ALT Linux repositórios
Group :: Sistema/Base
RPM: shadow
Main Changelog Spec Patches Sources Download Gear Bugs e FR Repocop
16 agosto 2023 Mikhail Efremov <sem at altlinux.org> 1:4.14.0-alt1
- utils: Packaged group{add,del}-{pre,post}.d directories.
- run_part: Don't fail if directory doesn't exist.
- Fixed build: drop unused variable.
- Updated to 4.14.
- usermod: Allow group and submap operations for non-local user
(closes: #46847).
- newuidmap/newgidmap: Added cap_dac_read_search to all modes (ALT #46462).
- newuidmap/newgidmap: Added check for podmanonly mode (ALT #46220).
- libsubid: Link against libpam_userpass.
- valid_field: Always reject control characters (fixes: CVE-2023-29383).
- Changed control scripts for newuidmap/newgidmap:
+ Replaced the SUID Bit with POSIX Capabilities in all the
configuration mode.
+ A new mode ("podmanonly") was added.
- Keep old login.defs when UID_MIN/GID_MIN changed.
- Increase default UID_MIN/GID_MIN to 1000.
- remove_tree: Allow a symlink as root if it shouldn't be removed.
- Added libsubid subpackage.
- Dropped disabled libshadow* subpackages.
- Fixed build without TCB.
- spec: simplified the bootstrap sequence (by Alexey Sheplyakov).
- Fixed build without PAM.
- fixed build without TCB and/or PAM (by Alexey Sheplyakov).
- useradd: Fixed Russian translation.
- Use /bin/run-parts if able.
- utils: Packaged user{add,del}-{pre,post}.d directories.
- useradd: Set default group to 100 (users).
- login.defs: Added HOME_MODE variable.
- login.defs: Added HMAC_CRYPTO_ALGO variable.
- login.defs: Added GRANT_AUX_GROUP_SUBIDS variable.
- login.defs: Added NONEXISTENT variable.
- Explicitly enabled btrfs support.
- Use 'set_verify_elf_method strict'.
- Enabled LFS on 32-bit systems.
- lib/commonio: Fixed fprintf() format.
- tcb: Added remove_tcbdir() function.
- shadow: Don't use relaxed usernames.
- newusers,pwck,useradd,usermod: Removed --badname option.
- Ensured that prefix is not '/'.
- userdel: Fixed mailbox removing.
- Added prefix support for TCB.
- Don't install libsubid static library.
- usermod: Don't call gr_free() with const variable.
- useradd: Fixed "discards 'const' qualifiers" warning.
- Updated 'alt-progname' patch.
- tcbfuncs.c: Fixed and updated selinux support.
- Updated 'copy_dir perms' patch.
- src/Makefile.am: Fixed noinst_PROGRAMS.
- Fixed license.
- Updated url.
- Updated to 4.13 (closes: #45794).
- NMU: fixed build with new selinux.
- valid_field: Check that characters are ASCII.
- login.defs: Add SAFE_PWDB_FIELDS variable.
- man: Add SAFE_PWDB_FIELDS description.
- lib: Add SAFE_PWDB_FIELDS variable.
- useradd,usermod: Use valid_field() to check fields.
- Use epoch instead of serial.
- login.defs: Add REGEXP_NAME variable.
- man: Add REGEXP_NAME description.
- pwck,grpck: Use strcasecmp() to check names.
- libmisc: Don't allow leading digits in the names with regexp too.
- utils: Check that user/group is unique.
- libmisc: Allow names to be verified by regexp (closes: #9202).
- Fix build with gcc-9.
- Backported patch from shadow-4.6:
+ newgidmap: enforce setgroups=deny if self-mapping a group
(fixes CVE-2018-7169). - Don't use deprecated PreReq.
- chfn: Silence format-truncation warning
- Fix default hashing method.
- Request automatic entropy for salt.
- vipw: Change -u option to imply -s (closes: #35097).
- Use %e2k macro.
- Fixed build with gcc-7:
+ Remove redundant const qualifier.
+ Ensure that we have enough room for filenames.
- Don't install files with suid.
- useradd: Fix lastlog_reset() argument type.
- Drop unused variables.
- Updated to 4.5.
- Don't own %_sysconfdir/default/ (closes: #32541).
- Fix possible crash if gmtime() returns NULL.
- chsh: Fix duplicate warning.
- Enable audit support.
- Don't package ChangeLog/NEWS files.
