update to current upstream release 4.5

.gitignore

@@ -6,3 +6,5 @@ shadow-4.1.4.2.tar.bz2
 /shadow-4.2.1.tar.xz
 /shadow-4.2.1.tar.xz.sig
 /shadow-4.3.1.tar.gz
+/shadow-4.5.tar.xz
+/shadow-4.5.tar.xz.asc

shadow-4.1.5-uflg.patch

@@ -1,23 +0,0 @@
-diff -up shadow-4.1.5/libmisc/find_new_gid.c.uflg shadow-4.1.5/libmisc/find_new_gid.c
---- shadow-4.1.5/libmisc/find_new_gid.c.uflg	2011-07-30 01:10:27.000000000 +0200
-+++ shadow-4.1.5/libmisc/find_new_gid.c	2012-03-19 12:51:46.090554116 +0100
-@@ -68,7 +68,7 @@ int find_new_gid (bool sys_group,
- 			return -1;
- 		}
- 	} else {
--		gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL);
-+		gid_min = (gid_t) 1;
- 		gid_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1;
- 		gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max);
- 		if (gid_max < gid_min) {
-@@ -100,6 +100,10 @@ int find_new_gid (bool sys_group,
- 		return 0;
- 	}
- 
-+        /* if we did not find free preffered system gid, we start to look for
-+         * one in the range assigned to dynamic system IDs */
-+        if (sys_group)
-+                gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL);
- 
- 	/*
- 	 * Search the entire group file,

shadow-4.1.5.1-audit-owner.patch

@@ -1,32 +0,0 @@
-diff -up shadow-4.1.5.1/src/usermod.c.audit shadow-4.1.5.1/src/usermod.c
---- shadow-4.1.5.1/src/usermod.c.audit	2011-11-21 23:02:16.000000000 +0100
-+++ shadow-4.1.5.1/src/usermod.c	2013-06-14 14:54:20.237026550 +0200
-@@ -1513,6 +1513,14 @@ static void move_home (void)
- 			fail_exit (E_HOMEDIR);
- 		}
- 
-+#ifdef WITH_AUDIT
-+		if (uflg || gflg) {
-+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
-+				      "changing home directory owner",
-+				      user_newname, (unsigned int) user_newid, 1);
-+		}
-+#endif
-+
- 		if (rename (user_home, user_newhome) == 0) {
- 			/* FIXME: rename above may have broken symlinks
- 			 *        pointing to the user's home directory
-@@ -1947,6 +1955,13 @@ int main (int argc, char **argv)
- 			 * ownership.
- 			 *
- 			 */
-+#ifdef WITH_AUDIT
-+			if (uflg || gflg) {
-+				audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
-+					      "changing home directory owner",
-+					      user_newname, (unsigned int) user_newid, 1);
-+			}
-+#endif
- 			if (chown_tree (dflg ? user_newhome : user_home,
- 			                user_id,
- 			                uflg ? user_newid  : (uid_t)-1,

shadow-4.1.5.1-backup-mode.patch

@@ -1,20 +0,0 @@
-diff -up shadow-4.1.5.1/lib/commonio.c.backup-mode shadow-4.1.5.1/lib/commonio.c
---- shadow-4.1.5.1/lib/commonio.c.backup-mode	2012-05-18 21:44:54.000000000 +0200
-+++ shadow-4.1.5.1/lib/commonio.c	2012-09-19 20:27:16.089444234 +0200
-@@ -301,15 +301,12 @@ static int create_backup (const char *ba
- 	struct utimbuf ub;
- 	FILE *bkfp;
- 	int c;
--	mode_t mask;
- 
- 	if (fstat (fileno (fp), &sb) != 0) {
- 		return -1;
- 	}
- 
--	mask = umask (077);
--	bkfp = fopen (backup, "w");
--	(void) umask (mask);
-+	bkfp = fopen_set_perms (backup, "w", &sb);
- 	if (NULL == bkfp) {
- 		return -1;
- 	}

