vbatts/shadow-utils-newxidmap
1
0
Fork 0
Code Issues Pull requests Releases Activity

Update patches for rebase

Browse source
This commit is contained in:
Tomas Mraz 2016-08-23 16:06:06 +02:00
parent f8ab516d30
commit 6c18d5356b
6 changed files with 134 additions and 452 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

249
shadow-4.2.1-lastlog-unexpire.patch
View file

@ -1,249 +0,0 @@
diff -up shadow-4.2.1/man/lastlog.8.xml.unexpire shadow-4.2.1/man/lastlog.8.xml
--- shadow-4.2.1/man/lastlog.8.xml.unexpire 2014-03-01 19:59:51.000000000 +0100
+++ shadow-4.2.1/man/lastlog.8.xml 2016-02-03 11:50:20.481293785 +0100
@@ -105,6 +105,17 @@
</varlistentry>
<varlistentry>
<term>
+ <option>-C</option>, <option>--clear</option>
+ </term>
+ <listitem>
+ <para>
+ Clear lastlog record of an user. This option can be used only together
+ with <option>-u</option> (<option>--user</option>)).
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
<option>-h</option>, <option>--help</option>
</term>
<listitem>
@@ -123,6 +134,17 @@
</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>
+ <option>-S</option>, <option>--set</option>
+ </term>
+ <listitem>
+ <para>
+ Set lastlog record of an user to the current time. This option can be
+ used only together with <option>-u</option> (<option>--user</option>)).
+ </para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term>
<option>-t</option>, <option>--time</option>&nbsp;<replaceable>DAYS</replaceable>
diff -up shadow-4.2.1/src/lastlog.c.unexpire shadow-4.2.1/src/lastlog.c
--- shadow-4.2.1/src/lastlog.c.unexpire 2014-03-01 19:59:51.000000000 +0100
+++ shadow-4.2.1/src/lastlog.c 2016-02-03 11:35:26.971273603 +0100
@@ -71,6 +71,8 @@ static struct stat statbuf; /* fstat buf
static bool uflg = false; /* print only an user of range of users */
static bool tflg = false; /* print is restricted to most recent days */
static bool bflg = false; /* print excludes most recent days */
+static bool Cflg = false; /* clear record for user */
+static bool Sflg = false; /* set record for user */
#define NOW (time ((time_t *) 0))
@@ -83,8 +85,10 @@ static /*@noreturn@*/void usage (int sta
"Options:\n"),
Prog);
(void) fputs (_(" -b, --before DAYS print only lastlog records older than DAYS\n"), usageout);
+ (void) fputs (_(" -C, --clear clear lastlog record of an user (usable only with -u)\n"), usageout);
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
(void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ (void) fputs (_(" -S, --set set lastlog record to current time (usable only with -u)\n"), usageout);
(void) fputs (_(" -t, --time DAYS print only lastlog records more recent than DAYS\n"), usageout);
(void) fputs (_(" -u, --user LOGIN print lastlog record of the specified LOGIN\n"), usageout);
(void) fputs ("\n", usageout);
@@ -194,6 +198,80 @@ static void print (void)
}
}
+static void update_one (/*@null@*/const struct passwd *pw)
+{
+ off_t offset;
+ struct lastlog ll;
+ int err;
+
+ if (NULL == pw) {
+ return;
+ }
+
+ offset = (off_t) pw->pw_uid * sizeof (ll);
+ /* fseeko errors are not really relevant for us. */
+ err = fseeko (lastlogfile, offset, SEEK_SET);
+ assert (0 == err);
+
+ memzero (&ll, sizeof (ll));
+
+ if (Sflg) {
+ ll.ll_time = NOW;
+#ifdef HAVE_LL_HOST
+ strcpy (ll.ll_host, "localhost");
+#endif
+ strcpy (ll.ll_line, "lastlog");
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ACCT_UNLOCK, Prog,
+ "clearing-lastlog",
+ pw->pw_name, (unsigned int) pw->pw_uid, SHADOW_AUDIT_SUCCESS);
+#endif
+ }
+#ifdef WITH_AUDIT
+ else {
+ audit_logger (AUDIT_ACCT_UNLOCK, Prog,
+ "refreshing-lastlog",
+ pw->pw_name, (unsigned int) pw->pw_uid, SHADOW_AUDIT_SUCCESS);
+ }
+#endif
+
+ if (fwrite (&ll, sizeof(ll), 1, lastlogfile) != 1) {
+ fprintf (stderr,
+ _("%s: Failed to update the entry for UID %lu\n"),
+ Prog, (unsigned long int)pw->pw_uid);
+ exit (EXIT_FAILURE);
+ }
+}
+
+static void update (void)
+{
+ const struct passwd *pwent;
+
+ if (!uflg) /* safety measure */
+ return;
+
+ if (has_umin && has_umax && (umin == umax)) {
+ update_one (getpwuid ((uid_t)umin));
+ } else {
+ setpwent ();
+ while ( (pwent = getpwent ()) != NULL ) {
+ if ((has_umin && (pwent->pw_uid < (uid_t)umin))
+ || (has_umax && (pwent->pw_uid > (uid_t)umax))) {
+ continue;
+ }
+ update_one (pwent);
+ }
+ endpwent ();
+ }
+
+ if (fflush (lastlogfile) != 0 || fsync (fileno (lastlogfile)) != 0) {
+ fprintf (stderr,
+ _("%s: Failed to update the lastlog file\n"),
+ Prog);
+ exit (EXIT_FAILURE);
+ }
+}
+
int main (int argc, char **argv)
{
/*
@@ -208,18 +286,24 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
+#ifdef WITH_AUDIT
+ audit_help_open ();
+#endif
+
{
int c;
static struct option const longopts[] = {
{"before", required_argument, NULL, 'b'},
+ {"clear", no_argument, NULL, 'C'},
{"help", no_argument, NULL, 'h'},
{"root", required_argument, NULL, 'R'},
+ {"set", no_argument, NULL, 'S'},
{"time", required_argument, NULL, 't'},
{"user", required_argument, NULL, 'u'},
{NULL, 0, NULL, '\0'}
};
- while ((c = getopt_long (argc, argv, "b:hR:t:u:", longopts,
+ while ((c = getopt_long (argc, argv, "b:ChR:St:u:", longopts,
NULL)) != -1) {
switch (c) {
case 'b':
@@ -235,11 +319,21 @@ int main (int argc, char **argv)
bflg = true;
break;
}
+ case 'C':
+ {
+ Cflg = true;
+ break;
+ }
case 'h':
usage (EXIT_SUCCESS);
/*@notreached@*/break;
case 'R': /* no-op, handled in process_root_flag () */
break;
+ case 'S':
+ {
+ Sflg = true;
+ break;
+ }
case 't':
{
unsigned long days;
@@ -294,9 +388,21 @@ int main (int argc, char **argv)
Prog, argv[optind]);
usage (EXIT_FAILURE);
}
+ if (Cflg && Sflg) {
+ fprintf (stderr,
+ _("%s: Option -C cannot be used together with option -S\n"),
+ Prog);
+ usage (EXIT_FAILURE);
+ }
+ if ((Cflg || Sflg) && !uflg) {
+ fprintf (stderr,
+ _("%s: Options -C and -S require option -u to specify the user\n"),
+ Prog);
+ usage (EXIT_FAILURE);
+ }
}
- lastlogfile = fopen (LASTLOG_FILE, "r");
+ lastlogfile = fopen (LASTLOG_FILE, (Cflg || Sflg)?"r+":"r");
if (NULL == lastlogfile) {
perror (LASTLOG_FILE);
exit (EXIT_FAILURE);
@@ -310,7 +416,10 @@ int main (int argc, char **argv)
exit (EXIT_FAILURE);
}
- print ();
+ if (Cflg || Sflg)
+ update ();
+ else
+ print ();
(void) fclose (lastlogfile);
diff -up shadow-4.2.1/src/Makefile.am.unexpire shadow-4.2.1/src/Makefile.am