- Spec cleanup.
- submap: Add control scripts for newuidmap/newgidmap.
- Fix build: ignore write() return value.
- configure.ac: Drop man/po/Makefile.
- Drop FORCE_SHADOW.
- Don't create missing files.
- Fixes from usptream git:
+ Keep the permissions of the original file when creating a backup.
+ useradd: Read defaults after changing root directories.
+ Don't crash on bogus keys in login.defs if PAM is enabled.
+ Last bits of enabling subuids.
+ Make login.def files valid ASCII instead of UTF-8.
+ include getdef.h for getdef_bool prototype.
+ Print error message if SELinux file context manipulation fails.
+ Fix regression in useradd not loading defaults properly.
+ */Makefile.am: Replace INCLUDES with AM_CPPFLAGS. - Updated to 4.4 (fixes CVE-2016-6252).
- E2K: avoid -Werror (lcc) (by Michael Shigorin).
- Fix build on x32.
- Fix build without selinux again.
- Don't treat cpp warnings as error.
- Fix build without selinux support.
- Lazy link with -lsemanage (by Dmitry V. Levin).
- chage: Fix work with tcb.
- Package /etc/subuid and /etc/subgid files.
- Add -Werror to optflags.
- Explicitly use --with-tcb configure option.
- Fix compiler warnings.
- vipw: Check link() return status.
- useradd: Check chown/chmod return status.
- Fix uninitialized variable.
- Fix usermod's manpage.
- Add submap subpackage (closes: #31201).
- Merge ALT-specific tcb patch.
- userdel.c: Fix variable name in case of tcb.
- Add missing include in case of tcb.
- Fix build with --as-needed in case of tcb.
- Makefile: Drop passwd from suidubins.
- Update ALT-specific patches.
- Drop obsoleted patches.
- Updated to 4.2.1.
- Fix build: Remove deprecated AM_C_PROTOTYPES.
- Fixed groupmod.
- useradd: Print exit code if an error was occurred.
- Do not create mail spool if -M option was given.
- Package suite subpackage as noarch.
- Use _exit() for exit from child.
- spawn.c: Backport from upstream's svn.
- useradd: Add 'private' to allowed values of CREATE_MAIL_SPOOL.
- Don't show error message if flashing nscd cache is failed.
- gshadow.c: Drop unused variable.
- Added lib/spawn.c and lib/spawn.h.
- useradd.c: Fix fprintf() format string.
- useradd.c: Avoid redefinition of SHELL.
- Fix missing includes.
- Fix some const issues.
- Fix find_new_uid/gid for big UID/GID_MAX.
- Fix gshadow functions from shadow utils.
- Drop obsoleted %post{,un}_ldconfig.
- Rebuild for new c6.
- enable SELinux support.
- Drop all patches from spec, use gear tags.
- Updated to 4.1.4.2.
- def_load: Silence complains about missing /etc/login.defs file.
- Include local system-auth-use_first_pass into chpasswd-newusers
PAM config as it doesn't work with ldap one (#15003).
- useradd: Remove tcb user dir in case of abnormal program completion (#14091).
- Fixed a few manpage typos (#12230).
- Fixed build with new autotools.
- Added summary to control scripts.
- newgrp: Fixed potential NULL pointer dereference (#9362).
- Rebuilt for new style PAM dependencies generated by rpm-build-4.0.4-alt55.
- Fixed double free bug in userdel_rm_tcbdir().
- Synced with 4.0.4.1-owl7:
+ Report /etc/login.defs read errors to stderr, not only to syslog.
+ Removed verify checks for files controlled via control(8) facility.
+ Fixed compilation issues detected by gcc-3.4.3.
- userdel: fixed return code.
- Synced with 4.0.4.1-owl4:
+ Added the USERNAME_MAX and GROUPNAME_MAX options. - chage, chfn, chsh, gpasswd, newgrp:
+ Changed default mode to "restricted"; this is required to add
shadow-change and shadow-groups packages to default install set. - shadow-suite: new subpackage, unifies all shadow suite subpackages.
- Updated to 4.0.4.1-owl2.
- Updated patches.
- Use control macros.
- Added help to control.
- Documented user/group name restrictions (#4390).
- Keep tools at mode "restricted" in the packages, but default
them to "public" in %post when the packages are first installed.
This avoids a race and fail-open behaviour.
