From d60806c4657cac5fbd3737acf8a94a2b96a74e52 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Wed, 10 Jul 2013 23:12:54 -0700 Subject: [PATCH] feat(sys-apps/shadow) delete ebuilds We are using the newer one in portage-overlay, these are here for no reason, so delete them. --- .../coreos-overlay/sys-apps/shadow/Manifest | 1 - .../files/4.1.2.2/shadow-svn-2298.patch | 52 ----- .../files/4.1.2.2/shadow-svn-2364.patch | 61 ----- .../sys-apps/shadow/files/default/useradd | 7 - .../sys-apps/shadow/files/login.defs | 212 ------------------ .../sys-apps/shadow/files/login.pamd | 30 --- .../sys-apps/shadow/files/login.pamd.1 | 31 --- .../sys-apps/shadow/files/login.pamd.2 | 28 --- .../sys-apps/shadow/files/login.pamd.3 | 6 - .../sys-apps/shadow/files/login_defs.awk | 32 --- .../sys-apps/shadow/files/login_defs_pam.sed | 24 -- .../sys-apps/shadow/files/pam.d-include/login | 12 - .../sys-apps/shadow/files/pam.d-include/other | 9 - .../shadow/files/pam.d-include/passwd | 5 - .../shadow/files/pam.d-include/shadow | 8 - .../sys-apps/shadow/files/pam.d-include/su | 32 --- .../shadow/files/pam.d-include/su-openpam | 14 -- .../shadow/files/pam.d-include/system-auth | 14 -- .../files/pam.d-include/system-auth-1.1 | 14 -- .../sys-apps/shadow/files/securetty | 35 --- .../shadow/files/shadow-4.0.11.1-perms.patch | 46 ---- .../shadow/files/shadow-4.0.12-gcc2.patch | 30 --- .../shadow-4.0.13-dots-in-usernames.patch | 28 --- .../files/shadow-4.0.13-long-groupnames.patch | 18 -- .../shadow/files/shadow-4.0.13-nonis.patch | 53 ----- .../shadow-4.0.15-uclibc-missing-l64a.patch | 57 ----- ...shadow-4.0.16-fix-useradd-usergroups.patch | 105 --------- .../files/shadow-4.0.17-login.defs.patch | 17 -- .../shadow-4.0.18.1-useradd-usermod.patch | 42 ---- .../files/shadow-4.0.18.2-useradd.patch | 22 -- .../shadow-4.1.0-fix-useradd-usergroups.patch | 91 -------- .../shadow/files/shadow-4.1.1-audit.patch | 22 -- .../shadow/files/shadow-4.1.2.1+openpam.patch | 121 ---------- .../files/shadow-4.1.2.2-id-types.patch | 87 ------- .../shadow/files/shadow-4.1.2.2-l64a.patch | 13 -- .../files/shadow-4.1.2.2-optional-nscd.patch | 93 -------- .../shadow-4.1.2.2-optional-utimes.patch | 52 ----- .../shadow-4.1.3-dots-in-usernames.patch | 10 - ...shadow-4.1.4.2-env-reset-keep-locale.patch | 14 -- .../shadow-4.1.4.2-groupmod-pam-check.patch | 21 -- .../shadow-4.1.4.2-su_no_sanitize_env.patch | 14 -- .../sys-apps/shadow/metadata.xml | 11 - .../sys-apps/shadow/shadow-4.1.2.2-r3.ebuild | 1 - .../sys-apps/shadow/shadow-4.1.2.2.ebuild | 167 -------------- 44 files changed, 1762 deletions(-) delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/4.1.2.2/shadow-svn-2298.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/4.1.2.2/shadow-svn-2364.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/default/useradd delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.defs delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.1 delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.2 delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.3 delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs.awk delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/login delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/other delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/passwd delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/shadow delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/su delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/su-openpam delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/system-auth delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/system-auth-1.1 delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/securetty delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.11.1-perms.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.12-gcc2.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-dots-in-usernames.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-long-groupnames.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-nonis.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.15-uclibc-missing-l64a.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.16-fix-useradd-usergroups.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.17-login.defs.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.18.1-useradd-usermod.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.18.2-useradd.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.0-fix-useradd-usergroups.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.1-audit.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.1+openpam.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-id-types.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-l64a.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-optional-nscd.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-optional-utimes.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.3-dots-in-usernames.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-groupmod-pam-check.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml delete mode 120000 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.1.2.2-r3.ebuild delete mode 100644 sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.1.2.2.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest deleted file mode 100644 index da193aa420..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/Manifest +++ /dev/null @@ -1 +0,0 @@ -DIST shadow-4.1.2.2.tar.bz2 1697615 RMD160 19b8d3bc37d26d708ecad6a86e6a1f2dcc3c51d3 SHA1 6cbd29104c219ff6776eececb8068f7326d57a45 SHA256 378fbfb0e8bb8c87be239fccd692818871f763206bb7d881744f4fa72dc6b491 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/4.1.2.2/shadow-svn-2298.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/4.1.2.2/shadow-svn-2298.patch deleted file mode 100644 index 5489001cc1..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/4.1.2.2/shadow-svn-2298.patch +++ /dev/null @@ -1,52 +0,0 @@ -http://bugs.gentoo.org/256784 - -From 6f74a20a3002280f23033dea64d7186896d0dfc0 Mon Sep 17 00:00:00 2001 -From: nekral-guest -Date: Sat, 30 Aug 2008 18:31:21 +0000 -Subject: [PATCH] * configure.in: Check if the stat structure has a st_atim or - st_atimensec field. - * libmisc/copydir.c: Conditionally use the stat's st_atim and - st_atimensec fields. - -git-svn-id: svn://svn.debian.org/pkg-shadow/upstream/trunk@2298 5a98b0ae-9ef6-0310-add3-de5d479b70d7 ---- - ChangeLog | 4 ++++ - libmisc/copydir.c | 9 +++++++-- - 2 files changed, 11 insertions(+), 2 deletions(-) - -+ * configure.in: Check if the stat structure has a st_atim or -+ st_atimensec field. -+ * libmisc/copydir.c: Conditionally use the stat's st_atim and -+ st_atimensec fields. - -diff --git a/libmisc/copydir.c b/libmisc/copydir.c -index b887303..cdd2037 100644 ---- a/libmisc/copydir.c -+++ b/libmisc/copydir.c -@@ -288,16 +288,21 @@ static int copy_entry (const char *src, const char *dst, - if (LSTAT (src, &sb) == -1) { - /* If we cannot stat the file, do not care. */ - } else { --#if defined(_BSD_SOURCE) || defined(_SVID_SOURCE) -+#ifdef HAVE_STRUCT_STAT_ST_ATIM - mt[0].tv_sec = sb.st_atim.tv_sec; - mt[0].tv_usec = sb.st_atim.tv_nsec / 1000; - mt[1].tv_sec = sb.st_mtim.tv_sec; - mt[1].tv_usec = sb.st_mtim.tv_nsec / 1000; - #else - mt[0].tv_sec = sb.st_atime; -- mt[0].tv_usec = sb.st_atimensec / 1000; - mt[1].tv_sec = sb.st_mtime; -+#ifdef HAVE_STRUCT_STAT_ST_ATIMENSEC -+ mt[0].tv_usec = sb.st_atimensec / 1000; - mt[1].tv_usec = sb.st_mtimensec / 1000; -+#else -+ mt[0].tv_usec = 0; -+ mt[1].tv_usec = 0; -+#endif - #endif - - if (S_ISDIR (sb.st_mode)) { --- -1.6.1.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/4.1.2.2/shadow-svn-2364.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/4.1.2.2/shadow-svn-2364.patch deleted file mode 100644 index 59333feb0b..