diff --git a/.gitignore b/.gitignore
index 5e224dd..f5997c1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,5 @@
shadow-4.1.4.2.tar.bz2
/shadow-4.1.4.3.tar.bz2
/shadow-4.1.5.tar.bz2
+/shadow-4.1.5.1.tar.bz2
+/shadow-4.1.5.1.tar.bz2.sig
diff --git a/shadow-4.1.5-goodname.patch b/shadow-4.1.5-goodname.patch
deleted file mode 100644
index 81f27b0..0000000
--- a/shadow-4.1.5-goodname.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-diff -up shadow-4.1.5/libmisc/chkname.c.goodname shadow-4.1.5/libmisc/chkname.c
---- shadow-4.1.5/libmisc/chkname.c.goodname 2009-04-28 21:14:04.000000000 +0200
-+++ shadow-4.1.5/libmisc/chkname.c 2012-03-19 09:52:12.910605026 +0100
-@@ -49,20 +49,28 @@
- static bool is_valid_name (const char *name)
- {
- /*
-- * User/group names must match [a-z_][a-z0-9_-]*[$]
-- */
-- if (('\0' == *name) ||
-- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
-+ * User/group names must match gnu e-regex:
-+ * [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
-+ *
-+ * as a non-POSIX, extension, allow "$" as the last char for
-+ * sake of Samba 3.x "add machine script"
-+ */
-+ if ( ('\0' == *name) ||
-+ !((*name >= 'a' && *name <= 'z') ||
-+ (*name >= 'A' && *name <= 'Z') ||
-+ (*name >= '0' && *name <= '9') ||
-+ (*name == '_') || (*name == '.')
-+ )) {
- return false;
- }
-
- while ('\0' != *++name) {
-- if (!(( ('a' <= *name) && ('z' >= *name) ) ||
-- ( ('0' <= *name) && ('9' >= *name) ) ||
-- ('_' == *name) ||
-- ('-' == *name) ||
-- ( ('$' == *name) && ('\0' == *(name + 1)) )
-- )) {
-+ if (!( (*name >= 'a' && *name <= 'z') ||
-+ (*name >= 'A' && *name <= 'Z') ||
-+ (*name >= '0' && *name <= '9') ||
-+ (*name == '_') || (*name == '.') || (*name == '-') ||
-+ (*name == '$' && *(name + 1) == '\0')
-+ )) {
- return false;
- }
- }
-diff -up shadow-4.1.5/man/groupadd.8.goodname shadow-4.1.5/man/groupadd.8
---- shadow-4.1.5/man/groupadd.8.goodname 2012-02-12 22:27:42.000000000 +0100
-+++ shadow-4.1.5/man/groupadd.8 2012-03-19 09:56:17.113723732 +0100
-@@ -181,9 +181,7 @@ Shadow password suite configuration\&.
- .RE
- .SH "CAVEATS"
- .PP
--Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
--.PP
--Groupnames may only be up to 16 characters long\&.
-+Groupnames may only be up to 32 characters long\&.
- .PP
- You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&.
- .PP
-diff -up shadow-4.1.5/man/useradd.8.goodname shadow-4.1.5/man/useradd.8
---- shadow-4.1.5/man/useradd.8.goodname 2012-02-12 22:28:02.000000000 +0100
-+++ shadow-4.1.5/man/useradd.8 2012-03-19 09:52:12.911605018 +0100
-@@ -421,8 +421,6 @@ Similarly, if the username already exist
- \fBuseradd\fR
- will deny the user account creation request\&.
- .PP
--Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
--.PP
- Usernames may only be up to 32 characters long\&.
