Add fix from upstream for crash with non-pam/empty user #270213 by Ulrich Müller.

Package-Manager: portage-2.2_rc33/cvs/Linux x86_64
author: Mike Frysinger <vapier@gentoo.org> 2009-05-18 04:36:00 +0000
committer: Mike Frysinger <vapier@gentoo.org> 2009-05-18 04:36:00 +0000
commit: 6e65bfd03b56914eed68383b3da637462e877af1 (patch)
tree: c015de00b46d7d3ae8f3248d199d53a03e59ff3c /sys-apps/shadow
parent: a little broken (diff)
download: historical-6e65bfd03b56914eed68383b3da637462e877af1.tar.gz
historical-6e65bfd03b56914eed68383b3da637462e877af1.tar.bz2
historical-6e65bfd03b56914eed68383b3da637462e877af1.zip
4 files changed, 222 insertions, 6 deletions
diff --git a/sys-apps/shadow/ChangeLog b/sys-apps/shadow/ChangeLog
index 6359657c33a4..e64acb52139a 100644
--- a/sys-apps/shadow/ChangeLog
+++ b/sys-apps/shadow/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for sys-apps/shadow
 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.225 2009/05/11 04:11:48 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/ChangeLog,v 1.226 2009/05/18 04:35:59 vapier Exp $
+
+*shadow-4.1.4-r1 (18 May 2009)
+
+  18 May 2009; Mike Frysinger <vapier@gentoo.org> +shadow-4.1.4-r1.ebuild,
+  +files/shadow-4.1.4-login-non-pam-crash.patch:
+  Add fix from upstream for crash with non-pam/empty user #270213 by Ulrich
+  Müller.
 
 *shadow-4.1.4 (11 May 2009)
 
diff --git a/sys-apps/shadow/Manifest b/sys-apps/shadow/Manifest
index 52e78491309b..2b10f94ecd93 100644
--- a/sys-apps/shadow/Manifest
+++ b/sys-apps/shadow/Manifest
@@ -38,6 +38,7 @@ AUX shadow-4.1.2.2-l64a.patch 308 RMD160 d7d0ab42c8fd3d9a53dd1ce262dfc7b17fa4f31
 AUX shadow-4.1.2.2-optional-nscd.patch 3244 RMD160 f844c6958f4f3830e9d98daa7622c12991918f61 SHA1 91590b754b562c0918b3232cd4f9e4282cf54891 SHA256 18d97094520b9eda248da1449cda5b448d4102dd234cce4af5cabd6190afb652
 AUX shadow-4.1.2.2-optional-utimes.patch 1397 RMD160 ffeceac79a9474fcd4c9064ebac6edddc45b6eeb SHA1 b56a1174a5fa591b04d7b93b44ec2c5f9285dd28 SHA256 28de85f16e6f4c52ea8f67beecd483d9a58adcd3c2234e88da049fccb9aabd93
 AUX shadow-4.1.3-dots-in-usernames.patch 302 RMD160 dcd0fdb1646a16cae1f3da0858257a22addefd17 SHA1 997e007090618713f9f0295ab540a6f2c9489885 SHA256 2299ffaec204d20e00d791bf5b982571c9261a74c7a7b865a9f7cad1cdcb43ba
+AUX shadow-4.1.4-login-non-pam-crash.patch 625 RMD160 4f1894dca08d100f6e09c463a31832a23d2646c7 SHA1 d8f417a95e0b74e53f079a9ce4856e53c7ddb11c SHA256 20b6ff19cbbd2a0b6b30602fc7c050cd0cf01c310a67703764d72f8aabc7006f
 DIST shadow-4.1.2.2.tar.bz2 1697615 RMD160 19b8d3bc37d26d708ecad6a86e6a1f2dcc3c51d3 SHA1 6cbd29104c219ff6776eececb8068f7326d57a45 SHA256 378fbfb0e8bb8c87be239fccd692818871f763206bb7d881744f4fa72dc6b491
 DIST shadow-4.1.3.1.tar.bz2 1700410 RMD160 cf22332343f57793aed431d7329a81f70cbe17f3 SHA1 9cc82ac7d8497b207982c7cdf2288910f38ca7bb SHA256 1f00bbeb2f2a02d17c55468ca3f49190971b3441861f1235ab3092ee7545c8f5