shadow-4.1.5.1-errmsg.patch

@@ -1,23 +0,0 @@
-diff -up shadow-4.1.5.1/src/useradd.c.logmsg shadow-4.1.5.1/src/useradd.c
---- shadow-4.1.5.1/src/useradd.c.logmsg	2013-02-20 15:41:44.000000000 +0100
-+++ shadow-4.1.5.1/src/useradd.c	2013-06-14 14:22:59.529661095 +0200
-@@ -1760,6 +1760,9 @@ static void create_home (void)
- 	if (access (user_home, F_OK) != 0) {
- #ifdef WITH_SELINUX
- 		if (set_selinux_file_context (user_home, NULL) != 0) {
-+			fprintf (stderr,
-+			         _("%s: cannot set SELinux context for home directory %s\n"),
-+			         Prog, user_home);
- 			fail_exit (E_HOMEDIR);
- 		}
- #endif
-@@ -1789,6 +1792,9 @@ static void create_home (void)
- #ifdef WITH_SELINUX
- 		/* Reset SELinux to create files with default contexts */
- 		if (reset_selinux_file_context () != 0) {
-+			fprintf (stderr,
-+			         _("%s: cannot reset SELinux file creation context\n"),
-+			         Prog);
- 			fail_exit (E_HOMEDIR);
- 		}
- #endif

shadow-4.1.5.1-selinux.patch

@@ -1,99 +0,0 @@
-diff -up shadow-4.1.5.1/lib/semanage.c.selinux shadow-4.1.5.1/lib/semanage.c
---- shadow-4.1.5.1/lib/semanage.c.selinux	2012-01-08 17:35:44.000000000 +0100
-+++ shadow-4.1.5.1/lib/semanage.c	2014-09-10 10:11:55.417506128 +0200
-@@ -294,6 +294,9 @@ int set_seuser (const char *login_name,
- 
- 	ret = 0;
- 
-+        /* drop obsolete matchpathcon cache */
-+        matchpathcon_fini();
-+
- done:
- 	semanage_seuser_key_free (key);
- 	semanage_handle_destroy (handle);
-@@ -369,6 +372,10 @@ int del_seuser (const char *login_name)
- 	}
- 
- 	ret = 0;
-+
-+        /* drop obsolete matchpathcon cache */
-+        matchpathcon_fini();
-+
- done:
- 	semanage_handle_destroy (handle);
- 	return ret;
-diff -up shadow-4.1.5.1/src/useradd.c.selinux shadow-4.1.5.1/src/useradd.c
---- shadow-4.1.5.1/src/useradd.c.selinux	2014-09-10 10:10:18.791280619 +0200
-+++ shadow-4.1.5.1/src/useradd.c	2014-09-10 10:10:18.798280781 +0200
-@@ -1850,6 +1850,7 @@ static void create_mail (void)
-  */
- int main (int argc, char **argv)
- {
-+	int rv = E_SUCCESS;
- #ifdef ACCT_TOOLS_SETUID
- #ifdef USE_PAM
- 	pam_handle_t *pamh = NULL;
-@@ -2037,10 +2038,33 @@ int main (int argc, char **argv)
- 
- 	usr_update ();
- 
-+	close_files ();
-+
-+	nscd_flush_cache ("passwd");
-+	nscd_flush_cache ("group");
-+
-+#ifdef WITH_SELINUX
-+	if (Zflg && *user_selinux) {
-+		if (is_selinux_enabled () > 0) {
-+		    if (set_seuser (user_name, user_selinux) != 0) {
-+			fprintf (stderr,
-+			         _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
-+			         Prog, user_name, user_selinux);
-+#ifdef WITH_AUDIT
-+			audit_logger (AUDIT_ADD_USER, Prog,
-+			              "adding SELinux user mapping",
-+			              user_name, (unsigned int) user_id, 0);
-+#endif				/* WITH_AUDIT */
-+			rv = E_SE_UPDATE;
-+		    }
-+		}
-+	}
-+#endif
-+
- 	if (mflg) {
- 		create_home ();
- 		if (home_added) {
--			copy_tree (def_template, user_home, false, false,
-+			copy_tree (def_template, user_home, false, true,
- 			           (uid_t)-1, user_id, (gid_t)-1, user_gid);
- 		} else {
- 			fprintf (stderr,
-@@ -2056,27 +2080,6 @@ int main (int argc, char **argv)
- 		create_mail ();
- 	}
- 
--	close_files ();
--
--#ifdef WITH_SELINUX
--	if (Zflg) {
--		if (set_seuser (user_name, user_selinux) != 0) {
--			fprintf (stderr,
--			         _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
--			         Prog, user_name, user_selinux);
--#ifdef WITH_AUDIT
--			audit_logger (AUDIT_ADD_USER, Prog,
--			              "adding SELinux user mapping",
--			              user_name, (unsigned int) user_id, 0);
--#endif				/* WITH_AUDIT */
--			fail_exit (E_SE_UPDATE);
--		}
--	}
--#endif				/* WITH_SELINUX */
--
--	nscd_flush_cache ("passwd");
--	nscd_flush_cache ("group");
--
--	return E_SUCCESS;
-+	return rv;
- }
- 

