mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2026-05-04 19:56:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat(sys-apps/shadow) delete ebuilds

Browse Source 
We are using the newer one in portage-overlay, these are here for no
reason, so delete them.
This commit is contained in:
Greg Kroah-Hartman 2013-07-10 23:12:54 -07:00
parent 766454a3b6
commit d60806c465
44 changed files with 0 additions and 1762 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest vendored
View File

@ -1 +0,0 @@
DIST shadow-4.1.2.2.tar.bz2 1697615 RMD160 19b8d3bc37d26d708ecad6a86e6a1f2dcc3c51d3 SHA1 6cbd29104c219ff6776eececb8068f7326d57a45 SHA256 378fbfb0e8bb8c87be239fccd692818871f763206bb7d881744f4fa72dc6b491

52
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/4.1.2.2/shadow-svn-2298.patch vendored
View File

@ -1,52 +0,0 @@
http://bugs.gentoo.org/256784
From 6f74a20a3002280f23033dea64d7186896d0dfc0 Mon Sep 17 00:00:00 2001
From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Sat, 30 Aug 2008 18:31:21 +0000
Subject: [PATCH] * configure.in: Check if the stat structure has a st_atim or
st_atimensec field.
* libmisc/copydir.c: Conditionally use the stat's st_atim and
st_atimensec fields.
git-svn-id: svn://svn.debian.org/pkg-shadow/upstream/trunk@2298 5a98b0ae-9ef6-0310-add3-de5d479b70d7
---
ChangeLog | 4 ++++
libmisc/copydir.c | 9 +++++++--
2 files changed, 11 insertions(+), 2 deletions(-)
+ * configure.in: Check if the stat structure has a st_atim or
+ st_atimensec field.
+ * libmisc/copydir.c: Conditionally use the stat's st_atim and
+ st_atimensec fields.
diff --git a/libmisc/copydir.c b/libmisc/copydir.c
index b887303..cdd2037 100644
--- a/libmisc/copydir.c
+++ b/libmisc/copydir.c
@@ -288,16 +288,21 @@ static int copy_entry (const char *src, const char *dst,
if (LSTAT (src, &sb) == -1) {
/* If we cannot stat the file, do not care. */
} else {
-#if defined(_BSD_SOURCE) || defined(_SVID_SOURCE)
+#ifdef HAVE_STRUCT_STAT_ST_ATIM
mt[0].tv_sec = sb.st_atim.tv_sec;
mt[0].tv_usec = sb.st_atim.tv_nsec / 1000;
mt[1].tv_sec = sb.st_mtim.tv_sec;
mt[1].tv_usec = sb.st_mtim.tv_nsec / 1000;
#else
mt[0].tv_sec = sb.st_atime;
- mt[0].tv_usec = sb.st_atimensec / 1000;
mt[1].tv_sec = sb.st_mtime;
+#ifdef HAVE_STRUCT_STAT_ST_ATIMENSEC
+ mt[0].tv_usec = sb.st_atimensec / 1000;
mt[1].tv_usec = sb.st_mtimensec / 1000;
+#else
+ mt[0].tv_usec = 0;
+ mt[1].tv_usec = 0;
+#endif
#endif
if (S_ISDIR (sb.st_mode)) {
--
1.6.1.2

61
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/4.1.2.2/shadow-svn-2364.patch vendored
View File

@ -1,61 +0,0 @@
http://bugs.gentoo.org/256784
From 060292366348d55eb90b5c3f4f15768ffc7639d2 Mon Sep 17 00:00:00 2001
From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Sun, 7 Sep 2008 00:05:38 +0000
Subject: [PATCH] * libmisc/copydir.c, configure.in: Check for the presence of
st_mtim and st_mtimensec, as for st_atim and st_atimensec.
git-svn-id: svn://svn.debian.org/pkg-shadow/upstream/trunk@2364 5a98b0ae-9ef6-0310-add3-de5d479b70d7
---
ChangeLog | 5 +++++
configure.in | 2 ++
libmisc/copydir.c | 17 ++++++++++++-----
3 files changed, 19 insertions(+), 5 deletions(-)
+2008-09-07 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/copydir.c, configure.in: Check for the presence of
+ st_mtim and st_mtimensec, as for st_atim and st_atimensec.
/* configure.in changes are in the 4.1.2.2 configure.in ... */
diff --git a/libmisc/copydir.c b/libmisc/copydir.c
index cdd2037..a9aec98 100644
--- a/libmisc/copydir.c
+++ b/libmisc/copydir.c
@@ -288,19 +288,26 @@ static int copy_entry (const char *src, const char *dst,
if (LSTAT (src, &sb) == -1) {
/* If we cannot stat the file, do not care. */
} else {
-#ifdef HAVE_STRUCT_STAT_ST_ATIM
+#ifdef HAVE_STRUCT_STAT_ST_ATIM
mt[0].tv_sec = sb.st_atim.tv_sec;
mt[0].tv_usec = sb.st_atim.tv_nsec / 1000;
- mt[1].tv_sec = sb.st_mtim.tv_sec;
- mt[1].tv_usec = sb.st_mtim.tv_nsec / 1000;
#else
mt[0].tv_sec = sb.st_atime;
- mt[1].tv_sec = sb.st_mtime;
#ifdef HAVE_STRUCT_STAT_ST_ATIMENSEC
mt[0].tv_usec = sb.st_atimensec / 1000;
- mt[1].tv_usec = sb.st_mtimensec / 1000;
#else
mt[0].tv_usec = 0;
+#endif
+#endif
+
+#ifdef HAVE_STRUCT_STAT_ST_MTIM
+ mt[1].tv_sec = sb.st_mtim.tv_sec;
+ mt[1].tv_usec = sb.st_mtim.tv_nsec / 1000;
+#else
+ mt[1].tv_sec = sb.st_mtime;
+#ifdef HAVE_STRUCT_STAT_ST_MTIMENSEC
+ mt[1].tv_usec = sb.st_mtimensec / 1000;
+#else
mt[1].tv_usec = 0;
#endif
#endif
--
1.6.1.2

7
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/default/useradd vendored
View File

@ -1,7 +0,0 @@
# useradd defaults file
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel

212
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.defs vendored
View File