 DIST shadow-4.1.4.tar.bz2 1759262 RMD160 ba2438f0d2395609b748307cfd656304000cc74c SHA1 2f1cd5f9811b33d0b3411e38ac5502d8782c6bf7 SHA256 88ee51f15825439abe3136d1b17ad7ffd9126e8a2e900ac9dd0bffad34f0f413
@@ -45,13 +46,13 @@ DIST shadow_4.0.18.2.orig.tar.gz 2501791 RMD160 f13d5c06bc88eea8d851a8c396110b2e
 EBUILD shadow-4.0.18.2.ebuild 5176 RMD160 a5c96abaee6d2cc8eeb20dbe70be9f2243bf9b4c SHA1 3ff2f36f9eeafa13bb52527800ebbeb4be68dec9 SHA256 1605d308c594d2e56f5136072e4687006cd4ec4eef467cf821583f70e9c288a5
 EBUILD shadow-4.1.2.2.ebuild 4761 RMD160 ae817728540fd62572d2da6046aa93c0c41a16b3 SHA1 1e1f65cd690382959e7702ba28625fa96bb1d518 SHA256 8258e46fff2365b74b52ad47689947f1e3e2817fea4e4f0cacb53dbfa67da7e4
 EBUILD shadow-4.1.3.1.ebuild 5106 RMD160 e142848dd2f42fab8e88ed3302896d0fdeeb160b SHA1 5088ae5cec467229525da979b9c6957bf2483b47 SHA256 fa627f0976f3374c4e0f93dd41825da10d13dc318c8aa5f6a97beae3ea5269dc
-EBUILD shadow-4.1.4.ebuild 5104 RMD160 c064782480ba0bbad5ed98ffd4dbec22a4fc6e45 SHA1 5303421deb01e9c32c04861ca3c4d2956e74416b SHA256 d6a399e131f91bd42c8d75d74606838e02e61c184e79731022f015237343af12
-MISC ChangeLog 38751 RMD160 efafc427e4989d56b4439c90481bef9049a0a2e5 SHA1 1e09edb288e8caea7fa1e90f1ed347b50f74a6a2 SHA256 ee5a386ba765993396b84c9b12537fa78182f3efcd066dbde34df1c29e7198e2
+EBUILD shadow-4.1.4-r1.ebuild 5168 RMD160 0a3db06480ecb1b7ce5aed7c0ca696df4b084d5c SHA1 aa06cdaa07e4bfa62f45b7008255ad9ee81d3dc4 SHA256 fc575bd93bc7114a4894ed1b4c8b1e285cf60b02cd49b8fe1b9d55c66156fa2f
+MISC ChangeLog 38995 RMD160 dd6c54cb396f30a5c42ac90424915f2578749d2a SHA1 05ac915d2c8d10e36856ef20d3c01a88a2eca13d SHA256 e70adc54741f29087e3798c5d66816af9fb0074f7fc701a8caf3a4409f10a10a
 MISC metadata.xml 412 RMD160 8cb1c2ffd3365f4334c78591e9349d394771dfed SHA1 e32195b6f24c7feae2ddfa3c9410a109c1e357f2 SHA256 41b211af54ade1542ce67559eeeb233c9fde4c97e66ef3602ae0f2dc228d7504
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.11 (GNU/Linux)
 
-iEYEARECAAYFAkoHpYoACgkQn/5bYzqsSmEs0wCgu1iZGkQnbc4SRpSPV120kbWw
-3uUAoJHhcEZfPlu4AyA5VnehdtV7llxv
-=L/cl
+iEYEARECAAYFAkoQ5bUACgkQn/5bYzqsSmGaVgCdG02TjRR/ubonVcIry80+XmqC
+nKYAniaYOU7bZDsbX8KPuqrdBgYIao2u
+=kce5
 -----END PGP SIGNATURE-----
diff --git a/sys-apps/shadow/files/shadow-4.1.4-login-non-pam-crash.patch b/sys-apps/shadow/files/shadow-4.1.4-login-non-pam-crash.patch
new file mode 100644
index 000000000000..69ca211da990
--- /dev/null
+++ b/sys-apps/shadow/files/shadow-4.1.4-login-non-pam-crash.patch
@@ -0,0 +1,20 @@
+http://bugs.gentoo.org/270213
+
+From 74c3b8df373aac8fc2a997c83f9d84790bf22a36 Mon Sep 17 00:00:00 2001
+From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
+Date: Sat, 16 May 2009 15:43:13 +0000
+Subject: [PATCH] 	* src/login.c: Fix failure of non PAM enabled versions when an
+ 	empty username is entered after a first prompt.