- .SH "CONFIGURATION"
- .PP
diff --git a/shadow-4.1.5-man.patch b/shadow-4.1.5-man.patch
deleted file mode 100644
index f0fa089..0000000
--- a/shadow-4.1.5-man.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -up shadow-4.1.5/man/useradd.8.man shadow-4.1.5/man/useradd.8
---- shadow-4.1.5/man/useradd.8.man 2012-03-19 13:06:48.000000000 +0100
-+++ shadow-4.1.5/man/useradd.8 2012-03-19 13:07:44.540169270 +0100
-@@ -215,7 +215,7 @@ is not enabled, no home directories are
- .PP
- \fB\-M\fR
- .RS 4
--Do no create the user\*(Aqs home directory, even if the system wide setting from
-+Do not create the user\*(Aqs home directory, even if the system wide setting from
- /etc/login\&.defs
- (\fBCREATE_HOME\fR) is set to
- \fIyes\fR\&.
diff --git a/shadow-4.1.5-selinux.patch b/shadow-4.1.5-selinux.patch
deleted file mode 100644
index d138e58..0000000
--- a/shadow-4.1.5-selinux.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-diff -up shadow-4.1.5/lib/commonio.c.selinux shadow-4.1.5/lib/commonio.c
---- shadow-4.1.5/lib/commonio.c.selinux 2011-12-09 23:23:16.000000000 +0100
-+++ shadow-4.1.5/lib/commonio.c 2012-03-22 16:42:00.952464092 +0100
-@@ -977,6 +977,12 @@ int commonio_close (struct commonio_db *
-
- snprintf (buf, sizeof buf, "%s+", db->filename);
-
-+#ifdef WITH_SELINUX
-+ if (set_selinux_file_context (buf) != 0) {
-+ errors++;
-+ }
-+#endif
-+
- db->fp = fopen_set_perms (buf, "w", &sb);
- if (NULL == db->fp) {
- goto fail;
-@@ -1011,6 +1017,12 @@ int commonio_close (struct commonio_db *
- goto fail;
- }
-
-+#ifdef WITH_SELINUX
-+ if (reset_selinux_file_context () != 0) {
-+ goto fail;
-+ }
-+#endif
-+
- nscd_need_reload = true;
- goto success;
- fail:
-diff -up shadow-4.1.5/src/useradd.c.selinux shadow-4.1.5/src/useradd.c
---- shadow-4.1.5/src/useradd.c.selinux 2012-03-22 16:46:11.007377548 +0100
-+++ shadow-4.1.5/src/useradd.c 2012-03-22 16:46:35.037251897 +0100
-@@ -2040,7 +2040,7 @@ int main (int argc, char **argv)
- if (mflg) {
- create_home ();
- if (home_added) {
-- copy_tree (def_template, user_home, false, false,
-+ copy_tree (def_template, user_home, false, true,
- (uid_t)-1, user_id, (gid_t)-1, user_gid);
- } else {
- fprintf (stderr,
diff --git a/shadow-4.1.5.1-backup-mode.patch b/shadow-4.1.5.1-backup-mode.patch
new file mode 100644
index 0000000..7366b86
--- /dev/null
+++ b/shadow-4.1.5.1-backup-mode.patch
@@ -0,0 +1,20 @@
+diff -up shadow-4.1.5.1/lib/commonio.c.backup-mode shadow-4.1.5.1/lib/commonio.c
+--- shadow-4.1.5.1/lib/commonio.c.backup-mode 2012-05-18 21:44:54.000000000 +0200
++++ shadow-4.1.5.1/lib/commonio.c 2012-09-19 20:27:16.089444234 +0200
+@@ -301,15 +301,12 @@ static int create_backup (const char *ba
+ struct utimbuf ub;
+ FILE *bkfp;
+ int c;
+- mode_t mask;
+
+ if (fstat (fileno (fp), &sb) != 0) {
+ return -1;
+ }
+
+- mask = umask (077);
+- bkfp = fopen (backup, "w");
+- (void) umask (mask);
++ bkfp = fopen_set_perms (backup, "w", &sb);
+ if (NULL == bkfp) {
+ return -1;
+ }
diff --git a/shadow-4.1.5.1-goodname.patch b/shadow-4.1.5.1-goodname.patch
new file mode 100644
index 0000000..1fdd84f
--- /dev/null
+++ b/shadow-4.1.5.1-goodname.patch
@@ -0,0 +1,118 @@
+diff -up shadow-4.1.5.1/libmisc/chkname.c.goodname shadow-4.1.5.1/libmisc/chkname.c
+--- shadow-4.1.5.1/libmisc/chkname.c.goodname 2009-07-13 00:24:45.000000000 +0200
++++ shadow-4.1.5.1/libmisc/chkname.c 2012-09-19 18:43:53.492160653 +0200
+@@ -49,20 +49,28 @@
+ static bool is_valid_name (const char *name)
+ {
+ /*
+- * User/group names must match [a-z_][a-z0-9_-]*[$]
+- */
+- if (('\0' == *name) ||
+- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
++ * User/group names must match gnu e-regex:
++ * [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
++ *
++ * as a non-POSIX, extension, allow "$" as the last char for
++ * sake of Samba 3.x "add machine script"
++ */
++ if ( ('\0' == *name) ||
++ !((*name >= 'a' && *name <= 'z') ||
++ (*name >= 'A' && *name <= 'Z') ||
++ (*name >= '0' && *name <= '9') ||
++ (*name == '_') || (*name == '.')
