report error to stdout when SELinux context for home directory

cannot be determined (#973647) - audit the changing home directory owner (#885797) - do not set the default SELinux MLS range (#852676)
2013-06-14 15:27:20 +02:00 · 2013-06-14 15:27:20 +02:00 · 32f6a78157
commit 32f6a78157
parent a253a4a28b
4 changed files with 104 additions and 1 deletions
--- a/shadow-4.1.5.1-audit-owner.patch
+++ b/shadow-4.1.5.1-audit-owner.patch
@ -0,0 +1,32 @@
+diff -up shadow-4.1.5.1/src/usermod.c.audit shadow-4.1.5.1/src/usermod.c
+--- shadow-4.1.5.1/src/usermod.c.audit	2011-11-21 23:02:16.000000000 +0100
+++ shadow-4.1.5.1/src/usermod.c	2013-06-14 14:54:20.237026550 +0200
+@@ -1513,6 +1513,14 @@ static void move_home (void)
+ 			fail_exit (E_HOMEDIR);
+ 		}
+ 
+#ifdef WITH_AUDIT
+		if (uflg || gflg) {
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+				      "changing home directory owner",
+				      user_newname, (unsigned int) user_newid, 1);
+		}
+#endif
+
+ 		if (rename (user_home, user_newhome) == 0) {
+ 			/* FIXME: rename above may have broken symlinks
+ 			 *        pointing to the user's home directory
+@@ -1947,6 +1955,13 @@ int main (int argc, char **argv)
+ 			 * ownership.
+ 			 *
+ 			 */
+#ifdef WITH_AUDIT
+			if (uflg || gflg) {
+				audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+					      "changing home directory owner",
+					      user_newname, (unsigned int) user_newid, 1);
+			}
+#endif
+ 			if (chown_tree (dflg ? user_newhome : user_home,
+ 			                user_id,
+ 			                uflg ? user_newid  : (uid_t)-1,