+
+diff --git a/src/login.c b/src/login.c
+index abf649e..44ef8f8 100644
+--- a/src/login.c
++++ b/src/login.c
+@@ -913,6 +913,7 @@ int main (int argc, char **argv)
+ 		 * anymore. */
+ 		if (NULL != pwd) {
+ 			pw_free (pwd);
++			pwd = NULL;
+ 		}
+ 		if (NULL != spwd) {
+ 			spw_free (spwd);
diff --git a/sys-apps/shadow/shadow-4.1.4-r1.ebuild b/sys-apps/shadow/shadow-4.1.4-r1.ebuild
new file mode 100644
index 000000000000..bfa19c6bd21a
--- /dev/null
+++ b/sys-apps/shadow/shadow-4.1.4-r1.ebuild
@@ -0,0 +1,188 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/shadow/shadow-4.1.4-r1.ebuild,v 1.1 2009/05/18 04:35:59 vapier Exp $
+
+inherit eutils libtool toolchain-funcs pam multilib
+
+DESCRIPTION="Utilities to deal with user accounts"
+HOMEPAGE="http://shadow.pld.org.pl/ http://packages.qa.debian.org/s/shadow.html"
+SRC_URI="ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-${PV}.tar.bz2"
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="audit cracklib nls pam selinux skey"
+
+RDEPEND="audit? ( sys-process/audit )
+	cracklib? ( >=sys-libs/cracklib-2.7-r3 )
+	pam? ( virtual/pam )
+	!sys-apps/pam-login
+	!app-admin/nologin
+	skey? ( sys-auth/skey )
+	selinux? ( >=sys-libs/libselinux-1.28 )
+	nls? ( virtual/libintl )"
+DEPEND="${RDEPEND}
+	nls? ( sys-devel/gettext )"
+RDEPEND="${RDEPEND}
+	pam? ( >=sys-auth/pambase-20080219.1 )"
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	epatch "${FILESDIR}"/${PN}-4.1.3-dots-in-usernames.patch #22920
+	epatch "${FILESDIR}"/${P}-login-non-pam-crash.patch #270213
+	elibtoolize
+	epunt_cxx
+}
+
+src_compile() {
+	tc-is-cross-compiler && export ac_cv_func_setpgrp_void=yes
+	econf \
+		--without-group-name-max-length \
+		--enable-shared=no \
+		--enable-static=yes \
+		$(use_with audit) \
+		$(use_with cracklib libcrack) \
+		$(use_with pam libpam) \
+		$(use_with skey) \
+		$(use_with selinux) \
+		$(use_enable nls) \
+		$(use_with elibc_glibc nscd)
+	emake || die "compile problem"
+}
+
+set_login_opt() {
+	local comment="" opt=$1 val=$2
+	[[ -z ${val} ]] && comment="#"
+	sed -i -r \
+		-e "/^#?${opt}/s:.*:${comment}${opt} ${val}:" \
+		"${D}"/etc/login.defs
+	local res=$(grep "^${comment}${opt}" "${D}"/etc/login.defs)
+	einfo ${res:-Unable to find ${opt} in /etc/login.defs}
+}
+
+src_install() {
+	emake DESTDIR="${D}" suidperms=4711 install || die "install problem"
+	dosym useradd /usr/sbin/adduser
+
+	# Remove libshadow and libmisc; see bug 37725 and the following
+	# comment from shadow's README.linux:
+	#   Currently, libshadow.a is for internal use only, so if you see
+	#   -lshadow in a Makefile of some other package, it is safe to
+	#   remove it.