@ -1,212 +0,0 @@
#
# /etc/login.defs - Configuration control definitions for the login package.
#
# $Id: login.defs,v 1.6 2006/03/12 23:47:08 flameeyes Exp $
#
# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH.
# If unspecified, some arbitrary (and possibly incorrect) value will
# be assumed. All other items are optional - if not specified then
# the described action or option will be inhibited.
#
# Comment lines (lines beginning with "#") and blank lines are ignored.
#
# Modified for Linux. --marekm
#
# Delay in seconds before being allowed another attempt after a login failure
#
FAIL_DELAY 3
#
# Enable display of unknown usernames when login failures are recorded.
#
LOG_UNKFAIL_ENAB no
#
# Enable logging of successful logins
#
LOG_OK_LOGINS no
#
# Enable "syslog" logging of su activity - in addition to sulog file logging.
# SYSLOG_SG_ENAB does the same for newgrp and sg.
#
SYSLOG_SU_ENAB yes
SYSLOG_SG_ENAB yes
#
# If defined, either full pathname of a file containing device names or
# a ":" delimited list of device names. Root logins will be allowed only
# upon these devices.
#
CONSOLE /etc/securetty
#CONSOLE console:tty01:tty02:tty03:tty04
#
# If defined, all su activity is logged to this file.
#
#SULOG_FILE /var/log/sulog
#
# If defined, file which maps tty line to TERM environment parameter.
# Each line of the file is in a format something like "vt100 tty01".
#
#TTYTYPE_FILE /etc/ttytype
#
# If defined, the command name to display when running "su -". For
# example, if this is defined as "su" then a "ps" will display the
# command is "-su". If not defined, then "ps" would display the
# name of the shell actually being run, e.g. something like "-sh".
#
SU_NAME su
#
# *REQUIRED*
# Directory where mailboxes reside, _or_ name of file, relative to the
# home directory. If you _do_ define both, MAIL_DIR takes precedence.
#
MAIL_DIR /var/spool/mail
#
# If defined, file which inhibits all the usual chatter during the login
# sequence. If a full pathname, then hushed mode will be enabled if the
# user's name or shell are found in the file. If not a full pathname, then
# hushed mode will be enabled if the file exists in the user's home directory.
#
HUSHLOGIN_FILE .hushlogin
#HUSHLOGIN_FILE /etc/hushlogins
#
# *REQUIRED* The default PATH settings, for superuser and normal users.
#
# (they are minimal, add the rest in the shell startup files)
ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin
ENV_PATH PATH=/bin:/usr/bin
#
# Terminal permissions
#
# TTYGROUP Login tty will be assigned this group ownership.
# TTYPERM Login tty will be set to this permission.
#
# If you have a "write" program which is "setgid" to a special group
# which owns the terminals, define TTYGROUP to the group number and
# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
# TTYPERM to either 622 or 600.
#
TTYGROUP tty
TTYPERM 0600
#
# Login configuration initializations:
#
# ERASECHAR Terminal ERASE character ('\010' = backspace).
# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
# UMASK Default "umask" value.
#
# The ERASECHAR and KILLCHAR are used only on System V machines.
# The ULIMIT is used only if the system supports it.
# (now it works with setrlimit too; ulimit is in 512-byte units)
#
# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
#
ERASECHAR 0177
KILLCHAR 025
UMASK 022
#
# Password aging controls:
#
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
# PASS_WARN_AGE Number of days warning given before a password expires.
#
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_WARN_AGE 7
#
# Min/max values for automatic uid selection in useradd
#
UID_MIN 1000
UID_MAX 60000
#
# Min/max values for automatic gid selection in groupadd
#
GID_MIN 100
GID_MAX 60000
#
# Max number of login retries if password is bad
#
LOGIN_RETRIES 3
#
# Max time in seconds for login
#
LOGIN_TIMEOUT 60
#
# Which fields may be changed by regular users using chfn - use
# any combination of letters "frwh" (full name, room number, work
# phone, home phone). If not defined, no changes are allowed.
# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
#
CHFN_RESTRICT rwh
#
# List of groups to add to the user's supplementary group set
# when logging in on the console (as determined by the CONSOLE
# setting). Default is none.
#
# Use with caution - it is possible for users to gain permanent
# access to these groups, even when not logged in on the console.
# How to do it is left as an exercise for the reader...
#
#CONSOLE_GROUPS floppy:audio:cdrom
#
# Should login be allowed if we can't cd to the home directory?
# Default in no.
#
DEFAULT_HOME yes
#
# If defined, this command is run when removing a user.
# It should remove any at/cron/print jobs etc. owned by
# the user to be removed (passed as the first argument).
#
#USERDEL_CMD /usr/sbin/userdel_local
#
# When prompting for password without echo, getpass() can optionally
# display a random number (in the range 1 to GETPASS_ASTERISKS) of '*'
# characters for each character typed. This feature is designed to
# confuse people looking over your shoulder when you enter a password :-).
# Also, the new getpass() accepts both Backspace (8) and Delete (127)
# keys to delete previous character (to cope with different terminal
# types), Control-U to delete all characters, and beeps when there are
# no more characters to delete, or too many characters entered.
#
# Setting GETPASS_ASTERISKS to 1 results in more traditional behaviour -
# exactly one '*' displayed for each character typed.
#
# Setting GETPASS_ASTERISKS to 0 disables the '*' characters (Backspace,
# Delete, Control-U and beep continue to work as described above).
#
# Setting GETPASS_ASTERISKS to -1 reverts to the traditional getpass()
# without any new features. This is the default.
#
GETPASS_ASTERISKS 0
#
# Enable setting of the umask group bits to be the same as owner bits
# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
# the same as gid, and username is the same as the primary group name.
#
# This also enables userdel to remove user groups if no members exist.
#
USERGROUPS_ENAB yes

30
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd vendored
View File

@ -1,30 +0,0 @@
#%PAM-1.0
auth required pam_securetty.so
auth include system-auth
auth required pam_tally.so file=/var/log/faillog onerr=succeed no_magic_root
auth required pam_shells.so
auth required pam_nologin.so
account required pam_access.so
account include system-auth
account required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed no_magic_root
password include system-auth
@selinux@# pam_selinux.so close should be the first session rule
@selinux@session required pam_selinux.so close
@selinux@
session include system-auth
session required pam_env.so
session optional pam_lastlog.so
session optional pam_motd.so motd=/etc/motd
session optional pam_mail.so
# If you want to enable pam_console, uncomment the following line
# and read carefully README.pam_console in /usr/share/doc/pam*
#session optional pam_console.so
@selinux@# pam_selinux.so open should be the last session rule
@selinux@session required pam_selinux.so multiple open
@selinux@

31
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.1 vendored
View File

@ -1,31 +0,0 @@
#%PAM-1.0
auth required pam_securetty.so
auth required pam_tally.so file=/var/log/faillog onerr=succeed no_magic_root
auth required pam_shells.so
auth required pam_nologin.so
auth include system-auth
account required pam_access.so
account include system-auth
account required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed no_magic_root
password include system-auth
@selinux@# pam_selinux.so close should be the first session rule
@selinux@session required pam_selinux.so close
@selinux@
session required pam_env.so
session optional pam_lastlog.so
session optional pam_motd.so motd=/etc/motd
session optional pam_mail.so
# If you want to enable pam_console, uncomment the following line
# and read carefully README.pam_console in /usr/share/doc/pam*
#session optional pam_console.so
session include system-auth
@selinux@# pam_selinux.so open should be the last session rule
@selinux@session required pam_selinux.so multiple open
@selinux@

28
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.2 vendored
View File

@ -1,28 +0,0 @@
#%PAM-1.0
auth include chromeos-auth
auth required pam_securetty.so
auth required pam_tally.so file=/var/log/faillog onerr=succeed
auth required pam_shells.so
auth required pam_nologin.so
auth include system-auth
account required pam_access.so
account include system-auth
account required pam_tally.so file=/var/log/faillog onerr=succeed
password include system-auth
#%EPAM-Use-Flag:selinux%## pam_selinux.so close should be the first session rule
#%EPAM-Use-Flag:selinux%#session required pam_selinux.so close
#%EPAM-Use-Flag:selinux%#
session required pam_env.so
session optional pam_lastlog.so
session optional pam_motd.so motd=/etc/motd
session optional pam_mail.so
session include system-auth
#%EPAM-Use-Flag:selinux%## pam_selinux.so open should be the last session rule
#%EPAM-Use-Flag:selinux%#session required pam_selinux.so multiple open
#%EPAM-Use-Flag:selinux%#

6
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.3 vendored
View File

@ -1,6 +0,0 @@
auth required pam_securetty.so
auth include system-local-login
account include system-local-login
password include system-local-login
session include system-local-login