--- shadow-4.2.1/src/Makefile.am.unexpire 2014-05-08 10:43:11.000000000 +0200
+++ shadow-4.2.1/src/Makefile.am 2016-02-03 11:35:26.971273603 +0100
@@ -95,6 +95,7 @@ groupmod_LDADD = $(LDADD) $(LIBPAM_SUID)
grpck_LDADD = $(LDADD) $(LIBSELINUX)
grpconv_LDADD = $(LDADD) $(LIBSELINUX)
grpunconv_LDADD = $(LDADD) $(LIBSELINUX)
+lastlog_LDADD = $(LDADD) $(LIBAUDIT)
login_SOURCES = \
login.c \
login_nopam.c
diff -up shadow-4.2.1/src/Makefile.in.unexpire shadow-4.2.1/src/Makefile.in
--- shadow-4.2.1/src/Makefile.in.unexpire 2014-05-09 18:49:48.000000000 +0200
+++ shadow-4.2.1/src/Makefile.in 2016-02-03 11:35:26.972273609 +0100
@@ -197,7 +197,7 @@ id_DEPENDENCIES = $(am__DEPENDENCIES_1)
$(top_builddir)/lib/libshadow.la
lastlog_SOURCES = lastlog.c
lastlog_OBJECTS = lastlog.$(OBJEXT)
-lastlog_LDADD = $(LDADD)
+lastlog_LDADD = $(LDADD) $(LIBAUDIT)
lastlog_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
$(top_builddir)/libmisc/libmisc.a \
$(top_builddir)/lib/libshadow.la

48
shadow-4.2.1-user-busy.patch
View file

@ -1,48 +0,0 @@
From d2fa8c5d4b0b19445562daf78d3a62421fe8d6b8 Mon Sep 17 00:00:00 2001
From: Bastian Blank <bastian.blank@credativ.de>
Date: Tue, 17 Nov 2015 10:52:24 -0600
Subject: [PATCH] Fix user busy errors at userdel
From: Bastian Blank <bastian.blank@credativ.de>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
---
libmisc/user_busy.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/libmisc/user_busy.c b/libmisc/user_busy.c
index db7174a..0db32c3 100644
--- a/libmisc/user_busy.c
+++ b/libmisc/user_busy.c
@@ -175,6 +175,9 @@ static int user_busy_processes (const char *name, uid_t uid)
if (stat ("/", &sbroot) != 0) {
perror ("stat (\"/\")");
(void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+ sub_uid_close();
+#endif
return 0;
}
@@ -212,6 +215,9 @@ static int user_busy_processes (const char *name, uid_t uid)
if (check_status (name, tmp_d_name, uid) != 0) {
(void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+ sub_uid_close();
+#endif
fprintf (stderr,
_("%s: user %s is currently used by process %d\n"),
Prog, name, pid);
@@ -232,6 +238,9 @@ static int user_busy_processes (const char *name, uid_t uid)
}
if (check_status (name, task_path+6, uid) != 0) {
(void) closedir (proc);
+#ifdef ENABLE_SUBIDS
+ sub_uid_close();
+#endif
fprintf (stderr,
_("%s: user %s is currently used by process %d\n"),
Prog, name, pid);
--
2.5.0

190
shadow-4.2.1-audit-update.patch → shadow-4.3.1-audit-update.patch
View file

@ -1,6 +1,6 @@
diff -up shadow-4.2.1/libmisc/audit_help.c.audit-update shadow-4.2.1/libmisc/audit_help.c diff -up shadow-4.3.1/libmisc/audit_help.c.audit-update shadow-4.3.1/libmisc/audit_help.c
--- shadow-4.2.1/libmisc/audit_help.c.audit-update 2014-03-01 18:50:05.000000000 +0100 --- shadow-4.3.1/libmisc/audit_help.c.audit-update 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/libmisc/audit_help.c 2014-11-26 15:06:24.663660558 +0100 +++ shadow-4.3.1/libmisc/audit_help.c 2016-08-22 17:21:15.442291139 +0200
@@ -68,7 +68,7 @@ void audit_help_open (void) @@ -68,7 +68,7 @@ void audit_help_open (void)
* This function will log a message to the audit system using a predefined * This function will log a message to the audit system using a predefined
* message format. Parameter usage is as follows: * message format. Parameter usage is as follows:
@ -50,9 +50,9 @@ diff -up shadow-4.2.1/libmisc/audit_help.c.audit-update shadow-4.2.1/libmisc/aud
void audit_logger_message (const char *message, shadow_audit_result result) void audit_logger_message (const char *message, shadow_audit_result result)
{ {
if (audit_fd < 0) { if (audit_fd < 0) {
diff -up shadow-4.2.1/libmisc/cleanup_group.c.audit-update shadow-4.2.1/libmisc/cleanup_group.c diff -up shadow-4.3.1/libmisc/cleanup_group.c.audit-update shadow-4.3.1/libmisc/cleanup_group.c
--- shadow-4.2.1/libmisc/cleanup_group.c.audit-update 2014-03-01 18:50:05.000000000 +0100 --- shadow-4.3.1/libmisc/cleanup_group.c.audit-update 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/libmisc/cleanup_group.c 2014-11-26 15:06:24.663660558 +0100 +++ shadow-4.3.1/libmisc/cleanup_group.c 2016-08-22 17:21:15.443291142 +0200
@@ -83,7 +83,7 @@ void cleanup_report_mod_group (void *cle @@ -83,7 +83,7 @@ void cleanup_report_mod_group (void *cle
gr_dbname (), gr_dbname (),
info->action)); info->action));
@ -131,9 +131,9 @@ diff -up shadow-4.2.1/libmisc/cleanup_group.c.audit-update shadow-4.2.1/libmisc/
SHADOW_AUDIT_FAILURE); SHADOW_AUDIT_FAILURE);
#endif #endif
} }
diff -up shadow-4.2.1/libmisc/cleanup_user.c.audit-update shadow-4.2.1/libmisc/cleanup_user.c diff -up shadow-4.3.1/libmisc/cleanup_user.c.audit-update shadow-4.3.1/libmisc/cleanup_user.c
--- shadow-4.2.1/libmisc/cleanup_user.c.audit-update 2014-03-01 18:50:05.000000000 +0100 --- shadow-4.3.1/libmisc/cleanup_user.c.audit-update 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/libmisc/cleanup_user.c 2014-11-26 15:06:24.663660558 +0100 +++ shadow-4.3.1/libmisc/cleanup_user.c 2016-08-22 17:21:15.443291142 +0200
@@ -65,7 +65,7 @@ void cleanup_report_mod_passwd (void *cl @@ -65,7 +65,7 @@ void cleanup_report_mod_passwd (void *cl
pw_dbname (), pw_dbname (),
info->action)); info->action));
@ -181,9 +181,9 @@ diff -up shadow-4.2.1/libmisc/cleanup_user.c.audit-update shadow-4.2.1/libmisc/c
SHADOW_AUDIT_FAILURE); SHADOW_AUDIT_FAILURE);
#endif #endif
} }
diff -up shadow-4.2.1/lib/prototypes.h.audit-update shadow-4.2.1/lib/prototypes.h diff -up shadow-4.3.1/lib/prototypes.h.audit-update shadow-4.3.1/lib/prototypes.h
--- shadow-4.2.1/lib/prototypes.h.audit-update 2014-11-26 15:06:24.644660498 +0100 --- shadow-4.3.1/lib/prototypes.h.audit-update 2016-08-22 17:21:15.406291044 +0200
+++ shadow-4.2.1/lib/prototypes.h 2014-11-26 15:06:24.663660558 +0100 +++ shadow-4.3.1/lib/prototypes.h 2016-08-22 17:21:15.443291142 +0200
@@ -208,12 +208,21 @@ extern int audit_fd; @@ -208,12 +208,21 @@ extern int audit_fd;
extern void audit_help_open (void); extern void audit_help_open (void);
/* Use AUDIT_NO_ID when a name is provided to audit_logger instead of an ID */ /* Use AUDIT_NO_ID when a name is provided to audit_logger instead of an ID */
@ -206,9 +206,9 @@ diff -up shadow-4.2.1/lib/prototypes.h.audit-update shadow-4.2.1/lib/prototypes.