+	rm -f "${D}"/{,usr/}$(get_libdir)/lib{misc,shadow}.{a,la}
+
+	insinto /etc
+	# Using a securetty with devfs device names added
+	# (compat names kept for non-devfs compatibility)
+	insopts -m0600 ; doins "${FILESDIR}"/securetty
+	if ! use pam ; then
+		insopts -m0600
+		doins etc/login.access etc/limits
+	fi
+	# Output arch-specific cruft
+	case $(tc-arch) in
+		ppc*)  echo "hvc0" >> "${D}"/etc/securetty
+			   echo "hvsi0" >> "${D}"/etc/securetty
+			   echo "ttyPSC0" >> "${D}"/etc/securetty;;
+		hppa)  echo "ttyB0" >> "${D}"/etc/securetty;;
+		arm)   echo "ttyFB0" >> "${D}"/etc/securetty;;
+		sh)    echo "ttySC0" >> "${D}"/etc/securetty
+			   echo "ttySC1" >> "${D}"/etc/securetty;;
+	esac
+
+	# needed for 'adduser -D'
+	insinto /etc/default
+	insopts -m0600
+	doins "${FILESDIR}"/default/useradd
+
+	# move passwd to / to help recover broke systems #64441
+	mv "${D}"/usr/bin/passwd "${D}"/bin/
+	dosym /bin/passwd /usr/bin/passwd
+
+	cd "${S}"
+	insinto /etc
+	insopts -m0644
+	newins etc/login.defs login.defs
+
+	if ! use pam ; then
+		set_login_opt MAIL_CHECK_ENAB no
+		set_login_opt SU_WHEEL_ONLY yes
+		set_login_opt CRACKLIB_DICTPATH /usr/$(get_libdir)/cracklib_dict
+		set_login_opt LOGIN_RETRIES 3
+		set_login_opt ENCRYPT_METHOD SHA512
+	else
+		dopamd "${FILESDIR}/pam.d-include/"{su,passwd,shadow}
+
+		newpamd "${FILESDIR}/login.pamd.2" login
+
+		for x in chage chsh chfn chpasswd newusers \
+				 user{add,del,mod} group{add,del,mod} ; do
+			newpamd "${FILESDIR}"/pam.d-include/shadow ${x}
+		done
+
+		# comment out login.defs options that pam hates
+		local opt
+		for opt in \
+			CHFN_AUTH \
+			CRACKLIB_DICTPATH \
+			ENV_HZ \
+			ENVIRON_FILE \
+			FAILLOG_ENAB \
+			FTMP_FILE \
+			LASTLOG_ENAB \
+			MAIL_CHECK_ENAB \
+			MOTD_FILE \
+			NOLOGINS_FILE \
+			OBSCURE_CHECKS_ENAB \
+			PASS_ALWAYS_WARN \
+			PASS_CHANGE_TRIES \
+			PASS_MIN_LEN \
+			PORTTIME_CHECKS_ENAB \
+			QUOTAS_ENAB \
+			SU_WHEEL_ONLY
+		do
+			set_login_opt ${opt}
+		done
+
+		sed -i -f "${FILESDIR}"/login_defs_pam.sed \
+			"${D}"/etc/login.defs
+
+		# remove manpages that pam will install for us
+		# and/or don't apply when using pam
+		find "${D}"/usr/share/man \
+			'(' -name 'limits.5*' -o -name 'suauth.5*' ')' \
+			-exec rm {} \;
+	fi
+
+	# Remove manpages that are handled by other packages
+	find "${D}"/usr/share/man \
+		'(' -name id.1 -o -name passwd.5 -o -name getspnam.3 ')' \
+		-exec rm {} \;
+
+	cd "${S}"
+	dodoc ChangeLog NEWS TODO
+	newdoc README README.download
+	cd doc
+	dodoc HOWTO README* WISHLIST *.txt
+}
+
+pkg_preinst() {
+	rm -f "${ROOT}"/etc/pam.d/system-auth.new \
+		"${ROOT}/etc/login.defs.new"
+
+	use pam && pam_epam_expand "${D}"/etc/pam.d/login
+}
+
+pkg_postinst() {
+	# Enable shadow groups (we need ROOT=/ here, as grpconv only
+	# operate on / ...).
+	if [[ ${ROOT} == / && ! -f /etc/gshadow ]] ; then
+		if grpck -r 2>/dev/null ; then
+			grpconv
+		else
+			ewarn "Running 'grpck' returned errors.  Please run it by hand, and then"
+			ewarn "run 'grpconv' afterwards!"
+		fi
+	fi
+}
author	Mike Frysinger <vapier@gentoo.org>	2009-05-18 04:36:00 +0000
committer	Mike Frysinger <vapier@gentoo.org>	2009-05-18 04:36:00 +0000
commit	6e65bfd03b56914eed68383b3da637462e877af1 (patch)
tree	c015de00b46d7d3ae8f3248d199d53a03e59ff3c /sys-apps/shadow
parent	a little broken (diff)
download	historical-6e65bfd03b56914eed68383b3da637462e877af1.tar.gz historical-6e65bfd03b56914eed68383b3da637462e877af1.tar.bz2 historical-6e65bfd03b56914eed68383b3da637462e877af1.zip