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/4.1.2.2/shadow-svn-2364.patch +++ /dev/null @@ -1,61 +0,0 @@ -http://bugs.gentoo.org/256784 - -From 060292366348d55eb90b5c3f4f15768ffc7639d2 Mon Sep 17 00:00:00 2001 -From: nekral-guest -Date: Sun, 7 Sep 2008 00:05:38 +0000 -Subject: [PATCH] * libmisc/copydir.c, configure.in: Check for the presence of - st_mtim and st_mtimensec, as for st_atim and st_atimensec. - -git-svn-id: svn://svn.debian.org/pkg-shadow/upstream/trunk@2364 5a98b0ae-9ef6-0310-add3-de5d479b70d7 ---- - ChangeLog | 5 +++++ - configure.in | 2 ++ - libmisc/copydir.c | 17 ++++++++++++----- - 3 files changed, 19 insertions(+), 5 deletions(-) - -+2008-09-07 Nicolas François -+ -+ * libmisc/copydir.c, configure.in: Check for the presence of -+ st_mtim and st_mtimensec, as for st_atim and st_atimensec. - -/* configure.in changes are in the 4.1.2.2 configure.in ... */ - -diff --git a/libmisc/copydir.c b/libmisc/copydir.c -index cdd2037..a9aec98 100644 ---- a/libmisc/copydir.c -+++ b/libmisc/copydir.c -@@ -288,19 +288,26 @@ static int copy_entry (const char *src, const char *dst, - if (LSTAT (src, &sb) == -1) { - /* If we cannot stat the file, do not care. */ - } else { --#ifdef HAVE_STRUCT_STAT_ST_ATIM -+#ifdef HAVE_STRUCT_STAT_ST_ATIM - mt[0].tv_sec = sb.st_atim.tv_sec; - mt[0].tv_usec = sb.st_atim.tv_nsec / 1000; -- mt[1].tv_sec = sb.st_mtim.tv_sec; -- mt[1].tv_usec = sb.st_mtim.tv_nsec / 1000; - #else - mt[0].tv_sec = sb.st_atime; -- mt[1].tv_sec = sb.st_mtime; - #ifdef HAVE_STRUCT_STAT_ST_ATIMENSEC - mt[0].tv_usec = sb.st_atimensec / 1000; -- mt[1].tv_usec = sb.st_mtimensec / 1000; - #else - mt[0].tv_usec = 0; -+#endif -+#endif -+ -+#ifdef HAVE_STRUCT_STAT_ST_MTIM -+ mt[1].tv_sec = sb.st_mtim.tv_sec; -+ mt[1].tv_usec = sb.st_mtim.tv_nsec / 1000; -+#else -+ mt[1].tv_sec = sb.st_mtime; -+#ifdef HAVE_STRUCT_STAT_ST_MTIMENSEC -+ mt[1].tv_usec = sb.st_mtimensec / 1000; -+#else - mt[1].tv_usec = 0; - #endif - #endif --- -1.6.1.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/default/useradd b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/default/useradd deleted file mode 100644 index ae81dbb3a0..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/default/useradd +++ /dev/null @@ -1,7 +0,0 @@ -# useradd defaults file -GROUP=100 -HOME=/home -INACTIVE=-1 -EXPIRE= -SHELL=/bin/bash -SKEL=/etc/skel diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.defs b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.defs deleted file mode 100644 index 4aa7044bec..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.defs +++ /dev/null @@ -1,212 +0,0 @@ -# -# /etc/login.defs - Configuration control definitions for the login package. -# -# $Id: login.defs,v 1.6 2006/03/12 23:47:08 flameeyes Exp $ -# -# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. -# If unspecified, some arbitrary (and possibly incorrect) value will -# be assumed. All other items are optional - if not specified then -# the described action or option will be inhibited. -# -# Comment lines (lines beginning with "#") and blank lines are ignored. -# -# Modified for Linux. --marekm - -# -# Delay in seconds before being allowed another attempt after a login failure -# -FAIL_DELAY 3 - -# -# Enable display of unknown usernames when login failures are recorded. -# -LOG_UNKFAIL_ENAB no - -# -# Enable logging of successful logins -# -LOG_OK_LOGINS no - -# -# Enable "syslog" logging of su activity - in addition to sulog file logging. -# SYSLOG_SG_ENAB does the same for newgrp and sg. -# -SYSLOG_SU_ENAB yes -SYSLOG_SG_ENAB yes - -# -# If defined, either full pathname of a file containing device names or -# a ":" delimited list of device names. Root logins will be allowed only -# upon these devices. -# -CONSOLE /etc/securetty -#CONSOLE console:tty01:tty02:tty03:tty04 - -# -# If defined, all su activity is logged to this file. -# -#SULOG_FILE /var/log/sulog - -# -# If defined, file which maps tty line to TERM environment parameter. -# Each line of the file is in a format something like "vt100 tty01". -# -#TTYTYPE_FILE /etc/ttytype - -# -# If defined, the command name to display when running "su -". For -# example, if this is defined as "su" then a "ps" will display the -# command is "-su". If not defined, then "ps" would display the -# name of the shell actually being run, e.g. something like "-sh". -# -SU_NAME su - -# -# *REQUIRED* -# Directory where mailboxes reside, _or_ name of file, relative to the -# home directory. If you _do_ define both, MAIL_DIR takes precedence. -# -MAIL_DIR /var/spool/mail - -# -# If defined, file which inhibits all the usual chatter during the login -# sequence. If a full pathname, then hushed mode will be enabled if the -# user's name or shell are found in the file. If not a full pathname, then -# hushed mode will be enabled if the file exists in the user's home directory. -# -HUSHLOGIN_FILE .hushlogin -#HUSHLOGIN_FILE /etc/hushlogins - -# -# *REQUIRED* The default PATH settings, for superuser and normal users. -# -# (they are minimal, add the rest in the shell startup files) -ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin -ENV_PATH PATH=/bin:/usr/bin - -# -# Terminal permissions -# -# TTYGROUP Login tty will be assigned this group ownership. -# TTYPERM Login tty will be set to this permission. -# -# If you have a "write" program which is "setgid" to a special group -# which owns the terminals, define TTYGROUP to the group number and -# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign -# TTYPERM to either 622 or 600. -# -TTYGROUP tty -TTYPERM 0600 - -# -# Login configuration initializations: -# -# ERASECHAR Terminal ERASE character ('\010' = backspace). -# KILLCHAR Terminal KILL character ('\025' = CTRL/U). -# UMASK Default "umask" value. -# -# The ERASECHAR and KILLCHAR are used only on System V machines. -# The ULIMIT is used only if the system supports it. -# (now it works with setrlimit too; ulimit is in 512-byte units) -# -# Prefix these values with "0" to get octal, "0x" to get hexadecimal. -# -ERASECHAR 0177 -KILLCHAR 025 -UMASK 022 - -# -# Password aging controls: -# -# PASS_MAX_DAYS Maximum number of days a password may be used. -# PASS_MIN_DAYS Minimum number of days allowed between password changes. -# PASS_WARN_AGE Number of days warning given before a password expires. -# -PASS_MAX_DAYS 99999 -PASS_MIN_DAYS 0 -PASS_WARN_AGE 7 - -# -# Min/max values for automatic uid selection in useradd -# -UID_MIN 1000 -UID_MAX 60000 - -# -# Min/max values for automatic gid selection in groupadd -# -GID_MIN 100 -GID_MAX 60000 - -# -# Max number of login retries if password is bad -# -LOGIN_RETRIES 3 - -# -# Max time in seconds for login -# -LOGIN_TIMEOUT 60 - -# -# Which fields may be changed by regular users using chfn - use -# any combination of letters "frwh" (full name, room number, work -# phone, home phone). If not defined, no changes are allowed. -# For backward compatibility, "yes" = "rwh" and "no" = "frwh". -# -CHFN_RESTRICT rwh - -# -# List of groups to add to the user's supplementary group set -# when logging in on the console (as determined by the CONSOLE -# setting). Default is none. -# -# Use with caution - it is possible for users to gain permanent -# access to these groups, even when not logged in on the console. -# How to do it is left as an exercise for the reader... -# -#CONSOLE_GROUPS floppy:audio:cdrom - -# -# Should login be allowed if we can't cd to the home directory? -# Default in no. -# -DEFAULT_HOME yes - -# -# If defined, this command is run when removing a user. -# It should remove any at/cron/print jobs etc. owned by -# the user to be removed (passed as the first argument). -# -#USERDEL_CMD /usr/sbin/userdel_local - -# -# When prompting for password without echo, getpass() can optionally -# display a random number (in the range 1 to GETPASS_ASTERISKS) of '*' -# characters for each character typed. This feature is designed to -# confuse people looking over your shoulder when you enter a password :-). -# Also, the new getpass() accepts both Backspace (8) and Delete (127) -# keys to delete previous character (to cope with different terminal -# types), Control-U to delete all characters, and beeps when there are -# no more characters to delete, or too many characters entered. -# -# Setting GETPASS_ASTERISKS to 1 results in more traditional behaviour - -# exactly one '*' displayed for each character typed. -# -# Setting GETPASS_ASTERISKS to 0 disables the '*' characters (Backspace, -# Delete, Control-U and beep continue to work as described above). -# -# Setting GETPASS_ASTERISKS to -1 reverts to the traditional getpass() -# without any new features. This is the default. -# -GETPASS_ASTERISKS 0 - -# -# Enable setting of the umask group bits to be the same as owner bits -# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is -# the same as gid, and username is the same as the primary group name. -# -# This also enables userdel to remove user groups if no members exist. -# -USERGROUPS_ENAB yes - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd deleted file mode 100644 index f8f1f86fbc..