- Properly check the return value from pam_chauthtok() in
libmisc/pwdcheck.c: passwd_check() that is used by chfn and
chsh commands (Owl).
Thanks to Steve Grubb, Martin Schulze and Solar Designer.
- Fixed build with new gettext and autotools.
- Fixed typo in chage-chfn-chsh.pamd (#3904).
- In tcbfuncs/tcb_move(), use mode 0700 instead of mode 0 for the
directory being modified as the latter is incompatible with
the mode 0 hack in vserver kernel patches.
- Explicitly use old libtool for build.
- useradd, usermod:
fixed user_group initialization (voins, #0001875).
- PAM configuration policy enforcement.
- Rebuilt with libpam_userpass.so.1.
- Merged Owl changes:
* Thu Oct 24 2002 Solar Designer <solar@owl.openwall.com> - Cleaned up the recent changes.
- Corrected a newly introduced memory leak on an error path.
- Changed the TCB_SYMLINKS pseudo-code in login.defs(5) manual page to be
C/English rather than shell for consistency with the pam_tcb(8) page.
* Mon Aug 19 2002 Rafal Wojtczuk <nergal@owl.openwall.com> - Merged the enhancements which remove 32K users limit.
- Added control support for chage, chfn, chsh, gpasswd, and newgrp.
- copy_tree: ensure strict permissions of created files.
- chage: made "chage -l" drop its saved GID too (Owl).
- useradd, usermod: removed the extra space in "[-e expire ]" in the usage instructions (Owl).
- Updated chkname patch.
- added rollback to standart skeleton dir if it doesn't exits
- def_load: don't exit when /etc/login.defs not available.
- userdel: fixed long standing bug in path_prefix check.
- 4.0.0
- Merged in 16 patches from Owl.
- Updated default_skel and progname patches (all the rest are obsolete).
- Disabled build of unused software.
- Changed interpackage dependencies.
- shadow-convert: convert group and passwd files after first install.
- Disabled libshadow.
- Fixed typo in mailspool patch.
- Added %post scripts to ease migration.
- Split shadow-utils into several subpackages.
- Libification.
- Remade mailspool patch (new options: z,Z,K).
- Enable packaging of chsh, chfn, vipw, vigr, newgrp.
- 20000902
- Merged RH (up to 20000902-3) and Owl (up to 19990827-16owl) patches and configs.
- Get rid of /usr/sbin/{d,mk}passwd and its manpages.
- 20000826
- Merged MDK patches.
- Added progname patch.
- Merge RH patches.
- FHSification.
- Fix: updated docs about -D -k option.
- RE and Fandra adaptions.
- correct a segfault problem with NIS
- Feature: added -D -k option.
- fix segfault for userdel when the primary group for the user is not defined
- Serial: 1 because now we are using 19990827 (why the heck can't they have
a normal version just like everybody else?!) - ported all patches to the new code base
- SIGHUP nscd from usermod, too
- added usermod password locking from Chris Adams <cadams@ro.com>
- have things that modify users/groups SIGHUP nscd on exit
- have userdel remove user private groups when it is safe to do so
- allow -f to force user removal even when user appears busy in utmp
- edit out unused CHFN fields from login.defs.
- auto rebuild in the new build environment (release 7)
- configure fix for arm
- build against glibc 2.1
- Note that /usr/sbin/mkpasswd conflicts with /usr/bin/mkpasswd;
one of these (I think /usr/sbin/mkpasswd but other opinions are valid)
should probably be renamed. In any case, mkpasswd.8 from this package
needs to be installed. (problem #823)
- translations modified for de, fr, tr
- updated to 980403
- redid the patches
- updated the spec file
- updated the patch so that new accounts created on shadowed system won't
confuse pam_pwdb anymore ('!!' default password instead on '!') - fixed a bug that made useradd -G segfault
- the check for the ut_user is now patched into configure
- added patch for XOPEN oddities in glibc headers
- check for ut_user before checking for ut_name -- this works around some
confusion on glibc 2.1 due to the utmpx header not defining the ut_name
compatibility stuff. I used a gross sed hack here because I couldn't make
automake work properly on the sparc (this could be a glibc 2.0.99 problem
though). The utuser patch works fine, but I don't apply it. - sleep after running autoconf
- added forgot lastlog command to the spec file
- obsoletes adduser
- modified groupadd; updated the patch
- updated to 970616
- changed useradd to meet RH specs
- fixed some bugs
- built against glibc