++ )) {
+ return false;
+ }
+
+ while ('\0' != *++name) {
+- if (!(( ('a' <= *name) && ('z' >= *name) ) ||
+- ( ('0' <= *name) && ('9' >= *name) ) ||
+- ('_' == *name) ||
+- ('-' == *name) ||
+- ( ('$' == *name) && ('\0' == *(name + 1)) )
+- )) {
++ if (!( (*name >= 'a' && *name <= 'z') ||
++ (*name >= 'A' && *name <= 'Z') ||
++ (*name >= '0' && *name <= '9') ||
++ (*name == '_') || (*name == '.') || (*name == '-') ||
++ (*name == '$' && *(name + 1) == '\0')
++ )) {
+ return false;
+ }
+ }
+diff -up shadow-4.1.5.1/man/groupadd.8.xml.goodname shadow-4.1.5.1/man/groupadd.8.xml
+--- shadow-4.1.5.1/man/groupadd.8.xml.goodname 2012-05-25 13:45:27.000000000 +0200
++++ shadow-4.1.5.1/man/groupadd.8.xml 2012-09-19 18:43:53.492160653 +0200
+@@ -259,12 +259,6 @@
+
+ CAVEATS
+
+- Groupnames must start with a lower case letter or an underscore,
+- followed by lower case letters, digits, underscores, or dashes.
+- They can end with a dollar sign.
+- In regular expression terms: [a-z_][a-z0-9_-]*[$]?
+-
+-
+ Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long.
+
+
+diff -up shadow-4.1.5.1/man/man8/groupadd.8.goodname shadow-4.1.5.1/man/man8/groupadd.8
+--- shadow-4.1.5.1/man/man8/groupadd.8.goodname 2012-05-25 13:58:40.000000000 +0200
++++ shadow-4.1.5.1/man/man8/groupadd.8 2012-09-19 18:44:42.175123079 +0200
+@@ -190,9 +190,7 @@ Shadow password suite configuration\&.
+ .RE
+ .SH "CAVEATS"
+ .PP
+-Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
+-.PP
+-Groupnames may only be up to 16 characters long\&.
++Groupnames may only be up to 32 characters long\&.
+ .PP
+ You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&.
+ .PP
+diff -up shadow-4.1.5.1/man/man8/useradd.8.goodname shadow-4.1.5.1/man/man8/useradd.8
+--- shadow-4.1.5.1/man/man8/useradd.8.goodname 2012-05-25 13:59:28.000000000 +0200
++++ shadow-4.1.5.1/man/man8/useradd.8 2012-09-19 18:46:09.249033949 +0200
+@@ -224,7 +224,7 @@ is not enabled, no home directories are
+ .PP
+ \fB\-M\fR
+ .RS 4
+-Do no create the user\*(Aqs home directory, even if the system wide setting from
++Do not create the user\*(Aqs home directory, even if the system wide setting from
+ /etc/login\&.defs
+ (\fBCREATE_HOME\fR) is set to
+ \fIyes\fR\&.