32
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs.awk vendored
View File

@ -1,32 +0,0 @@
# Fixes up login defs for PAM by commenting all non-PAM options and adding a
# comment that it is not supported with PAM.
#
# Call with lib/getdef.c and etc/login.defs as args in the root source directory
# of shadow, ie:
#
# gawk -f login_defs.awk lib/getdef.c etc/login.defs > login.defs.new
#
(FILENAME == "lib/getdef.c") {
if ($2 == "USE_PAM")
start_printing = 1
else if ($1 == "#endif")
nextfile
else if (start_printing == 1)
VARS[count++] = substr($1, 3, length($1) - 4)
}
(FILENAME != "lib/getdef.c") {
print_line = 1
for (x in VARS) {
regex = "(^|#)" VARS[x]
if ($0 ~ regex) {
print_line = 0
printf("%s%s\t(NOT SUPPORTED WITH PAM)\n",
($0 ~ /^#/) ? "" : "#", $0)
}
}
if (print_line)
print $0
}

24
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed vendored
View File

@ -1,24 +0,0 @@
/^FAILLOG_ENAB/b comment
/^LASTLOG_ENAB/b comment
/^MAIL_CHECK_ENAB/b comment
/^OBSCURE_CHECKS_ENAB/b comment
/^PORTTIME_CHECKS_ENAB/b comment
/^QUOTAS_ENAB/b comment
/^MOTD_FILE/b comment
/^FTMP_FILE/b comment
/^NOLOGINS_FILE/b comment
/^ENV_HZ/b comment
/^PASS_MIN_LEN/b comment
/^SU_WHEEL_ONLY/b comment
/^CRACKLIB_DICTPATH/b comment
/^PASS_CHANGE_TRIES/b comment
/^PASS_ALWAYS_WARN/b comment
/^CHFN_AUTH/b comment
/^ENVIRON_FILE/b comment
b exit
: comment
s:^:#:
: exit

12
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/login vendored
View File

@ -1,12 +0,0 @@
#%PAM-1.0
auth required pam_securetty.so
auth include system-auth
auth required pam_nologin.so
account include system-auth
password include system-auth
session include system-auth
session optional pam_console.so

9
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/other vendored
View File

@ -1,9 +0,0 @@
#%PAM-1.0
auth required pam_deny.so
account required pam_deny.so
password required pam_deny.so
session required pam_deny.so

5
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/passwd vendored
View File

@ -1,5 +0,0 @@
#%PAM-1.0
auth include system-auth
account include system-auth
password include system-auth

8
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/shadow vendored
View File

@ -1,8 +0,0 @@
#%PAM-1.0
auth sufficient pam_rootok.so
auth required pam_permit.so
account include system-auth
password required pam_permit.so

32
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/su vendored
View File

@ -1,32 +0,0 @@
#%PAM-1.0
auth sufficient pam_rootok.so
# If you want to restrict users begin allowed to su even more,
# create /etc/security/suauth.allow (or to that matter) that is only
# writable by root, and add users that are allowed to su to that
# file, one per line.
#auth required pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow
# Uncomment this to allow users in the wheel group to su without
# entering a passwd.
#auth sufficient pam_wheel.so use_uid trust
# Alternatively to above, you can implement a list of users that do
# not need to supply a passwd with a list.
#auth sufficient pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass
# Comment this to allow any user, even those not in the 'wheel'
# group to su
auth required pam_wheel.so use_uid
auth include system-auth
account include system-auth
password include system-auth
session include system-auth
session required pam_env.so
session optional pam_xauth.so

14
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/su-openpam vendored
View File

@ -1,14 +0,0 @@
#%PAM-1.0
auth sufficient pam_rootok.so
auth include system-auth
account include system-auth
password include system-auth
session include system-auth
session required pam_env.so
session optional pam_xauth.so

14
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/system-auth vendored
View File

@ -1,14 +0,0 @@
#%PAM-1.0
auth required pam_env.so
auth sufficient pam_unix.so likeauth nullok nodelay
auth required pam_deny.so
account required pam_unix.so
password required pam_cracklib.so retry=3
password sufficient pam_unix.so nullok md5 shadow use_authtok
password required pam_deny.so
session required pam_limits.so
session required pam_unix.so

14
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/system-auth-1.1 vendored
View File

@ -1,14 +0,0 @@
#%PAM-1.0
auth required pam_env.so
auth sufficient pam_unix.so likeauth nullok
auth required pam_deny.so
account required pam_unix.so
password required pam_cracklib.so retry=3
password sufficient pam_unix.so nullok md5 shadow use_authtok
password required pam_deny.so
session required pam_limits.so
session required pam_unix.so

35
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/securetty vendored
View File

@ -1,35 +0,0 @@
# /etc/securetty: list of terminals on which root is allowed to login.
# See securetty(5) and login(1).
console
vc/0
vc/1
vc/2
vc/3
vc/4
vc/5
vc/6
vc/7
vc/8
vc/9
vc/10
vc/11
vc/12
tty0
tty1
tty2
tty3
tty4
tty5
tty6
tty7
tty8
tty9
tty10
tty11
tty12
tts/0
ttyS0
ttySAC1
ttySAC3

46
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.11.1-perms.patch vendored
View File

@ -1,46 +0,0 @@
--- src/Makefile.am 2005-08-01 12:29:59.000000000 +0200
+++ src.az/Makefile.am 2005-08-01 12:30:44.000000000 +0200
@@ -45,6 +45,8 @@ noinst_PROGRAMS = id sulogin
suidbins = su
suidubins = chage chfn chsh expiry gpasswd newgrp passwd
+suidbinperms = 4711
+suidubinperms = 4711
LDADD = $(top_builddir)/libmisc/libmisc.a \
$(top_builddir)/lib/libshadow.la
@@ -79,8 +81,8 @@ install-am: all-am
ln -sf newgrp $(DESTDIR)$(ubindir)/sg
ln -sf vipw $(DESTDIR)$(usbindir)/vigr
for i in $(suidbins); do \
- chmod -f 4755 $(DESTDIR)$(bindir)/$$i; \
+ chmod -f $(suidbinperms) $(DESTDIR)$(bindir)/$$i; \
done
for i in $(suidubins); do \
- chmod -f 4755 $(DESTDIR)$(ubindir)/$$i; \
+ chmod -f $(suidubinperms) $(DESTDIR)$(ubindir)/$$i; \
done
--- src/Makefile.in 2005-08-01 12:31:07.000000000 +0200
+++ src.az/Makefile.in 2005-08-01 12:33:54.000000000 +0200
@@ -346,6 +346,8 @@ INCLUDES = \
suidbins = su
suidubins = chage chfn chsh expiry gpasswd newgrp passwd
+suidbinperms = 4711
+suidubinperms = 4711
LDADD = $(top_builddir)/libmisc/libmisc.a \
$(top_builddir)/lib/libshadow.la
@@ -839,10 +841,10 @@ install-am: all-am
ln -sf newgrp $(DESTDIR)$(ubindir)/sg
ln -sf vipw $(DESTDIR)$(usbindir)/vigr
for i in $(suidbins); do \
- chmod -f 4755 $(DESTDIR)$(bindir)/$$i; \
+ chmod -f $(suidbinperms) $(DESTDIR)$(bindir)/$$i; \
done
for i in $(suidubins); do \
- chmod -f 4755 $(DESTDIR)$(ubindir)/$$i; \
+ chmod -f $(suidubinperms) $(DESTDIR)$(ubindir)/$$i; \
done
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.

