diff --git a/shadow-4.0.18.1-findNewUidOnce.patch b/shadow-4.0.18.1-findNewUidOnce.patch new file mode 100644 index 0000000..31287a9 --- /dev/null +++ b/shadow-4.0.18.1-findNewUidOnce.patch @@ -0,0 +1,113 @@ +--- shadow-4.0.18.1/src/useradd.c.findNewUidOnce 2007-05-16 13:16:51.000000000 +0200 ++++ shadow-4.0.18.1/src/useradd.c 2007-05-16 14:12:52.000000000 +0200 +@@ -847,8 +847,9 @@ + * find_new_uid - find the next available UID + * + * find_new_uid() locates the next highest unused UID in the password +- * file, or checks the given user ID against the existing ones for +- * uniqueness. ++ * file. ++ * It doesn't make sense to use find_new_uid(), if UID is specified ++ * via "-u" option. + */ + static void find_new_uid (void) + { +@@ -867,12 +868,7 @@ + memset (index, 0, sizeof (char) * uid_max + 1); + } + +- /* +- * Start with some UID value if the user didn't provide us with +- * one already. +- */ +- if (!uflg) +- user_id = uid_min; ++ user_id = uid_min; + + /* + * Search the entire password file, either looking for this +@@ -886,42 +882,24 @@ + setpwent (); + while ((pwd = getpwent ())) { + #endif +- if (strcmp (user_name, pwd->pw_name) == 0) { +- fprintf (stderr, _("%s: name %s is not unique\n"), +- Prog, user_name); +-#ifdef WITH_AUDIT +- audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding user", +- user_name, user_id, 0); +-#endif +- exit (E_NAME_IN_USE); +- } +- if (!oflg && uflg && user_id == pwd->pw_uid) { +- fprintf (stderr, _("%s: UID %u is not unique\n"), +- Prog, (unsigned int) user_id); +-#ifdef WITH_AUDIT +- audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding user", +- user_name, user_id, 0); +-#endif +- exit (E_UID_IN_USE); +- } +- if (!uflg && !rflg && pwd->pw_uid >= user_id) { ++ if (!rflg && pwd->pw_uid >= user_id) { + if (pwd->pw_uid > uid_max) + continue; + user_id = pwd->pw_uid + 1; + } + /* create index of occupied system accounts UIDs */ +- if (!uflg && rflg && (pwd->pw_uid <= uid_max)) ++ if (rflg && (pwd->pw_uid <= uid_max)) + index[pwd->pw_uid] = 1; + + } + + /* find free system account */ +- if(!uflg && rflg) { ++ if(rflg) { + for( user_id = uid_max; (user_id >= uid_min) && index[user_id]; user_id--); + if ( user_id < uid_min ) { + fprintf (stderr, _("%s: can't get unique UID\n"), Prog); + fail_exit (E_UID_IN_USE); +- } ++ } + } + + /* +@@ -930,7 +908,7 @@ + * free UID starting with UID_MIN (it's O(n*n) but can be avoided + * by not having users with UID equal to UID_MAX). --marekm + */ +- if (!uflg && user_id == uid_max + 1) { ++ if (user_id == uid_max + 1) { + for (user_id = uid_min; user_id < uid_max; user_id++) { + #ifdef NO_GETPWENT + pw_rewind (); +@@ -1590,9 +1568,6 @@ + struct passwd pwent; + struct spwd spent; + +- if (!oflg) +- find_new_uid (); +- + /* + * Fill in the password structure with any new fields, making + * copies of strings. +@@ -1911,7 +1886,17 @@ + /* first, seek for a valid uid to use for this user. + * We do this because later we can use the uid we found as + * gid too ... --gafton */ +- find_new_uid (); ++ if (!uflg) ++ find_new_uid (); ++ else { ++ if (getpwuid (user_id)) { ++ fprintf (stderr, _("%s: UID %u is not unique\n"), Prog, (unsigned int) user_id); ++#ifdef WITH_AUDIT ++ audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding user", user_name, user_id, 0); ++#endif ++ exit (E_UID_IN_USE); ++ } ++ } + } + + /* do we have to add a group for that user? This is why we need to diff --git a/shadow-utils.spec b/shadow-utils.spec index cd88bd8..741f052 100644 --- a/shadow-utils.spec +++ b/shadow-utils.spec @@ -5,7 +5,7 @@ Summary: Utilities for managing accounts and shadow password files Name: shadow-utils Version: 4.0.18.1 -Release: 13%{?dist} +Release: 14%{?dist} Epoch: 2 URL: http://shadow.pld.org.pl/ Source0: ftp://ftp.pld.org.pl/software/shadow/shadow-%{version}.tar.bz2 @@ -26,7 +26,7 @@ Patch10: shadow-4.0.18.1-overflow.patch Patch11: shadow-4.0.17-useradd.patch Patch12: shadow-4.0.18.1-appendOption.patch Patch13: shadow-4.0.18.1-sysAccount.patch - +Patch14: shadow-4.0.18.1-findNewUidOnce.patch License: BSD Group: System Environment/Base BuildRequires: autoconf, automake, libtool, gettext-devel @@ -68,6 +68,7 @@ cp %{SOURCE3} lib/nscd.c %patch11 -p1 -b .useradd %patch12 -p1 -b .appendOption %patch13 -p1 -b .sysAccount +%patch14 -p1 -b .findNewUidOnce rm po/*.gmo rm po/stamp-po @@ -223,6 +224,10 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/*/man8/faillog.8* %changelog +* Tue Jun 06 2007 Peter Vrabec 2:4.0.18.1-14 +- do not run find_new_uid() twice and use getpwuid() to check + UID uniqueness (#236871) + * Tue Apr 10 2007 Peter Vrabec 2:4.0.18.1-13 - fix useradd dump core when build without WITH_SELINUX (#235641)