void audit_logger_message (const char *message, shadow_audit_result result); void audit_logger_message (const char *message, shadow_audit_result result);
#endif #endif
diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c diff -up shadow-4.3.1/src/gpasswd.c.audit-update shadow-4.3.1/src/gpasswd.c
--- shadow-4.2.1/src/gpasswd.c.audit-update 2014-03-01 19:59:51.000000000 +0100 --- shadow-4.3.1/src/gpasswd.c.audit-update 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/src/gpasswd.c 2014-11-26 15:06:24.664660561 +0100 +++ shadow-4.3.1/src/gpasswd.c 2016-08-22 17:21:15.444291144 +0200
@@ -137,7 +137,7 @@ static void usage (int status) @@ -137,7 +137,7 @@ static void usage (int status)
(void) fputs (_(" -d, --delete USER remove USER from GROUP\n"), usageout); (void) fputs (_(" -d, --delete USER remove USER from GROUP\n"), usageout);
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout); (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
@ -218,7 +218,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
(void) fputs (_(" -R, --restrict restrict access to GROUP to its members\n"), usageout); (void) fputs (_(" -R, --restrict restrict access to GROUP to its members\n"), usageout);
(void) fputs (_(" -M, --members USER,... set the list of members of GROUP\n"), usageout); (void) fputs (_(" -M, --members USER,... set the list of members of GROUP\n"), usageout);
#ifdef SHADOWGRP #ifdef SHADOWGRP
@@ -397,21 +397,14 @@ static void open_files (void) @@ -396,21 +396,14 @@ static void open_files (void)
static void log_gpasswd_failure (const char *suffix) static void log_gpasswd_failure (const char *suffix)
{ {
@ -243,7 +243,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE); SHADOW_AUDIT_FAILURE);
#endif #endif
} else if (dflg) { } else if (dflg) {
@@ -419,13 +412,9 @@ static void log_gpasswd_failure (const c @@ -418,13 +411,9 @@ static void log_gpasswd_failure (const c
"%s failed to remove user %s from group %s%s", "%s failed to remove user %s from group %s%s",
myname, user, group, suffix)); myname, user, group, suffix));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -260,7 +260,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE); SHADOW_AUDIT_FAILURE);
#endif #endif
} else if (rflg) { } else if (rflg) {
@@ -433,13 +422,9 @@ static void log_gpasswd_failure (const c @@ -432,13 +421,9 @@ static void log_gpasswd_failure (const c
"%s failed to remove password of group %s%s", "%s failed to remove password of group %s%s",
myname, group, suffix)); myname, group, suffix));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -277,7 +277,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE); SHADOW_AUDIT_FAILURE);
#endif #endif
} else if (Rflg) { } else if (Rflg) {
@@ -447,13 +432,9 @@ static void log_gpasswd_failure (const c @@ -446,13 +431,9 @@ static void log_gpasswd_failure (const c
"%s failed to restrict access to group %s%s", "%s failed to restrict access to group %s%s",
myname, group, suffix)); myname, group, suffix));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -294,7 +294,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE); SHADOW_AUDIT_FAILURE);
#endif #endif
} else if (Aflg || Mflg) { } else if (Aflg || Mflg) {
@@ -463,13 +444,9 @@ static void log_gpasswd_failure (const c @@ -462,13 +443,9 @@ static void log_gpasswd_failure (const c
"%s failed to set the administrators of group %s to %s%s", "%s failed to set the administrators of group %s to %s%s",
myname, group, admins, suffix)); myname, group, admins, suffix));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -311,7 +311,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE); SHADOW_AUDIT_FAILURE);
#endif #endif
} }
@@ -479,13 +456,9 @@ static void log_gpasswd_failure (const c @@ -478,13 +455,9 @@ static void log_gpasswd_failure (const c
"%s failed to set the members of group %s to %s%s", "%s failed to set the members of group %s to %s%s",
myname, group, members, suffix)); myname, group, members, suffix));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -328,7 +328,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE); SHADOW_AUDIT_FAILURE);
#endif #endif
} }
@@ -494,13 +467,9 @@ static void log_gpasswd_failure (const c @@ -493,13 +466,9 @@ static void log_gpasswd_failure (const c
"%s failed to change password of group %s%s", "%s failed to change password of group %s%s",
myname, group, suffix)); myname, group, suffix));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -345,7 +345,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_FAILURE); SHADOW_AUDIT_FAILURE);
#endif #endif
} }
@@ -531,21 +500,14 @@ static void log_gpasswd_failure_gshadow @@ -530,21 +499,14 @@ static void log_gpasswd_failure_gshadow
static void log_gpasswd_success (const char *suffix) static void log_gpasswd_success (const char *suffix)
{ {
@ -370,7 +370,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS); SHADOW_AUDIT_SUCCESS);
#endif #endif
} else if (dflg) { } else if (dflg) {
@@ -553,13 +515,9 @@ static void log_gpasswd_success (const c @@ -552,13 +514,9 @@ static void log_gpasswd_success (const c
"user %s removed by %s from group %s%s", "user %s removed by %s from group %s%s",
user, myname, group, suffix)); user, myname, group, suffix));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -387,7 +387,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS); SHADOW_AUDIT_SUCCESS);
#endif #endif
} else if (rflg) { } else if (rflg) {
@@ -567,13 +525,9 @@ static void log_gpasswd_success (const c @@ -566,13 +524,9 @@ static void log_gpasswd_success (const c
"password of group %s removed by %s%s", "password of group %s removed by %s%s",
group, myname, suffix)); group, myname, suffix));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -404,7 +404,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS); SHADOW_AUDIT_SUCCESS);
#endif #endif
} else if (Rflg) { } else if (Rflg) {
@@ -581,13 +535,9 @@ static void log_gpasswd_success (const c @@ -580,13 +534,9 @@ static void log_gpasswd_success (const c
"access to group %s restricted by %s%s", "access to group %s restricted by %s%s",
group, myname, suffix)); group, myname, suffix));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -421,7 +421,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS); SHADOW_AUDIT_SUCCESS);
#endif #endif
} else if (Aflg || Mflg) { } else if (Aflg || Mflg) {
@@ -597,13 +547,9 @@ static void log_gpasswd_success (const c @@ -596,13 +546,9 @@ static void log_gpasswd_success (const c
"administrators of group %s set by %s to %s%s", "administrators of group %s set by %s to %s%s",
group, myname, admins, suffix)); group, myname, admins, suffix));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -438,7 +438,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS); SHADOW_AUDIT_SUCCESS);
#endif #endif
} }
@@ -613,13 +559,9 @@ static void log_gpasswd_success (const c @@ -612,13 +558,9 @@ static void log_gpasswd_success (const c
"members of group %s set by %s to %s%s", "members of group %s set by %s to %s%s",
group, myname, members, suffix)); group, myname, members, suffix));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -455,7 +455,7 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS); SHADOW_AUDIT_SUCCESS);
#endif #endif
} }
@@ -628,13 +570,9 @@ static void log_gpasswd_success (const c @@ -627,13 +569,9 @@ static void log_gpasswd_success (const c
"password of group %s changed by %s%s", "password of group %s changed by %s%s",