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd +++ /dev/null @@ -1,30 +0,0 @@ -#%PAM-1.0 - -auth required pam_securetty.so -auth include system-auth -auth required pam_tally.so file=/var/log/faillog onerr=succeed no_magic_root -auth required pam_shells.so -auth required pam_nologin.so - -account required pam_access.so -account include system-auth -account required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed no_magic_root - -password include system-auth - -@selinux@# pam_selinux.so close should be the first session rule -@selinux@session required pam_selinux.so close -@selinux@ -session include system-auth -session required pam_env.so -session optional pam_lastlog.so -session optional pam_motd.so motd=/etc/motd -session optional pam_mail.so - -# If you want to enable pam_console, uncomment the following line -# and read carefully README.pam_console in /usr/share/doc/pam* -#session optional pam_console.so - -@selinux@# pam_selinux.so open should be the last session rule -@selinux@session required pam_selinux.so multiple open -@selinux@ diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.1 b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.1 deleted file mode 100644 index 2c784e240a..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.1 +++ /dev/null @@ -1,31 +0,0 @@ -#%PAM-1.0 - -auth required pam_securetty.so -auth required pam_tally.so file=/var/log/faillog onerr=succeed no_magic_root -auth required pam_shells.so -auth required pam_nologin.so -auth include system-auth - -account required pam_access.so -account include system-auth -account required pam_tally.so deny=0 file=/var/log/faillog onerr=succeed no_magic_root - -password include system-auth - -@selinux@# pam_selinux.so close should be the first session rule -@selinux@session required pam_selinux.so close -@selinux@ -session required pam_env.so -session optional pam_lastlog.so -session optional pam_motd.so motd=/etc/motd -session optional pam_mail.so - -# If you want to enable pam_console, uncomment the following line -# and read carefully README.pam_console in /usr/share/doc/pam* -#session optional pam_console.so - -session include system-auth - -@selinux@# pam_selinux.so open should be the last session rule -@selinux@session required pam_selinux.so multiple open -@selinux@ diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.2 b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.2 deleted file mode 100644 index 49c3a648b1..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.2 +++ /dev/null @@ -1,28 +0,0 @@ -#%PAM-1.0 - -auth include chromeos-auth -auth required pam_securetty.so -auth required pam_tally.so file=/var/log/faillog onerr=succeed -auth required pam_shells.so -auth required pam_nologin.so -auth include system-auth - -account required pam_access.so -account include system-auth -account required pam_tally.so file=/var/log/faillog onerr=succeed - -password include system-auth - -#%EPAM-Use-Flag:selinux%## pam_selinux.so close should be the first session rule -#%EPAM-Use-Flag:selinux%#session required pam_selinux.so close -#%EPAM-Use-Flag:selinux%# -session required pam_env.so -session optional pam_lastlog.so -session optional pam_motd.so motd=/etc/motd -session optional pam_mail.so - -session include system-auth - -#%EPAM-Use-Flag:selinux%## pam_selinux.so open should be the last session rule -#%EPAM-Use-Flag:selinux%#session required pam_selinux.so multiple open -#%EPAM-Use-Flag:selinux%# diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.3 b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.3 deleted file mode 100644 index 13abd2796b..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login.pamd.3 +++ /dev/null @@ -1,6 +0,0 @@ -auth required pam_securetty.so -auth include system-local-login - -account include system-local-login -password include system-local-login -session include system-local-login diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs.awk b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs.awk deleted file mode 100644 index 56087c647e..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs.awk +++ /dev/null @@ -1,32 +0,0 @@ -# Fixes up login defs for PAM by commenting all non-PAM options and adding a -# comment that it is not supported with PAM. -# -# Call with lib/getdef.c and etc/login.defs as args in the root source directory -# of shadow, ie: -# -# gawk -f login_defs.awk lib/getdef.c etc/login.defs > login.defs.new -# - -(FILENAME == "lib/getdef.c") { - if ($2 == "USE_PAM") - start_printing = 1 - else if ($1 == "#endif") - nextfile - else if (start_printing == 1) - VARS[count++] = substr($1, 3, length($1) - 4) -} - -(FILENAME != "lib/getdef.c") { - print_line = 1 - for (x in VARS) { - regex = "(^|#)" VARS[x] - if ($0 ~ regex) { - print_line = 0 - printf("%s%s\t(NOT SUPPORTED WITH PAM)\n", - ($0 ~ /^#/) ? "" : "#", $0) - } - } - if (print_line) - print $0 -} - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed deleted file mode 100644 index ba308ba9ab..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/login_defs_pam.sed +++ /dev/null @@ -1,24 +0,0 @@ -/^FAILLOG_ENAB/b comment -/^LASTLOG_ENAB/b comment -/^MAIL_CHECK_ENAB/b comment -/^OBSCURE_CHECKS_ENAB/b comment -/^PORTTIME_CHECKS_ENAB/b comment -/^QUOTAS_ENAB/b comment -/^MOTD_FILE/b comment -/^FTMP_FILE/b comment -/^NOLOGINS_FILE/b comment -/^ENV_HZ/b comment -/^PASS_MIN_LEN/b comment -/^SU_WHEEL_ONLY/b comment -/^CRACKLIB_DICTPATH/b comment -/^PASS_CHANGE_TRIES/b comment -/^PASS_ALWAYS_WARN/b comment -/^CHFN_AUTH/b comment -/^ENVIRON_FILE/b comment - -b exit - -: comment - s:^:#: - -: exit diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/login b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/login deleted file mode 100644 index 9d2167793c..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/login +++ /dev/null @@ -1,12 +0,0 @@ -#%PAM-1.0 - -auth required pam_securetty.so -auth include system-auth -auth required pam_nologin.so - -account include system-auth - -password include system-auth - -session include system-auth -session optional pam_console.so diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/other b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/other deleted file mode 100644 index bb0b9647c0..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/other +++ /dev/null @@ -1,9 +0,0 @@ -#%PAM-1.0 - -auth required pam_deny.so - -account required pam_deny.so - -password required pam_deny.so - -session required pam_deny.so diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/passwd b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/passwd deleted file mode 100644 index 3a98715220..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/passwd +++ /dev/null @@ -1,5 +0,0 @@ -#%PAM-1.0 - -auth include system-auth -account include system-auth -password include system-auth diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/shadow b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/shadow deleted file mode 100644 index 743b2f0260..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/shadow +++ /dev/null @@ -1,8 +0,0 @@ -#%PAM-1.0 - -auth sufficient pam_rootok.so -auth required pam_permit.so - -account include system-auth - -password required pam_permit.so diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/su b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/su deleted file mode 100644 index d15c7edfc5..