+@@ -430,8 +430,6 @@ Similarly, if the username already exist
+ \fBuseradd\fR
+ will deny the user account creation request\&.
+ .PP
+-Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
+-.PP
+ Usernames may only be up to 32 characters long\&.
+ .SH "CONFIGURATION"
+ .PP
+diff -up shadow-4.1.5.1/man/useradd.8.xml.goodname shadow-4.1.5.1/man/useradd.8.xml
+--- shadow-4.1.5.1/man/useradd.8.xml.goodname 2012-05-25 13:45:29.000000000 +0200
++++ shadow-4.1.5.1/man/useradd.8.xml 2012-09-19 18:43:53.493160675 +0200
+@@ -366,7 +366,7 @@
+
+
+
+- Do no create the user's home directory, even if the system
++ Do not create the user's home directory, even if the system
+ wide setting from /etc/login.defs
+ () is set to
+ yes.
+@@ -654,12 +654,6 @@
+
+
+
+- Usernames must start with a lower case letter or an underscore,
+- followed by lower case letters, digits, underscores, or dashes.
+- They can end with a dollar sign.
+- In regular expression terms: [a-z_][a-z0-9_-]*[$]?
+-
+-
+ Usernames may only be up to 32 characters long.
+
+
diff --git a/shadow-4.1.4.2-infoParentDir.patch b/shadow-4.1.5.1-info-parent-dir.patch
similarity index 75%
rename from shadow-4.1.4.2-infoParentDir.patch
rename to shadow-4.1.5.1-info-parent-dir.patch
index da260bf..d2bc009 100644
--- a/shadow-4.1.4.2-infoParentDir.patch
+++ b/shadow-4.1.5.1-info-parent-dir.patch
@@ -1,7 +1,7 @@
-diff -up shadow-4.1.4.2/man/newusers.8.infoParentDir shadow-4.1.4.2/man/newusers.8
---- shadow-4.1.4.2/man/newusers.8.infoParentDir 2010-04-28 13:44:04.634870854 +0200
-+++ shadow-4.1.4.2/man/newusers.8 2010-04-28 13:46:07.190866220 +0200
-@@ -88,7 +88,7 @@ This field is copied in the GECOS field
+diff -up shadow-4.1.5.1/man/man8/newusers.8.info-parent-dir shadow-4.1.5.1/man/man8/newusers.8
+--- shadow-4.1.5.1/man/man8/newusers.8.info-parent-dir 2012-05-25 13:59:09.000000000 +0200
++++ shadow-4.1.5.1/man/man8/newusers.8 2012-09-19 18:47:17.203525237 +0200
+@@ -99,7 +99,7 @@ This field is copied in the GECOS field
.RS 4
This field is used to define the home directory of the user\&.