group, myname, suffix)); group, myname, suffix));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -472,9 +472,9 @@ diff -up shadow-4.2.1/src/gpasswd.c.audit-update shadow-4.2.1/src/gpasswd.c
SHADOW_AUDIT_SUCCESS); SHADOW_AUDIT_SUCCESS);
#endif #endif
} }
diff -up shadow-4.2.1/src/groupadd.c.audit-update shadow-4.2.1/src/groupadd.c diff -up shadow-4.3.1/src/groupadd.c.audit-update shadow-4.3.1/src/groupadd.c
--- shadow-4.2.1/src/groupadd.c.audit-update 2014-03-01 19:59:51.000000000 +0100 --- shadow-4.3.1/src/groupadd.c.audit-update 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/src/groupadd.c 2014-11-26 15:06:24.664660561 +0100 +++ shadow-4.3.1/src/groupadd.c 2016-08-22 17:21:15.444291144 +0200
@@ -127,6 +127,15 @@ static /*@noreturn@*/void usage (int sta @@ -127,6 +127,15 @@ static /*@noreturn@*/void usage (int sta
exit (status); exit (status);
} }
@ -579,7 +579,7 @@ diff -up shadow-4.2.1/src/groupadd.c.audit-update shadow-4.2.1/src/groupadd.c
add_cleanup (cleanup_unlock_gshadow, NULL); add_cleanup (cleanup_unlock_gshadow, NULL);
} }
@@ -349,7 +352,7 @@ static void open_files (void) @@ -349,7 +352,7 @@ static void open_files (void)
if (gr_open (O_RDWR) == 0) { if (gr_open (O_CREAT | O_RDWR) == 0) {
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ())); SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
- exit (E_GRP_UPDATE); - exit (E_GRP_UPDATE);
@ -650,10 +650,10 @@ diff -up shadow-4.2.1/src/groupadd.c.audit-update shadow-4.2.1/src/groupadd.c
} }
} }
diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c diff -up shadow-4.3.1/src/groupdel.c.audit-update shadow-4.3.1/src/groupdel.c
--- shadow-4.2.1/src/groupdel.c.audit-update 2014-03-01 19:59:51.000000000 +0100 --- shadow-4.3.1/src/groupdel.c.audit-update 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/src/groupdel.c 2014-11-26 15:06:24.665660564 +0100 +++ shadow-4.3.1/src/groupdel.c 2016-08-22 17:21:15.445291147 +0200
@@ -100,6 +100,15 @@ static /*@noreturn@*/void usage (int sta @@ -102,6 +102,15 @@ static /*@noreturn@*/void usage (int sta
exit (status); exit (status);
} }
@ -669,7 +669,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
/* /*
* grp_update - update group file entries * grp_update - update group file entries
* *
@@ -126,7 +135,7 @@ static void grp_update (void) @@ -128,7 +137,7 @@ static void grp_update (void)
fprintf (stderr, fprintf (stderr,
_("%s: cannot remove entry '%s' from %s\n"), _("%s: cannot remove entry '%s' from %s\n"),
Prog, group_name, gr_dbname ()); Prog, group_name, gr_dbname ());
@ -678,7 +678,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
} }
#ifdef SHADOWGRP #ifdef SHADOWGRP
@@ -138,7 +147,7 @@ static void grp_update (void) @@ -140,7 +149,7 @@ static void grp_update (void)
fprintf (stderr, fprintf (stderr,
_("%s: cannot remove entry '%s' from %s\n"), _("%s: cannot remove entry '%s' from %s\n"),
Prog, group_name, sgr_dbname ()); Prog, group_name, sgr_dbname ());
@ -687,7 +687,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
} }
} }
#endif /* SHADOWGRP */ #endif /* SHADOWGRP */
@@ -157,12 +166,12 @@ static void close_files (void) @@ -159,12 +168,12 @@ static void close_files (void)
fprintf (stderr, fprintf (stderr,
_("%s: failure while writing changes to %s\n"), _("%s: failure while writing changes to %s\n"),
Prog, gr_dbname ()); Prog, gr_dbname ());
@ -702,7 +702,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
group_name, (unsigned int) group_id, group_name, (unsigned int) group_id,
SHADOW_AUDIT_SUCCESS); SHADOW_AUDIT_SUCCESS);
#endif #endif
@@ -182,12 +191,12 @@ static void close_files (void) @@ -184,12 +193,12 @@ static void close_files (void)
fprintf (stderr, fprintf (stderr,
_("%s: failure while writing changes to %s\n"), _("%s: failure while writing changes to %s\n"),
Prog, sgr_dbname ()); Prog, sgr_dbname ());
@ -718,7 +718,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
group_name, (unsigned int) group_id, group_name, (unsigned int) group_id,
SHADOW_AUDIT_SUCCESS); SHADOW_AUDIT_SUCCESS);
#endif #endif
@@ -201,13 +210,6 @@ static void close_files (void) @@ -203,13 +212,6 @@ static void close_files (void)
} }
#endif /* SHADOWGRP */ #endif /* SHADOWGRP */
@ -732,7 +732,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
SYSLOG ((LOG_INFO, "group '%s' removed\n", group_name)); SYSLOG ((LOG_INFO, "group '%s' removed\n", group_name));
del_cleanup (cleanup_report_del_group); del_cleanup (cleanup_report_del_group);
} }
@@ -224,7 +226,7 @@ static void open_files (void) @@ -226,7 +228,7 @@ static void open_files (void)
fprintf (stderr, fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"), _("%s: cannot lock %s; try again later.\n"),
Prog, gr_dbname ()); Prog, gr_dbname ());
@ -741,7 +741,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
} }
add_cleanup (cleanup_unlock_group, NULL); add_cleanup (cleanup_unlock_group, NULL);
#ifdef SHADOWGRP #ifdef SHADOWGRP
@@ -233,7 +235,7 @@ static void open_files (void) @@ -235,7 +237,7 @@ static void open_files (void)
fprintf (stderr, fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"), _("%s: cannot lock %s; try again later.\n"),
Prog, sgr_dbname ()); Prog, sgr_dbname ());
@ -750,7 +750,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
} }
add_cleanup (cleanup_unlock_gshadow, NULL); add_cleanup (cleanup_unlock_gshadow, NULL);
} }
@@ -251,7 +253,7 @@ static void open_files (void) @@ -253,7 +255,7 @@ static void open_files (void)
_("%s: cannot open %s\n"), _("%s: cannot open %s\n"),
Prog, gr_dbname ()); Prog, gr_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ())); SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
@ -759,7 +759,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
} }
#ifdef SHADOWGRP #ifdef SHADOWGRP
if (is_shadow_grp) { if (is_shadow_grp) {
@@ -260,7 +262,7 @@ static void open_files (void) @@ -262,7 +264,7 @@ static void open_files (void)
_("%s: cannot open %s\n"), _("%s: cannot open %s\n"),
Prog, sgr_dbname ()); Prog, sgr_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ())); SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
@ -768,7 +768,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
} }
} }
#endif /* SHADOWGRP */ #endif /* SHADOWGRP */
@@ -301,7 +303,7 @@ static void group_busy (gid_t gid) @@ -303,7 +305,7 @@ static void group_busy (gid_t gid)
fprintf (stderr, fprintf (stderr,
_("%s: cannot remove the primary group of user '%s'\n"), _("%s: cannot remove the primary group of user '%s'\n"),
Prog, pwd->pw_name); Prog, pwd->pw_name);
@ -777,7 +777,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
} }
/* /*
@@ -379,7 +381,7 @@ int main (int argc, char **argv) @@ -384,7 +386,7 @@ int main (int argc, char **argv)
fprintf (stderr, fprintf (stderr,
_("%s: Cannot setup cleanup service.\n"), _("%s: Cannot setup cleanup service.\n"),
Prog); Prog);
@ -786,7 +786,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
} }
process_flags (argc, argv); process_flags (argc, argv);
@@ -393,7 +395,7 @@ int main (int argc, char **argv) @@ -398,7 +400,7 @@ int main (int argc, char **argv)
fprintf (stderr, fprintf (stderr,
_("%s: Cannot determine your user name.\n"), _("%s: Cannot determine your user name.\n"),
Prog); Prog);
@ -795,7 +795,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
} }
retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh); retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh);