shadow-4.2.1-merge-group.patch

@@ -1,13 +0,0 @@
-diff -up shadow-4.2.1/lib/groupio.c.merge-group shadow-4.2.1/lib/groupio.c
---- shadow-4.2.1/lib/groupio.c.merge-group	2014-11-26 14:33:54.039581662 +0100
-+++ shadow-4.2.1/lib/groupio.c	2014-11-26 14:46:02.841852886 +0100
-@@ -335,8 +335,7 @@ static /*@null@*/struct commonio_entry *
- 		errno = ENOMEM;
- 		return NULL;
- 	}
--	snprintf(new_line, new_line_len, "%s\n%s", gr1->line, gr2->line);
--	new_line[new_line_len] = '\0';
-+	snprintf(new_line, new_line_len + 1, "%s\n%s", gr1->line, gr2->line);
- 
- 	/* Concatenate the 2 list of members */
- 	for (i=0; NULL != gptr1->gr_mem[i]; i++);

shadow-4.3.1-defs-chroot.patch

@@ -1,24 +0,0 @@
-diff -up shadow-4.3.1/src/useradd.c.defs-chroot shadow-4.3.1/src/useradd.c
---- shadow-4.3.1/src/useradd.c.defs-chroot	2016-08-22 17:13:29.420068883 +0200
-+++ shadow-4.3.1/src/useradd.c	2016-08-22 17:15:14.040343275 +0200
-@@ -1938,8 +1938,8 @@ int main (int argc, char **argv)
- #endif				/* ACCT_TOOLS_SETUID */
- 
- #ifdef ENABLE_SUBIDS
--	uid_t uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
--	uid_t uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
-+	uid_t uid_min;
-+	uid_t uid_max;
- #endif
- 
- 	/*
-@@ -1958,6 +1958,9 @@ int main (int argc, char **argv)
- 	audit_help_open ();
- #endif
- 
-+	uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
-+	uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
-+
- 	sys_ngroups = sysconf (_SC_NGROUPS_MAX);
- 	user_groups = (char **) xmalloc ((1 + sys_ngroups) * sizeof (char *));
- 	/*

shadow-4.3.1-process-defaults.patch

@@ -1,21 +0,0 @@
-diff -up shadow-4.3.1/src/useradd.c.process-defaults shadow-4.3.1/src/useradd.c
---- shadow-4.3.1/src/useradd.c.process-defaults	2016-08-22 17:30:01.000000000 +0200
-+++ shadow-4.3.1/src/useradd.c	2016-08-25 09:49:51.454720951 +0200
-@@ -1974,6 +1974,8 @@ int main (int argc, char **argv)
- 	is_shadow_grp = sgr_file_present ();
- #endif
- 
-+	get_defaults ();
-+
- 	process_flags (argc, argv);
- 
- #ifdef ENABLE_SUBIDS
-@@ -1983,8 +1985,6 @@ int main (int argc, char **argv)
- 	    (!user_id || (user_id <= uid_max && user_id >= uid_min));
- #endif				/* ENABLE_SUBIDS */
- 
--	get_defaults ();
--
- #ifdef ACCT_TOOLS_SETUID
- #ifdef USE_PAM
- 	{

shadow-4.5-orig-context.patch

@@ -1,6 +1,6 @@
-diff -up shadow-4.1.5.1/lib/commonio.c.orig-context shadow-4.1.5.1/lib/commonio.c
---- shadow-4.1.5.1/lib/commonio.c.orig-context	2012-09-19 20:27:16.000000000 +0200
-+++ shadow-4.1.5.1/lib/commonio.c	2013-02-20 15:20:55.064962324 +0100
+diff -up shadow-4.5/lib/commonio.c.orig-context shadow-4.5/lib/commonio.c
+--- shadow-4.5/lib/commonio.c.orig-context	2017-05-17 21:19:44.000000000 +0200
++++ shadow-4.5/lib/commonio.c	2017-07-20 16:47:41.102186239 +0200
 @@ -941,7 +941,7 @@ int commonio_close (struct commonio_db *
  		snprintf (buf, sizeof buf, "%s-", db->filename);
  