.sp
@@ -10,10 +10,10 @@ diff -up shadow-4.1.4.2/man/newusers.8.infoParentDir shadow-4.1.4.2/man/newusers
.sp
If the home directory of an existing user is changed,
\fBnewusers\fR
-diff -up shadow-4.1.4.2/man/newusers.8.xml.infoParentDir shadow-4.1.4.2/man/newusers.8.xml
---- shadow-4.1.4.2/man/newusers.8.xml.infoParentDir 2010-04-28 13:48:01.419238133 +0200
-+++ shadow-4.1.4.2/man/newusers.8.xml 2010-04-28 13:55:40.499663030 +0200
-@@ -192,7 +192,15 @@
+diff -up shadow-4.1.5.1/man/newusers.8.xml.info-parent-dir shadow-4.1.5.1/man/newusers.8.xml
+--- shadow-4.1.5.1/man/newusers.8.xml.info-parent-dir 2012-05-25 13:45:28.000000000 +0200
++++ shadow-4.1.5.1/man/newusers.8.xml 2012-09-19 18:46:35.651613365 +0200
+@@ -216,7 +216,15 @@
If this field does not specify an existing directory, the
specified directory is created, with ownership set to the
diff --git a/shadow-4.1.5.1-selinux.patch b/shadow-4.1.5.1-selinux.patch
new file mode 100644
index 0000000..773fd60
--- /dev/null
+++ b/shadow-4.1.5.1-selinux.patch
@@ -0,0 +1,12 @@
+diff -up shadow-4.1.5.1/src/useradd.c.selinux shadow-4.1.5.1/src/useradd.c
+--- shadow-4.1.5.1/src/useradd.c.selinux 2012-09-19 18:28:37.662060468 +0200
++++ shadow-4.1.5.1/src/useradd.c 2012-09-19 18:28:37.672060688 +0200
+@@ -2040,7 +2040,7 @@ int main (int argc, char **argv)
+ if (mflg) {
+ create_home ();
+ if (home_added) {
+- copy_tree (def_template, user_home, false, false,
++ copy_tree (def_template, user_home, false, true,
+ (uid_t)-1, user_id, (gid_t)-1, user_gid);
+ } else {
+ fprintf (stderr,
diff --git a/shadow-utils.spec b/shadow-utils.spec
index 761ac88..96497bb 100644
--- a/shadow-utils.spec
+++ b/shadow-utils.spec
@@ -1,20 +1,20 @@
Summary: Utilities for managing accounts and shadow password files
Name: shadow-utils
-Version: 4.1.5
-Release: 5%{?dist}
+Version: 4.1.5.1
+Release: 1%{?dist}
Epoch: 2
URL: http://pkg-shadow.alioth.debian.org/
Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2
+Source3: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2.sig
Source1: shadow-utils.login.defs
Source2: shadow-utils.useradd
Patch0: shadow-4.1.5-redhat.patch
-Patch1: shadow-4.1.5-goodname.patch
-Patch2: shadow-4.1.4.2-infoParentDir.patch
+Patch1: shadow-4.1.5.1-goodname.patch
+Patch2: shadow-4.1.5.1-info-parent-dir.patch
Patch3: shadow-4.1.5-uflg.patch
-Patch4: shadow-4.1.5-man.patch
-Patch5: shadow-4.1.5-grremove.patch
-Patch6: shadow-4.1.5-selinux.patch
+Patch6: shadow-4.1.5.1-selinux.patch
Patch7: shadow-4.1.5-2ndskip.patch
+Patch8: shadow-4.1.5.1-backup-mode.patch
License: BSD and GPLv2+
Group: System Environment/Base
BuildRequires: libselinux-devel >= 1.25.2-1
@@ -45,13 +45,11 @@ are used for managing group accounts.
%setup -q -n shadow-%{version}
%patch0 -p1 -b .redhat
%patch1 -p1 -b .goodname
-%patch2 -p1 -b .infoParentDir
+%patch2 -p1 -b .info-parent-dir
%patch3 -p1 -b .uflg
-%patch4 -p1 -b .man
-%patch5 -p1 -b .grremove
%patch6 -p1 -b .selinux
%patch7 -p1 -b .2ndskip
-
+%patch8 -p1 -b .backup-mode
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
cp -f doc/HOWTO.utf8 doc/HOWTO
@@ -206,6 +204,10 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man8/vigr.8*
%changelog
+* Wed Sep 19 2012 Tomas Mraz - 2:4.1.5.1-1
+- new upstream version
+- use the original file permissions when creating backup (#853102)
+
* Wed Jul 25 2012 Peter Vrabec - 2:4.1.5-5
- make /etc/default/useradd world-readable (#835137)
diff --git a/sources b/sources
index 0afb6c5..888eac7 100644
--- a/sources
+++ b/sources
@@ -1 +1,2 @@
-d5f7a588fadb79faeb4b08b1eee82e9a shadow-4.1.5.tar.bz2
+a00449aa439c69287b6d472191dc2247 shadow-4.1.5.1.tar.bz2
+f16f31f6f5a607b1ffb1aa1aac4c37f2 shadow-4.1.5.1.tar.bz2.sig