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/su +++ /dev/null @@ -1,32 +0,0 @@ -#%PAM-1.0 - -auth sufficient pam_rootok.so - -# If you want to restrict users begin allowed to su even more, -# create /etc/security/suauth.allow (or to that matter) that is only -# writable by root, and add users that are allowed to su to that -# file, one per line. -#auth required pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.allow - -# Uncomment this to allow users in the wheel group to su without -# entering a passwd. -#auth sufficient pam_wheel.so use_uid trust - -# Alternatively to above, you can implement a list of users that do -# not need to supply a passwd with a list. -#auth sufficient pam_listfile.so item=ruser sense=allow onerr=fail file=/etc/security/suauth.nopass - -# Comment this to allow any user, even those not in the 'wheel' -# group to su -auth required pam_wheel.so use_uid - -auth include system-auth - -account include system-auth - -password include system-auth - -session include system-auth -session required pam_env.so -session optional pam_xauth.so - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/su-openpam b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/su-openpam deleted file mode 100644 index e9ec7d3dd2..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/su-openpam +++ /dev/null @@ -1,14 +0,0 @@ -#%PAM-1.0 - -auth sufficient pam_rootok.so - -auth include system-auth - -account include system-auth - -password include system-auth - -session include system-auth -session required pam_env.so -session optional pam_xauth.so - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/system-auth b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/system-auth deleted file mode 100644 index b7c37afdad..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/system-auth +++ /dev/null @@ -1,14 +0,0 @@ -#%PAM-1.0 - -auth required pam_env.so -auth sufficient pam_unix.so likeauth nullok nodelay -auth required pam_deny.so - -account required pam_unix.so - -password required pam_cracklib.so retry=3 -password sufficient pam_unix.so nullok md5 shadow use_authtok -password required pam_deny.so - -session required pam_limits.so -session required pam_unix.so diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/system-auth-1.1 b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/system-auth-1.1 deleted file mode 100644 index fe80483120..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/pam.d-include/system-auth-1.1 +++ /dev/null @@ -1,14 +0,0 @@ -#%PAM-1.0 - -auth required pam_env.so -auth sufficient pam_unix.so likeauth nullok -auth required pam_deny.so - -account required pam_unix.so - -password required pam_cracklib.so retry=3 -password sufficient pam_unix.so nullok md5 shadow use_authtok -password required pam_deny.so - -session required pam_limits.so -session required pam_unix.so diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/securetty b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/securetty deleted file mode 100644 index 218b9f4bfc..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/securetty +++ /dev/null @@ -1,35 +0,0 @@ -# /etc/securetty: list of terminals on which root is allowed to login. -# See securetty(5) and login(1). -console - -vc/0 -vc/1 -vc/2 -vc/3 -vc/4 -vc/5 -vc/6 -vc/7 -vc/8 -vc/9 -vc/10 -vc/11 -vc/12 -tty0 -tty1 -tty2 -tty3 -tty4 -tty5 -tty6 -tty7 -tty8 -tty9 -tty10 -tty11 -tty12 - -tts/0 -ttyS0 -ttySAC1 -ttySAC3 diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.11.1-perms.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.11.1-perms.patch deleted file mode 100644 index 3446fd7f66..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.11.1-perms.patch +++ /dev/null @@ -1,46 +0,0 @@ ---- src/Makefile.am 2005-08-01 12:29:59.000000000 +0200 -+++ src.az/Makefile.am 2005-08-01 12:30:44.000000000 +0200 -@@ -45,6 +45,8 @@ noinst_PROGRAMS = id sulogin - - suidbins = su - suidubins = chage chfn chsh expiry gpasswd newgrp passwd -+suidbinperms = 4711 -+suidubinperms = 4711 - - LDADD = $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -@@ -79,8 +81,8 @@ install-am: all-am - ln -sf newgrp $(DESTDIR)$(ubindir)/sg - ln -sf vipw $(DESTDIR)$(usbindir)/vigr - for i in $(suidbins); do \ -- chmod -f 4755 $(DESTDIR)$(bindir)/$$i; \ -+ chmod -f $(suidbinperms) $(DESTDIR)$(bindir)/$$i; \ - done - for i in $(suidubins); do \ -- chmod -f 4755 $(DESTDIR)$(ubindir)/$$i; \ -+ chmod -f $(suidubinperms) $(DESTDIR)$(ubindir)/$$i; \ - done ---- src/Makefile.in 2005-08-01 12:31:07.000000000 +0200 -+++ src.az/Makefile.in 2005-08-01 12:33:54.000000000 +0200 -@@ -346,6 +346,8 @@ INCLUDES = \ - - suidbins = su - suidubins = chage chfn chsh expiry gpasswd newgrp passwd -+suidbinperms = 4711 -+suidubinperms = 4711 - LDADD = $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la - -@@ -839,10 +841,10 @@ install-am: all-am - ln -sf newgrp $(DESTDIR)$(ubindir)/sg - ln -sf vipw $(DESTDIR)$(usbindir)/vigr - for i in $(suidbins); do \ -- chmod -f 4755 $(DESTDIR)$(bindir)/$$i; \ -+ chmod -f $(suidbinperms) $(DESTDIR)$(bindir)/$$i; \ - done - for i in $(suidubins); do \ -- chmod -f 4755 $(DESTDIR)$(ubindir)/$$i; \ -+ chmod -f $(suidubinperms) $(DESTDIR)$(ubindir)/$$i; \ - done - # Tell versions [3.59,3.63) of GNU make to not export all variables. - # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.12-gcc2.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.12-gcc2.patch deleted file mode 100644 index b70dbceffc..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.12-gcc2.patch +++ /dev/null @@ -1,30 +0,0 @@ -Fix compiling with gcc-2.95.x: - ------ -newgrp.c: In function `main': -newgrp.c:459: parse error before `child' -newgrp.c:467: `child' undeclared (first use in this function) -newgrp.c:467: (Each undeclared identifier is reported only once -newgrp.c:467: for each function it appears in.) -newgrp.c:476: `pid' undeclared (first use in this function) -make[2]: *** [newgrp.o] Error 1 ------ - ---- shadow-4.0.12/src/newgrp.c 2005-08-24 13:30:51.000000000 +0200 -+++ shadow-4.0.12.az/src/newgrp.c 2005-08-24 13:31:01.000000000 +0200 -@@ -424,6 +424,7 @@ - if (getdef_bool ("SYSLOG_SG_ENAB")) { - char *loginname = getlogin (); - char *tty = ttyname (0); -+ pid_t child, pid; - - if (loginname != NULL) - loginname = xstrdup (loginname); -@@ -456,7 +457,6 @@ - * avoid any possibility of the parent being stopped when it - * receives SIGCHLD from the terminating subshell. -- JWP - */ -- pid_t child, pid; - - signal (SIGINT, SIG_IGN); - signal (SIGQUIT, SIG_IGN); diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-dots-in-usernames.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-dots-in-usernames.patch deleted file mode 100644 index 54e1d72e61..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-dots-in-usernames.patch +++ /dev/null @@ -1,28 +0,0 @@ -Allow people to add users with dots in their names. - -http://bugs.gentoo.org/22920 - -Index: libmisc/chkname.c -=================================================================== -RCS file: /cvsroot/shadow/libmisc/chkname.c,v -retrieving revision 1.11 -diff -u -p -r1.11 chkname.c ---- libmisc/chkname.c 31 Aug 2005 17:24:57 -0000 1.11 -+++ libmisc/chkname.c 10 Oct 2005 22:20:16 -0000 -@@ -18,7 +18,7 @@ - static int good_name (const char *name) - { - /* -- * User/group names must match [a-z_][a-z0-9_-]*[$] -+ * User/group names must match [a-z_][a-z0-9_-.]*[$] - */ - if (!*name || !((*name >= 'a' && *name <= 'z') || *name == '_')) - return 0; -@@ -27,6 +27,7 @@ static int good_name (const char *name) - if (!((*name >= 'a' && *name <= 'z') || - (*name >= '0' && *name <= '9') || - *name == '_' || *name == '-' || -+ *name == '.' || - (*name == '$' && *(name + 1) == '\0'))) - return 0; - } diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-long-groupnames.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-long-groupnames.patch deleted file mode 100644 index df322cf28b..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-long-groupnames.patch +++ /dev/null @@ -1,18 +0,0 @@ -Remove arbitrary requirement on the length of groups. Perhaps we -should turn this into a configure option and send upstream ? - -http://bugs.gentoo.org/3485 - ---- libmisc/chkname.c -+++ libmisc/chkname.c -@@ -59,8 +60,10 @@ - * Arbitrary limit for group names - max 16 - * characters (same as on HP-UX 10). - */ -+#if 0 - if (strlen (name) > 16) - return 0; -+#endif - - return good_name (name); - } diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-nonis.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-nonis.patch deleted file mode 100644 index 0c89e90e21..