From: Michael Tremer <michael.tremer@ipfire.org>
Date: Sun, 7 Feb 2010 14:54:52 +0000 (+0100)
Subject: shadow: Copy patch files into repository.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f844903021ecd9cf4de2c6e76176224d1740b65a;p=ipfire-3.x.git

shadow: Copy patch files into repository.
---

diff --git a/pkgs/core/shadow/patches/shadow-4.1.4.2-goodname.patch b/pkgs/core/shadow/patches/shadow-4.1.4.2-goodname.patch
new file mode 100644
index 000000000..45e3814a4
--- /dev/null
+++ b/pkgs/core/shadow/patches/shadow-4.1.4.2-goodname.patch
@@ -0,0 +1,70 @@
+diff -Nur shadow-4.1.4.2_orig/libmisc/chkname.c shadow-4.1.4.2/libmisc/chkname.c
+--- shadow-4.1.4.2_orig/libmisc/chkname.c	2009-04-28 19:14:04.000000000 +0000
++++ shadow-4.1.4.2/libmisc/chkname.c	2009-08-03 18:47:59.000000000 +0000
+@@ -49,21 +49,29 @@
+ static bool is_valid_name (const char *name)
+ {
+ 	/*
+-	 * User/group names must match [a-z_][a-z0-9_-]*[$]
+-	 */
+-	if (('\0' == *name) ||
+-	    !((('a' <= *name) && ('z' >= *name)) || ('_' == *name))) {
++	* User/group names must match gnu e-regex:
++	*    [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
++	*
++	* as a non-POSIX, extension, allow "$" as the last char for
++	* sake of Samba 3.x "add machine script"
++	*/
++	if ( ('\0' == *name) ||
++		!((*name >= 'a' && *name <= 'z') ||
++		  (*name >= 'A' && *name <= 'Z') ||
++		  (*name >= '0' && *name <= '9') ||
++		  (*name == '_') || (*name == '.') 
++	)) {
+ 		return false;
+ 	}
+ 
+ 	while ('\0' != *++name) {
+-		if (!(( ('a' <= *name) && ('z' >= *name) ) ||
+-		      ( ('0' <= *name) && ('9' >= *name) ) ||
+-		      ('_' == *name) ||
+-		      ('-' == *name) ||
+-		      ( ('$' == *name) && ('\0' == *(name + 1)) )
+-		     )) {
+-			return false;
++		if (!(  (*name >= 'a' && *name <= 'z') ||
++			(*name >= 'A' && *name <= 'Z') ||
++			(*name >= '0' && *name <= '9') ||
++			(*name == '_') || (*name == '.') || (*name == '-') ||
++			(*name == '$' && *(name + 1) == '\0') 
++		)) {
++		return false;
+ 		}
+ 	}
+ 
+diff -Nur shadow-4.1.4.2_orig/man/groupadd.8 shadow-4.1.4.2/man/groupadd.8
+--- shadow-4.1.4.2_orig/man/groupadd.8	2009-07-24 01:16:24.000000000 +0000
++++ shadow-4.1.4.2/man/groupadd.8	2009-08-03 18:51:10.000000000 +0000
+@@ -153,9 +153,7 @@
+ .RE
+ .SH "CAVEATS"
+ .PP
+-Groupnames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
+-.PP
+-Groupnames may only be up to 16 characters long\&.
++Groupnames may only be up to 32 characters long\&.
+ .PP
+ You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&.
+ .PP
+diff -Nur shadow-4.1.4.2_orig/man/useradd.8 shadow-4.1.4.2/man/useradd.8
+--- shadow-4.1.4.2_orig/man/useradd.8	2009-07-24 01:16:44.000000000 +0000
++++ shadow-4.1.4.2/man/useradd.8	2009-08-03 18:51:52.000000000 +0000
+@@ -405,8 +405,6 @@
+ \fBuseradd\fR
+ will deny the user account creation request\&.
+ .PP
+-Usernames must start with a lower case letter or an underscore, followed by lower case letters, digits, underscores, or dashes\&. They can end with a dollar sign\&. In regular expression terms: [a\-z_][a\-z0\-9_\-]*[$]?
+-.PP
+ Usernames may only be up to 32 characters long\&.
+ .SH "CONFIGURATION"
+ .PP
diff --git a/pkgs/core/shadow/patches/shadow-4.1.4.2-ipfire.patch b/pkgs/core/shadow/patches/shadow-4.1.4.2-ipfire.patch
new file mode 100644
index 000000000..e15eeb219
--- /dev/null
+++ b/pkgs/core/shadow/patches/shadow-4.1.4.2-ipfire.patch
@@ -0,0 +1,75 @@
+diff -Nur shadow-4.1.4.2_orig/libmisc/find_new_gid.c shadow-4.1.4.2/libmisc/find_new_gid.c
