_SETUID`
			`#ifdef USE_PAM`
			`pam_handle_t *pamh = NULL;`
			`@@ -2037,10 +2038,33 @@ int main (int argc, char **argv)`

			`usr_update ();`

			`+ close_files ();`
			`+`
			`+ nscd_flush_cache ("passwd");`
			`+ nscd_flush_cache ("group");`
			`+`
			`+#ifdef WITH_SELINUX`
			`+ if (Zflg && *user_selinux) {`
			`+ if (is_selinux_enabled () > 0) {`
			`+ if (set_seuser (user_name, user_selinux) != 0) {`
			`+ fprintf (stderr,`
			`+ _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),`
			`+ Prog, user_name, user_selinux);`
			`+#ifdef WITH_AUDIT`
			`+ audit_logger (AUDIT_ADD_USER, Prog,`
			`+ "adding SELinux user mapping",`
			`+ user_name, (unsigned int) user_id, 0);`
			`+#endif /* WITH_AUDIT */`
			`+ rv = E_SE_UPDATE;`
			`+ }`
			`+ }`
			`+ }`
			`+#endif`
			`+`
new upstream version - use the original file permissions when creating backup (#853102) 2012-09-19 18:33:30 +00:00			`if (mflg) {`
			`create_home ();`
			`if (home_added) {`
			`- copy_tree (def_template, user_home, false, false,`
			`+ copy_tree (def_template, user_home, false, true,`
			`(uid_t)-1, user_id, (gid_t)-1, user_gid);`
			`} else {`
			`fprintf (stderr,`
Multiple fixes - label the newly created home dir correctly (#1077809) - mention that chage -d 0 forces password change (#1135010) - improve date parsing and error detecting in chage - avoid full group database scanning in newgrp in most common case - report error if usermod asked for moving homedir and it does not exist 2014-08-29 12:28:48 +00:00			`@@ -2056,27 +2080,6 @@ int main (int argc, char **argv)`
			`create_mail ();`
			`}`

			`- close_files ();`
			`-`
			`-#ifdef WITH_SELINUX`
			`- if (Zflg) {`
			`- if (set_seuser (user_name, user_selinux) != 0) {`
			`- fprintf (stderr,`
			`- _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),`
			`- Prog, user_name, user_selinux);`
			`-#ifdef WITH_AUDIT`
			`- audit_logger (AUDIT_ADD_USER, Prog,`
			`- "adding SELinux user mapping",`
			`- user_name, (unsigned int) user_id, 0);`
			`-#endif /* WITH_AUDIT */`
			`- fail_exit (E_SE_UPDATE);`
			`- }`
			`- }`
			`-#endif /* WITH_SELINUX */`
			`-`
			`- nscd_flush_cache ("passwd");`
			`- nscd_flush_cache ("group");`
			`-`
			`- return E_SUCCESS;`
			`+ return rv;`
			`}`