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.13-nonis.patch +++ /dev/null @@ -1,53 +0,0 @@ ---- src/login_nopam.c -+++ src/login_nopam.c -@@ -50,7 +50,9 @@ - #include - #include /* for inet_ntoa() */ - extern struct group *getgrnam (); -+#ifdef USE_NIS - extern int innetgr (); -+#endif - - #if !defined(MAXHOSTNAMELEN) || (MAXHOSTNAMELEN < 64) - #undef MAXHOSTNAMELEN -@@ -178,6 +180,7 @@ static char *myhostname (void) - return (name); - } - -+#ifdef USE_NIS - /* netgroup_match - match group against machine or user */ - static int - netgroup_match (const char *group, const char *machine, const char *user) -@@ -193,6 +196,7 @@ netgroup_match (const char *group, const - - return innetgr (group, machine, user, mydomain); - } -+#endif - - /* user_match - match a username against one token */ - static int user_match (const char *tok, const char *string) -@@ -214,8 +218,10 @@ static int user_match (const char *tok, - *at = 0; - return (user_match (tok, string) - && from_match (at + 1, myhostname ())); -+#ifdef USE_NIS - } else if (tok[0] == '@') { /* netgroup */ - return (netgroup_match (tok + 1, (char *) 0, string)); -+#endif - } else if (string_match (tok, string)) { /* ALL or exact match */ - return (YES); - } else if ((group = getgrnam (tok))) { /* try group membership */ -@@ -271,9 +277,12 @@ static int from_match (const char *tok, - * contain a "." character. If the token is a network number, return YES - * if it matches the head of the string. - */ -+#ifdef USE_NIS - if (tok[0] == '@') { /* netgroup */ - return (netgroup_match (tok + 1, string, (char *) 0)); -- } else if (string_match (tok, string)) { /* ALL or exact match */ -+ } else -+#endif -+ if (string_match (tok, string)) { /* ALL or exact match */ - return (YES); - } else if (tok[0] == '.') { /* domain: match last fields */ - if ((str_len = strlen (string)) > (tok_len = strlen (tok)) diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.15-uclibc-missing-l64a.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.15-uclibc-missing-l64a.patch deleted file mode 100644 index ac9aa8c9df..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.15-uclibc-missing-l64a.patch +++ /dev/null @@ -1,57 +0,0 @@ -uClibc svn has l64a() support in it, but not uClibc 0.9.28 release - ---- shadow-4.0.15/libmisc/salt.c -+++ shadow-4.0.15/libmisc/salt.c -@@ -14,6 +14,52 @@ - #include "prototypes.h" - #include "defines.h" - #include "getdef.h" -+ -+#ifndef HAVE_A64L -+ -+/* -+ * l64a - convert a long to a string of radix 64 characters -+ */ -+ -+static const char conv_table[64] = -+{ -+ '.', '/', '0', '1', '2', '3', '4', '5', -+ '6', '7', '8', '9', 'A', 'B', 'C', 'D', -+ 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', -+ 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', -+ 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', -+ 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', -+ 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', -+ 's', 't', 'u', 'v', 'w', 'x', 'y', 'z' -+}; -+ -+char * -+l64a (n) -+ long int n; -+{ -+ unsigned long int m = (unsigned long int) n; -+ static char result[7]; -+ int cnt; -+ -+ /* The standard says that only 32 bits are used. */ -+ m &= 0xffffffff; -+ -+ if (m == 0ul) -+ /* The value for N == 0 is defined to be the empty string. */ -+ return (char *) ""; -+ -+ for (cnt = 0; m > 0ul; ++cnt) -+ { -+ result[cnt] = conv_table[m & 0x3f]; -+ m >>= 6; -+ } -+ result[cnt] = '\0'; -+ -+ return result; -+} -+ -+#endif /* !HAVE_A64L */ -+ - /* - * Generate 8 base64 ASCII characters of random salt. If MD5_CRYPT_ENAB - * in /etc/login.defs is "yes", the salt string will be prefixed by "$1$" diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.16-fix-useradd-usergroups.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.16-fix-useradd-usergroups.patch deleted file mode 100644 index 3170869f02..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.16-fix-useradd-usergroups.patch +++ /dev/null @@ -1,105 +0,0 @@ -http://bugs.gentoo.org/128715 - -exact implementation details are still in discussion upstream, but this fixes -the behavior to not suck like current code - -Index: src/useradd.c -=================================================================== -RCS file: /cvsroot/shadow/src/useradd.c,v -retrieving revision 1.96 -diff -u -p -r1.96 useradd.c ---- src/useradd.c 30 May 2006 18:28:45 -0000 1.96 -+++ src/useradd.c 10 Jun 2006 22:13:32 -0000 -@@ -114,7 +114,7 @@ static int do_grp_update = 0; /* group f - static char *Prog; - - static int -- bflg = 0, /* new default root of home directory */ -+ bflg = 0, /* new default root of home directory */ - cflg = 0, /* comment (GECOS) field for new account */ - dflg = 0, /* home directory for new account */ - Dflg = 0, /* set/show new user default values */ -@@ -253,6 +253,12 @@ static void get_defaults (void) - const struct group *grp; - - /* -+ * Pull relevant settings from login.defs first. -+ */ -+ if (getdef_bool ("USERGROUPS_ENAB")) -+ nflg = -1; -+ -+ /* - * Open the defaults file for reading. - */ - -@@ -628,6 +634,8 @@ static void usage (void) - " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n" - " -m, --create-home create home directory for the new user\n" - " account\n" -+ " -n, --user-group create a new group with the same name as the\n" -+ " new user\n" - " -o, --non-unique allow create user with duplicate\n" - " (non-unique) UID\n" - " -p, --password PASSWORD use encrypted password for the new user\n" -@@ -1009,6 +1017,7 @@ static void process_flags (int argc, cha - {"skel", required_argument, NULL, 'k'}, - {"key", required_argument, NULL, 'K'}, - {"create-home", no_argument, NULL, 'm'}, -+ {"user-group", no_argument, NULL, 'n'}, - {"non-unique", no_argument, NULL, 'o'}, - {"password", required_argument, NULL, 'p'}, - {"shell", required_argument, NULL, 's'}, -@@ -1016,7 +1025,7 @@ static void process_flags (int argc, cha - {NULL, 0, NULL, '\0'} - }; - while ((c = -- getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMop:s:u:", -+ getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMnop:s:u:", - long_options, NULL)) != -1) { - switch (c) { - case 'b': -@@ -1156,6 +1165,9 @@ static void process_flags (int argc, cha - case 'm': - mflg++; - break; -+ case 'n': -+ nflg = 1; -+ break; - case 'o': - oflg++; - break; -@@ -1203,6 +1215,16 @@ static void process_flags (int argc, cha - usage (); - - /* -+ * Using --gid and --user-group doesn't make sense. -+ */ -+ if (nflg == -1 && gflg) -+ nflg = 0; -+ if (nflg && gflg) { -+ fprintf (stderr, _("%s: options -g and -n conflict\n"), Prog); -+ exit (E_BAD_ARG); -+ } -+ -+ /* - * Either -D or username is required. Defaults can be set with -D - * for the -b, -e, -f, -g, -s options only. - */ -@@ -1725,7 +1747,7 @@ int main (int argc, char **argv) - * to that group, use useradd -g username username. - * --bero - */ -- if (!gflg) { -+ if (nflg) { - if (getgrnam (user_name)) { - fprintf (stderr, - _ -@@ -1759,7 +1781,7 @@ int main (int argc, char **argv) - - /* do we have to add a group for that user? This is why we need to - * open the group files in the open_files() function --gafton */ -- if (!(nflg || gflg)) { -+ if (nflg) { - find_new_gid (); - grp_add (); - } diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.17-login.defs.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.17-login.defs.patch deleted file mode 100644 index 03eb731fa9..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.17-login.defs.patch +++ /dev/null @@ -1,17 +0,0 @@ ---- etc/login.defs -+++ etc/login.defs -@@ -38 +38 @@ --MAIL_CHECK_ENAB yes -+MAIL_CHECK_ENAB no -@@ -205 +205 @@ --SU_WHEEL_ONLY no -+SU_WHEEL_ONLY yes -@@ -210 +210 @@ --CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict -+CRACKLIB_DICTPATH /usr/@LIBDIR@/cracklib_dict -@@ -227 +227 @@ --LOGIN_RETRIES 5 -+LOGIN_RETRIES 3 -@@ -279 +279 @@ --#MD5_CRYPT_ENAB no -+MD5_CRYPT_ENAB yes diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.18.1-useradd-usermod.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.18.1-useradd-usermod.patch deleted file mode 100644 index 8fe14329f1..