From 8cfc807e8c10cc67ed8a0709350349adae15b04f Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Fri, 18 May 2007 09:55:31 +0000 Subject: [PATCH 1/4] Initialize branch F-7 for shadow-utils --- branch | 1 + 1 file changed, 1 insertion(+) create mode 100644 branch diff --git a/branch b/branch new file mode 100644 index 0000000..c48525c --- /dev/null +++ b/branch @@ -0,0 +1 @@ +F-7 From 9744679f21e05327dd02ae7882bacfa9d622928d Mon Sep 17 00:00:00 2001 From: Peter Vrabec Date: Tue, 5 Jun 2007 14:44:57 +0000 Subject: [PATCH 2/4] do not run find_new_uid() twice and use getpwuid() to check UID uniqueness (#236871) --- shadow-4.0.18.1-findNewUidOnce.patch | 113 +++++++++++++++++++++++++++ shadow-utils.spec | 9 ++- 2 files changed, 120 insertions(+), 2 deletions(-) create mode 100644 shadow-4.0.18.1-findNewUidOnce.patch diff --git a/shadow-4.0.18.1-findNewUidOnce.patch b/shadow-4.0.18.1-findNewUidOnce.patch new file mode 100644 index 0000000..31287a9 --- /dev/null +++ b/shadow-4.0.18.1-findNewUidOnce.patch @@ -0,0 +1,113 @@ +--- shadow-4.0.18.1/src/useradd.c.findNewUidOnce 2007-05-16 13:16:51.000000000 +0200 ++++ shadow-4.0.18.1/src/useradd.c 2007-05-16 14:12:52.000000000 +0200 +@@ -847,8 +847,9 @@ + * find_new_uid - find the next available UID + * + * find_new_uid() locates the next highest unused UID in the password +- * file, or checks the given user ID against the existing ones for +- * uniqueness. ++ * file. ++ * It doesn't make sense to use find_new_uid(), if UID is specified ++ * via "-u" option. + */ + static void find_new_uid (void) + { +@@ -867,12 +868,7 @@ + memset (index, 0, sizeof (char) * uid_max + 1); + } + +- /* +- * Start with some UID value if the user didn't provide us with +- * one already. +- */ +- if (!uflg) +- user_id = uid_min; ++ user_id = uid_min; + + /* + * Search the entire password file, either looking for this +@@ -886,42 +882,24 @@ + setpwent (); + while ((pwd = getpwent ())) { + #endif +- if (strcmp (user_name, pwd->pw_name) == 0) { +- fprintf (stderr, _("%s: name %s is not unique\n"), +- Prog, user_name); +-#ifdef WITH_AUDIT +- audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding user", +- user_name, user_id, 0); +-#endif +- exit (E_NAME_IN_USE); +- } +- if (!oflg && uflg && user_id == pwd->pw_uid) { +- fprintf (stderr, _("%s: UID %u is not unique\n"), +- Prog, (unsigned int) user_id); +-#ifdef WITH_AUDIT +- audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding user", +- user_name, user_id, 0); +-#endif +- exit (E_UID_IN_USE); +- } +- if (!uflg && !rflg && pwd->pw_uid >= user_id) { ++ if (!rflg && pwd->pw_uid >= user_id) { + if (pwd->pw_uid > uid_max) + continue; + user_id = pwd->pw_uid + 1; + } + /* create index of occupied system accounts UIDs */ +- if (!uflg && rflg && (pwd->pw_uid <= uid_max)) ++ if (rflg && (pwd->pw_uid <= uid_max)) + index[pwd->pw_uid] = 1; + + } + + /* find free system account */ +- if(!uflg && rflg) { ++ if(rflg) { + for( user_id = uid_max; (user_id >= uid_min) && index[user_id]; user_id--); + if ( user_id < uid_min ) { + fprintf (stderr, _("%s: can't get unique UID\n"), Prog); + fail_exit (E_UID_IN_USE); +- } ++ } + } + + /* +@@ -930,7 +908,7 @@ + * free UID starting with UID_MIN (it's O(n*n) but can be avoided + * by not having users with UID equal to UID_MAX). --marekm + */ +- if (!uflg && user_id == uid_max + 1) { ++ if (user_id == uid_max + 1) { + for (user_id = uid_min; user_id < uid_max; user_id++) { + #ifdef NO_GETPWENT + pw_rewind (); +@@ -1590,9 +1568,6 @@ + struct passwd pwent; + struct spwd spent; + +- if (!oflg) +- find_new_uid (); +- + /* + * Fill in the password structure with any new fields, making + * copies of strings. +@@ -1911,7 +1886,17 @@ + /* first, seek for a valid uid to use for this user. + * We do this because later we can use the uid we found as + * gid too ... --gafton */ +- find_new_uid (); ++ if (!uflg) ++ find_new_uid (); ++ else { ++ if (getpwuid (user_id)) { ++ fprintf (stderr, _("%s: UID %u is not unique\n"), Prog, (unsigned int) user_id); ++#ifdef WITH_AUDIT ++ audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding user", user_name, user_id, 0); ++#endif ++ exit (E_UID_IN_USE); ++ } ++ } + } + + /* do we have to add a group for that user? This is why we need to diff --git a/shadow-utils.spec b/shadow-utils.spec index cd88bd8..741f052 100644 --- a/shadow-utils.spec +++ b/shadow-utils.spec @@ -5,7 +5,7 @@ Summary: Utilities for managing accounts and shadow password files Name: shadow-utils Version: 4.0.18.1 -Release: 13%{?dist} +Release: 14%{?dist} Epoch: 2 URL: http://shadow.pld.org.pl/ Source0: ftp://ftp.pld.org.pl/software/shadow/shadow-%{version}.tar.bz2 @@ -26,7 +26,7 @@ Patch10: shadow-4.0.18.1-overflow.patch Patch11: shadow-4.0.17-useradd.patch Patch12: shadow-4.0.18.1-appendOption.patch Patch13: shadow-4.0.18.1-sysAccount.patch - +Patch14: shadow-4.0.18.1-findNewUidOnce.patch License: BSD Group: System Environment/Base BuildRequires: autoconf, automake, libtool, gettext-devel @@ -68,6 +68,7 @@ cp %{SOURCE3} lib/nscd.c %patch11 -p1 -b .useradd %patch12 -p1 -b .appendOption %patch13 -p1 -b .sysAccount +%patch14 -p1 -b .findNewUidOnce rm po/*.gmo rm po/stamp-po @@ -223,6 +224,10 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/*/man8/faillog.8* %changelog +* Tue Jun 06 2007 Peter Vrabec 2:4.0.18.1-14 +- do not run find_new_uid() twice and use getpwuid() to check + UID uniqueness (#236871) + * Tue Apr 10 2007 Peter Vrabec 2:4.0.18.1-13 - fix useradd dump core when build without WITH_SELINUX (#235641) From b061ab3bdf487fb7be2315fdeec42ce91cd476eb Mon Sep 17 00:00:00 2001 From: Peter Vrabec Date: Tue, 5 Jun 2007 14:50:50 +0000 Subject: [PATCH 3/4] fix infinitive loop if there are duplicate entries in /etc/group (#240915) --- shadow-4.0.18.1-groupLoop.patch | 178 ++++++++++++++++++++++++++++++++ shadow-utils.spec | 8 +- 2 files changed, 185 insertions(+), 1 deletion(-) create mode 100644 shadow-4.0.18.1-groupLoop.patch diff --git a/shadow-4.0.18.1-groupLoop.patch b/shadow-4.0.18.1-groupLoop.patch new file mode 100644 index 0000000..28c8c6b --- /dev/null +++ b/shadow-4.0.18.1-groupLoop.patch @@ -0,0 +1,178 @@ +--- shadow-4.0.18.1/src/usermod.c.groupLoop 2007-05-25 11:51:33.000000000 +0200 ++++ shadow-4.0.18.1/src/usermod.c 2007-05-25 11:51:33.000000000 +0200 +@@ -628,7 +628,7 @@ + continue; + + changed = 0; +- if (!gr_update (ngrp)) { ++ if (!gr_update_entry (grp, ngrp)) { + fprintf (stderr, + _("%s: error adding new group entry\n"), Prog); + SYSLOG ((LOG_ERR, "error adding group entry")); +@@ -770,7 +770,7 @@ + /* + * Update the group entry to reflect the changes. + */ +- if (!sgr_update (nsgrp)) { ++ if (!sgr_update_entry (sgrp, nsgrp)) { + fprintf (stderr, + _("%s: error adding new group entry\n"), Prog); + SYSLOG ((LOG_ERR, "error adding shadow group