@@ -414,7 +416,7 @@ int main (int argc, char **argv) @@ -419,7 +421,7 @@ int main (int argc, char **argv)
if (NULL != pamh) { if (NULL != pamh) {
(void) pam_end (pamh, retval); (void) pam_end (pamh, retval);
} }
@ -804,7 +804,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
} }
(void) pam_end (pamh, retval); (void) pam_end (pamh, retval);
#endif /* USE_PAM */ #endif /* USE_PAM */
@@ -434,7 +436,7 @@ int main (int argc, char **argv) @@ -439,7 +441,7 @@ int main (int argc, char **argv)
fprintf (stderr, fprintf (stderr,
_("%s: group '%s' does not exist\n"), _("%s: group '%s' does not exist\n"),
Prog, group_name); Prog, group_name);
@ -813,7 +813,7 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
} }
group_id = grp->gr_gid; group_id = grp->gr_gid;
@@ -458,7 +460,7 @@ int main (int argc, char **argv) @@ -463,7 +465,7 @@ int main (int argc, char **argv)
_("%s: %s is the NIS master\n"), _("%s: %s is the NIS master\n"),
Prog, nis_master); Prog, nis_master);
} }
@ -822,9 +822,9 @@ diff -up shadow-4.2.1/src/groupdel.c.audit-update shadow-4.2.1/src/groupdel.c
} }
#endif #endif
diff -up shadow-4.2.1/src/groupmod.c.audit-update shadow-4.2.1/src/groupmod.c diff -up shadow-4.3.1/src/groupmod.c.audit-update shadow-4.3.1/src/groupmod.c
--- shadow-4.2.1/src/groupmod.c.audit-update 2014-03-01 19:59:51.000000000 +0100 --- shadow-4.3.1/src/groupmod.c.audit-update 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/src/groupmod.c 2014-11-26 15:06:24.665660564 +0100 +++ shadow-4.3.1/src/groupmod.c 2016-08-22 17:21:15.445291147 +0200
@@ -438,7 +438,7 @@ static void close_files (void) @@ -438,7 +438,7 @@ static void close_files (void)
exit (E_GRP_UPDATE); exit (E_GRP_UPDATE);
} }
@ -1018,9 +1018,9 @@ diff -up shadow-4.2.1/src/groupmod.c.audit-update shadow-4.2.1/src/groupmod.c
// FIXME: add a system cleanup // FIXME: add a system cleanup
add_cleanup (cleanup_report_mod_group, &info_group); add_cleanup (cleanup_report_mod_group, &info_group);
diff -up shadow-4.2.1/src/chage.c.audit-update shadow-4.2.1/src/chage.c diff -up shadow-4.3.1/src/chage.c.audit-update shadow-4.3.1/src/chage.c
--- shadow-4.2.1/src/chage.c.audit-update 2014-03-01 19:59:51.000000000 +0100 --- shadow-4.3.1/src/chage.c.audit-update 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/src/chage.c 2014-11-26 15:06:24.663660558 +0100 +++ shadow-4.3.1/src/chage.c 2016-08-22 17:21:15.446291149 +0200
@@ -126,9 +126,10 @@ static /*@noreturn@*/void fail_exit (int @@ -126,9 +126,10 @@ static /*@noreturn@*/void fail_exit (int
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -1108,9 +1108,9 @@ diff -up shadow-4.2.1/src/chage.c.audit-update shadow-4.2.1/src/chage.c
user_name, (unsigned int) user_uid, 1); user_name, (unsigned int) user_uid, 1);
} }
#endif #endif
diff -up shadow-4.2.1/src/newgrp.c.audit-update shadow-4.2.1/src/newgrp.c diff -up shadow-4.3.1/src/newgrp.c.audit-update shadow-4.3.1/src/newgrp.c
--- shadow-4.2.1/src/newgrp.c.audit-update 2014-11-26 15:06:24.660660548 +0100 --- shadow-4.3.1/src/newgrp.c.audit-update 2016-08-22 17:21:15.439291131 +0200
+++ shadow-4.2.1/src/newgrp.c 2014-11-26 15:06:24.666660567 +0100 +++ shadow-4.3.1/src/newgrp.c 2016-08-22 17:21:15.446291149 +0200
@@ -206,11 +206,12 @@ static void check_perms (const struct gr @@ -206,11 +206,12 @@ static void check_perms (const struct gr
strcmp (cpasswd, grp->gr_passwd) != 0) { strcmp (cpasswd, grp->gr_passwd) != 0) {
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -1161,7 +1161,7 @@ diff -up shadow-4.2.1/src/newgrp.c.audit-update shadow-4.2.1/src/newgrp.c
exit (EXIT_FAILURE); exit (EXIT_FAILURE);
} }
@@ -317,15 +306,27 @@ static void syslog_sg (const char *name, @@ -320,15 +309,27 @@ static void syslog_sg (const char *name,
is_newgrp ? "newgrp" : "sg", strerror (errno)); is_newgrp ? "newgrp" : "sg", strerror (errno));
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
if (group) { if (group) {
@ -1193,7 +1193,7 @@ diff -up shadow-4.2.1/src/newgrp.c.audit-update shadow-4.2.1/src/newgrp.c
} }
#endif #endif
exit (EXIT_FAILURE); exit (EXIT_FAILURE);
@@ -451,7 +452,7 @@ int main (int argc, char **argv) @@ -456,7 +457,7 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
audit_logger (AUDIT_CHGRP_ID, Prog, audit_logger (AUDIT_CHGRP_ID, Prog,
"changing", NULL, "changing", NULL,
@ -1202,7 +1202,7 @@ diff -up shadow-4.2.1/src/newgrp.c.audit-update shadow-4.2.1/src/newgrp.c
#endif #endif
SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)", SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)",
(unsigned long) getuid ())); (unsigned long) getuid ()));
@@ -567,15 +568,26 @@ int main (int argc, char **argv) @@ -572,15 +573,26 @@ int main (int argc, char **argv)
perror ("getgroups"); perror ("getgroups");
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
if (group) { if (group) {
@ -1233,7 +1233,7 @@ diff -up shadow-4.2.1/src/newgrp.c.audit-update shadow-4.2.1/src/newgrp.c
} }
#endif #endif
exit (EXIT_FAILURE); exit (EXIT_FAILURE);
@@ -716,10 +728,10 @@ int main (int argc, char **argv) @@ -721,10 +733,10 @@ int main (int argc, char **argv)
perror ("setgid"); perror ("setgid");
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
snprintf (audit_buf, sizeof(audit_buf), snprintf (audit_buf, sizeof(audit_buf),
@ -1246,7 +1246,7 @@ diff -up shadow-4.2.1/src/newgrp.c.audit-update shadow-4.2.1/src/newgrp.c
#endif #endif
exit (EXIT_FAILURE); exit (EXIT_FAILURE);
} }
@@ -728,10 +740,10 @@ int main (int argc, char **argv) @@ -733,10 +745,10 @@ int main (int argc, char **argv)
perror ("setuid"); perror ("setuid");
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
snprintf (audit_buf, sizeof(audit_buf), snprintf (audit_buf, sizeof(audit_buf),
@ -1259,7 +1259,7 @@ diff -up shadow-4.2.1/src/newgrp.c.audit-update shadow-4.2.1/src/newgrp.c
#endif #endif
exit (EXIT_FAILURE); exit (EXIT_FAILURE);
} }
@@ -745,10 +757,10 @@ int main (int argc, char **argv) @@ -750,10 +762,10 @@ int main (int argc, char **argv)
execl (SHELL, "sh", "-c", command, (char *) 0); execl (SHELL, "sh", "-c", command, (char *) 0);
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
snprintf (audit_buf, sizeof(audit_buf), snprintf (audit_buf, sizeof(audit_buf),
@ -1272,7 +1272,7 @@ diff -up shadow-4.2.1/src/newgrp.c.audit-update shadow-4.2.1/src/newgrp.c
#endif #endif
perror (SHELL); perror (SHELL);
exit ((errno == ENOENT) ? E_CMD_NOTFOUND : E_CMD_NOEXEC); exit ((errno == ENOENT) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
@@ -812,11 +824,11 @@ int main (int argc, char **argv) @@ -817,11 +829,11 @@ int main (int argc, char **argv)
} }
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -1286,7 +1286,7 @@ diff -up shadow-4.2.1/src/newgrp.c.audit-update shadow-4.2.1/src/newgrp.c
#endif #endif
/* /*
* Exec the login shell and go away. We are trying to get back to * Exec the login shell and go away. We are trying to get back to
@@ -840,15 +852,24 @@ int main (int argc, char **argv) @@ -845,15 +857,24 @@ int main (int argc, char **argv)
closelog (); closelog ();
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
if (NULL != group) { if (NULL != group) {
@ -1315,9 +1315,9 @@ diff -up shadow-4.2.1/src/newgrp.c.audit-update shadow-4.2.1/src/newgrp.c
} }
#endif #endif
exit (EXIT_FAILURE); exit (EXIT_FAILURE);
diff -up shadow-4.2.1/src/useradd.c.audit-update shadow-4.2.1/src/useradd.c diff -up shadow-4.3.1/src/useradd.c.audit-update shadow-4.3.1/src/useradd.c