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.18.1-useradd-usermod.patch +++ /dev/null @@ -1,42 +0,0 @@ ---- shadow-4.0.18.1.orig/src/useradd.c 2006-07-28 19:42:48.000000000 +0200 -+++ shadow-4.0.18.1/src/useradd.c 2006-08-04 09:24:34.000000000 +0200 -@@ -203,13 +203,17 @@ - long gid; - char *errptr; - -+ struct group* grp = getgrnam (grname); -+ if (grp) -+ return grp; -+ - gid = strtol (grname, &errptr, 10); - if (*errptr || errno == ERANGE || gid < 0) { - fprintf (stderr, - _("%s: invalid numeric argument '%s'\n"), Prog, grname); - exit (E_BAD_ARG); - } -- return getgrnam (grname); -+ return getgrgid (gid); - } - - static long get_number (const char *numstr) ---- shadow-4.0.18.1.orig/src/usermod.c 2006-07-28 19:42:48.000000000 +0200 -+++ shadow-4.0.18.1/src/usermod.c 2006-08-04 09:24:21.000000000 +0200 -@@ -165,13 +165,17 @@ - long val; - char *errptr; - -+ struct group* grp = getgrnam (grname); -+ if (grp) -+ return grp; -+ - val = strtol (grname, &errptr, 10); - if (*errptr || errno == ERANGE || val < 0) { - fprintf (stderr, _("%s: invalid numeric argument '%s'\n"), Prog, - grname); - exit (E_BAD_ARG); - } -- return getgrnam (grname); -+ return getgrgid (val); - } - - /* diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.18.2-useradd.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.18.2-useradd.patch deleted file mode 100644 index 1135500758..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.0.18.2-useradd.patch +++ /dev/null @@ -1,22 +0,0 @@ ---- shadow-4.0.18.2/src/useradd.c -+++ shadow-4.0.18.2/src/useradd.c -@@ -203,14 +203,18 @@ - long gid; - char *errptr; - -+ struct group* grp = getgrnam (grname); -+ if (grp) -+ return grp; -+ - gid = strtol (grname, &errptr, 10); - if (*errptr || errno == ERANGE || gid < 0) { - fprintf (stderr, - _("%s: invalid numeric argument '%s'\n"), Prog, - grname); - exit (E_BAD_ARG); - } -- return getgrnam (grname); -+ return getgrgid (gid); - } - - static long get_number (const char *numstr) diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.0-fix-useradd-usergroups.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.0-fix-useradd-usergroups.patch deleted file mode 100644 index 8595ec39a9..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.0-fix-useradd-usergroups.patch +++ /dev/null @@ -1,91 +0,0 @@ -http://bugs.gentoo.org/128715 - -exact implementation details are still in discussion upstream, but this fixes -the behavior to not suck like current code - ---- src/useradd.c -+++ src/useradd.c -@@ -254,6 +254,12 @@ - char *cp, *ep; - - /* -+ * Pull relevant settings from login.defs first. -+ */ -+ if (getdef_bool ("USERGROUPS_ENAB")) -+ nflg = -1; -+ -+ /* - * Open the defaults file for reading. - */ - -@@ -632,6 +638,8 @@ - " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n" - " -m, --create-home create home directory for the new user\n" - " account\n" -+ " -n, --user-group create a new group with the same name as the\n" -+ " new user\n" - " -o, --non-unique allow create user with duplicate\n" - " (non-unique) UID\n" - " -p, --password PASSWORD use encrypted password for the new user\n" -@@ -1001,6 +1009,7 @@ - {"skel", required_argument, NULL, 'k'}, - {"key", required_argument, NULL, 'K'}, - {"create-home", no_argument, NULL, 'm'}, -+ {"user-group", no_argument, NULL, 'n'}, - {"non-unique", no_argument, NULL, 'o'}, - {"password", required_argument, NULL, 'p'}, - {"shell", required_argument, NULL, 's'}, -@@ -1008,7 +1017,7 @@ - {NULL, 0, NULL, '\0'} - }; - while ((c = -- getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMop:s:u:", -+ getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMnop:s:u:", - long_options, NULL)) != -1) { - switch (c) { - case 'b': -@@ -1145,6 +1154,9 @@ - case 'm': - mflg++; - break; -+ case 'n': -+ nflg = 1; -+ break; - case 'o': - oflg++; - break; -@@ -1192,6 +1204,16 @@ - usage (); - - /* -+ * Using --gid and --user-group doesn't make sense. -+ */ -+ if (nflg == -1 && gflg) -+ nflg = 0; -+ if (nflg && gflg) { -+ fprintf (stderr, _("%s: options -g and -n conflict\n"), Prog); -+ exit (E_BAD_ARG); -+ } -+ -+ /* - * Either -D or username is required. Defaults can be set with -D - * for the -b, -e, -f, -g, -s options only. - */ -@@ -1728,7 +1750,7 @@ - * to that group, use useradd -g username username. - * --bero - */ -- if (!gflg) { -+ if (nflg) { - if (getgrnam (user_name)) { /* local, no need for xgetgrnam */ - fprintf (stderr, - _ -@@ -1762,7 +1784,7 @@ - - /* do we have to add a group for that user? This is why we need to - * open the group files in the open_files() function --gafton */ -- if (!(nflg || gflg)) { -+ if (nflg) { - find_new_gid (); - grp_add (); - } diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.1-audit.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.1-audit.patch deleted file mode 100644 index 5968279f87..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.1-audit.patch +++ /dev/null @@ -1,22 +0,0 @@ ---- a/trunk/src/newgrp.c 2008/04/16 22:03:43 1975 -+++ b/trunk/src/newgrp.c 2008/04/16 22:04:46 1976 -@@ -53,6 +53,10 @@ - static char *Prog; - static int is_newgrp; - -+#ifdef WITH_AUDIT -+char audit_buf[80]; -+#endif -+ - /* local function prototypes */ - static void usage (void); - static void check_perms (const struct group *grp, -@@ -349,8 +353,6 @@ - #endif - - #ifdef WITH_AUDIT -- char audit_buf[80]; -- - audit_help_open (); - #endif - setlocale (LC_ALL, ""); diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.1+openpam.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.1+openpam.patch deleted file mode 100644 index f10e02d036..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.1+openpam.patch +++ /dev/null @@ -1,121 +0,0 @@ -Index: shadow-4.1.2.1/configure.in -=================================================================== ---- shadow-4.1.2.1.orig/configure.in -+++ shadow-4.1.2.1/configure.in -@@ -339,13 +339,29 @@ if test "$with_libpam" != "no"; then - AC_MSG_ERROR(libpam not found) - fi - -- AC_CHECK_LIB(pam_misc, main, -- [pam_misc_lib="yes"], [pam_misc_lib="no"]) -- if test "$pam_misc_lib$with_libpam" = "noyes" ; then -- AC_MSG_ERROR(libpam_misc not found) -+ LIBPAM="-lpam" -+ pam_conv_function="no" -+ -+ AC_CHECK_LIB(pam, openpam_ttyconv, -+ [pam_conv_function="openpam_ttyconv"], -+ AC_CHECK_LIB(pam_misc, misc_conv, -+ [pam_conv_function="misc_conv"; LIBPAM="$LIBPAM -lpam_misc"]) -+ ) -+ -+ if test "$pam_conv_function$with_libpam" = "noyes" ; then -+ AC_MSG_ERROR(PAM conversation function not found) - fi - -- if test "$pam_lib$pam_misc_lib" = "yesyes" ; then -+ pam_headers_found=no -+ AC_CHECK_HEADERS( [security/openpam.h security/pam_misc.h], -+ [ pam_headers_found=yes ; break ], [], -+ [ #include ] ) -+ if test "$pam_headers_found$with_libpam" = "noyes" ; then -+ AC_MSG_ERROR(PAM headers not found) -+ fi -+ -+ -+ if test "$pam_lib$pam_headers_found" = "yesyes" -a "$pam_conv_function" != "no" ; then - with_libpam="yes" - else - with_libpam="no" -@@ -353,9 +369,22 @@ if test "$with_libpam" != "no"; then - fi - dnl Now with_libpam is either yes or no - if test "$with_libpam" = "yes"; then -+ AC_CHECK_DECLS([PAM_ESTABLISH_CRED, -+ PAM_DELETE_CRED, -+ PAM_NEW_AUTHTOK_REQD, -+ PAM_DATA_SILENT], -+ [], [], [#include ]) -+ -+ -+ save_libs=$LIBS -+ LIBS="$LIBS $LIBPAM" -+ AC_CHECK_FUNCS([pam_fail_delay]) -+ LIBS=$save_libs -+ - AC_DEFINE(USE_PAM, 1, [Define to support Pluggable Authentication Modules]) -+ AC_DEFINE_UNQUOTED(SHADOW_PAM_CONVERSATION, [$pam_conv_function],[PAM converstation to use]) - AM_CONDITIONAL(USE_PAM, [true]) -- LIBPAM="-lpam -lpam_misc" -+ - AC_MSG_CHECKING(use login and su access checking if PAM not used) - AC_MSG_RESULT(no) - else -Index: shadow-4.1.2.1/lib/pam_defs.h -=================================================================== ---- shadow-4.1.2.1.orig/lib/pam_defs.h -+++ shadow-4.1.2.1/lib/pam_defs.h -@@ -28,24 +28,31 @@ - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -+#include - #include --#include -+#ifdef HAVE_SECURITY_PAM_MISC_H -+# include -+#endif -+#ifdef HAVE_SECURITY_OPENPAM_H -+# include -+#endif -+ - - static struct pam_conv conv = { -- misc_conv, -+ SHADOW_PAM_CONVERSATION, - NULL - }; - - /* compatibility with different versions of Linux-PAM */ --#ifndef PAM_ESTABLISH_CRED -+#if !HAVE_DECL_PAM_ESTABLISH_CRED - #define PAM_ESTABLISH_CRED PAM_CRED_ESTABLISH - #endif --#ifndef PAM_DELETE_CRED -+#if !HAVE_DECL_PAM_DELETE_CRED - #define PAM_DELETE_CRED PAM_CRED_DELETE - #endif --#ifndef PAM_NEW_AUTHTOK_REQD -+#if !HAVE_DECL_PAM_NEW_AUTHTOK_REQD - #define PAM_NEW_AUTHTOK_REQD PAM_AUTHTOKEN_REQD - #endif --#ifndef PAM_DATA_SILENT -+#if !HAVE_DECL_PAM_DATA_SILENT - #define PAM_DATA_SILENT 0 - #endif -Index: shadow-4.1.2.1/src/login.c -=================================================================== ---- shadow-4.1.2.1.orig/src/login.c -+++ shadow-4.1.2.1/src/login.c -@@ -644,9 +644,10 @@ int main (int argc, char **argv) - failed = 0; - - failcount++; -+#ifdef HAVE_PAM_FAIL_DELAY - if (delay > 0) - retcode = pam_fail_delay(pamh, 1000000*delay); -- -+#endif - retcode = pam_authenticate (pamh, 0); - - pam_get_item (pamh, PAM_USER, diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-id-types.