@@ -10,7 +10,7 @@ diff -up shadow-4.1.5.1/lib/commonio.c.orig-context shadow-4.1.5.1/lib/commonio.
  			errors++;
  		}
  #endif
-@@ -975,7 +975,7 @@ int commonio_close (struct commonio_db *
+@@ -974,7 +974,7 @@ int commonio_close (struct commonio_db *
  	snprintf (buf, sizeof buf, "%s+", db->filename);
  
  #ifdef WITH_SELINUX
@@ -19,9 +19,9 @@ diff -up shadow-4.1.5.1/lib/commonio.c.orig-context shadow-4.1.5.1/lib/commonio.
  		errors++;
  	}
  #endif
-diff -up shadow-4.1.5.1/libmisc/copydir.c.orig-context shadow-4.1.5.1/libmisc/copydir.c
---- shadow-4.1.5.1/libmisc/copydir.c.orig-context	2012-02-13 20:16:32.000000000 +0100
-+++ shadow-4.1.5.1/libmisc/copydir.c	2013-02-20 15:19:01.495623232 +0100
+diff -up shadow-4.5/libmisc/copydir.c.orig-context shadow-4.5/libmisc/copydir.c
+--- shadow-4.5/libmisc/copydir.c.orig-context	2014-09-01 16:36:40.000000000 +0200
++++ shadow-4.5/libmisc/copydir.c	2017-07-20 16:47:41.102186239 +0200
 @@ -484,7 +484,7 @@ static int copy_dir (const char *src, co
  	 */
  
@@ -58,10 +58,10 @@ diff -up shadow-4.1.5.1/libmisc/copydir.c.orig-context shadow-4.1.5.1/libmisc/co
  		return -1;
  	}
  #endif				/* WITH_SELINUX */
-diff -up shadow-4.1.5.1/lib/prototypes.h.orig-context shadow-4.1.5.1/lib/prototypes.h
---- shadow-4.1.5.1/lib/prototypes.h.orig-context	2012-01-08 17:04:29.000000000 +0100
-+++ shadow-4.1.5.1/lib/prototypes.h	2013-02-20 15:24:17.251126575 +0100
-@@ -295,7 +295,7 @@ extern /*@observer@*/const char *crypt_m
+diff -up shadow-4.5/lib/prototypes.h.orig-context shadow-4.5/lib/prototypes.h
+--- shadow-4.5/lib/prototypes.h.orig-context	2017-05-17 21:19:44.000000000 +0200
++++ shadow-4.5/lib/prototypes.h	2017-07-20 16:47:41.102186239 +0200
+@@ -311,7 +311,7 @@ extern /*@observer@*/const char *crypt_m
  
  /* selinux.c */
  #ifdef WITH_SELINUX
@@ -70,9 +70,9 @@ diff -up shadow-4.1.5.1/lib/prototypes.h.orig-context shadow-4.1.5.1/lib/prototy
  extern int reset_selinux_file_context (void);
  #endif
  
-diff -up shadow-4.1.5.1/lib/selinux.c.orig-context shadow-4.1.5.1/lib/selinux.c
---- shadow-4.1.5.1/lib/selinux.c.orig-context	2012-01-08 17:35:44.000000000 +0100
-+++ shadow-4.1.5.1/lib/selinux.c	2013-02-20 15:16:40.383716877 +0100
+diff -up shadow-4.5/lib/selinux.c.orig-context shadow-4.5/lib/selinux.c
+--- shadow-4.5/lib/selinux.c.orig-context	2014-09-01 16:36:40.000000000 +0200
++++ shadow-4.5/lib/selinux.c	2017-07-20 16:47:41.102186239 +0200
 @@ -50,7 +50,7 @@ static bool selinux_enabled;
   *	Callers may have to Reset SELinux to create files with default
   *	contexts with reset_selinux_file_context
@@ -114,15 +114,15 @@ diff -up shadow-4.1.5.1/lib/selinux.c.orig-context shadow-4.1.5.1/lib/selinux.c
  }
  
