From 6daa56bee82413cc131775fbffa7a8891950c3c7 Mon Sep 17 00:00:00 2001 From: Alberto Mardegan Date: Mon, 14 Mar 2022 13:50:21 +0300 Subject: [PATCH] Bionic patch for LP: #1959375 --- debian/changelog | 9 +++ debian/patches/1010_extrausers.patch | 59 +++++++++++++++++-- debian/patches/1012_extrausers_chfn.patch | 14 ++--- debian/patches/1013_extrausers_deluser.patch | 16 +++-- debian/patches/1014_extrausers_delgroup.patch | 16 +++-- debian/patches/2000_fix-su-pam-env-handling | 6 +- debian/patches/CVE-2018-7169.patch | 10 ++-- 7 files changed, 92 insertions(+), 38 deletions(-) diff --git a/debian/changelog b/debian/changelog index c257a47..18aaaa8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +shadow (1:4.5-1ubuntu2.3) bionic; urgency=medium + + [ Michael Vogt ] + * debian/patches/1010_extrausers.patch: + Add automatic detection of "extrausers" for usermod -G + (LP: #1959375) + + -- Alberto Mardegan Mon, 14 Mar 2022 13:49:40 +0300 + shadow (1:4.5-1ubuntu2.2) bionic-security; urgency=medium * SECURITY UPDATE: Access to privileged information diff --git a/debian/patches/1010_extrausers.patch b/debian/patches/1010_extrausers.patch index 5eb0a41..936d8fa 100644 --- a/debian/patches/1010_extrausers.patch +++ b/debian/patches/1010_extrausers.patch @@ -170,7 +170,7 @@ Author: Michael Terry static void dec_lock_count (void) --- a/src/usermod.c +++ b/src/usermod.c -@@ -1525,7 +1525,16 @@ +@@ -1525,7 +1525,18 @@ */ static void open_files (void) { @@ -181,13 +181,15 @@ Author: Michael Terry + if (try_extrausers) { + pw_setdbname (EXTRAUSERS_PASSWD_FILE); + spw_setdbname (EXTRAUSERS_SHADOW_FILE); ++ gr_setdbname (EXTRAUSERS_GROUP_FILE); ++ sgr_setdbname (EXTRAUSERS_SHADOWGROUP_FILE); + open_files (); + return; + } fprintf (stderr, _("%s: cannot lock %s; try again later.\n"), Prog, pw_dbname ()); -@@ -1533,12 +1542,29 @@ +@@ -1533,12 +1544,29 @@ } pw_locked = true; if (pw_open (O_CREAT | O_RDWR) == 0) { @@ -217,7 +219,7 @@ Author: Michael Terry fprintf (stderr, _("%s: cannot lock %s; try again later.\n"), Prog, spw_dbname ()); -@@ -1546,6 +1572,17 @@ +@@ -1546,6 +1574,17 @@ } spw_locked = true; if (is_shadow_pwd && (spw_open (O_CREAT | O_RDWR) == 0)) { @@ -235,7 +237,56 @@ Author: Michael Terry fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); -@@ -1634,11 +1671,22 @@ +@@ -1558,6 +1597,14 @@ + * group entries. + */ + if (gr_lock () == 0) { ++ if (try_extrausers) { ++ pw_setdbname (EXTRAUSERS_PASSWD_FILE); ++ spw_setdbname (EXTRAUSERS_SHADOW_FILE); ++ gr_setdbname (EXTRAUSERS_GROUP_FILE); ++ sgr_setdbname (EXTRAUSERS_SHADOWGROUP_FILE); ++ open_files (); ++ return; ++ } + fprintf (stderr, + _("%s: cannot lock %s; try again later.\n"), + Prog, gr_dbname ()); +@@ -1565,6 +1612,16 @@ + } + gr_locked = true; + if (gr_open (O_CREAT | O_RDWR) == 0) { ++ if (try_extrausers) { ++ gr_unlock (); ++ gr_locked = false; ++ pw_setdbname (EXTRAUSERS_PASSWD_FILE); ++ spw_setdbname (EXTRAUSERS_SHADOW_FILE); ++ gr_setdbname (EXTRAUSERS_GROUP_FILE); ++ sgr_setdbname (EXTRAUSERS_SHADOWGROUP_FILE); ++ open_files (); ++ return; ++ } + fprintf (stderr, + _("%s: cannot open %s\n"), + Prog, gr_dbname ()); +@@ -1572,6 +1629,16 @@ + } + #ifdef SHADOWGRP + if (is_shadow_grp && (sgr_lock () == 0)) { ++ if (try_extrausers) { ++ gr_unlock (); ++ gr_locked = false; ++ pw_setdbname (EXTRAUSERS_PASSWD_FILE); ++ spw_setdbname (EXTRAUSERS_SHADOW_FILE); ++ gr_setdbname (EXTRAUSERS_GROUP_FILE); ++ sgr_setdbname (EXTRAUSERS_SHADOWGROUP_FILE); ++ open_files (); ++ return; ++ } + fprintf (stderr, + _("%s: cannot lock %s; try again later.