30
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.12-gcc2.patch vendored
View File

@ -1,30 +0,0 @@
Fix compiling with gcc-2.95.x:
-----
newgrp.c: In function `main':
newgrp.c:459: parse error before `child'
newgrp.c:467: `child' undeclared (first use in this function)
newgrp.c:467: (Each undeclared identifier is reported only once
newgrp.c:467: for each function it appears in.)
newgrp.c:476: `pid' undeclared (first use in this function)
make[2]: *** [newgrp.o] Error 1
-----
--- shadow-4.0.12/src/newgrp.c 2005-08-24 13:30:51.000000000 +0200
+++ shadow-4.0.12.az/src/newgrp.c 2005-08-24 13:31:01.000000000 +0200
@@ -424,6 +424,7 @@
if (getdef_bool ("SYSLOG_SG_ENAB")) {
char *loginname = getlogin ();
char *tty = ttyname (0);
+ pid_t child, pid;
if (loginname != NULL)
loginname = xstrdup (loginname);
@@ -456,7 +457,6 @@
* avoid any possibility of the parent being stopped when it
* receives SIGCHLD from the terminating subshell. -- JWP
*/
- pid_t child, pid;
signal (SIGINT, SIG_IGN);
signal (SIGQUIT, SIG_IGN);

28
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-dots-in-usernames.patch vendored
View File

@ -1,28 +0,0 @@
Allow people to add users with dots in their names.
http://bugs.gentoo.org/22920
Index: libmisc/chkname.c
===================================================================
RCS file: /cvsroot/shadow/libmisc/chkname.c,v
retrieving revision 1.11
diff -u -p -r1.11 chkname.c
--- libmisc/chkname.c 31 Aug 2005 17:24:57 -0000 1.11
+++ libmisc/chkname.c 10 Oct 2005 22:20:16 -0000
@@ -18,7 +18,7 @@
static int good_name (const char *name)
{
/*
- * User/group names must match [a-z_][a-z0-9_-]*[$]
+ * User/group names must match [a-z_][a-z0-9_-.]*[$]
*/
if (!*name || !((*name >= 'a' && *name <= 'z') || *name == '_'))
return 0;
@@ -27,6 +27,7 @@ static int good_name (const char *name)
if (!((*name >= 'a' && *name <= 'z') ||
(*name >= '0' && *name <= '9') ||
*name == '_' || *name == '-' ||
+ *name == '.' ||
(*name == '$' && *(name + 1) == '\0')))
return 0;
}

18
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-long-groupnames.patch vendored
View File

@ -1,18 +0,0 @@
Remove arbitrary requirement on the length of groups. Perhaps we
should turn this into a configure option and send upstream ?
http://bugs.gentoo.org/3485
--- libmisc/chkname.c
+++ libmisc/chkname.c
@@ -59,8 +60,10 @@
* Arbitrary limit for group names - max 16
* characters (same as on HP-UX 10).
*/
+#if 0
if (strlen (name) > 16)
return 0;
+#endif
return good_name (name);
}

53
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-nonis.patch vendored
View File

@ -1,53 +0,0 @@
--- src/login_nopam.c
+++ src/login_nopam.c
@@ -50,7 +50,9 @@
#include <netinet/in.h>
#include <arpa/inet.h> /* for inet_ntoa() */
extern struct group *getgrnam ();
+#ifdef USE_NIS
extern int innetgr ();
+#endif
#if !defined(MAXHOSTNAMELEN) || (MAXHOSTNAMELEN < 64)
#undef MAXHOSTNAMELEN
@@ -178,6 +180,7 @@ static char *myhostname (void)
return (name);
}
+#ifdef USE_NIS
/* netgroup_match - match group against machine or user */
static int
netgroup_match (const char *group, const char *machine, const char *user)
@@ -193,6 +196,7 @@ netgroup_match (const char *group, const
return innetgr (group, machine, user, mydomain);
}
+#endif
/* user_match - match a username against one token */
static int user_match (const char *tok, const char *string)
@@ -214,8 +218,10 @@ static int user_match (const char *tok,
*at = 0;
return (user_match (tok, string)
&& from_match (at + 1, myhostname ()));
+#ifdef USE_NIS
} else if (tok[0] == '@') { /* netgroup */
return (netgroup_match (tok + 1, (char *) 0, string));
+#endif
} else if (string_match (tok, string)) { /* ALL or exact match */
return (YES);
} else if ((group = getgrnam (tok))) { /* try group membership */
@@ -271,9 +277,12 @@ static int from_match (const char *tok,
* contain a "." character. If the token is a network number, return YES
* if it matches the head of the string.
*/
+#ifdef USE_NIS
if (tok[0] == '@') { /* netgroup */
return (netgroup_match (tok + 1, string, (char *) 0));
- } else if (string_match (tok, string)) { /* ALL or exact match */
+ } else
+#endif
+ if (string_match (tok, string)) { /* ALL or exact match */
return (YES);
} else if (tok[0] == '.') { /* domain: match last fields */
if ((str_len = strlen (string)) > (tok_len = strlen (tok))

57
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.15-uclibc-missing-l64a.patch vendored
View File

@ -1,57 +0,0 @@
uClibc svn has l64a() support in it, but not uClibc 0.9.28 release
--- shadow-4.0.15/libmisc/salt.c
+++ shadow-4.0.15/libmisc/salt.c
@@ -14,6 +14,52 @@
#include "prototypes.h"
#include "defines.h"
#include "getdef.h"
+
+#ifndef HAVE_A64L
+
+/*
+ * l64a - convert a long to a string of radix 64 characters
+ */
+
+static const char conv_table[64] =
+{
+ '.', '/', '0', '1', '2', '3', '4', '5',
+ '6', '7', '8', '9', 'A', 'B', 'C', 'D',
+ 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L',
+ 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',
+ 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b',
+ 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j',
+ 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r',
+ 's', 't', 'u', 'v', 'w', 'x', 'y', 'z'
+};
+
+char *
+l64a (n)
+ long int n;
+{
+ unsigned long int m = (unsigned long int) n;
+ static char result[7];
+ int cnt;
+
+ /* The standard says that only 32 bits are used. */
+ m &= 0xffffffff;
+
+ if (m == 0ul)
+ /* The value for N == 0 is defined to be the empty string. */
+ return (char *) "";
+
+ for (cnt = 0; m > 0ul; ++cnt)
+ {
+ result[cnt] = conv_table[m & 0x3f];
+ m >>= 6;
+ }
+ result[cnt] = '\0';
+
+ return result;
+}
+
+#endif /* !HAVE_A64L */
+
/*
* Generate 8 base64 ASCII characters of random salt. If MD5_CRYPT_ENAB
* in /etc/login.defs is "yes", the salt string will be prefixed by "$1$"

105
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.16-fix-useradd-usergroups.patch vendored
View File