  /*
-diff -up shadow-4.1.5.1/src/useradd.c.orig-context shadow-4.1.5.1/src/useradd.c
---- shadow-4.1.5.1/src/useradd.c.orig-context	2012-09-19 20:23:33.000000000 +0200
-+++ shadow-4.1.5.1/src/useradd.c	2013-02-20 15:19:31.221235459 +0100
-@@ -1759,7 +1759,7 @@ static void create_home (void)
+diff -up shadow-4.5/src/useradd.c.orig-context shadow-4.5/src/useradd.c
+--- shadow-4.5/src/useradd.c.orig-context	2017-07-20 16:47:41.102186239 +0200
++++ shadow-4.5/src/useradd.c	2017-07-20 16:50:28.226198387 +0200
+@@ -1945,7 +1945,7 @@ static void create_home (void)
  {
  	if (access (user_home, F_OK) != 0) {
  #ifdef WITH_SELINUX
 -		if (set_selinux_file_context (user_home) != 0) {
 +		if (set_selinux_file_context (user_home, NULL) != 0) {
- 			fail_exit (E_HOMEDIR);
- 		}
- #endif
+ 			fprintf (stderr,
+ 			         _("%s: cannot set SELinux context for home directory %s\n"),
+ 			         Prog, user_home);

shadow-4.5-selinux.patch

@@ -0,0 +1,115 @@
+diff -up shadow-4.5/lib/semanage.c.selinux shadow-4.5/lib/semanage.c
+--- shadow-4.5/lib/semanage.c.selinux	2014-09-01 16:36:40.000000000 +0200
++++ shadow-4.5/lib/semanage.c	2017-07-20 16:40:49.680297319 +0200
+@@ -294,6 +294,9 @@ int set_seuser (const char *login_name,
+ 
+ 	ret = 0;
+ 
++        /* drop obsolete matchpathcon cache */
++        matchpathcon_fini();
++
+ done:
+ 	semanage_seuser_key_free (key);
+ 	semanage_handle_destroy (handle);
+@@ -369,6 +372,10 @@ int del_seuser (const char *login_name)
+ 	}
+ 
+ 	ret = 0;
++
++        /* drop obsolete matchpathcon cache */
++        matchpathcon_fini();
++
+ done:
+ 	semanage_handle_destroy (handle);
+ 	return ret;
+diff -up shadow-4.5/src/useradd.c.selinux shadow-4.5/src/useradd.c
+--- shadow-4.5/src/useradd.c.selinux	2017-07-20 16:40:49.677297246 +0200
++++ shadow-4.5/src/useradd.c	2017-07-20 16:44:58.195275331 +0200
+@@ -2042,6 +2042,7 @@ static void create_mail (void)
+  */
+ int main (int argc, char **argv)
+ {
++	int rv = E_SUCCESS;
+ #ifdef ACCT_TOOLS_SETUID
+ #ifdef USE_PAM
+ 	pam_handle_t *pamh = NULL;
+@@ -2262,27 +2263,11 @@ int main (int argc, char **argv)
+ 
+ 	usr_update ();
+ 
+-	if (mflg) {
+-		create_home ();
+-		if (home_added) {
+-			copy_tree (def_template, user_home, false, false,
+-			           (uid_t)-1, user_id, (gid_t)-1, user_gid);
+-		} else {
+-			fprintf (stderr,
+-			         _("%s: warning: the home directory already exists.\n"
+-			           "Not copying any file from skel directory into it.\n"),
+-			         Prog);
+-		}
+-
+-	}
+-
+-	/* Do not create mail directory for system accounts */
+-	if (!rflg) {
+-		create_mail ();
+-	}
+-
+ 	close_files ();
+ 
++	nscd_flush_cache ("passwd");
++	nscd_flush_cache ("group");
++
+ 	/*
+ 	 * tallylog_reset needs to be able to lookup
+ 	 * a valid existing user name,
+@@ -2293,8 +2278,9 @@ int main (int argc, char **argv)
+ 	}
+ 
+ #ifdef WITH_SELINUX
+-	if (Zflg) {
+-		if (set_seuser (user_name, user_selinux) != 0) {
++	if (Zflg && *user_selinux) {
++		if (is_selinux_enabled () > 0) {
++		    if (set_seuser (user_name, user_selinux) != 0) {
+ 			fprintf (stderr,
+ 			         _("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
+ 			         Prog, user_name, user_selinux);
+@@ -2303,14 +2289,31 @@ int main (int argc, char **argv)
+ 			              "adding SELinux user mapping",
+ 			              user_name, (unsigned int) user_id, 0);
+ #endif				/* WITH_AUDIT */
+-			fail_exit (E_SE_UPDATE);
++			rv = E_SE_UPDATE;
++		    }
+ 		}
+ 	}
+-#endif				/* WITH_SELINUX */
++#endif
+ 
+-	nscd_flush_cache ("passwd");
+-	nscd_flush_cache ("group");
++	if (mflg) {
++		create_home ();
++		if (home_added) {
++			copy_tree (def_template, user_home, false, true,
++			           (uid_t)-1, user_id, (gid_t)-1, user_gid);
++		} else {
++			fprintf (stderr,
++			         _("%s: warning: the home directory already exists.\n"
++			           "Not copying any file from skel directory into it.\n"),
++			         Prog);
++		}
++
++	}
++
++	/* Do not create mail directory for system accounts */
++	if (!rflg) {
++		create_mail ();
++	}
+ 
+-	return E_SUCCESS;
++	return rv;
+ }
+ 