\n"), + Prog, sgr_dbname ()); +@@ -1634,11 +1701,22 @@ struct spwd spent; const struct spwd *spwd = NULL; diff --git a/debian/patches/1012_extrausers_chfn.patch b/debian/patches/1012_extrausers_chfn.patch index f6f614b..2be0aeb 100644 --- a/debian/patches/1012_extrausers_chfn.patch +++ b/debian/patches/1012_extrausers_chfn.patch @@ -3,9 +3,9 @@ Description: add support for --extrausers for chfn Author: Michael Vogt Bug-Ubuntu: https://bugs.launchpad.net/bugs/1495580 ---- shadow-4.2.orig/src/chfn.c -+++ shadow-4.2/src/chfn.c -@@ -74,6 +74,11 @@ static bool hflg = false; /* -h - set h +--- a/src/chfn.c ++++ b/src/chfn.c +@@ -74,6 +74,11 @@ static bool oflg = false; /* -o - set other information */ static bool pw_locked = false; @@ -17,7 +17,7 @@ Bug-Ubuntu: https://bugs.launchpad.net/bugs/1495580 /* * External identifiers */ -@@ -126,6 +131,7 @@ static /*@noreturn@*/void usage (int sta +@@ -126,6 +131,7 @@ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); (void) fputs (_(" -u, --help display this help message and exit\n"), usageout); (void) fputs (_(" -w, --work-phone WORK_PHONE change user's office phone number\n"), usageout); @@ -25,7 +25,7 @@ Bug-Ubuntu: https://bugs.launchpad.net/bugs/1495580 (void) fputs ("\n", usageout); exit (status); } -@@ -276,6 +282,7 @@ static void process_flags (int argc, cha +@@ -276,6 +282,7 @@ {"root", required_argument, NULL, 'R'}, {"help", no_argument, NULL, 'u'}, {"work-phone", required_argument, NULL, 'w'}, @@ -33,7 +33,7 @@ Bug-Ubuntu: https://bugs.launchpad.net/bugs/1495580 {NULL, 0, NULL, '\0'} }; -@@ -289,6 +296,9 @@ static void process_flags (int argc, cha +@@ -289,6 +296,9 @@ while ((c = getopt_long (argc, argv, "f:h:o:r:R:uw:", long_options, NULL)) != -1) { switch (c) { @@ -43,7 +43,7 @@ Bug-Ubuntu: https://bugs.launchpad.net/bugs/1495580 case 'f': if (!may_change_field ('f')) { fprintf (stderr, -@@ -657,6 +667,18 @@ int main (int argc, char **argv) +@@ -657,6 +667,18 @@ /* parse the command line options */ process_flags (argc, argv); diff --git a/debian/patches/1013_extrausers_deluser.patch b/debian/patches/1013_extrausers_deluser.patch index 9b066f0..6687db0 100644 --- a/debian/patches/1013_extrausers_deluser.patch +++ b/debian/patches/1013_extrausers_deluser.patch @@ -1,8 +1,6 @@ -Index: shadow-4.5/src/userdel.c -=================================================================== ---- shadow-4.5.orig/src/userdel.c -+++ shadow-4.5/src/userdel.c -@@ -132,6 +132,12 @@ static int remove_mailbox (void); +--- a/src/userdel.c ++++ b/src/userdel.c +@@ -132,6 +132,12 @@ static int remove_tcbdir (const char *user_name, uid_t user_id); #endif /* WITH_TCB */ @@ -15,7 +13,7 @@ Index: shadow-4.5/src/userdel.c /* * usage - display usage message and exit */ -@@ -149,6 +155,7 @@ static void usage (int status) +@@ -149,6 +155,7 @@ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); (void) fputs (_(" -r, --remove remove home directory and mail spool\n"), usageout); (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); @@ -23,7 +21,7 @@ Index: shadow-4.5/src/userdel.c #ifdef WITH_SELINUX (void) fputs (_(" -Z, --selinux-user remove any SELinux user mapping for the user\n"), usageout); #endif /* WITH_SELINUX */ -@@ -1006,6 +1013,7 @@ int main (int argc, char **argv) +@@ -1006,6 +1013,7 @@ {"help", no_argument, NULL, 'h'}, {"remove", no_argument, NULL, 'r'}, {"root", required_argument, NULL, 'R'}, @@ -31,7 +29,7 @@ Index: shadow-4.5/src/userdel.c #ifdef WITH_SELINUX {"selinux-user", no_argument, NULL, 'Z'}, #endif /* WITH_SELINUX */ -@@ -1019,6 +1027,9 @@ int main (int argc, char **argv) +@@ -1019,6 +1027,9 @@ #endif /* !WITH_SELINUX */ long_options, NULL)) != -1) { switch (c) { @@ -41,7 +39,7 @@ Index: shadow-4.5/src/userdel.c case 'f': /* force remove even if not owned by user */ fflg = true; break; -@@ -1162,6 +1173,18 @@ int main (int argc, char **argv) +@@ -1162,6 +1173,18 @@ } } diff --git a/debian/patches/1014_extrausers_delgroup.patch b/debian/patches/1014_extrausers_delgroup.patch index f96d1d0..5b6e5c5 100644 --- a/debian/patches/1014_extrausers_delgroup.patch +++ b/debian/patches/1014_extrausers_delgroup.patch @@ -1,8 +1,6 @@ -Index: shadow-4.5/src/groupdel.c -=================================================================== ---- shadow-4.5.orig/src/groupdel.c -+++ shadow-4.5/src/groupdel.c -@@ -84,6 +84,12 @@ static void open_files (void); +--- a/src/groupdel.c ++++ b/src/groupdel.c +@@ -84,6 +84,12 @@ static void group_busy (gid_t gid); static void process_flags (int argc, char **argv); @@ -15,7 +13,7 @@ Index: shadow-4.5/src/groupdel.c /* * usage - display usage message and exit */ -@@ -98,6 +104,7 @@ static /*@noreturn@*/void usage (int sta +@@ -98,6 +104,7 @@ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); (void) fputs (_(" -f, --force delete group even if it is the primary group of a user\n"), usageout); @@ -23,7 +21,7 @@ Index: shadow-4.5/src/groupdel.c (void) fputs ("\n", usageout); exit (status); } -@@ -320,6 +327,7 @@ static void process_flags (int argc, cha +@@ -320,6 +327,7 @@ static struct option long_options[] = { {"help", no_argument, NULL, 'h'}, {"root", required_argument, NULL, 'R'}, @@ -31,7 +29,7 @@ Index: shadow-4.5/src/groupdel.c {NULL, 0, NULL, '\0'} }; -@@ -334,6 +342,9 @@ static void process_flags (int argc, cha +@@ -334,6 +342,9 @@ case 'f': check_group_busy = false; break; @@ -41,7 +39,7 @@ Index: shadow-4.5/src/groupdel.c default: usage (E_USAGE); } -@@ -474,6 +485,18 @@ int main (int argc, char **argv) +@@ -474,6 +485,18 @@ group_busy (group_id); } diff --git a/debian/patches/2000_fix-su-pam-env-handling b/debian/patches/2000_fix-su-pam-env-handling index 42f20b0..3021f3e 100644 --- a/debian/patches/2000_fix-su-pam-env-handling +++ b/debian/patches/2000_fix-su-pam-env-handling @@ -22,9 +22,9 @@ Origin: vendor Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/984390 Last-Update: 2017-01-30 ---- shadow-4.2.orig/src/su.c -+++ shadow-4.2/src/su.c -@@ -933,6 +933,18 @@ static void set_environment (struct pass +--- a/src/su.c ++++ b/src/su.c +@@ -954,6 +954,18 @@ pw->pw_shell = xstrdup (shellstr); } setup_env (pw); diff --git a/debian/patches/CVE-2018-7169.patch b/debian/patches/CVE-2018-7169.patch index 6f8c427..7284e97 100644 --- a/debian/patches/CVE-2018-7169.patch +++ b/debian/patches/CVE-2018-7169.patch @@ -30,8 +30,6 @@ Signed-off-by: Aleksa Sarai src/newgidmap.c | 89 ++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 80 insertions(+), 9 deletions(-) -diff --git a/src/newgidmap.c b/src/newgidmap.c -index b1e33513d..59a2e75c9 100644 --- a/src/newgidmap.c +++ b/src/newgidmap.c @@ -46,32 +46,37 @@ @@ -79,7 +77,7 @@ index b1e33513d..59a2e75c9 100644 fprintf(stderr, _( "%s: gid range [%lu-%lu) -> [%lu-%lu) not allowed\n"), Prog, mapping->upper, -@@ -89,6 +94,70 @@ static void usage(void) +@@ -89,6 +94,70 @@ exit(EXIT_FAILURE); } @@ -150,7 +148,7 @@ index b1e33513d..59a2e75c9 100644 /* * newgidmap - Set the gid_map for the specified process */ -@@ -103,6 +172,7 @@ int main(int argc, char **argv) +@@ -103,6 +172,7 @@ struct stat st; struct passwd *pw; int written; @@ -158,7 +156,7 @@ index b1e33513d..59a2e75c9 100644 Prog = Basename (argv[0]); -@@ -145,7 +215,7 @@ int main(int argc, char **argv) +@@ -145,7 +215,7 @@ (unsigned long) getuid ())); return EXIT_FAILURE; } @@ -167,7 +165,7 @@ index b1e33513d..59a2e75c9 100644 /* Get the effective uid and effective gid of the target process */ if (fstat(proc_dir_fd, &st) < 0) { fprintf(stderr, _("%s: Could not stat directory for target %u\n"), -@@ -177,8 +247,9 @@ int main(int argc, char **argv) +@@ -177,8 +247,9 @@ if (!mappings) usage(); -- 2.25.1