entry")); +--- shadow-4.0.18.1/src/userdel.c.groupLoop 2007-05-25 11:51:33.000000000 +0200 ++++ shadow-4.0.18.1/src/userdel.c 2007-05-25 11:51:33.000000000 +0200 +@@ -153,7 +153,7 @@ + exit (13); /* XXX */ + } + ngrp->gr_mem = del_list (ngrp->gr_mem, user_name); +- if (!gr_update (ngrp)) ++ if (!gr_update_entry (grp, ngrp)) + fprintf (stderr, + _("%s: error updating group entry\n"), Prog); + +@@ -252,7 +252,7 @@ + if (was_admin) + nsgrp->sg_adm = del_list (nsgrp->sg_adm, user_name); + +- if (!sgr_update (nsgrp)) ++ if (!sgr_update_entry (sgrp, nsgrp)) + fprintf (stderr, + _("%s: error updating group entry\n"), Prog); + #ifdef WITH_AUDIT +--- shadow-4.0.18.1/src/useradd.c.groupLoop 2007-05-25 11:51:33.000000000 +0200 ++++ shadow-4.0.18.1/src/useradd.c 2007-05-25 11:54:28.000000000 +0200 +@@ -727,30 +727,6 @@ + struct sgrp *nsgrp; + #endif + +- /* +- * Test for unique entries of user_groups in /etc/group +- * pvrabec@redhat.com +- */ +- char **user_groups_tmp = user_groups; +- +- while (*user_groups_tmp) { +- int count = 0; +- +- for (gr_rewind (), grp = gr_next (); grp && count < 2; +- grp = gr_next ()) { +- if (strcmp (*user_groups_tmp, grp->gr_name) == 0) { +- count++; +- } +- } +- if (count > 1) { +- fprintf (stderr, +- "%s: error not unique group names in group file\n", +- Prog); +- fail_exit (E_GRP_UPDATE); +- } +- user_groups_tmp++; +- } +- + /* Locking and opening of the group files moved to open_files() --gafton */ + + /* +@@ -780,7 +756,7 @@ + * update the group entry to reflect the change. + */ + ngrp->gr_mem = add_list (ngrp->gr_mem, user_name); +- if (!gr_update (ngrp)) { ++ if (!gr_update_entry (grp, ngrp)) { + fprintf (stderr, + _("%s: error adding new group entry\n"), Prog); + fail_exit (E_GRP_UPDATE); +@@ -828,7 +804,7 @@ + * update the group entry to reflect the change. + */ + nsgrp->sg_mem = add_list (nsgrp->sg_mem, user_name); +- if (!sgr_update (nsgrp)) { ++ if (!sgr_update_entry (sgrp, nsgrp)) { + fprintf (stderr, + _("%s: error adding new group entry\n"), Prog); + fail_exit (E_GRP_UPDATE); +--- shadow-4.0.18.1/lib/sgroupio.c.groupLoop 2005-08-31 19:24:56.000000000 +0200 ++++ shadow-4.0.18.1/lib/sgroupio.c 2007-05-25 11:51:33.000000000 +0200 +@@ -146,6 +146,13 @@ + return commonio_update (&gshadow_db, (const void *) sg); + } + ++int sgr_update_entry(const struct sgrp *oldgr, const struct sgrp *newgr) ++{ ++ return commonio_update_entry(&gshadow_db, (const void *) oldgr, ++ (const void *) newgr); ++} ++ ++ + int sgr_remove (const char *name) + { + return commonio_remove (&gshadow_db, name); +--- shadow-4.0.18.1/lib/groupio.c.groupLoop 2005-08-31 19:24:56.000000000 +0200 ++++ shadow-4.0.18.1/lib/groupio.c 2007-05-25 11:51:33.000000000 +0200 +@@ -128,6 +128,12 @@ + return commonio_remove (&group_db, name); + } + ++int gr_update_entry(const struct group *oldgr, const struct group *newgr) ++{ ++ return commonio_update_entry(&group_db, (const void *) oldgr, ++ (const void *) newgr); ++} ++ + int gr_rewind (void) + { + return commonio_rewind (&group_db); +--- shadow-4.0.18.1/lib/sgroupio.h.groupLoop 2005-03-31 07:14:49.000000000 +0200 ++++ shadow-4.0.18.1/lib/sgroupio.h 2007-05-25 11:51:33.000000000 +0200 +@@ -11,4 +11,5 @@ + extern int sgr_rewind (void); + extern int sgr_unlock (void); + extern int sgr_update (const struct sgrp *); ++extern int sgr_update_entry(const struct sgrp *oldgr, const struct sgrp *newgr); + extern int sgr_sort (void); +--- shadow-4.0.18.1/lib/commonio.c.groupLoop 2007-05-25 11:51:33.000000000 +0200 ++++ shadow-4.0.18.1/lib/commonio.c 2007-05-25 11:51:33.000000000 +0200 +@@ -826,6 +826,36 @@ + return 1; + } + ++int commonio_update_entry(struct commonio_db *db, const void *oldgr, ++ const void *newgr) ++{ ++ struct commonio_entry *tmp; ++ ++ if (!db->isopen || db->readonly) { ++ errno = EINVAL; ++ return 0; ++ } ++ ++ tmp = db->head; ++ while (tmp != NULL) { ++ if (oldgr == tmp->eptr) ++ break; ++ tmp = tmp->next; ++ } ++ ++ /* Didn't find this in the database; hop out */ ++ if (tmp == NULL) ++ return 0; ++ ++ tmp->eptr = db->ops->dup(newgr); ++ if (tmp->eptr == NULL) ++ return 1; ++ tmp->changed = 1; ++ ++ db->changed = 1; ++ ++ return 1; ++} + + void commonio_del_entry (struct commonio_db *db, const struct commonio_entry *p) + { +--- shadow-4.0.18.1/lib/groupio.h.groupLoop 2005-03-31 07:14:49.000000000 +0200 ++++ shadow-4.0.18.1/lib/groupio.h 2007-05-25 11:51:33.000000000 +0200 +@@ -10,4 +10,6 @@ + extern int gr_rewind (void); + extern int gr_unlock (void); + extern int gr_update (const struct group *); ++extern int gr_update_entry(const struct group *oldgr, const struct group *newgr); + extern int gr_sort (void); ++ diff --git a/shadow-utils.spec b/shadow-utils.spec index 741f052..fb494ae 100644 --- a/shadow-utils.spec +++ b/shadow-utils.spec @@ -5,7 +5,7 @@ Summary: Utilities for managing accounts and shadow password files Name: shadow-utils Version: 4.0.18.1 -Release: 14%{?dist} +Release: 15%{?dist} Epoch: 2 URL: http://shadow.pld.org.pl/ Source0: ftp://ftp.pld.org.pl/software/shadow/shadow-%{version}.tar.bz2 @@ -27,6 +27,7 @@ Patch11: shadow-4.0.17-useradd.patch Patch12: shadow-4.0.18.1-appendOption.patch Patch13: shadow-4.0.18.1-sysAccount.patch Patch14: shadow-4.0.18.1-findNewUidOnce.patch +Patch15: shadow-4.0.18.1-groupLoop.patch License: BSD Group: System Environment/Base BuildRequires: autoconf, automake, libtool, gettext-devel @@ -69,6 +70,7 @@ cp %{SOURCE3} lib/nscd.c %patch12 -p1 -b .appendOption %patch13 -p1 -b .sysAccount %patch14 -p1 -b .findNewUidOnce +%patch15 -p1 -b .groupLoop rm po/*.gmo rm po/stamp-po @@ -224,6 +226,10 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/*/man8/faillog.8* %changelog +* Tue Jun 06 2007 Peter Vrabec 2:4.0.18.1-15 +- fix infinitive loop if there are duplicate entries + in /etc/group (#240915) + * Tue Jun 06 2007 Peter Vrabec 2:4.0.18.1-14 - do not run find_new_uid() twice and use getpwuid() to check UID uniqueness (#236871) From 3c657e4c60801ed072db461aaa7dd5126f9478b5 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 29 Jul 2010 12:41:51 +0000 Subject: [PATCH 4/4] dist-git conversion --- .cvsignore => .gitignore | 0 Makefile | 6 ------ branch | 1 - 3 files changed, 7 deletions(-) rename .cvsignore => .gitignore (100%) delete mode 100644 Makefile delete mode 100644 branch diff --git a/.cvsignore b/.gitignore similarity index 100% rename from .cvsignore rename to .gitignore diff --git a/Makefile b/Makefile deleted file mode 100644 index bb1e7db..0000000 --- a/Makefile +++ /dev/null @@ -1,6 +0,0 @@ -# Makefile for source rpm: shadow-utils -# $Id: Makefile,v 1.1 2004/09/09 12:21:12 cvsdist Exp $ -NAME := shadow-utils -SPECFILE = $(firstword $(wildcard *.spec)) - -include ../common/Makefile.common diff --git a/branch b/branch deleted file mode 100644 index c48525c..0000000 --- a/branch +++ /dev/null @@ -1 +0,0 @@ -F-7