shadow-4.5-usermod-unlock.patch

@@ -1,6 +1,6 @@
-diff -up shadow-4.2.1/src/usermod.c.unlock shadow-4.2.1/src/usermod.c
---- shadow-4.2.1/src/usermod.c.unlock	2016-02-03 11:54:14.977664838 +0100
-+++ shadow-4.2.1/src/usermod.c	2016-02-09 11:52:08.244957222 +0100
+diff -up shadow-4.5/src/usermod.c.unlock shadow-4.5/src/usermod.c
+--- shadow-4.5/src/usermod.c.unlock	2017-07-20 16:52:23.641969174 +0200
++++ shadow-4.5/src/usermod.c	2017-07-20 16:54:08.109477127 +0200
 @@ -455,14 +455,17 @@ static char *new_pw_passwd (char *pw_pas
  		strcat (buf, pw_pass);
  		pw_pass = buf;
@@ -60,4 +60,4 @@ diff -up shadow-4.2.1/src/usermod.c.unlock shadow-4.2.1/src/usermod.c
 +		fail_exit(E_PW_UPDATE);
  
  	if (pflg) {
- 		spent->sp_lstchg = (long) time ((time_t *) 0) / SCALE;
+ 		spent->sp_lstchg = (long) gettime () / SCALE;

shadow-utils.spec

@@ -1,40 +1,33 @@
 Summary: Utilities for managing accounts and shadow password files
 Name: shadow-utils
-Version: 4.3.1
-Release: 3%{?dist}
+Version: 4.5
+Release: 1%{?dist}
 Epoch: 2
 URL: http://pkg-shadow.alioth.debian.org/
-Source0: https://github.com/shadow-maint/shadow/archive/%{version}.tar.gz#/shadow-%{version}.tar.gz
-Source1: shadow-utils.login.defs
+Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz
+Source1: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz.asc
 Source2: shadow-utils.useradd
+Source3: shadow-utils.login.defs
 Source4: shadow-bsd.txt
 Source5: https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
 Patch0: shadow-4.1.5-redhat.patch
 Patch1: shadow-4.1.5.1-goodname.patch
 Patch2: shadow-4.1.5.1-info-parent-dir.patch
-Patch3: shadow-4.1.5-uflg.patch
-Patch6: shadow-4.1.5.1-selinux.patch
+Patch6: shadow-4.5-selinux.patch
 Patch7: shadow-4.1.5-2ndskip.patch
-Patch8: shadow-4.1.5.1-backup-mode.patch
-Patch9: shadow-4.2.1-merge-group.patch
-Patch10: shadow-4.1.5.1-orig-context.patch
+Patch10: shadow-4.5-orig-context.patch
 Patch11: shadow-4.1.5.1-logmsg.patch
-Patch12: shadow-4.1.5.1-errmsg.patch
-Patch13: shadow-4.1.5.1-audit-owner.patch
 Patch14: shadow-4.1.5.1-default-range.patch
 Patch15: shadow-4.3.1-manfix.patch
 Patch17: shadow-4.1.5.1-userdel-helpfix.patch
-Patch18: shadow-4.1.5.1-id-alloc.patch
 Patch19: shadow-4.2.1-date-parsing.patch
 Patch20: shadow-4.1.5.1-ingroup.patch
 Patch21: shadow-4.1.5.1-move-home.patch
 Patch22: shadow-4.3.1-audit-update.patch
-Patch23: shadow-4.2.1-usermod-unlock.patch
+Patch23: shadow-4.5-usermod-unlock.patch
 Patch24: shadow-4.2.1-no-lock-dos.patch
-Patch25: shadow-4.3.1-defs-chroot.patch
 Patch28: shadow-4.3.1-selinux-perms.patch
 Patch29: shadow-4.2.1-null-tm.patch
-Patch30: shadow-4.3.1-process-defaults.patch
 
