From 582a322feb28837a9bc07ce3c4f7f964eb728ce6 Mon Sep 17 00:00:00 2001 From: Alberto Mardegan Date: Mon, 14 Mar 2022 12:00:05 +0300 Subject: [PATCH] Jammy changes for LP: #1797786 --- debian/changelog | 9 ++ debian/patches/1010_extrausers.patch | 87 +++++++++++++++----- debian/patches/1015_add_zsys_support.patch | 30 +++---- debian/patches/1016_extrausers_gpasswd.patch | 11 +-- 4 files changed, 89 insertions(+), 48 deletions(-) diff --git a/debian/changelog b/debian/changelog index 1c3ac43..6cb2dbe 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +shadow (1:4.8.1-2ubuntu2) jammy; urgency=medium + + [ Michael Vogt ] + * debian/patches/1010_extrausers.patch: + Add automatic detection of "extrausers" for usermod -G + (LP: #1959375) + + -- Alberto Mardegan Mon, 14 Mar 2022 11:59:13 +0300 + shadow (1:4.8.1-2ubuntu1) jammy; urgency=low * Merge from Debian unstable (LP: #1951161). Remaining changes: diff --git a/debian/patches/1010_extrausers.patch b/debian/patches/1010_extrausers.patch index ebc3840..344e68d 100644 --- a/debian/patches/1010_extrausers.patch +++ b/debian/patches/1010_extrausers.patch @@ -9,11 +9,9 @@ Subject: Add support to passwd for updating libnss-extrausers locations src/usermod.c | 48 +++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 122 insertions(+), 1 deletion(-) -diff --git a/lib/commonio.c b/lib/commonio.c -index 9f6ceca..008691f 100644 --- a/lib/commonio.c +++ b/lib/commonio.c -@@ -419,6 +419,7 @@ int commonio_lock (struct commonio_db *db) +@@ -419,6 +419,7 @@ int i; #ifdef HAVE_LCKPWDF @@ -21,7 +19,7 @@ index 9f6ceca..008691f 100644 /* * Only if the system libc has a real lckpwdf() - the one from * lockpw.c calls us and would cause infinite recursion! -@@ -448,6 +449,7 @@ int commonio_lock (struct commonio_db *db) +@@ -448,6 +449,7 @@ ulckpwdf (); return 0; /* failure */ } @@ -29,11 +27,9 @@ index 9f6ceca..008691f 100644 #endif /* !HAVE_LCKPWDF */ /* -diff --git a/lib/defines.h b/lib/defines.h -index 2fb1b56..ffa8b6a 100644 --- a/lib/defines.h +++ b/lib/defines.h -@@ -316,6 +316,14 @@ char *strchr (), *strrchr (), *strtok (); +@@ -316,6 +316,14 @@ #endif #endif @@ -48,11 +44,9 @@ index 2fb1b56..ffa8b6a 100644 #ifndef NULL #define NULL ((void *) 0) #endif -diff --git a/src/passwd.c b/src/passwd.c -index 13619b1..bfe0aea 100644 --- a/src/passwd.c +++ b/src/passwd.c -@@ -559,8 +559,15 @@ static void update_noshadow (void) +@@ -559,8 +559,15 @@ { const struct passwd *pw; struct passwd *npw; @@ -68,7 +62,7 @@ index 13619b1..bfe0aea 100644 (void) fprintf (stderr, _("%s: cannot lock %s; try again later.\n"), Prog, pw_dbname ()); -@@ -568,6 +575,20 @@ static void update_noshadow (void) +@@ -568,6 +575,20 @@ } pw_locked = true; if (pw_open (O_CREAT | O_RDWR) == 0) { @@ -89,7 +83,7 @@ index 13619b1..bfe0aea 100644 (void) fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); -@@ -576,6 +597,21 @@ static void update_noshadow (void) +@@ -576,6 +597,21 @@ } pw = pw_locate (name); if (NULL == pw) { @@ -111,7 +105,7 @@ index 13619b1..bfe0aea 100644 (void) fprintf (stderr, _("%s: user '%s' does not exist in %s\n"), Prog, name, pw_dbname ()); -@@ -613,8 +649,15 @@ static void update_shadow (void) +@@ -613,8 +649,15 @@ { const struct spwd *sp; struct spwd *nsp; @@ -127,7 +121,7 @@ index 13619b1..bfe0aea 100644 (void) fprintf (stderr, _("%s: cannot lock %s; try again later.