--- shadow-4.2.1/src/useradd.c.audit-update 2014-11-26 15:06:24.648660511 +0100 --- shadow-4.3.1/src/useradd.c.audit-update 2016-08-22 17:21:15.410291055 +0200
+++ shadow-4.2.1/src/useradd.c 2014-11-26 15:14:02.446087183 +0100 +++ shadow-4.3.1/src/useradd.c 2016-08-22 17:21:15.447291152 +0200
@@ -222,6 +222,8 @@ static void create_mail (void); @@ -222,6 +222,8 @@ static void create_mail (void);
*/ */
static void fail_exit (int code) static void fail_exit (int code)
@ -1636,7 +1636,7 @@ diff -up shadow-4.2.1/src/useradd.c.audit-update shadow-4.2.1/src/useradd.c
user_name, (unsigned int) user_id, user_name, (unsigned int) user_id,
SHADOW_AUDIT_SUCCESS); SHADOW_AUDIT_SUCCESS);
#endif #endif
@@ -2098,12 +2034,6 @@ int main (int argc, char **argv) @@ -2100,12 +2036,6 @@ int main (int argc, char **argv)
*/ */
if (getpwnam (user_name) != NULL) { /* local, no need for xgetpwnam */ if (getpwnam (user_name) != NULL) { /* local, no need for xgetpwnam */
fprintf (stderr, _("%s: user '%s' already exists\n"), Prog, user_name); fprintf (stderr, _("%s: user '%s' already exists\n"), Prog, user_name);
@ -1649,7 +1649,7 @@ diff -up shadow-4.2.1/src/useradd.c.audit-update shadow-4.2.1/src/useradd.c
fail_exit (E_NAME_IN_USE); fail_exit (E_NAME_IN_USE);
} }
@@ -2119,12 +2049,6 @@ int main (int argc, char **argv) @@ -2121,12 +2051,6 @@ int main (int argc, char **argv)
fprintf (stderr, fprintf (stderr,
_("%s: group %s exists - if you want to add this user to that group, use -g.\n"), _("%s: group %s exists - if you want to add this user to that group, use -g.\n"),
Prog, user_name); Prog, user_name);
@ -1662,7 +1662,7 @@ diff -up shadow-4.2.1/src/useradd.c.audit-update shadow-4.2.1/src/useradd.c
fail_exit (E_NAME_IN_USE); fail_exit (E_NAME_IN_USE);
} }
} }
@@ -2154,12 +2078,6 @@ int main (int argc, char **argv) @@ -2156,12 +2080,6 @@ int main (int argc, char **argv)
fprintf (stderr, fprintf (stderr,
_("%s: UID %lu is not unique\n"), _("%s: UID %lu is not unique\n"),
Prog, (unsigned long) user_id); Prog, (unsigned long) user_id);
@ -1675,7 +1675,7 @@ diff -up shadow-4.2.1/src/useradd.c.audit-update shadow-4.2.1/src/useradd.c
fail_exit (E_UID_IN_USE); fail_exit (E_UID_IN_USE);
} }
} }
@@ -2223,9 +2141,10 @@ int main (int argc, char **argv) @@ -2225,9 +2143,10 @@ int main (int argc, char **argv)
_("%s: warning: the user name %s to %s SELinux user mapping failed.\n"), _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
Prog, user_name, user_selinux); Prog, user_name, user_selinux);
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -1689,9 +1689,9 @@ diff -up shadow-4.2.1/src/useradd.c.audit-update shadow-4.2.1/src/useradd.c
#endif /* WITH_AUDIT */ #endif /* WITH_AUDIT */
rv = E_SE_UPDATE; rv = E_SE_UPDATE;
} }
diff -up shadow-4.2.1/src/userdel.c.audit-update shadow-4.2.1/src/userdel.c diff -up shadow-4.3.1/src/userdel.c.audit-update shadow-4.3.1/src/userdel.c
--- shadow-4.2.1/src/userdel.c.audit-update 2014-11-26 15:06:24.655660533 +0100 --- shadow-4.3.1/src/userdel.c.audit-update 2016-08-22 17:21:15.418291076 +0200
+++ shadow-4.2.1/src/userdel.c 2014-11-26 15:16:01.892459425 +0100 +++ shadow-4.3.1/src/userdel.c 2016-08-22 17:21:15.447291152 +0200
@@ -214,9 +214,9 @@ static void update_groups (void) @@ -214,9 +214,9 @@ static void update_groups (void)
* Update the DBM group file with the new entry as well. * Update the DBM group file with the new entry as well.
*/ */
@ -1766,7 +1766,7 @@ diff -up shadow-4.2.1/src/userdel.c.audit-update shadow-4.2.1/src/userdel.c
fail_exit (E_PW_UPDATE); fail_exit (E_PW_UPDATE);
} }
pw_locked = true; pw_locked = true;
if (pw_open (O_RDWR) == 0) { if (pw_open (O_CREAT | O_RDWR) == 0) {
fprintf (stderr, fprintf (stderr,
_("%s: cannot open %s\n"), Prog, pw_dbname ()); _("%s: cannot open %s\n"), Prog, pw_dbname ());
-#ifdef WITH_AUDIT -#ifdef WITH_AUDIT
@ -1817,7 +1817,7 @@ diff -up shadow-4.2.1/src/userdel.c.audit-update shadow-4.2.1/src/userdel.c
fail_exit (E_GRP_UPDATE); fail_exit (E_GRP_UPDATE);
} }
gr_locked = true; gr_locked = true;
if (gr_open (O_RDWR) == 0) { if (gr_open (O_CREAT | O_RDWR) == 0) {
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
-#ifdef WITH_AUDIT -#ifdef WITH_AUDIT
- audit_logger (AUDIT_DEL_USER, Prog, - audit_logger (AUDIT_DEL_USER, Prog,
@ -1841,7 +1841,7 @@ diff -up shadow-4.2.1/src/userdel.c.audit-update shadow-4.2.1/src/userdel.c
fail_exit (E_GRP_UPDATE); fail_exit (E_GRP_UPDATE);
} }
sgr_locked= true; sgr_locked= true;
if (sgr_open (O_RDWR) == 0) { if (sgr_open (O_CREAT | O_RDWR) == 0) {
fprintf (stderr, _("%s: cannot open %s\n"), fprintf (stderr, _("%s: cannot open %s\n"),
Prog, sgr_dbname ()); Prog, sgr_dbname ());
-#ifdef WITH_AUDIT -#ifdef WITH_AUDIT
@ -1866,7 +1866,7 @@ diff -up shadow-4.2.1/src/userdel.c.audit-update shadow-4.2.1/src/userdel.c
fail_exit (E_SUB_UID_UPDATE); fail_exit (E_SUB_UID_UPDATE);
} }
sub_uid_locked = true; sub_uid_locked = true;
if (sub_uid_open (O_RDWR) == 0) { if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
fprintf (stderr, fprintf (stderr,
_("%s: cannot open %s\n"), Prog, sub_uid_dbname ()); _("%s: cannot open %s\n"), Prog, sub_uid_dbname ());
-#ifdef WITH_AUDIT -#ifdef WITH_AUDIT
@ -1891,7 +1891,7 @@ diff -up shadow-4.2.1/src/userdel.c.audit-update shadow-4.2.1/src/userdel.c
fail_exit (E_SUB_GID_UPDATE); fail_exit (E_SUB_GID_UPDATE);
} }
sub_gid_locked = true; sub_gid_locked = true;
if (sub_gid_open (O_RDWR) == 0) { if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
fprintf (stderr, fprintf (stderr,
_("%s: cannot open %s\n"), Prog, sub_gid_dbname ()); _("%s: cannot open %s\n"), Prog, sub_gid_dbname ());
-#ifdef WITH_AUDIT -#ifdef WITH_AUDIT
@ -2019,9 +2019,9 @@ diff -up shadow-4.2.1/src/userdel.c.audit-update shadow-4.2.1/src/userdel.c
user_name, (unsigned int) user_id, user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE); SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */ #endif /* WITH_AUDIT */
diff -up shadow-4.2.1/src/usermod.c.audit-update shadow-4.2.1/src/usermod.c diff -up shadow-4.3.1/src/usermod.c.audit-update shadow-4.3.1/src/usermod.c
--- shadow-4.2.1/src/usermod.c.audit-update 2014-11-26 15:06:24.661660551 +0100 --- shadow-4.3.1/src/usermod.c.audit-update 2016-08-22 17:21:15.441291136 +0200
+++ shadow-4.2.1/src/usermod.c 2014-11-26 15:17:38.580760741 +0100 +++ shadow-4.3.1/src/usermod.c 2016-08-22 17:21:15.448291155 +0200
@@ -447,8 +447,8 @@ static char *new_pw_passwd (char *pw_pas @@ -447,8 +447,8 @@ static char *new_pw_passwd (char *pw_pas
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -2256,7 +2256,7 @@ diff -up shadow-4.2.1/src/usermod.c.audit-update shadow-4.2.1/src/usermod.c
#endif #endif
SYSLOG ((LOG_INFO, "add '%s' to shadow group '%s'", SYSLOG ((LOG_INFO, "add '%s' to shadow group '%s'",
user_newname, nsgrp->sg_name)); user_newname, nsgrp->sg_name));
@@ -1810,8 +1821,8 @@ static void move_home (void) @@ -1758,8 +1769,8 @@ static void move_home (void)
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
if (uflg || gflg) { if (uflg || gflg) {
@ -2267,7 +2267,7 @@ diff -up shadow-4.2.1/src/usermod.c.audit-update shadow-4.2.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1); user_newname, (unsigned int) user_newid, 1);
} }
#endif #endif
@@ -1829,8 +1840,8 @@ static void move_home (void) @@ -1777,8 +1788,8 @@ static void move_home (void)
fail_exit (E_HOMEDIR); fail_exit (E_HOMEDIR);
} }