 License: BSD and GPLv2+
 Group: System Environment/Base
@@ -68,29 +61,21 @@ are used for managing group accounts.
 %patch0 -p1 -b .redhat
 %patch1 -p1 -b .goodname
 %patch2 -p1 -b .info-parent-dir
-%patch3 -p1 -b .uflg
 %patch6 -p1 -b .selinux
 %patch7 -p1 -b .2ndskip
-%patch8 -p1 -b .backup-mode
-%patch9 -p1 -b .merge-group
 %patch10 -p1 -b .orig-context
 %patch11 -p1 -b .logmsg
-%patch12 -p1 -b .errmsg
-%patch13 -p1 -b .audit-owner
 %patch14 -p1 -b .default-range
 %patch15 -p1 -b .manfix
 %patch17 -p1 -b .userdel
-%patch18 -p1 -b .id-alloc
 %patch19 -p1 -b .date-parsing
 %patch20 -p1 -b .ingroup
 %patch21 -p1 -b .move-home
 %patch22 -p1 -b .audit-update
 %patch23 -p1 -b .unlock
 %patch24 -p1 -b .no-lock-dos
-%patch25 -p1 -b .defs-chroot
 %patch28 -p1 -b .selinux-perms
 %patch29 -p1 -b .null-tm
-%patch30 -p1 -b .process-defaults
 
 iconv -f ISO88591 -t utf-8  doc/HOWTO > doc/HOWTO.utf8
 cp -f doc/HOWTO.utf8 doc/HOWTO
@@ -98,9 +83,6 @@ cp -f doc/HOWTO.utf8 doc/HOWTO
 cp -a %{SOURCE4} %{SOURCE5} .
 
 %build
-
-./autogen.sh
-
 %ifarch sparc64
 #sparc64 need big PIE
 export CFLAGS="$RPM_OPT_FLAGS -fPIE"
@@ -110,6 +92,7 @@ export CFLAGS="$RPM_OPT_FLAGS -fpie"
 export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"
 %endif
 
+autoreconf
 %configure \
         --enable-shadowgrp \
         --enable-man \
@@ -126,7 +109,7 @@ make
 rm -rf $RPM_BUILD_ROOT
 make install DESTDIR=$RPM_BUILD_ROOT gnulocaledir=$RPM_BUILD_ROOT/%{_datadir}/locale MKINSTALLDIRS=`pwd`/mkinstalldirs
 install -d -m 755 $RPM_BUILD_ROOT/%{_sysconfdir}/default
-install -p -c -m 0644 %{SOURCE1} $RPM_BUILD_ROOT/%{_sysconfdir}/login.defs
+install -p -c -m 0644 %{SOURCE3} $RPM_BUILD_ROOT/%{_sysconfdir}/login.defs
 install -p -c -m 0600 %{SOURCE2} $RPM_BUILD_ROOT/%{_sysconfdir}/default/useradd
 
 
@@ -249,6 +232,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man8/vigr.8*
 
 %changelog
+* Fri Jul 21 2017 Tomáš Mráz <tmraz@redhat.com> - 2:4.5-1
+- update to current upstream release 4.5
+
 * Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2:4.3.1-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
 

sources

@@ -1 +1,2 @@
-b6b48ef1af4eb088937c8cc47e317009  shadow-4.3.1.tar.gz
+SHA512 (shadow-4.5.tar.xz) = e57f8db54df23301c229d4be30d4cbb67efa1d1809cffcff79adc480b6019fb2b5fd09e112e82a3f00ad5a6b2994592adac93f70a631cf666b6f4723b61c87b5
+SHA512 (shadow-4.5.tar.xz.asc) = 42739e5e36e0dd1ff8e9d8721f5b4b222113afd91c927b580bc0b587d59dcdecdf938c978405b80f15a70b17f2d0589f8b6277e0e9bd23a5f3c2fc924c9b1e24