@ -1,105 +0,0 @@
http://bugs.gentoo.org/128715
exact implementation details are still in discussion upstream, but this fixes
the behavior to not suck like current code
Index: src/useradd.c
===================================================================
RCS file: /cvsroot/shadow/src/useradd.c,v
retrieving revision 1.96
diff -u -p -r1.96 useradd.c
--- src/useradd.c 30 May 2006 18:28:45 -0000 1.96
+++ src/useradd.c 10 Jun 2006 22:13:32 -0000
@@ -114,7 +114,7 @@ static int do_grp_update = 0; /* group f
static char *Prog;
static int
- bflg = 0, /* new default root of home directory */
+ bflg = 0, /* new default root of home directory */
cflg = 0, /* comment (GECOS) field for new account */
dflg = 0, /* home directory for new account */
Dflg = 0, /* set/show new user default values */
@@ -253,6 +253,12 @@ static void get_defaults (void)
const struct group *grp;
/*
+ * Pull relevant settings from login.defs first.
+ */
+ if (getdef_bool ("USERGROUPS_ENAB"))
+ nflg = -1;
+
+ /*
* Open the defaults file for reading.
*/
@@ -628,6 +634,8 @@ static void usage (void)
" -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
" -m, --create-home create home directory for the new user\n"
" account\n"
+ " -n, --user-group create a new group with the same name as the\n"
+ " new user\n"
" -o, --non-unique allow create user with duplicate\n"
" (non-unique) UID\n"
" -p, --password PASSWORD use encrypted password for the new user\n"
@@ -1009,6 +1017,7 @@ static void process_flags (int argc, cha
{"skel", required_argument, NULL, 'k'},
{"key", required_argument, NULL, 'K'},
{"create-home", no_argument, NULL, 'm'},
+ {"user-group", no_argument, NULL, 'n'},
{"non-unique", no_argument, NULL, 'o'},
{"password", required_argument, NULL, 'p'},
{"shell", required_argument, NULL, 's'},
@@ -1016,7 +1025,7 @@ static void process_flags (int argc, cha
{NULL, 0, NULL, '\0'}
};
while ((c =
- getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMop:s:u:",
+ getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMnop:s:u:",
long_options, NULL)) != -1) {
switch (c) {
case 'b':
@@ -1156,6 +1165,9 @@ static void process_flags (int argc, cha
case 'm':
mflg++;
break;
+ case 'n':
+ nflg = 1;
+ break;
case 'o':
oflg++;
break;
@@ -1203,6 +1215,16 @@ static void process_flags (int argc, cha
usage ();
/*
+ * Using --gid and --user-group doesn't make sense.
+ */
+ if (nflg == -1 && gflg)
+ nflg = 0;
+ if (nflg && gflg) {
+ fprintf (stderr, _("%s: options -g and -n conflict\n"), Prog);
+ exit (E_BAD_ARG);
+ }
+
+ /*
* Either -D or username is required. Defaults can be set with -D
* for the -b, -e, -f, -g, -s options only.
*/
@@ -1725,7 +1747,7 @@ int main (int argc, char **argv)
* to that group, use useradd -g username username.
* --bero
*/
- if (!gflg) {
+ if (nflg) {
if (getgrnam (user_name)) {
fprintf (stderr,
_
@@ -1759,7 +1781,7 @@ int main (int argc, char **argv)
/* do we have to add a group for that user? This is why we need to
* open the group files in the open_files() function --gafton */
- if (!(nflg || gflg)) {
+ if (nflg) {
find_new_gid ();
grp_add ();
}

17
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.17-login.defs.patch vendored
View File

@ -1,17 +0,0 @@
--- etc/login.defs
+++ etc/login.defs
@@ -38 +38 @@
-MAIL_CHECK_ENAB yes
+MAIL_CHECK_ENAB no
@@ -205 +205 @@
-SU_WHEEL_ONLY no
+SU_WHEEL_ONLY yes
@@ -210 +210 @@
-CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict
+CRACKLIB_DICTPATH /usr/@LIBDIR@/cracklib_dict
@@ -227 +227 @@
-LOGIN_RETRIES 5
+LOGIN_RETRIES 3
@@ -279 +279 @@
-#MD5_CRYPT_ENAB no
+MD5_CRYPT_ENAB yes

42
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.18.1-useradd-usermod.patch vendored
View File

@ -1,42 +0,0 @@
--- shadow-4.0.18.1.orig/src/useradd.c 2006-07-28 19:42:48.000000000 +0200
+++ shadow-4.0.18.1/src/useradd.c 2006-08-04 09:24:34.000000000 +0200
@@ -203,13 +203,17 @@
long gid;
char *errptr;
+ struct group* grp = getgrnam (grname);
+ if (grp)
+ return grp;
+
gid = strtol (grname, &errptr, 10);
if (*errptr || errno == ERANGE || gid < 0) {
fprintf (stderr,
_("%s: invalid numeric argument '%s'\n"), Prog, grname);
exit (E_BAD_ARG);
}
- return getgrnam (grname);
+ return getgrgid (gid);
}
static long get_number (const char *numstr)
--- shadow-4.0.18.1.orig/src/usermod.c 2006-07-28 19:42:48.000000000 +0200
+++ shadow-4.0.18.1/src/usermod.c 2006-08-04 09:24:21.000000000 +0200
@@ -165,13 +165,17 @@
long val;
char *errptr;
+ struct group* grp = getgrnam (grname);
+ if (grp)
+ return grp;
+
val = strtol (grname, &errptr, 10);
if (*errptr || errno == ERANGE || val < 0) {
fprintf (stderr, _("%s: invalid numeric argument '%s'\n"), Prog,
grname);
exit (E_BAD_ARG);
}
- return getgrnam (grname);
+ return getgrgid (val);
}
/*

22
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.18.2-useradd.patch vendored
View File

@ -1,22 +0,0 @@
--- shadow-4.0.18.2/src/useradd.c
+++ shadow-4.0.18.2/src/useradd.c
@@ -203,14 +203,18 @@
long gid;
char *errptr;
+ struct group* grp = getgrnam (grname);
+ if (grp)
+ return grp;
+
gid = strtol (grname, &errptr, 10);
if (*errptr || errno == ERANGE || gid < 0) {
fprintf (stderr,
_("%s: invalid numeric argument '%s'\n"), Prog,
grname);
exit (E_BAD_ARG);
}
- return getgrnam (grname);
+ return getgrgid (gid);
}
static long get_number (const char *numstr)

91
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.0-fix-useradd-usergroups.patch vendored
View File

@ -1,91 +0,0 @@
http://bugs.gentoo.org/128715
exact implementation details are still in discussion upstream, but this fixes
the behavior to not suck like current code
--- src/useradd.c
+++ src/useradd.c
@@ -254,6 +254,12 @@
char *cp, *ep;
/*
+ * Pull relevant settings from login.defs first.
+ */
+ if (getdef_bool ("USERGROUPS_ENAB"))
+ nflg = -1;
+
+ /*
* Open the defaults file for reading.
*/
@@ -632,6 +638,8 @@
" -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
" -m, --create-home create home directory for the new user\n"
" account\n"
+ " -n, --user-group create a new group with the same name as the\n"
+ " new user\n"
" -o, --non-unique allow create user with duplicate\n"
" (non-unique) UID\n"
" -p, --password PASSWORD use encrypted password for the new user\n"
@@ -1001,6 +1009,7 @@
{"skel", required_argument, NULL, 'k'},
{"key", required_argument, NULL, 'K'},
{"create-home", no_argument, NULL, 'm'},
+ {"user-group", no_argument, NULL, 'n'},
{"non-unique", no_argument, NULL, 'o'},
{"password", required_argument, NULL, 'p'},
{"shell", required_argument, NULL, 's'},
@@ -1008,7 +1017,7 @@
{NULL, 0, NULL, '\0'}
};
while ((c =
- getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMop:s:u:",
+ getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMnop:s:u:",
long_options, NULL)) != -1) {
switch (c) {
case 'b':
@@ -1145,6 +1154,9 @@
case 'm':
mflg++;
break;
+ case 'n':
+ nflg = 1;
+ break;
case 'o':
oflg++;
break;
@@ -1192,6 +1204,16 @@
usage ();
/*
+ * Using --gid and --user-group doesn't make sense.
+ */
+ if (nflg == -1 && gflg)
+ nflg = 0;
+ if (nflg && gflg) {
+ fprintf (stderr, _("%s: options -g and -n conflict\n"), Prog);
+ exit (E_BAD_ARG);
+ }
+
+ /*
* Either -D or username is required. Defaults can be set with -D
* for the -b, -e, -f, -g, -s options only.
*/
@@ -1728,7 +1750,7 @@
* to that group, use useradd -g username username.
* --bero
*/
- if (!gflg) {
+ if (nflg) {
if (getgrnam (user_name)) { /* local, no need for xgetgrnam */
fprintf (stderr,
_
@@ -1762,7 +1784,7 @@
/* do we have to add a group for that user? This is why we need to
* open the group files in the open_files() function --gafton */
- if (!(nflg || gflg)) {
+ if (nflg) {
find_new_gid ();
grp_add ();
}

22
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.1-audit.patch vendored
View File

@ -1,22 +0,0 @@
--- a/trunk/src/newgrp.c 2008/04/16 22:03:43 1975
+++ b/trunk/src/newgrp.c 2008/04/16 22:04:46 1976
@@ -53,6 +53,10 @@
static char *Prog;
static int is_newgrp;
+#ifdef WITH_AUDIT
+char audit_buf[80];
+#endif
+
/* local function prototypes */
static void usage (void);
static void check_perms (const struct group *grp,
@@ -349,8 +353,6 @@
#endif
#ifdef WITH_AUDIT
- char audit_buf[80];
-
audit_help_open ();
#endif
setlocale (LC_ALL, "");

121
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.1+openpam.patch vendored
View File

@ -1,121 +0,0 @@
Index: shadow-4.1.2.1/configure.in
===================================================================
--- shadow-4.1.2.1.orig/configure.in
+++ shadow-4.1.2.1/configure.in
@@ -339,13 +339,29 @@ if test "$with_libpam" != "no"; then
AC_MSG_ERROR(libpam not found)
fi
- AC_CHECK_LIB(pam_misc, main,
- [pam_misc_lib="yes"], [pam_misc_lib="no"])
- if test "$pam_misc_lib$with_libpam" = "noyes" ; then
- AC_MSG_ERROR(libpam_misc not found)
+ LIBPAM="-lpam"
+ pam_conv_function="no"
+
+ AC_CHECK_LIB(pam, openpam_ttyconv,
+ [pam_conv_function="openpam_ttyconv"],
+ AC_CHECK_LIB(pam_misc, misc_conv,
+ [pam_conv_function="misc_conv"; LIBPAM="$LIBPAM -lpam_misc"])
+ )
+
+ if test "$pam_conv_function$with_libpam" = "noyes" ; then
+ AC_MSG_ERROR(PAM conversation function not found)
fi
- if test "$pam_lib$pam_misc_lib" = "yesyes" ; then
+ pam_headers_found=no
+ AC_CHECK_HEADERS( [security/openpam.h security/pam_misc.h],
+ [ pam_headers_found=yes ; break ], [],
+ [ #include <security/pam_appl.h> ] )
+ if test "$pam_headers_found$with_libpam" = "noyes" ; then
+ AC_MSG_ERROR(PAM headers not found)
+ fi
+
+
+ if test "$pam_lib$pam_headers_found" = "yesyes" -a "$pam_conv_function" != "no" ; then
with_libpam="yes"
else
with_libpam="no"
@@ -353,9 +369,22 @@ if test "$with_libpam" != "no"; then
fi
dnl Now with_libpam is either yes or no
if test "$with_libpam" = "yes"; then
+ AC_CHECK_DECLS([PAM_ESTABLISH_CRED,
+ PAM_DELETE_CRED,
+ PAM_NEW_AUTHTOK_REQD,
+ PAM_DATA_SILENT],
+ [], [], [#include <security/pam_appl.h>])
+
+
+ save_libs=$LIBS
+ LIBS="$LIBS $LIBPAM"
+ AC_CHECK_FUNCS([pam_fail_delay])
+ LIBS=$save_libs
+
AC_DEFINE(USE_PAM, 1, [Define to support Pluggable Authentication Modules])
+ AC_DEFINE_UNQUOTED(SHADOW_PAM_CONVERSATION, [$pam_conv_function],[PAM converstation to use])
AM_CONDITIONAL(USE_PAM, [true])
- LIBPAM="-lpam -lpam_misc"
+
AC_MSG_CHECKING(use login and su access checking if PAM not used)
AC_MSG_RESULT(no)
else
Index: shadow-4.1.2.1/lib/pam_defs.h
===================================================================
--- shadow-4.1.2.1.orig/lib/pam_defs.h
+++ shadow-4.1.2.1/lib/pam_defs.h
@@ -28,24 +28,31 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#include <config.h>
#include <security/pam_appl.h>
-#include <security/pam_misc.h>
+#ifdef HAVE_SECURITY_PAM_MISC_H
+# include <security/pam_misc.h>
+#endif
+#ifdef HAVE_SECURITY_OPENPAM_H
+# include <security/openpam.h>
+#endif
+
static struct pam_conv conv = {
- misc_conv,
+ SHADOW_PAM_CONVERSATION,
NULL
};
/* compatibility with different versions of Linux-PAM */
-#ifndef PAM_ESTABLISH_CRED
+#if !HAVE_DECL_PAM_ESTABLISH_CRED
#define PAM_ESTABLISH_CRED PAM_CRED_ESTABLISH
#endif
-#ifndef PAM_DELETE_CRED
+#if !HAVE_DECL_PAM_DELETE_CRED
#define PAM_DELETE_CRED PAM_CRED_DELETE
#endif
-#ifndef PAM_NEW_AUTHTOK_REQD
+#if !HAVE_DECL_PAM_NEW_AUTHTOK_REQD
#define PAM_NEW_AUTHTOK_REQD PAM_AUTHTOKEN_REQD
#endif
-#ifndef PAM_DATA_SILENT
+#if !HAVE_DECL_PAM_DATA_SILENT
#define PAM_DATA_SILENT 0
#endif
Index: shadow-4.1.2.1/src/login.c
===================================================================
--- shadow-4.1.2.1.orig/src/login.c
+++ shadow-4.1.2.1/src/login.c
@@ -644,9 +644,10 @@ int main (int argc, char **argv)
failed = 0;
failcount++;
+#ifdef HAVE_PAM_FAIL_DELAY
if (delay > 0)
retcode = pam_fail_delay(pamh, 1000000*delay);
-
+#endif
retcode = pam_authenticate (pamh, 0);
pam_get_item (pamh, PAM_USER,

87
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-id-types.patch vendored
View File

@ -1,87 +0,0 @@
From 670cce502aadf86b5b5d78059e5474e6171919f3 Mon Sep 17 00:00:00 2001
From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Sat, 30 Aug 2008 18:30:58 +0000
Subject: [PATCH] * lib/groupio.h, lib/prototypes.h, lib/pwio.h, lib/sgetgrent.c:
Include <sys/types.h> before <pwd.h> and <grp.h>. It is necessary
for the definition of uid_t and gid_t.
* lib/pwmem.c: do not include <pwd.h>, "pwio.h" is sufficient
here.
git-svn-id: svn://svn.debian.org/pkg-shadow/upstream/trunk@2297 5a98b0ae-9ef6-0310-add3-de5d479b70d7
---
lib/groupio.h | 1 +
lib/prototypes.h | 1 +
lib/pwio.h | 2 ++
lib/pwmem.c | 3 +--
lib/sgetgrent.c | 1 +
6 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/lib/groupio.h b/lib/groupio.h
index 9f2984c..d229845 100644
--- a/lib/groupio.h
+++ b/lib/groupio.h
@@ -35,6 +35,7 @@
#ifndef _GROUPIO_H
#define _GROUPIO_H
+#include <sys/types.h>
#include <grp.h>
extern int gr_close (void);
diff --git a/lib/prototypes.h b/lib/prototypes.h
index f1ffc50..feeedc4 100644
--- a/lib/prototypes.h
+++ b/lib/prototypes.h
@@ -48,6 +48,7 @@
#else
#include <utmp.h>
#endif
+#include <sys/types.h>
#include <pwd.h>
#include <grp.h>
#include <shadow.h>
diff --git a/lib/pwio.h b/lib/pwio.h
index 28f8bbd..52c7bf3 100644
--- a/lib/pwio.h
+++ b/lib/pwio.h
@@ -35,7 +35,9 @@
#ifndef _PWIO_H
#define _PWIO_H
+#include <sys/types.h>
#include <pwd.h>
+
extern int pw_close (void);
extern const struct passwd *pw_locate (const char *name);
extern const struct passwd *pw_locate_uid (uid_t uid);
diff --git a/lib/pwmem.c b/lib/pwmem.c
index 95a6137..84dee3d 100644
--- a/lib/pwmem.c
+++ b/lib/pwmem.c
@@ -35,10 +35,9 @@
#ident "$Id: shadow-4.1.2.2-id-types.patch,v 1.1 2009/03/15 04:56:23 vapier Exp $"
+#include <stdio.h>
#include "prototypes.h"
#include "defines.h"
-#include <pwd.h>
-#include <stdio.h>
#include "pwio.h"
struct passwd *__pw_dup (const struct passwd *pwent)
diff --git a/lib/sgetgrent.c b/lib/sgetgrent.c
index 6f090aa..186ee40 100644
--- a/lib/sgetgrent.c
+++ b/lib/sgetgrent.c
@@ -35,6 +35,7 @@
#ident "$Id: shadow-4.1.2.2-id-types.patch,v 1.1 2009/03/15 04:56:23 vapier Exp $"
#include <stdio.h>
+#include <sys/types.h>
#include <grp.h>
#include "defines.h"
#include "prototypes.h"
--
1.6.2

