From 70078f8ff6f0b48dbbca24bf288149b86f7930f8 Mon Sep 17 00:00:00 2001
From: Peter Vrabec <pvrabec@fedoraproject.org>
Date: Tue, 14 Apr 2009 14:12:16 +0000
Subject: [PATCH] - get "-n" option back - fix selinux issues

---
 shadow-4.1.3-redhat.patch  | 38 ++++++++++++++++++++-------
 shadow-4.1.3-selinux.patch | 54 ++++++++++++++++++++++++++++++++++++++
 shadow-utils.spec          |  8 +++++-
 3 files changed, 90 insertions(+), 10 deletions(-)
 create mode 100644 shadow-4.1.3-selinux.patch

diff --git a/shadow-4.1.3-redhat.patch b/shadow-4.1.3-redhat.patch
index 2b0ce43..92ea691 100644
--- a/shadow-4.1.3-redhat.patch
+++ b/shadow-4.1.3-redhat.patch
@@ -1,6 +1,6 @@
-diff -up shadow-4.1.3-rc1/libmisc/find_new_gid.c.redhat shadow-4.1.3-rc1/libmisc/find_new_gid.c
---- shadow-4.1.3-rc1/libmisc/find_new_gid.c.redhat	2009-04-06 15:46:43.000000000 +0200
-+++ shadow-4.1.3-rc1/libmisc/find_new_gid.c	2009-04-06 15:48:29.000000000 +0200
+diff -up shadow-4.1.3/libmisc/find_new_gid.c.redhat shadow-4.1.3/libmisc/find_new_gid.c
+--- shadow-4.1.3/libmisc/find_new_gid.c.redhat	2009-04-11 17:55:13.000000000 +0200
++++ shadow-4.1.3/libmisc/find_new_gid.c	2009-04-14 14:49:34.000000000 +0200
 @@ -56,11 +56,11 @@ int find_new_gid (bool sys_group, gid_t 
  	assert (gid != NULL);
  
@@ -15,9 +15,9 @@ diff -up shadow-4.1.3-rc1/libmisc/find_new_gid.c.redhat shadow-4.1.3-rc1/libmisc
  		gid_max = getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max);
  	}
  	used_gids = alloca (sizeof (char) * gid_max +1);
-diff -up shadow-4.1.3-rc1/libmisc/find_new_uid.c.redhat shadow-4.1.3-rc1/libmisc/find_new_uid.c
---- shadow-4.1.3-rc1/libmisc/find_new_uid.c.redhat	2009-04-06 15:46:49.000000000 +0200
-+++ shadow-4.1.3-rc1/libmisc/find_new_uid.c	2009-04-06 15:48:46.000000000 +0200
+diff -up shadow-4.1.3/libmisc/find_new_uid.c.redhat shadow-4.1.3/libmisc/find_new_uid.c
+--- shadow-4.1.3/libmisc/find_new_uid.c.redhat	2009-04-11 17:53:19.000000000 +0200
++++ shadow-4.1.3/libmisc/find_new_uid.c	2009-04-14 14:49:34.000000000 +0200
 @@ -56,11 +56,11 @@ int find_new_uid (bool sys_user, uid_t *
  	assert (uid != NULL);
  