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -2278,7 +2278,7 @@ diff -up shadow-4.2.1/src/usermod.c.audit-update shadow-4.2.1/src/usermod.c
user_newname, (unsigned int) user_newid, user_newname, (unsigned int) user_newid,
1); 1);
#endif #endif
@@ -1849,9 +1860,9 @@ static void move_home (void) @@ -1797,9 +1808,9 @@ static void move_home (void)
Prog, user_home); Prog, user_home);
} }
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -2290,7 +2290,7 @@ diff -up shadow-4.2.1/src/usermod.c.audit-update shadow-4.2.1/src/usermod.c
user_newname, user_newname,
(unsigned int) user_newid, (unsigned int) user_newid,
1); 1);
@@ -2055,8 +2066,8 @@ static void move_mailbox (void) @@ -2003,8 +2014,8 @@ static void move_mailbox (void)
} }
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
else { else {
@ -2301,7 +2301,7 @@ diff -up shadow-4.2.1/src/usermod.c.audit-update shadow-4.2.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1); user_newname, (unsigned int) user_newid, 1);
} }
#endif #endif
@@ -2074,8 +2085,8 @@ static void move_mailbox (void) @@ -2022,8 +2033,8 @@ static void move_mailbox (void)
} }
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
else { else {
@ -2312,7 +2312,7 @@ diff -up shadow-4.2.1/src/usermod.c.audit-update shadow-4.2.1/src/usermod.c
user_newname, (unsigned int) user_newid, 1); user_newname, (unsigned int) user_newid, 1);
} }
#endif #endif
@@ -2217,8 +2228,8 @@ int main (int argc, char **argv) @@ -2215,8 +2226,8 @@ int main (int argc, char **argv)
_("%s: warning: the user name %s to %s SELinux user mapping failed.\n"), _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
Prog, user_name, user_selinux); Prog, user_name, user_selinux);
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -2323,7 +2323,7 @@ diff -up shadow-4.2.1/src/usermod.c.audit-update shadow-4.2.1/src/usermod.c
user_name, (unsigned int) user_id, user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE); SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */ #endif /* WITH_AUDIT */
@@ -2230,8 +2241,8 @@ int main (int argc, char **argv) @@ -2228,8 +2239,8 @@ int main (int argc, char **argv)
_("%s: warning: the user name %s to SELinux user mapping removal failed.\n"), _("%s: warning: the user name %s to SELinux user mapping removal failed.\n"),
Prog, user_name); Prog, user_name);
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
@ -2334,7 +2334,7 @@ diff -up shadow-4.2.1/src/usermod.c.audit-update shadow-4.2.1/src/usermod.c
user_name, (unsigned int) user_id, user_name, (unsigned int) user_id,
SHADOW_AUDIT_FAILURE); SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */ #endif /* WITH_AUDIT */
@@ -2269,8 +2280,8 @@ int main (int argc, char **argv) @@ -2267,8 +2278,8 @@ int main (int argc, char **argv)
*/ */
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
if (uflg || gflg) { if (uflg || gflg) {

12
shadow-4.2.1-defs-chroot.patch → shadow-4.3.1-defs-chroot.patch
View file

@ -1,18 +1,18 @@
diff -up shadow-4.2.1/src/useradd.c.defs-chroot shadow-4.2.1/src/useradd.c diff -up shadow-4.3.1/src/useradd.c.defs-chroot shadow-4.3.1/src/useradd.c
--- shadow-4.2.1/src/useradd.c.defs-chroot 2014-12-01 15:14:58.000000000 +0100 --- shadow-4.3.1/src/useradd.c.defs-chroot 2016-08-22 17:13:29.420068883 +0200
+++ shadow-4.2.1/src/useradd.c 2015-08-27 15:46:21.935698862 +0200 +++ shadow-4.3.1/src/useradd.c 2016-08-22 17:15:14.040343275 +0200
@@ -1938,8 +1938,8 @@ int main (int argc, char **argv) @@ -1938,8 +1938,8 @@ int main (int argc, char **argv)
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */
/* Needed for userns check */ #ifdef ENABLE_SUBIDS
- uid_t uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL); - uid_t uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
- uid_t uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL); - uid_t uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
+ uid_t uid_min; + uid_t uid_min;
+ uid_t uid_max; + uid_t uid_max;
#endif
/* /*
* Get my name so that I can use it to report errors. @@ -1958,6 +1958,9 @@ int main (int argc, char **argv)
@@ -1957,6 +1957,9 @@ int main (int argc, char **argv)
audit_help_open (); audit_help_open ();
#endif #endif

52
shadow-4.2.1-manfix.patch → shadow-4.3.1-manfix.patch
View file

@ -1,6 +1,6 @@
diff -up shadow-4.2.1/man/groupmems.8.xml.manfix shadow-4.2.1/man/groupmems.8.xml diff -up shadow-4.3.1/man/groupmems.8.xml.manfix shadow-4.3.1/man/groupmems.8.xml
--- shadow-4.2.1/man/groupmems.8.xml.manfix 2014-03-01 19:59:51.000000000 +0100 --- shadow-4.3.1/man/groupmems.8.xml.manfix 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/man/groupmems.8.xml 2015-11-06 14:21:03.013060324 +0100 +++ shadow-4.3.1/man/groupmems.8.xml 2016-08-22 17:08:48.486332066 +0200
@@ -179,20 +179,10 @@ @@ -179,20 +179,10 @@
<refsect1 id='setup'> <refsect1 id='setup'>
<title>SETUP</title> <title>SETUP</title>
@ -25,9 +25,9 @@ diff -up shadow-4.2.1/man/groupmems.8.xml.manfix shadow-4.2.1/man/groupmems.8.xm
</refsect1> </refsect1>
<refsect1 id='configuration'> <refsect1 id='configuration'>
diff -up shadow-4.2.1/man/chage.1.xml.manfix shadow-4.2.1/man/chage.1.xml diff -up shadow-4.3.1/man/chage.1.xml.manfix shadow-4.3.1/man/chage.1.xml
--- shadow-4.2.1/man/chage.1.xml.manfix 2014-03-01 19:59:51.000000000 +0100 --- shadow-4.3.1/man/chage.1.xml.manfix 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/man/chage.1.xml 2014-11-26 15:34:51.256978960 +0100 +++ shadow-4.3.1/man/chage.1.xml 2016-08-22 17:08:48.486332066 +0200
@@ -102,6 +102,9 @@ @@ -102,6 +102,9 @@
Set the number of days since January 1st, 1970 when the password Set the number of days since January 1st, 1970 when the password
was last changed. The date may also be expressed in the format was last changed. The date may also be expressed in the format
@ -38,9 +38,9 @@ diff -up shadow-4.2.1/man/chage.1.xml.manfix shadow-4.2.1/man/chage.1.xml
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
diff -up shadow-4.2.1/man/ja/man5/login.defs.5.manfix shadow-4.2.1/man/ja/man5/login.defs.5 diff -up shadow-4.3.1/man/ja/man5/login.defs.5.manfix shadow-4.3.1/man/ja/man5/login.defs.5
--- shadow-4.2.1/man/ja/man5/login.defs.5.manfix 2014-03-01 19:59:51.000000000 +0100 --- shadow-4.3.1/man/ja/man5/login.defs.5.manfix 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/man/ja/man5/login.defs.5 2016-01-08 09:58:29.591702354 +0100 +++ shadow-4.3.1/man/ja/man5/login.defs.5 2016-08-22 17:08:48.486332066 +0200
@@ -147,10 +147,6 @@ 以下の参照表は、 @@ -147,10 +147,6 @@ 以下の参照表は、
shadow パスワード機能のどのプログラムが shadow パスワード機能のどのプログラムが
どのパラメータを使用するかを示したものである。 どのパラメータを使用するかを示したものである。
@ -52,9 +52,9 @@ diff -up shadow-4.2.1/man/ja/man5/login.defs.5.manfix shadow-4.2.1/man/ja/man5/l
.IP groupadd 12 .IP groupadd 12
GID_MAX GID_MIN GID_MAX GID_MIN
.IP newusers 12 .IP newusers 12
diff -up shadow-4.2.1/man/login.defs.5.xml.manfix shadow-4.2.1/man/login.defs.5.xml diff -up shadow-4.3.1/man/login.defs.5.xml.manfix shadow-4.3.1/man/login.defs.5.xml
--- shadow-4.2.1/man/login.defs.5.xml.manfix 2014-03-13 06:52:55.000000000 +0100 --- shadow-4.3.1/man/login.defs.5.xml.manfix 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/man/login.defs.5.xml 2016-01-08 09:59:35.854169787 +0100 +++ shadow-4.3.1/man/login.defs.5.xml 2016-08-22 17:08:48.487332069 +0200
@@ -162,6 +162,17 @@ @@ -162,6 +162,17 @@
long numeric parameters is machine-dependent. long numeric parameters is machine-dependent.