13
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-l64a.patch vendored
View File

@ -1,13 +0,0 @@
http://bugs.gentoo.org/260001
--- a/libmisc/salt.c
+++ b/libmisc/salt.c
@@ -20,9 +20,6 @@
#include "getdef.h"
/* local function prototypes */
-#ifndef HAVE_L64A
-char *l64a(long value);
-#endif /* !HAVE_L64A */
static void seedRNG (void);
static char *gensalt (size_t salt_size);
#ifdef USE_SHA_CRYPT

93
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-optional-nscd.patch vendored
View File

@ -1,93 +0,0 @@
From 803bce24e3c902efcfba82dad08f25edf1dd3d6f Mon Sep 17 00:00:00 2001
From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Sat, 30 Aug 2008 18:30:36 +0000
Subject: [PATCH] * configure.in, lib/nscd.h, lib/nscd.c: Added --with-nscd flag to
support systems without nscd.
git-svn-id: svn://svn.debian.org/pkg-shadow/upstream/trunk@2296 5a98b0ae-9ef6-0310-add3-de5d479b70d7
---
configure.in | 13 +++++++++++--
lib/nscd.c | 4 ++++
lib/nscd.h | 4 ++++
4 files changed, 21 insertions(+), 2 deletions(-)
diff --git a/configure.in b/configure.in
index 044617c..8384a15 100644
--- a/configure.in
+++ b/configure.in
@@ -38,9 +38,9 @@ AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
dnl shadow now uses the libc's shadow implementation
AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])])
-AC_CHECK_FUNCS(l64a fchmod fchown fsync getgroups gethostname getspnam \
+AC_CHECK_FUNCS(l64a fchmod fchown fsync futimes getgroups gethostname getspnam \
gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \
- memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \
+ lutimes memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \
getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r)
AC_SYS_LARGEFILE
@@ -235,12 +235,20 @@ AC_ARG_WITH(libcrack,
AC_ARG_WITH(sha-crypt,
[AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
[with_sha_crypt=$withval], [with_sha_crypt=yes])
+AC_ARG_WITH(nscd,
+ [AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])],
+ [with_nscd=$withval], [with_nscd=yes])
AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes")
if test "$with_sha_crypt" = "yes"; then
AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
fi
+AM_CONDITIONAL(USE_NSCD, test "x$with_nscd" = "xyes")
+if test "$with_nscd" = "yes"; then
+ AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches])
+fi
+
dnl Check for some functions in libc first, only if not found check for
dnl other libraries. This should prevent linking libnsl if not really
dnl needed (Linux glibc, Irix), but still link it if needed (Solaris).
@@ -457,4 +465,5 @@ echo " SELinux support: $with_selinux"
echo " shadow group support: $enable_shadowgrp"
echo " S/Key support: $with_skey"
echo " SHA passwords encryption: $with_sha_crypt"
+echo " nscd support: $with_nscd"
echo
diff --git a/lib/nscd.c b/lib/nscd.c
index 59b7172..5f54b72 100644
--- a/lib/nscd.c
+++ b/lib/nscd.c
@@ -1,5 +1,8 @@
/* Author: Peter Vrabec <pvrabec@redhat.com> */
+#include <config.h>
+#ifdef USE_NSCD
+
/* because of TEMP_FAILURE_RETRY */
#define _GNU_SOURCE
@@ -54,4 +57,5 @@ int nscd_flush_cache (const char *service)
return 0;
}
+#endif
diff --git a/lib/nscd.h b/lib/nscd.h
index 8bb10a8..a430b00 100644
--- a/lib/nscd.h
+++ b/lib/nscd.h
@@ -4,6 +4,10 @@
/*
* nscd_flush_cache - flush specified service buffer in nscd cache
*/
+#ifdef USE_NSCD
extern int nscd_flush_cache (const char *service);
+#else
+#define nscd_flush_cache(service) (0)
+#endif
#endif
--
1.6.2

52
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-optional-utimes.patch vendored
View File

@ -1,52 +0,0 @@
From 1ed3c6672957f2033f217f90a76f85973f1c85c6 Mon Sep 17 00:00:00 2001
From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Sat, 30 Aug 2008 18:29:55 +0000
Subject: [PATCH] * NEWS: Added support for uclibc.
* configure.in, libmisc/copydir.c: futimes() and lutimes() are not
standard. Check if they are implemented before using them. Do not
set the time of links if lutimes() does not exist, and use
utimes() as a replacement for futimes().
git-svn-id: svn://svn.debian.org/pkg-shadow/upstream/trunk@2294 5a98b0ae-9ef6-0310-add3-de5d479b70d7
---
libmisc/copydir.c | 8 ++++++++
3 files changed, 17 insertions(+), 0 deletions(-)
diff --git a/libmisc/copydir.c b/libmisc/copydir.c
index abcea4c..b887303 100644
--- a/libmisc/copydir.c
+++ b/libmisc/copydir.c
@@ -431,12 +431,14 @@ static int copy_symlink (const char *src, const char *dst,
return -1;
}
+#ifdef HAVE_LUTIMES
/* 2007-10-18: We don't care about
* exit status of lutimes because
* it returns ENOSYS on many system
* - not implemented
*/
lutimes (dst, mt);
+#endif
return err;
}
@@ -548,9 +550,15 @@ static int copy_file (const char *src, const char *dst,
(void) close (ifd);
+#ifdef HAVE_FUTIMES
if (futimes (ofd, mt) != 0) {
return -1;
}
+#else
+ if (utimes(dst, mt) != 0) {
+ return -1;
+ }
+#endif
if (close (ofd) != 0) {
return -1;
--
1.6.2

10
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.3-dots-in-usernames.patch vendored
View File

@ -1,10 +0,0 @@
--- shadow-4.1.3/libmisc/chkname.c
+++ shadow-4.1.3/libmisc/chkname.c
@@ -66,6 +66,7 @@
( ('0' <= *name) && ('9' >= *name) ) ||
('_' == *name) ||
('-' == *name) ||
+ ('.' == *name) ||
( ('$' == *name) && ('\0' == *(name + 1)) )
)) {
return false;