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-id-types.patch deleted file mode 100644 index 689884fecb..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-id-types.patch +++ /dev/null @@ -1,87 +0,0 @@ -From 670cce502aadf86b5b5d78059e5474e6171919f3 Mon Sep 17 00:00:00 2001 -From: nekral-guest -Date: Sat, 30 Aug 2008 18:30:58 +0000 -Subject: [PATCH] * lib/groupio.h, lib/prototypes.h, lib/pwio.h, lib/sgetgrent.c: - Include before and . It is necessary - for the definition of uid_t and gid_t. - * lib/pwmem.c: do not include , "pwio.h" is sufficient - here. - -git-svn-id: svn://svn.debian.org/pkg-shadow/upstream/trunk@2297 5a98b0ae-9ef6-0310-add3-de5d479b70d7 ---- - lib/groupio.h | 1 + - lib/prototypes.h | 1 + - lib/pwio.h | 2 ++ - lib/pwmem.c | 3 +-- - lib/sgetgrent.c | 1 + - 6 files changed, 11 insertions(+), 2 deletions(-) - -diff --git a/lib/groupio.h b/lib/groupio.h -index 9f2984c..d229845 100644 ---- a/lib/groupio.h -+++ b/lib/groupio.h -@@ -35,6 +35,7 @@ - #ifndef _GROUPIO_H - #define _GROUPIO_H - -+#include - #include - - extern int gr_close (void); -diff --git a/lib/prototypes.h b/lib/prototypes.h -index f1ffc50..feeedc4 100644 ---- a/lib/prototypes.h -+++ b/lib/prototypes.h -@@ -48,6 +48,7 @@ - #else - #include - #endif -+#include - #include - #include - #include -diff --git a/lib/pwio.h b/lib/pwio.h -index 28f8bbd..52c7bf3 100644 ---- a/lib/pwio.h -+++ b/lib/pwio.h -@@ -35,7 +35,9 @@ - #ifndef _PWIO_H - #define _PWIO_H - -+#include - #include -+ - extern int pw_close (void); - extern const struct passwd *pw_locate (const char *name); - extern const struct passwd *pw_locate_uid (uid_t uid); -diff --git a/lib/pwmem.c b/lib/pwmem.c -index 95a6137..84dee3d 100644 ---- a/lib/pwmem.c -+++ b/lib/pwmem.c -@@ -35,10 +35,9 @@ - - #ident "$Id: shadow-4.1.2.2-id-types.patch,v 1.1 2009/03/15 04:56:23 vapier Exp $" - -+#include - #include "prototypes.h" - #include "defines.h" --#include --#include - #include "pwio.h" - - struct passwd *__pw_dup (const struct passwd *pwent) -diff --git a/lib/sgetgrent.c b/lib/sgetgrent.c -index 6f090aa..186ee40 100644 ---- a/lib/sgetgrent.c -+++ b/lib/sgetgrent.c -@@ -35,6 +35,7 @@ - #ident "$Id: shadow-4.1.2.2-id-types.patch,v 1.1 2009/03/15 04:56:23 vapier Exp $" - - #include -+#include - #include - #include "defines.h" - #include "prototypes.h" --- -1.6.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-l64a.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-l64a.patch deleted file mode 100644 index e06598cf3c..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-l64a.patch +++ /dev/null @@ -1,13 +0,0 @@ -http://bugs.gentoo.org/260001 ---- a/libmisc/salt.c -+++ b/libmisc/salt.c -@@ -20,9 +20,6 @@ - #include "getdef.h" - - /* local function prototypes */ --#ifndef HAVE_L64A --char *l64a(long value); --#endif /* !HAVE_L64A */ - static void seedRNG (void); - static char *gensalt (size_t salt_size); - #ifdef USE_SHA_CRYPT diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-optional-nscd.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-optional-nscd.patch deleted file mode 100644 index 419a604c3b..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-optional-nscd.patch +++ /dev/null @@ -1,93 +0,0 @@ -From 803bce24e3c902efcfba82dad08f25edf1dd3d6f Mon Sep 17 00:00:00 2001 -From: nekral-guest -Date: Sat, 30 Aug 2008 18:30:36 +0000 -Subject: [PATCH] * configure.in, lib/nscd.h, lib/nscd.c: Added --with-nscd flag to - support systems without nscd. - -git-svn-id: svn://svn.debian.org/pkg-shadow/upstream/trunk@2296 5a98b0ae-9ef6-0310-add3-de5d479b70d7 ---- - configure.in | 13 +++++++++++-- - lib/nscd.c | 4 ++++ - lib/nscd.h | 4 ++++ - 4 files changed, 21 insertions(+), 2 deletions(-) - -diff --git a/configure.in b/configure.in -index 044617c..8384a15 100644 ---- a/configure.in -+++ b/configure.in -@@ -38,9 +38,9 @@ AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \ - dnl shadow now uses the libc's shadow implementation - AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])]) - --AC_CHECK_FUNCS(l64a fchmod fchown fsync getgroups gethostname getspnam \ -+AC_CHECK_FUNCS(l64a fchmod fchown fsync futimes getgroups gethostname getspnam \ - gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \ -- memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \ -+ lutimes memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \ - getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r) - AC_SYS_LARGEFILE - -@@ -235,12 +235,20 @@ AC_ARG_WITH(libcrack, - AC_ARG_WITH(sha-crypt, - [AC_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])], - [with_sha_crypt=$withval], [with_sha_crypt=yes]) -+AC_ARG_WITH(nscd, -+ [AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])], -+ [with_nscd=$withval], [with_nscd=yes]) - - AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes") - if test "$with_sha_crypt" = "yes"; then - AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms]) - fi - -+AM_CONDITIONAL(USE_NSCD, test "x$with_nscd" = "xyes") -+if test "$with_nscd" = "yes"; then -+ AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches]) -+fi -+ - dnl Check for some functions in libc first, only if not found check for - dnl other libraries. This should prevent linking libnsl if not really - dnl needed (Linux glibc, Irix), but still link it if needed (Solaris). -@@ -457,4 +465,5 @@ echo " SELinux support: $with_selinux" - echo " shadow group support: $enable_shadowgrp" - echo " S/Key support: $with_skey" - echo " SHA passwords encryption: $with_sha_crypt" -+echo " nscd support: $with_nscd" - echo -diff --git a/lib/nscd.c b/lib/nscd.c -index 59b7172..5f54b72 100644 ---- a/lib/nscd.c -+++ b/lib/nscd.c -@@ -1,5 +1,8 @@ - /* Author: Peter Vrabec */ - -+#include -+#ifdef USE_NSCD -+ - /* because of TEMP_FAILURE_RETRY */ - #define _GNU_SOURCE - -@@ -54,4 +57,5 @@ int nscd_flush_cache (const char *service) - - return 0; - } -+#endif - -diff --git a/lib/nscd.h b/lib/nscd.h -index 8bb10a8..a430b00 100644 ---- a/lib/nscd.h -+++ b/lib/nscd.h -@@ -4,6 +4,10 @@ - /* - * nscd_flush_cache - flush specified service buffer in nscd cache - */ -+#ifdef USE_NSCD - extern int nscd_flush_cache (const char *service); -+#else -+#define nscd_flush_cache(service) (0) -+#endif - - #endif --- -1.6.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-optional-utimes.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-optional-utimes.patch deleted file mode 100644 index eba90da113..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.2.2-optional-utimes.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 1ed3c6672957f2033f217f90a76f85973f1c85c6 Mon Sep 17 00:00:00 2001 -From: nekral-guest -Date: Sat, 30 Aug 2008 18:29:55 +0000 -Subject: [PATCH] * NEWS: Added support for uclibc. - * configure.in, libmisc/copydir.c: futimes() and lutimes() are not - standard. Check if they are implemented before using them. Do not - set the time of links if lutimes() does not exist, and use - utimes() as a replacement for futimes(). - -git-svn-id: svn://svn.debian.org/pkg-shadow/upstream/trunk@2294 5a98b0ae-9ef6-0310-add3-de5d479b70d7 ---- - libmisc/copydir.c | 8 ++++++++ - 3 files changed, 17 insertions(+), 0 deletions(-) - -diff --git a/libmisc/copydir.c b/libmisc/copydir.c -index abcea4c..b887303 100644 ---- a/libmisc/copydir.c -+++ b/libmisc/copydir.c -@@ -431,12 +431,14 @@ static int copy_symlink (const char *src, const char *dst, - return -1; - } - -+#ifdef HAVE_LUTIMES - /* 2007-10-18: We don't care about - * exit status of lutimes because - * it returns ENOSYS on many system - * - not implemented - */ - lutimes (dst, mt); -+#endif - - return err; - } -@@ -548,9 +550,15 @@ static int copy_file (const char *src, const char *dst, - - (void) close (ifd); - -+#ifdef HAVE_FUTIMES - if (futimes (ofd, mt) != 0) { - return -1; - } -+#else -+ if (utimes(dst, mt) != 0) { -+ return -1; -+ } -+#endif - - if (close (ofd) != 0) { - return -1; --- -1.6.2 - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.3-dots-in-usernames.