</para> </para>
@ -105,7 +105,7 @@ diff -up shadow-4.2.1/man/login.defs.5.xml.manfix shadow-4.2.1/man/login.defs.5.
<!-- expiry: no variables (CONSOLE_GROUPS linked, but not used) --> <!-- expiry: no variables (CONSOLE_GROUPS linked, but not used) -->
<!-- faillog: no variables --> <!-- faillog: no variables -->
<varlistentry> <varlistentry>
@@ -350,34 +342,6 @@ @@ -350,34 +343,6 @@
</varlistentry> </varlistentry>
<!-- id: no variables --> <!-- id: no variables -->
<!-- lastlog: no variables --> <!-- lastlog: no variables -->
@ -191,9 +191,9 @@ diff -up shadow-4.2.1/man/login.defs.5.xml.manfix shadow-4.2.1/man/login.defs.5.
<varlistentry> <varlistentry>
<term>useradd</term> <term>useradd</term>
<listitem> <listitem>
diff -up shadow-4.2.1/man/shadow.5.xml.manfix shadow-4.2.1/man/shadow.5.xml diff -up shadow-4.3.1/man/shadow.5.xml.manfix shadow-4.3.1/man/shadow.5.xml
--- shadow-4.2.1/man/shadow.5.xml.manfix 2014-03-01 19:59:51.000000000 +0100 --- shadow-4.3.1/man/shadow.5.xml.manfix 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/man/shadow.5.xml 2015-10-27 16:54:29.304231353 +0100 +++ shadow-4.3.1/man/shadow.5.xml 2016-08-22 17:08:48.487332069 +0200
@@ -208,8 +208,8 @@ @@ -208,8 +208,8 @@
</para> </para>
<para> <para>
@ -205,10 +205,10 @@ diff -up shadow-4.2.1/man/shadow.5.xml.manfix shadow-4.2.1/man/shadow.5.xml
</para> </para>
<para> <para>
An empty field means that there are no enforcement of an An empty field means that there are no enforcement of an
diff -up shadow-4.2.1/man/useradd.8.xml.manfix shadow-4.2.1/man/useradd.8.xml diff -up shadow-4.3.1/man/useradd.8.xml.manfix shadow-4.3.1/man/useradd.8.xml
--- shadow-4.2.1/man/useradd.8.xml.manfix 2014-11-26 15:34:51.234978891 +0100 --- shadow-4.3.1/man/useradd.8.xml.manfix 2016-08-22 17:08:48.446331961 +0200
+++ shadow-4.2.1/man/useradd.8.xml 2014-11-26 15:34:51.257978963 +0100 +++ shadow-4.3.1/man/useradd.8.xml 2016-08-22 17:08:48.487332069 +0200
@@ -347,11 +347,16 @@ @@ -347,6 +347,11 @@
<option>CREATE_HOME</option> is not enabled, no home <option>CREATE_HOME</option> is not enabled, no home
directories are created. directories are created.
</para> </para>
@ -220,15 +220,9 @@ diff -up shadow-4.2.1/man/useradd.8.xml.manfix shadow-4.2.1/man/useradd.8.xml
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term> diff -up shadow-4.3.1/man/usermod.8.xml.manfix shadow-4.3.1/man/usermod.8.xml
- <option>-M</option> --- shadow-4.3.1/man/usermod.8.xml.manfix 2016-08-15 06:00:59.000000000 +0200
+ <option>-M</option>, <option>--no-create-home</option> +++ shadow-4.3.1/man/usermod.8.xml 2016-08-22 17:08:48.487332069 +0200
</term>
<listitem>
<para>
diff -up shadow-4.2.1/man/usermod.8.xml.manfix shadow-4.2.1/man/usermod.8.xml
--- shadow-4.2.1/man/usermod.8.xml.manfix 2014-03-01 19:59:51.000000000 +0100
+++ shadow-4.2.1/man/usermod.8.xml 2014-11-26 15:34:51.257978963 +0100
@@ -132,7 +132,8 @@ @@ -132,7 +132,8 @@
If the <option>-m</option> If the <option>-m</option>
option is given, the contents of the current home directory will option is given, the contents of the current home directory will

35
shadow-4.2.1-selinux-perms.patch → shadow-4.3.1-selinux-perms.patch
View file

@ -1,6 +1,6 @@
diff -up shadow-4.2.1/src/chgpasswd.c.selinux-perms shadow-4.2.1/src/chgpasswd.c diff -up shadow-4.3.1/src/chgpasswd.c.selinux-perms shadow-4.3.1/src/chgpasswd.c
--- shadow-4.2.1/src/chgpasswd.c.selinux-perms 2014-03-01 19:59:51.000000000 +0100 --- shadow-4.3.1/src/chgpasswd.c.selinux-perms 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/src/chgpasswd.c 2016-05-30 11:57:53.635841186 +0200 +++ shadow-4.3.1/src/chgpasswd.c 2016-08-22 17:25:46.825011776 +0200
@@ -39,6 +39,13 @@ @@ -39,6 +39,13 @@
#include <pwd.h> #include <pwd.h>
#include <stdio.h> #include <stdio.h>
@ -147,9 +147,9 @@ diff -up shadow-4.2.1/src/chgpasswd.c.selinux-perms shadow-4.2.1/src/chgpasswd.c
/* /*
* The updated group file entry is then put back and will * The updated group file entry is then put back and will
* be written to the group file later, after all the * be written to the group file later, after all the
diff -up shadow-4.2.1/src/chpasswd.c.selinux-perms shadow-4.2.1/src/chpasswd.c diff -up shadow-4.3.1/src/chpasswd.c.selinux-perms shadow-4.3.1/src/chpasswd.c
--- shadow-4.2.1/src/chpasswd.c.selinux-perms 2014-03-01 19:59:51.000000000 +0100 --- shadow-4.3.1/src/chpasswd.c.selinux-perms 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/src/chpasswd.c 2016-05-30 11:58:23.034484807 +0200 +++ shadow-4.3.1/src/chpasswd.c 2016-08-22 17:25:46.825011776 +0200
@@ -39,6 +39,13 @@ @@ -39,6 +39,13 @@
#include <pwd.h> #include <pwd.h>
#include <stdio.h> #include <stdio.h>
@ -257,25 +257,10 @@ diff -up shadow-4.2.1/src/chpasswd.c.selinux-perms shadow-4.2.1/src/chpasswd.c
/* /*
* The updated password file entry is then put back and will * The updated password file entry is then put back and will
* be written to the password file later, after all the * be written to the password file later, after all the
diff -up shadow-4.2.1/src/Makefile.am.selinux-perms shadow-4.2.1/src/Makefile.am diff -up shadow-4.3.1/src/Makefile.am.selinux-perms shadow-4.3.1/src/Makefile.am
--- shadow-4.2.1/src/Makefile.am.selinux-perms 2016-05-27 16:04:00.896475284 +0200 --- shadow-4.3.1/src/Makefile.am.selinux-perms 2016-08-15 06:00:59.000000000 +0200
+++ shadow-4.2.1/src/Makefile.am 2016-05-27 16:04:00.899475353 +0200 +++ shadow-4.3.1/src/Makefile.am 2016-08-22 17:25:46.825011776 +0200
@@ -84,9 +84,9 @@ chage_LDADD = $(LDADD) $(LIBPAM_SUID) @@ -87,9 +87,9 @@ chage_LDADD = $(LDADD) $(LIBPAM_SUID)
newuidmap_LDADD = $(LDADD) $(LIBSELINUX)
newgidmap_LDADD = $(LDADD) $(LIBSELINUX)
chfn_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
-chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT)
+chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBAUDIT) $(LIBCRYPT)
chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)
-chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT)
+chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBAUDIT) $(LIBCRYPT)
gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT)
groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
diff -up shadow-4.2.1/src/Makefile.in.selinux-perms shadow-4.2.1/src/Makefile.in
--- shadow-4.2.1/src/Makefile.in.selinux-perms 2016-05-27 16:04:00.896475284 +0200
+++ shadow-4.2.1/src/Makefile.in 2016-05-27 16:04:00.899475353 +0200
@@ -521,9 +521,9 @@ chage_LDADD = $(LDADD) $(LIBPAM_SUID) $(
newuidmap_LDADD = $(LDADD) $(LIBSELINUX) newuidmap_LDADD = $(LDADD) $(LIBSELINUX)
newgidmap_LDADD = $(LDADD) $(LIBSELINUX) newgidmap_LDADD = $(LDADD) $(LIBSELINUX)
chfn_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) chfn_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD)