From 8cd7b2fcb7fb397ba0bebebdc5e25c4f0afa1cc0 Mon Sep 17 00:00:00 2001
From: Peter Vrabec <pvrabec@redhat.com>
Date: Mon, 18 Jun 2012 13:38:31 +0200
Subject: [PATCH] pwconv/grpconv skipped 2nd of consecutive failures (#832995)

---
 shadow-4.1.5-2ndskip.patch | 100 +++++++++++++++++++++++++++++++++++++
 shadow-utils.spec          |   7 ++-
 2 files changed, 106 insertions(+), 1 deletion(-)
 create mode 100644 shadow-4.1.5-2ndskip.patch

diff --git a/shadow-4.1.5-2ndskip.patch b/shadow-4.1.5-2ndskip.patch
new file mode 100644
index 0000000..8a9cf68
--- /dev/null
+++ b/shadow-4.1.5-2ndskip.patch
@@ -0,0 +1,100 @@
+diff -up shadow-4.1.5/src/grpconv.c.2ndskip shadow-4.1.5/src/grpconv.c
+--- shadow-4.1.5/src/grpconv.c.2ndskip	2012-06-18 13:08:34.438910815 +0200
++++ shadow-4.1.5/src/grpconv.c	2012-06-18 13:12:51.270764552 +0200
+@@ -143,6 +143,7 @@ int main (int argc, char **argv)
+ 	struct group grent;
+ 	const struct sgrp *sg;
+ 	struct sgrp sgent;
++	char *np;
+ 
+ 	Prog = Basename (argv[0]);
+ 
+@@ -184,20 +185,25 @@ int main (int argc, char **argv)
+ 	 * Remove /etc/gshadow entries for groups not in /etc/group.
+ 	 */
+ 	(void) sgr_rewind ();
+-	while ((sg = sgr_next ()) != NULL) {
+-		if (gr_locate (sg->sg_name) != NULL) {
+-			continue;
+-		}
+-
+-		if (sgr_remove (sg->sg_name) == 0) {
+-			/*
+-			 * This shouldn't happen (the entry exists) but...
+-			 */
+-			fprintf (stderr,
+-			         _("%s: cannot remove entry '%s' from %s\n"),
+-			         Prog, sg->sg_name, sgr_dbname ());
+-			fail_exit (3);
++	sg = sgr_next ();
++	np=NULL;
++	while (sg != NULL) {
++		np = strdup(sg->sg_name);
++		sg = sgr_next ();
++
++		if(gr_locate (np) == NULL) {
++			if (sgr_remove (np) == 0) {
++				/*
++				 * This shouldn't happen (the entry exists) but...
++				 */
++				fprintf (stderr,
++					 _("%s: cannot remove entry '%s' from %s\n"),
++					 Prog, np, sgr_dbname ());
++				free(np);
++				fail_exit (3);
++			}
+ 		}
++		free(np);
+ 	}
+ 
+ 	/*
+diff -up shadow-4.1.5/src/pwconv.c.2ndskip shadow-4.1.5/src/pwconv.c
+--- shadow-4.1.5/src/pwconv.c.2ndskip	2012-06-18 11:23:33.938511797 +0200
++++ shadow-4.1.5/src/pwconv.c	2012-06-18 12:57:18.396426194 +0200
+@@ -173,6 +173,7 @@ int main (int argc, char **argv)
+ 	struct passwd pwent;
+ 	const struct spwd *sp;
+ 	struct spwd spent;
++	char *np;
+ 
+ 	Prog = Basename (argv[0]);
+ 
+@@ -223,20 +224,25 @@ int main (int argc, char **argv)
+ 	 * Remove /etc/shadow entries for users not in /etc/passwd.
+ 	 */
+ 	(void) spw_rewind ();
+-	while ((sp = spw_next ()) != NULL) {
+-		if (pw_locate (sp->sp_namp) != NULL) {
+-			continue;
+-		}
+-
+-		if (spw_remove (sp->sp_namp) == 0) {
+-			/*
+-			 * This shouldn't happen (the entry exists) but...
+-			 */
+-			fprintf (stderr,
+-			         _("%s: cannot remove entry '%s' from %s\n"),
+-			         Prog, sp->sp_namp, spw_dbname ());
+-			fail_exit (E_FAILURE);
++	sp = spw_next ();
++	np = NULL;
++	while (sp != NULL) {
++		np = strdup(sp->sp_namp);
++		sp = spw_next ();
++
++		if (pw_locate (np) == NULL) {
++			if (spw_remove (np) == 0) {
++				/*
++				 * This shouldn't happen (the entry exists) but...
++				 */
++				fprintf (stderr,
++					 _("%s: cannot remove entry '%s' from %s\n"),
++					 Prog, np, spw_dbname ());
++				free(np);
++				fail_exit (E_FAILURE);
++			}
+ 		}
++		free(np);
+ 	}
+ 
+ 	/*
diff --git a/shadow-utils.spec b/shadow-utils.spec
index 269fb40..9106674 100644
--- a/shadow-utils.spec
+++ b/shadow-utils.spec
@@ -1,7 +1,7 @@
 Summary: Utilities for managing accounts and shadow password files
 Name: shadow-utils
 Version: 4.1.5
-Release: 2%{?dist}
+Release: 3%{?dist}
 Epoch: 2
 URL: http://pkg-shadow.alioth.debian.org/
 Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2
@@ -14,6 +14,7 @@ Patch3: shadow-4.1.5-uflg.patch
 Patch4: shadow-4.1.5-man.patch
 Patch5: shadow-4.1.5-grremove.patch
 Patch6: shadow-4.1.5-selinux.patch
+Patch7: shadow-4.1.5-2ndskip.patch
 License: BSD and GPLv2+
 Group: System Environment/Base
 BuildRequires: libselinux-devel >= 1.25.2-1
@@ -49,6 +50,7 @@ are used for managing group accounts.
 %patch4 -p1 -b .man
 %patch5 -p1 -b .grremove
 %patch6 -p1 -b .selinux
+%patch7 -p1 -b .2ndskip
 
 
 iconv -f ISO88591 -t utf-8  doc/HOWTO > doc/HOWTO.utf8
@@ -204,6 +206,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man8/vigr.8*
 
 %changelog
+* Mon Jun 18 2012 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.5-3
+- pwconv/grpconv skipped 2nd of consecutive failures (#832995)
+
 * Wed Mar 22 2012 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.5-2
 - fix selinux context handling
 - reset selinux context on files copied from skel