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.3-dots-in-usernames.patch deleted file mode 100644 index efcb33dbd9..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.3-dots-in-usernames.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- shadow-4.1.3/libmisc/chkname.c -+++ shadow-4.1.3/libmisc/chkname.c -@@ -66,6 +66,7 @@ - ( ('0' <= *name) && ('9' >= *name) ) || - ('_' == *name) || - ('-' == *name) || -+ ('.' == *name) || - ( ('$' == *name) && ('\0' == *(name + 1)) ) - )) { - return false; diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch deleted file mode 100644 index 7c83f7cd05..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch +++ /dev/null @@ -1,14 +0,0 @@ -http://bugs.gentoo.org/283725 -https://alioth.debian.org/tracker/index.php?func=detail&aid=311740&group_id=30580&atid=411480 - ---- shadow-4.1.4.2/libmisc/env.c -+++ shadow-4.1.4.2/libmisc/env.c -@@ -251,7 +251,7 @@ - if (strncmp (*cur, *bad, strlen (*bad)) != 0) { - continue; - } -- if (strchr (*cur, '/') != NULL) { -+ if (strchr (*cur, '/') == NULL) { - continue; /* OK */ - } - for (move = cur; NULL != *move; move++) { diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-groupmod-pam-check.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-groupmod-pam-check.patch deleted file mode 100644 index f25c4e10ff..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-groupmod-pam-check.patch +++ /dev/null @@ -1,21 +0,0 @@ -http://bugs.gentoo.org/300790 -http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2009-November/007850.html - -2009-11-05 Nicolas François - - * NEWS, src/groupmod.c: Fixed groupmod when configured with - --enable-account-tools-setuid. - -diff --git a/src/groupmod.c b/src/groupmod.c -index 4205df2..da6d77f 100644 ---- a/src/groupmod.c -+++ b/src/groupmod.c -@@ -724,7 +724,7 @@ int main (int argc, char **argv) - { - struct passwd *pampw; - pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */ -- if (NULL == pamh) { -+ if (NULL == pampw) { - fprintf (stderr, - _("%s: Cannot determine your user name.\n"), - Prog); diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch deleted file mode 100644 index 0cf74f8975..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch +++ /dev/null @@ -1,14 +0,0 @@ -http://bugs.gentoo.org/show_bug.cgi?id=301957 -https://alioth.debian.org/scm/browser.php?group_id=30580 - ---- a/src/su.c -+++ b/src/su.c -@@ -342,7 +342,7 @@ - #endif - #endif /* !USE_PAM */ - -- sanitize_env (); -+ /* sanitize_env (); */ - - (void) setlocale (LC_ALL, ""); - (void) bindtextdomain (PACKAGE, LOCALEDIR); diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml deleted file mode 100644 index 68f3ff5a55..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/metadata.xml +++ /dev/null @@ -1,11 +0,0 @@ - - - -base-system - - Enable support for sys-process/audit - When nousuid is enabled only su from the shadow package - will be installed with the setuid bit (mainly for single user - systems) - - diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.1.2.2-r3.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.1.2.2-r3.ebuild deleted file mode 120000 index b8cf9aff3a..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.1.2.2-r3.ebuild +++ /dev/null @@ -1 +0,0 @@ -shadow-4.1.2.2.ebuild \ No newline at end of file diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.1.2.2.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.1.2.2.ebuild deleted file mode 100644 index f2997c5ed2..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/shadow/shadow-4.1.2.2.ebuild +++ /dev/null @@ -1,167 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.2.2.ebuild,v 1.16 2009/08/23 10:45:45 vapier Exp $ - -inherit eutils libtool toolchain-funcs autotools pam multilib - -DESCRIPTION="Utilities to deal with user accounts" -HOMEPAGE="http://shadow.pld.org.pl/ http://pkg-shadow.alioth.debian.org/" -SRC_URI="ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz2" - -LICENSE="BSD GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86" -IUSE="audit cracklib nls pam selinux skey" - -RDEPEND="audit? ( sys-process/audit ) - cracklib? ( >=sys-libs/cracklib-2.7-r3 ) - pam? ( virtual/pam ) - !sys-apps/pam-login - !app-admin/nologin - skey? ( sys-auth/skey ) - selinux? ( >=sys-libs/libselinux-1.28 ) - nls? ( virtual/libintl )" -DEPEND="${RDEPEND} - nls? ( sys-devel/gettext )" -RDEPEND="${RDEPEND} - pam? ( >=sys-auth/pambase-20080219.1 )" - -src_unpack() { - unpack ${A} - cd "${S}" - - epatch "${FILESDIR}"/${PV}/*.patch - - # tweak the default login.defs - epatch "${FILESDIR}"/${PN}-4.0.17-login.defs.patch - sed -i "s:@LIBDIR@:$(get_libdir):" etc/login.defs || die - - # Make user/group names more flexible #3485 / #22920 - epatch "${FILESDIR}"/${PN}-4.0.13-dots-in-usernames.patch - epatch "${FILESDIR}"/${PN}-4.0.13-long-groupnames.patch - - epatch "${FILESDIR}"/${PN}-4.1.2.1+openpam.patch #232586 - epatch "${FILESDIR}"/${P}-l64a.patch #260001 - epatch "${FILESDIR}"/${P}-id-types.patch - epatch "${FILESDIR}"/${P}-optional-nscd.patch - epatch "${FILESDIR}"/${P}-optional-utimes.patch - - eautoconf - eautoheader - - elibtoolize - epunt_cxx -} - -src_compile() { - tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes - econf \ - --enable-shared=no \ - --enable-static=yes \ - $(use_with audit) \ - $(use_with cracklib libcrack) \ - $(use_with pam libpam) \ - $(use_with skey) \ - $(use_with selinux) \ - $(use_enable nls) \ - $(use_with elibc_glibc nscd) \ - || die "bad configure" - emake || die "compile problem" -} - -src_install() { - emake DESTDIR="${D}" suidperms=4711 install || die "install problem" - dosym useradd /usr/sbin/adduser - - # Remove libshadow and libmisc; see bug 37725 and the following - # comment from shadow's README.linux: - # Currently, libshadow.a is for internal use only, so if you see - # -lshadow in a Makefile of some other package, it is safe to - # remove it. - rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la} - - insinto /etc - # Using a securetty with devfs device names added - # (compat names kept for non-devfs compatibility) - insopts -m0600 ; doins "${FILESDIR}"/securetty - if ! use pam ; then - insopts -m0600 - doins etc/login.access etc/limits - fi - # Output arch-specific cruft - case $(tc-arch) in - ppc*) echo "hvc0" >> "${D}"/etc/securetty - echo "hvsi0" >> "${D}"/etc/securetty - echo "ttyPSC0" >> "${D}"/etc/securetty;; - hppa) echo "ttyB0" >> "${D}"/etc/securetty;; - arm) echo "ttyFB0" >> "${D}"/etc/securetty;; - sh) echo "ttySC0" >> "${D}"/etc/securetty - echo "ttySC1" >> "${D}"/etc/securetty;; - esac - - # needed for 'adduser -D' - insinto /etc/default - insopts -m0600 - doins "${FILESDIR}"/default/useradd - - # move passwd to / to help recover broke systems #64441 - mv "${D}"/usr/bin/passwd "${D}"/bin/ - dosym /bin/passwd /usr/bin/passwd - - cd "${S}" - insinto /etc - insopts -m0644 - newins etc/login.defs login.defs - - if use pam ; then - dopamd "${FILESDIR}/pam.d-include/"{su,passwd,shadow} - - newpamd "${FILESDIR}/login.pamd.2" login - - for x in chage chsh chfn chpasswd newusers \ - user{add,del,mod} group{add,del,mod} ; do - newpamd "${FILESDIR}"/pam.d-include/shadow ${x} - done - - # comment out login.defs options that pam hates - sed -i -f "${FILESDIR}"/login_defs_pam.sed \ - "${D}"/etc/login.defs - - # remove manpages that pam will install for us - # and/or don't apply when using pam - find "${D}"/usr/share/man \ - '(' -name 'limits.5*' -o -name 'suauth.5*' ')' \ - -exec rm {} \; - fi - - # Remove manpages that are handled by other packages - find "${D}"/usr/share/man \ - '(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \ - -exec rm {} \; - - cd "${S}" - dodoc ChangeLog NEWS TODO - newdoc README README.download - cd doc - dodoc HOWTO README* WISHLIST *.txt -} - -pkg_preinst() { - rm -f "${ROOT}"/etc/pam.d/system-auth.new \ - "${ROOT}/etc/login.defs.new" - - use pam && pam_epam_expand "${D}"/etc/pam.d/login -} - -pkg_postinst() { - # Enable shadow groups (we need ROOT=/ here, as grpconv only - # operate on / ...). - if [[ ${ROOT} == / && ! -f /etc/gshadow ]] ; then - if grpck -r &>/dev/null; then - grpconv - else - ewarn "Running 'grpck' returned errors. Please run it by hand, and then" - ewarn "run 'grpconv' afterwards!" - fi - fi -}