@@ -32,9 +32,9 @@ diff -up shadow-4.1.3-rc1/libmisc/find_new_uid.c.redhat shadow-4.1.3-rc1/libmisc
  		uid_max = getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max);
  	}
  	used_uids = alloca (sizeof (char) * uid_max +1);
-diff -up shadow-4.1.3-rc1/src/useradd.c.redhat shadow-4.1.3-rc1/src/useradd.c
---- shadow-4.1.3-rc1/src/useradd.c.redhat	2009-04-06 15:49:02.000000000 +0200
-+++ shadow-4.1.3-rc1/src/useradd.c	2009-04-06 15:55:22.000000000 +0200
+diff -up shadow-4.1.3/src/useradd.c.redhat shadow-4.1.3/src/useradd.c
+--- shadow-4.1.3/src/useradd.c.redhat	2009-04-11 20:39:52.000000000 +0200
++++ shadow-4.1.3/src/useradd.c	2009-04-14 14:58:17.000000000 +0200
 @@ -89,7 +89,7 @@ char *Prog;
  static gid_t def_group = 100;
  static const char *def_gname = "other";
@@ -53,3 +53,23 @@ diff -up shadow-4.1.3-rc1/src/useradd.c.redhat shadow-4.1.3-rc1/src/useradd.c
  static uid_t user_id;
  static gid_t user_gid;
  static const char *user_comment = "";
+@@ -978,9 +978,9 @@ static void process_flags (int argc, cha
+ 		};
+ 		while ((c = getopt_long (argc, argv,
+ #ifdef WITH_SELINUX
+-		                         "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:UZ:",
++		                         "b:c:d:De:f:g:G:k:K:lmMnNop:rs:u:UZ:",
+ #else
+-		                         "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:U",
++		                         "b:c:d:De:f:g:G:k:K:lmMnNop:rs:u:U",
+ #endif
+ 		                         long_options, NULL)) != -1) {
+ 			switch (c) {
+@@ -1130,6 +1130,7 @@ static void process_flags (int argc, cha
+ 			case 'M':
+ 				Mflg = true;
+ 				break;
++			case 'n':
+ 			case 'N':
+ 				Nflg = true;
+ 				break;
diff --git a/shadow-4.1.3-selinux.patch b/shadow-4.1.3-selinux.patch
new file mode 100644
index 0000000..97dc317
--- /dev/null
+++ b/shadow-4.1.3-selinux.patch
@@ -0,0 +1,54 @@
+diff -up shadow-4.1.3/src/useradd.c.selinux shadow-4.1.3/src/useradd.c
+--- shadow-4.1.3/src/useradd.c.selinux	2009-04-14 15:55:44.000000000 +0200
++++ shadow-4.1.3/src/useradd.c	2009-04-14 15:55:44.000000000 +0200
+@@ -2011,9 +2011,7 @@ int main (int argc, char **argv)
+ 	close_files ();
+ 
+ #ifdef WITH_SELINUX
+-	if (Zflg) {
+-		selinux_update_mapping ();
+-	}
++	selinux_update_mapping ();
+ #endif
+ 
+ 	nscd_flush_cache ("passwd");
+diff -up shadow-4.1.3/src/userdel.c.selinux shadow-4.1.3/src/userdel.c
+--- shadow-4.1.3/src/userdel.c.selinux	2009-04-11 18:52:42.000000000 +0200
++++ shadow-4.1.3/src/userdel.c	2009-04-14 16:01:10.000000000 +0200
+@@ -797,17 +797,6 @@ int main (int argc, char **argv)
+ 	audit_help_open ();
+ #endif
+ 
+-#ifdef WITH_SELINUX
+-	if (is_selinux_enabled () > 0) {
+-		const char *args[5];
+-		args[0] = "/usr/sbin/semanage";
+-		args[1] = "login";
+-		args[2] = "-d";
+-		args[3] = user_name;
+-		args[4] = NULL;
+-		safe_system (args[0], args, NULL, 1);
+-	}
+-#endif
+ 	/*
+ 	 * Get my name so that I can use it to report errors.
+ 	 */
+@@ -1010,6 +999,18 @@ int main (int argc, char **argv)
+ 	}
+ #endif
+ 
++#ifdef WITH_SELINUX
++	if (is_selinux_enabled () > 0) {
++		const char *args[5];
++		args[0] = "/usr/sbin/semanage";
++		args[1] = "login";
++		args[2] = "-d";
++		args[3] = user_name;
++		args[4] = NULL;
++		safe_system (args[0], args, NULL, 1);
++	}
++#endif
++
+ 	/*
+ 	 * Cancel any crontabs or at jobs. Have to do this before we remove
+ 	 * the entry from /etc/passwd.
diff --git a/shadow-utils.spec b/shadow-utils.spec
index 186c57c..f3a6a7c 100644
--- a/shadow-utils.spec
+++ b/shadow-utils.spec
@@ -1,7 +1,7 @@
 Summary: Utilities for managing accounts and shadow password files
 Name: shadow-utils
 Version: 4.1.3
-Release: 1%{?dist}
+Release: 2%{?dist}
 Epoch: 2
 URL: http://pkg-shadow.alioth.debian.org/
 Source0: ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-%{version}.tar.bz2
@@ -9,6 +9,7 @@ Source1: shadow-4.0.17-login.defs
 Source2: shadow-4.0.18.1-useradd
 Patch0: shadow-4.1.3-redhat.patch
 Patch1: shadow-4.1.3-goodname.patch
+Patch2: shadow-4.1.3-selinux.patch
 License: BSD and GPLv2+
 Group: System Environment/Base
 BuildRequires: libselinux-devel >= 1.25.2-1
@@ -35,6 +36,7 @@ are used for managing group accounts.
 %setup -q -n shadow-%{version}
 %patch0 -p1 -b .redhat
 %patch1 -p1 -b .goodname
+%patch2 -p1 -b .selinux
 
 iconv -f ISO88591 -t utf-8  doc/HOWTO > doc/HOWTO.utf8
 cp -f doc/HOWTO.utf8 doc/HOWTO
@@ -174,6 +176,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man8/vigr.8*
 
 %changelog
+* Tue Apr 14 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.3-2
+- get "-n" option back
+- fix selinux issues
+
 * Tue Apr 14 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.3-1
 - upgrade