+--- shadow-4.1.4.2_orig/libmisc/find_new_gid.c	2009-07-17 23:53:42.000000000 +0000
++++ shadow-4.1.4.2/libmisc/find_new_gid.c	2009-08-03 18:16:37.000000000 +0000
+@@ -58,11 +58,11 @@
+ 	assert (gid != NULL);
+ 
+ 	if (!sys_group) {
+-		gid_min = (gid_t) getdef_ulong ("GID_MIN", 1000UL);
++		gid_min = (gid_t) getdef_ulong ("GID_MIN", 500UL);
+ 		gid_max = (gid_t) getdef_ulong ("GID_MAX", 60000UL);
+ 	} else {
+ 		gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL);
+-		gid_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1;
++		gid_max = (gid_t) getdef_ulong ("GID_MIN", 500UL) - 1;
+ 		gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max);
+ 	}
+ 	used_gids = alloca (sizeof (bool) * (gid_max +1));
+diff -Nur shadow-4.1.4.2_orig/libmisc/find_new_uid.c shadow-4.1.4.2/libmisc/find_new_uid.c
+--- shadow-4.1.4.2_orig/libmisc/find_new_uid.c	2009-07-17 23:53:43.000000000 +0000
++++ shadow-4.1.4.2/libmisc/find_new_uid.c	2009-08-03 18:17:20.000000000 +0000
+@@ -58,11 +58,11 @@
+ 	assert (uid != NULL);
+ 
+ 	if (!sys_user) {
+-		uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
++		uid_min = (uid_t) getdef_ulong ("UID_MIN", 500UL);
+ 		uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
+ 	} else {
+ 		uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL);
+-		uid_max = (uid_t) getdef_ulong ("UID_MIN", 1000UL) - 1;
++		uid_max = (uid_t) getdef_ulong ("UID_MIN", 500UL) - 1;
+ 		uid_max = (uid_t) getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max);
+ 	}
+ 	used_uids = alloca (sizeof (bool) * (uid_max +1));
+diff -Nur shadow-4.1.4.2_orig/src/useradd.c shadow-4.1.4.2/src/useradd.c
+--- shadow-4.1.4.2_orig/src/useradd.c	2009-06-05 22:16:58.000000000 +0000
++++ shadow-4.1.4.2/src/useradd.c	2009-08-03 18:26:31.000000000 +0000
+@@ -90,7 +90,7 @@
+ static gid_t def_group = 100;
+ static const char *def_gname = "other";
+ static const char *def_home = "/home";
+-static const char *def_shell = "";
++static const char *def_shell = "/sbin/nologin";
+ static const char *def_template = SKEL_DIR;
+ static const char *def_create_mail_spool = "no";
+ 
+@@ -102,7 +102,7 @@
+ #define	VALID(s)	(strcspn (s, ":\n") == strlen (s))
+ 
+ static const char *user_name = "";
+-static const char *user_pass = "!";
++static const char *user_pass = "!!";
+ static uid_t user_id;
+ static gid_t user_gid;
+ static const char *user_comment = "";
+@@ -989,9 +989,9 @@
+ 		};
+ 		while ((c = getopt_long (argc, argv,
+ #ifdef WITH_SELINUX
+-		                         "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:UZ:",
++		                         "b:c:d:De:f:g:G:k:K:lmMnNop:rs:u:UZ:",
+ #else
+-		                         "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:U",
++		                         "b:c:d:De:f:g:G:k:K:lmMnNop:rs:u:U",
+ #endif
+ 		                         long_options, NULL)) != -1) {
+ 			switch (c) {
+@@ -1141,6 +1141,7 @@
+ 			case 'M':
+ 				Mflg = true;
+ 				break;
++			case 'n':
+ 			case 'N':
+ 				Nflg = true;
+ 				break;
diff --git a/pkgs/core/shadow/shadow.nm b/pkgs/core/shadow/shadow.nm
index a559a8604..a129cc82a 100644
--- a/pkgs/core/shadow/shadow.nm
+++ b/pkgs/core/shadow/shadow.nm
@@ -42,12 +42,6 @@ endef
 
 PKG_TARBALL    = $(THISAPP).tar.bz2
 
-# Modification of the user and shell permissions
-PKG_PATCHES   += $(THISAPP)-ipfire.patch
-
-# Username check for umlauts
-PKG_PATCHES   += $(THISAPP)-goodname.patch
-
 CONFIGURE_OPTIONS += \
 	--sysconfdir=/etc \
 	--enable-shadowgrp \