--- /dev/null
+diff -Nur shadow-4.1.4.2_orig/libmisc/chkname.c shadow-4.1.4.2/libmisc/chkname.c
+--- shadow-4.1.4.2_orig/libmisc/chkname.c 2009-04-28 19:14:04.000000000 +0000
++++ shadow-4.1.4.2/libmisc/chkname.c 2009-08-03 18:47:59.000000000 +0000
+@@ -49,21 +49,29 @@
+ static bool is_valid_name (const char *name)
+ {
+ /*
+- * User/group names must match [a-z_][a-z0-9_-]*[$]
+- */
+- if (('\0' == *name) ||
+- !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
++ * User/group names must match gnu e-regex:
++ * [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
++ *
++ * as a non-POSIX, extension, allow "$" as the last char for
++ * sake of Samba 3.x "add machine script"
++ */
++ if ( ('\0' == *name) ||
++ !((*name >= 'a' && *name <= 'z') ||
++ (*name >= 'A' && *name <= 'Z') ||
++ (*name >= '0' && *name <= '9') ||
++ (*name == '_') || (*name == '.')
++ )) {
+ return false;
+ }
+
+ while ('\0' != *++name) {
+- if (!(( ('a' <= *name) && ('z' >= *name) ) ||
+- ( ('0' <= *name) && ('9' >= *name) ) ||
+- ('_' == *name) ||
+- ('-' == *name) ||
+- ( ('$' == *name) && ('\0' == *(name + 1)) )
+- )) {
+- return false;
++ if (!( (*name >= 'a' && *name <= 'z') ||
++ (*name >= 'A' && *name <= 'Z') ||
++ (*name >= '0' && *name <= '9') ||
++ (*name == '_') || (*name == '.') || (*name == '-') ||
++ (*name == '$' && *(name + 1) == '\0')
++ )) {
++ return false;
+ }
+ }
+
+diff -Nur shadow-4.1.4.2_orig/man/groupadd.8 shadow-4.1.4.2/man/groupadd.8
+--- shadow-4.1.4.2_orig/man/groupadd.8 2009-07-24 01:16:24.000000000 +0000
++++ shadow-4.1.4.2/man/groupadd.8 2009-08-03 18:51:10.000000000 +0000
+@@ -153,9 +153,7 @@
+ .RE
+ .SH "CAVEATS"
+ .PP
+-Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
+-.PP
+-Groupnames may only be up to 16 characters long\&.
++Groupnames may only be up to 32 characters long\&.
+ .PP
+ You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&.
+ .PP
+diff -Nur shadow-4.1.4.2_orig/man/useradd.8 shadow-4.1.4.2/man/useradd.8
+--- shadow-4.1.4.2_orig/man/useradd.8 2009-07-24 01:16:44.000000000 +0000
++++ shadow-4.1.4.2/man/useradd.8 2009-08-03 18:51:52.000000000 +0000
+@@ -405,8 +405,6 @@
+ \fBuseradd\fR
+ will deny the user account creation request\&.
+ .PP
+-Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
+-.PP
+ Usernames may only be up to 32 characters long\&.
+ .SH "CONFIGURATION"
+ .PP
--- /dev/null
+diff -Nur shadow-4.1.4.2_orig/libmisc/find_new_gid.c shadow-4.1.4.2/libmisc/find_new_gid.c
+--- shadow-4.1.4.2_orig/libmisc/find_new_gid.c 2009-07-17 23:53:42.000000000 +0000
++++ shadow-4.1.4.2/libmisc/find_new_gid.c 2009-08-03 18:16:37.000000000 +0000
+@@ -58,11 +58,11 @@
+ assert (gid != NULL);
+
+ if (!sys_group) {
+- gid_min = (gid_t) getdef_ulong ("GID_MIN", 1000UL);
++ gid_min = (gid_t) getdef_ulong ("GID_MIN", 500UL);
+ gid_max = (gid_t) getdef_ulong ("GID_MAX", 60000UL);
+ } else {
+ gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL);
+- gid_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1;
++ gid_max = (gid_t) getdef_ulong ("GID_MIN", 500UL) - 1;
+ gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max);
+ }
+ used_gids = alloca (sizeof (bool) * (gid_max +1));
+diff -Nur shadow-4.1.4.2_orig/libmisc/find_new_uid.c shadow-4.1.4.2/libmisc/find_new_uid.c
+--- shadow-4.1.4.2_orig/libmisc/find_new_uid.c 2009-07-17 23:53:43.000000000 +0000
++++ shadow-4.1.4.2/libmisc/find_new_uid.c 2009-08-03 18:17:20.000000000 +0000
+@@ -58,11 +58,11 @@
+ assert (uid != NULL);
+
+ if (!sys_user) {
+- uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
++ uid_min = (uid_t) getdef_ulong ("UID_MIN", 500UL);
+ uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
+ } else {
+ uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL);
+- uid_max = (uid_t) getdef_ulong ("UID_MIN", 1000UL) - 1;
++ uid_max = (uid_t) getdef_ulong ("UID_MIN", 500UL) - 1;
+ uid_max = (uid_t) getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max);
+ }
+ used_uids = alloca (sizeof (bool) * (uid_max +1));
+diff -Nur shadow-4.1.4.2_orig/src/useradd.c shadow-4.1.4.2/src/useradd.c
+--- shadow-4.1.4.2_orig/src/useradd.c 2009-06-05 22:16:58.000000000 +0000
++++ shadow-4.1.4.2/src/useradd.c 2009-08-03 18:26:31.000000000 +0000
+@@ -90,7 +90,7 @@
+ static gid_t def_group = 100;
+ static const char *def_gname = "other";
+ static const char *def_home = "/home";
+-static const char *def_shell = "";
++static const char *def_shell = "/sbin/nologin";
+ static const char *def_template = SKEL_DIR;
+ static const char *def_create_mail_spool = "no";
+
+@@ -102,7 +102,7 @@
+ #define VALID(s) (strcspn (s, ":\n") == strlen (s))
+
+ static const char *user_name = "";
+-static const char *user_pass = "!";
++static const char *user_pass = "!!";
+ static uid_t user_id;
+ static gid_t user_gid;
+ static const char *user_comment = "";
+@@ -989,9 +989,9 @@
+ };
+ while ((c = getopt_long (argc, argv,
+ #ifdef WITH_SELINUX
+- "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:UZ:",
++ "b:c:d:De:f:g:G:k:K:lmMnNop:rs:u:UZ:",
+ #else
+- "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:U",
++ "b:c:d:De:f:g:G:k:K:lmMnNop:rs:u:U",
+ #endif
+ long_options, NULL)) != -1) {
+ switch (c) {
+@@ -1141,6 +1141,7 @@
+ case 'M':
+ Mflg = true;
+ break;
++ case 'n':
+ case 'N':
+ Nflg = true;
+ break;
projects / ipfire-3.x.git / commitdiff