14
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch vendored
View File

@ -1,14 +0,0 @@
http://bugs.gentoo.org/283725
https://alioth.debian.org/tracker/index.php?func=detail&aid=311740&group_id=30580&atid=411480
--- shadow-4.1.4.2/libmisc/env.c
+++ shadow-4.1.4.2/libmisc/env.c
@@ -251,7 +251,7 @@
if (strncmp (*cur, *bad, strlen (*bad)) != 0) {
continue;
}
- if (strchr (*cur, '/') != NULL) {
+ if (strchr (*cur, '/') == NULL) {
continue; /* OK */
}
for (move = cur; NULL != *move; move++) {

21
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-groupmod-pam-check.patch vendored
View File

@ -1,21 +0,0 @@
http://bugs.gentoo.org/300790
http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2009-November/007850.html
2009-11-05 Nicolas François <nicolas.francois@centraliens.net>
* NEWS, src/groupmod.c: Fixed groupmod when configured with
--enable-account-tools-setuid.
diff --git a/src/groupmod.c b/src/groupmod.c
index 4205df2..da6d77f 100644
--- a/src/groupmod.c
+++ b/src/groupmod.c
@@ -724,7 +724,7 @@ int main (int argc, char **argv)
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
- if (NULL == pamh) {
+ if (NULL == pampw) {
fprintf (stderr,
_("%s: Cannot determine your user name.\n"),
Prog);

14
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch vendored
View File

@ -1,14 +0,0 @@
http://bugs.gentoo.org/show_bug.cgi?id=301957
https://alioth.debian.org/scm/browser.php?group_id=30580
--- a/src/su.c
+++ b/src/su.c
@@ -342,7 +342,7 @@
#endif
#endif /* !USE_PAM */
- sanitize_env ();
+ /* sanitize_env (); */
(void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR);

11
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml vendored
View File

@ -1,11 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<herd>base-system</herd>
<use>
<flag name='audit'>Enable support for <pkg>sys-process/audit</pkg></flag>
<flag name='nousuid'>When nousuid is enabled only su from the shadow package
will be installed with the setuid bit (mainly for single user
systems)</flag>
</use>
</pkgmetadata>

1
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.1.2.2-r3.ebuild vendored
View File

@ -1 +0,0 @@
shadow-4.1.2.2.ebuild

167
sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.1.2.2.ebuild vendored
View File

@ -1,167 +0,0 @@
# Copyright 1999-2009 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.2.2.ebuild,v 1.16 2009/08/23 10:45:45 vapier Exp $
inherit eutils libtool toolchain-funcs autotools pam multilib
DESCRIPTION="Utilities to deal with user accounts"
HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/"
SRC_URI="ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz2"
LICENSE="BSD GPL-2"
SLOT="0"
KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86"
IUSE="audit cracklib nls pam selinux skey"
RDEPEND="audit? ( sys-process/audit )
cracklib? ( >=sys-libs/cracklib-2.7-r3 )
pam? ( virtual/pam )
!sys-apps/pam-login
!app-admin/nologin
skey? ( sys-auth/skey )
selinux? ( >=sys-libs/libselinux-1.28 )
nls? ( virtual/libintl )"
DEPEND="${RDEPEND}
nls? ( sys-devel/gettext )"
RDEPEND="${RDEPEND}
pam? ( >=sys-auth/pambase-20080219.1 )"
src_unpack() {
unpack ${A}
cd "${S}"
epatch "${FILESDIR}"/${PV}/*.patch
# tweak the default login.defs
epatch "${FILESDIR}"/${PN}-4.0.17-login.defs.patch
sed -i "s:@LIBDIR@:$(get_libdir):" etc/login.defs || die
# Make user/group names more flexible #3485 / #22920
epatch "${FILESDIR}"/${PN}-4.0.13-dots-in-usernames.patch
epatch "${FILESDIR}"/${PN}-4.0.13-long-groupnames.patch
epatch "${FILESDIR}"/${PN}-4.1.2.1+openpam.patch #232586
epatch "${FILESDIR}"/${P}-l64a.patch #260001
epatch "${FILESDIR}"/${P}-id-types.patch
epatch "${FILESDIR}"/${P}-optional-nscd.patch
epatch "${FILESDIR}"/${P}-optional-utimes.patch
eautoconf
eautoheader
elibtoolize
epunt_cxx
}
src_compile() {
tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes
econf \
--enable-shared=no \
--enable-static=yes \
$(use_with audit) \
$(use_with cracklib libcrack) \
$(use_with pam libpam) \
$(use_with skey) \
$(use_with selinux) \
$(use_enable nls) \
$(use_with elibc_glibc nscd) \
|| die "bad configure"
emake || die "compile problem"
}
src_install() {
emake DESTDIR="${D}" suidperms=4711 install || die "install problem"
dosym useradd /usr/sbin/adduser
# Remove libshadow and libmisc; see bug 37725 and the following
# comment from shadow's README.linux:
# Currently, libshadow.a is for internal use only, so if you see
# -lshadow in a Makefile of some other package, it is safe to
# remove it.
rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}
insinto /etc
# Using a securetty with devfs device names added
# (compat names kept for non-devfs compatibility)
insopts -m0600 ; doins "${FILESDIR}"/securetty
if ! use pam ; then
insopts -m0600
doins etc/login.access etc/limits
fi
# Output arch-specific cruft
case $(tc-arch) in
ppc*) echo "hvc0" >> "${D}"/etc/securetty
echo "hvsi0" >> "${D}"/etc/securetty
echo "ttyPSC0" >> "${D}"/etc/securetty;;
hppa) echo "ttyB0" >> "${D}"/etc/securetty;;
arm) echo "ttyFB0" >> "${D}"/etc/securetty;;
sh) echo "ttySC0" >> "${D}"/etc/securetty
echo "ttySC1" >> "${D}"/etc/securetty;;
esac
# needed for 'adduser -D'
insinto /etc/default
insopts -m0600
doins "${FILESDIR}"/default/useradd
# move passwd to / to help recover broke systems #64441
mv "${D}"/usr/bin/passwd "${D}"/bin/
dosym /bin/passwd /usr/bin/passwd
cd "${S}"
insinto /etc
insopts -m0644
newins etc/login.defs login.defs
if use pam ; then
dopamd "${FILESDIR}/pam.d-include/"{su,passwd,shadow}
newpamd "${FILESDIR}/login.pamd.2" login
for x in chage chsh chfn chpasswd newusers \
user{add,del,mod} group{add,del,mod} ; do
newpamd "${FILESDIR}"/pam.d-include/shadow ${x}
done
# comment out login.defs options that pam hates
sed -i -f "${FILESDIR}"/login_defs_pam.sed \
"${D}"/etc/login.defs
# remove manpages that pam will install for us
# and/or don't apply when using pam
find "${D}"/usr/share/man \
'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
-exec rm {} \;
fi
# Remove manpages that are handled by other packages
find "${D}"/usr/share/man \
'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
-exec rm {} \;
cd "${S}"
dodoc ChangeLog NEWS TODO
newdoc README README.download
cd doc
dodoc HOWTO README* WISHLIST *.txt
}
pkg_preinst() {
rm -f "${ROOT}"/etc/pam.d/system-auth.new \
"${ROOT}/etc/login.defs.new"
use pam && pam_epam_expand "${D}"/etc/pam.d/login
}
pkg_postinst() {
# Enable shadow groups (we need ROOT=/ here, as grpconv only
# operate on / ...).
if [[ ${ROOT} == / && ! -f /etc/gshadow ]] ; then
if grpck -r &>/dev/null; then
grpconv
else
ewarn "Running 'grpck' returned errors. Please run it by hand, and then"
ewarn "run 'grpconv' afterwards!"
fi
fi
}