\n"), Prog, spw_dbname ()); -@@ -622,6 +665,20 @@ static void update_shadow (void) +@@ -622,6 +665,20 @@ } spw_locked = true; if (spw_open (O_CREAT | O_RDWR) == 0) { @@ -148,7 +142,7 @@ index 13619b1..bfe0aea 100644 (void) fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); -@@ -632,7 +689,9 @@ static void update_shadow (void) +@@ -632,7 +689,9 @@ if (NULL == sp) { /* Try to update the password in /etc/passwd instead. */ (void) spw_close (); @@ -159,7 +153,7 @@ index 13619b1..bfe0aea 100644 if (spw_unlock () == 0) { (void) fprintf (stderr, _("%s: failed to unlock %s\n"), -@@ -641,6 +700,10 @@ static void update_shadow (void) +@@ -641,6 +700,10 @@ /* continue */ } spw_locked = false; @@ -170,11 +164,9 @@ index 13619b1..bfe0aea 100644 return; } nsp = __spw_dup (sp); -diff --git a/src/usermod.c b/src/usermod.c -index 05b9871..fb833e1 100644 --- a/src/usermod.c +++ b/src/usermod.c -@@ -1566,7 +1566,16 @@ static void close_files (void) +@@ -1566,7 +1566,18 @@ */ static void open_files (void) { @@ -185,13 +177,15 @@ index 05b9871..fb833e1 100644 + if (try_extrausers) { + pw_setdbname (EXTRAUSERS_PASSWD_FILE); + spw_setdbname (EXTRAUSERS_SHADOW_FILE); ++ gr_setdbname (EXTRAUSERS_GROUP_FILE); ++ sgr_setdbname (EXTRAUSERS_SHADOWGROUP_FILE); + open_files (); + return; + } fprintf (stderr, _("%s: cannot lock %s; try again later.\n"), Prog, pw_dbname ()); -@@ -1574,12 +1583,29 @@ static void open_files (void) +@@ -1574,12 +1585,29 @@ } pw_locked = true; if (pw_open (O_CREAT | O_RDWR) == 0) { @@ -221,7 +215,7 @@ index 05b9871..fb833e1 100644 fprintf (stderr, _("%s: cannot lock %s; try again later.\n"), Prog, spw_dbname ()); -@@ -1587,6 +1613,17 @@ static void open_files (void) +@@ -1587,6 +1615,17 @@ } spw_locked = true; if (is_shadow_pwd && (spw_open (O_CREAT | O_RDWR) == 0)) { @@ -239,7 +233,56 @@ index 05b9871..fb833e1 100644 fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); -@@ -1675,11 +1712,22 @@ static void usr_update (void) +@@ -1599,6 +1638,14 @@ + * group entries. + */ + if (gr_lock () == 0) { ++ if (try_extrausers) { ++ pw_setdbname (EXTRAUSERS_PASSWD_FILE); ++ spw_setdbname (EXTRAUSERS_SHADOW_FILE); ++ gr_setdbname (EXTRAUSERS_GROUP_FILE); ++ sgr_setdbname (EXTRAUSERS_SHADOWGROUP_FILE); ++ open_files (); ++ return; ++ } + fprintf (stderr, + _("%s: cannot lock %s; try again later.\n"), + Prog, gr_dbname ()); +@@ -1606,6 +1653,16 @@ + } + gr_locked = true; + if (gr_open (O_CREAT | O_RDWR) == 0) { ++ if (try_extrausers) { ++ gr_unlock (); ++ gr_locked = false; ++ pw_setdbname (EXTRAUSERS_PASSWD_FILE); ++ spw_setdbname (EXTRAUSERS_SHADOW_FILE); ++ gr_setdbname (EXTRAUSERS_GROUP_FILE); ++ sgr_setdbname (EXTRAUSERS_SHADOWGROUP_FILE); ++ open_files (); ++ return; ++ } + fprintf (stderr, + _("%s: cannot open %s\n"), + Prog, gr_dbname ()); +@@ -1613,6 +1670,16 @@ + } + #ifdef SHADOWGRP + if (is_shadow_grp && (sgr_lock () == 0)) { ++ if (try_extrausers) { ++ gr_unlock (); ++ gr_locked = false; ++ pw_setdbname (EXTRAUSERS_PASSWD_FILE); ++ spw_setdbname (EXTRAUSERS_SHADOW_FILE); ++ gr_setdbname (EXTRAUSERS_GROUP_FILE); ++ sgr_setdbname (EXTRAUSERS_SHADOWGROUP_FILE); ++ open_files (); ++ return; ++ } + fprintf (stderr, + _("%s: cannot lock %s; try again later.\n"), + Prog, sgr_dbname ()); +@@ -1675,11 +1742,22 @@ struct spwd spent; const struct spwd *spwd = NULL; diff --git a/debian/patches/1015_add_zsys_support.patch b/debian/patches/1015_add_zsys_support.patch index 05010b7..f24374f 100644 --- a/debian/patches/1015_add_zsys_support.patch +++ b/debian/patches/1015_add_zsys_support.patch @@ -17,11 +17,9 @@ Origin: ubuntu src/usermod.c | 36 +++++++++++++++++++++++++++++++++++- 2 files changed, 77 insertions(+), 2 deletions(-) -Index: shadow-4.8.1/src/useradd.c -=================================================================== ---- shadow-4.8.1.orig/src/useradd.c -+++ shadow-4.8.1/src/useradd.c -@@ -2084,6 +2084,13 @@ static void usr_update (void) +--- a/src/useradd.c ++++ b/src/useradd.c +@@ -2084,6 +2084,13 @@ */ static void create_home (void) { @@ -35,7 +33,7 @@ Index: shadow-4.8.1/src/useradd.c if (access (prefix_user_home, F_OK) != 0) { char path[strlen (prefix_user_home) + 2]; char *bhome, *cp; -@@ -2159,6 +2166,7 @@ static void create_home (void) +@@ -2159,6 +2166,7 @@ #endif fail_exit (E_HOMEDIR); } @@ -43,7 +41,7 @@ Index: shadow-4.8.1/src/useradd.c if (chown (path, 0, 0) < 0) { fprintf (stderr, _("%s: warning: chown on `%s' failed: %m\n"), -@@ -2169,6 +2177,47 @@ static void create_home (void) +@@ -2169,6 +2177,47 @@ _("%s: warning: chmod on `%s' failed: %m\n"), Prog, path); } @@ -91,11 +89,9 @@ Index: shadow-4.8.1/src/useradd.c } cp = strtok (NULL, "/"); } -Index: shadow-4.8.1/src/usermod.c -=================================================================== ---- shadow-4.8.1.orig/src/usermod.c -+++ shadow-4.8.1/src/usermod.c -@@ -1819,6 +1819,12 @@ static void usr_update (void) +--- a/src/usermod.c ++++ b/src/usermod.c +@@ -1849,6 +1849,12 @@ static void move_home (void) { struct stat sb; @@ -108,7 +104,7 @@ Index: shadow-4.8.1/src/usermod.c if (access (prefix_user_newhome, F_OK) == 0) { /* -@@ -1853,7 +1859,35 @@ static void move_home (void) +@@ -1883,7 +1889,35 @@ } #endif @@ -145,11 +141,9 @@ Index: shadow-4.8.1/src/usermod.c /* FIXME: rename above may have broken symlinks * pointing to the user's home directory * with an absolute path. */ -Index: shadow-4.8.1/src/userdel.c -=================================================================== ---- shadow-4.8.1.orig/src/userdel.c -+++ shadow-4.8.1/src/userdel.c -@@ -1296,6 +1296,42 @@ int main (int argc, char **argv) +--- a/src/userdel.c ++++ b/src/userdel.c +@@ -1296,6 +1296,42 @@ } #endif /* EXTRA_CHECK_HOME_DIR */ diff --git a/debian/patches/1016_extrausers_gpasswd.patch b/debian/patches/1016_extrausers_gpasswd.patch index 47d8581..6be2e91 100644 --- a/debian/patches/1016_extrausers_gpasswd.patch +++ b/debian/patches/1016_extrausers_gpasswd.patch @@ -7,11 +7,9 @@ Subject: add extrausers flag src/gpasswd.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) -diff --git a/src/gpasswd.c b/src/gpasswd.c -index 4d75af9..e72ae64 100644 --- a/src/gpasswd.c +++ b/src/gpasswd.c -@@ -123,6 +123,10 @@ static void log_gpasswd_success (const char *suffix); +@@ -123,6 +123,10 @@ static void log_gpasswd_success_system (/*@null@*/unused void *arg); static void log_gpasswd_success_group (/*@null@*/unused void *arg); @@ -22,7 +20,7 @@ index 4d75af9..e72ae64 100644 /* * usage - display usage message */ -@@ -141,6 +145,7 @@ static void usage (int status) +@@ -141,6 +145,7 @@ (void) fputs (_(" -r, --remove-password remove the GROUP's password\n"), usageout); (void) fputs (_(" -R, --restrict restrict access to GROUP to its members\n"), usageout); (void) fputs (_(" -M, --members USER,... set the list of members of GROUP\n"), usageout); @@ -30,7 +28,7 @@ index 4d75af9..e72ae64 100644 #ifdef SHADOWGRP (void) fputs (_(" -A, --administrators ADMIN,...\n" " set the list of administrators for GROUP\n"), usageout); -@@ -238,12 +243,19 @@ static void process_flags (int argc, char **argv) +@@ -238,12 +243,19 @@ {"root", required_argument, NULL, 'Q'}, {"remove-password", no_argument, NULL, 'r'}, {"restrict", no_argument, NULL, 'R'}, @@ -50,6 +48,3 @@ index 4d75af9..e72ae64 100644 case 'a': /* add a user */ aflg = true; user = optarg; --- -cgit v1.1 - -- 2.25.1