diff options
author | Joshua Ismael Haase Hernández <hahj87@gmail.com> | 2011-06-27 22:08:34 -0500 |
---|---|---|
committer | Joshua Ismael Haase Hernández <hahj87@gmail.com> | 2011-06-27 22:08:34 -0500 |
commit | be6c1245520a53bf43513cdde697a09b90e62361 (patch) | |
tree | 13cb12f2b23e886d5d1c9ccdf447cfe24808aed8 /testing | |
parent | eadaf245dcd43f5a3b33585ff80fdae7e64f850b (diff) | |
parent | 0a595245dd258cc0ad9a5de2b292cf1b1a94f51a (diff) |
merged pre master
Diffstat (limited to 'testing')
29 files changed, 1606 insertions, 6 deletions
diff --git a/testing/fakeroot/PKGBUILD b/testing/fakeroot/PKGBUILD new file mode 100644 index 000000000..2d869d714 --- /dev/null +++ b/testing/fakeroot/PKGBUILD @@ -0,0 +1,35 @@ +# $Id: PKGBUILD 128934 2011-06-25 14:19:16Z allan $ +# Maintainer: Allan McRae <allan@archlinux.org> +# Contributor: Jochem Kossen <j.kossen@home.nl> + +pkgname=fakeroot +pkgver=1.16 +pkgrel=1 +pkgdesc="Gives a fake root environment, useful for building packages as a non-privileged user" +arch=('i686' 'x86_64') +license=('GPL') +url="http://packages.debian.org/fakeroot" +groups=('base-devel') +install=fakeroot.install +depends=('glibc' 'filesystem' 'sed' 'util-linux' 'sh') +options=('!libtool') +source=(http://ftp.debian.org/debian/pool/main/f/${pkgname}/${pkgname}_${pkgver}.orig.tar.bz2) +md5sums=('e8470aa7e965bfc74467de0e594e60b6') + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + ./configure --prefix=/usr --libdir=/usr/lib/libfakeroot \ + --disable-static --with-ipc=sysv + make +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + make DESTDIR=${pkgdir} install + + install -dm755 ${pkgdir}/etc/ld.so.conf.d/ + echo '/usr/lib/libfakeroot' > ${pkgdir}/etc/ld.so.conf.d/fakeroot.conf + + # install README for sysv/tcp usage + install -Dm644 $srcdir/$pkgname-$pkgver/README $pkgdir/usr/share/doc/$pkgname/README +} diff --git a/testing/fakeroot/fakeroot.install b/testing/fakeroot/fakeroot.install new file mode 100644 index 000000000..986c91b06 --- /dev/null +++ b/testing/fakeroot/fakeroot.install @@ -0,0 +1,14 @@ +post_install() { + sbin/ldconfig -r . +} + +post_upgrade() { + if [ "$(vercmp $2 1.14.4-2)" -lt 0 ]; then + sed -i -e '/\/usr\/lib\/libfakeroot/d' etc/ld.so.conf + fi + sbin/ldconfig -r . +} + +pre_remove() { + sbin/ldconfig -r . +} diff --git a/testing/glibc/PKGBUILD b/testing/glibc/PKGBUILD index 33810d391..f3a040236 100644 --- a/testing/glibc/PKGBUILD +++ b/testing/glibc/PKGBUILD @@ -1,4 +1,4 @@ -# $Id: PKGBUILD 127755 2011-06-18 06:06:01Z allan $ +# $Id: PKGBUILD 128661 2011-06-25 11:56:19Z allan $ # Maintainer: Allan McRae <allan@archlinux.org> # toolchain build order: linux-api-headers->glibc->binutils->gcc->binutils->glibc @@ -6,7 +6,7 @@ pkgname=glibc pkgver=2.14 -pkgrel=3 +pkgrel=4 _glibcdate=20110617 pkgdesc="GNU C Library" arch=('i686' 'x86_64') @@ -27,7 +27,8 @@ source=(ftp://ftp.archlinux.org/other/glibc/${pkgname}-${pkgver}_${_glibcdate}.t glibc-2.12.2-ignore-origin-of-privileged-program.patch glibc-2.13-futex.patch glibc-2.14-libdl-crash.patch - glibc-2.14-fix-resolver-crash-typo.patch + #glibc-2.14-fix-resolver-crash-typo.patch + glibc-2.14-revert-4462fad3.patch glibc-2.14-reexport-rpc-interface.patch glibc-2.14-reinstall-nis-rpc-headers.patch nscd @@ -41,7 +42,7 @@ md5sums=('e441d745609d93c907b72548ba646dad' 'b042647ea7d6f22ad319e12e796bd13e' '7d0154b7e17ea218c9fa953599d24cc4' 'cea62cc6b903d222c5f26e05a3c0e0e6' - '73bfaafe25b93f357cf6a3b5eeb70e1b' + '46e56492cccb1c9172ed3a235cf43c6c' 'c5de2a946215d647c8af5432ec4b0da0' '55febbb72139ac7b65757df085024b83' 'b587ee3a70c9b3713099295609afde49' @@ -85,8 +86,11 @@ build() { # http://sourceware.org/ml/libc-alpha/2011-06/msg00006.html patch -Np1 -i ${srcdir}/glibc-2.14-libdl-crash.patch - # http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=57912a71 (FS#24615) - patch -Np1 -i ${srcdir}/glibc-2.14-fix-resolver-crash-typo.patch + # This fixes the main segfault but not the assert fail (FS#24615) + # http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=57912a71 + #patch -Np1 -i ${srcdir}/glibc-2.14-fix-resolver-crash-typo.patch + # resort to reverting the bad commit completely for the moment + patch -Np1 -i ${srcdir}/glibc-2.14-revert-4462fad3.patch # re-export RPC interface until libtirpc is ready as a replacement # http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=acee4873 (only fedora branch...) diff --git a/testing/grep/PKGBUILD b/testing/grep/PKGBUILD new file mode 100644 index 000000000..958f5b0e5 --- /dev/null +++ b/testing/grep/PKGBUILD @@ -0,0 +1,33 @@ +# $Id: PKGBUILD 128670 2011-06-25 12:20:55Z allan $ +# Maintainer: Allan McRae <allan@archlinux.org> +# Contributor: judd <jvinet@zeroflux.org> + +pkgname=grep +pkgver=2.9 +pkgrel=1 +pkgdesc="A string search utility" +arch=('i686' 'x86_64') +license=('GPL3') +url="http://www.gnu.org/software/grep/grep.html" +groups=('base') +depends=('glibc' 'pcre' 'sh') +makedepends=('texinfo') +install=${pkgname}.install +source=(ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz) +md5sums=('25e41b2aa201104354740961ef36005a') + +build() { + cd ${srcdir}/${pkgname}-${pkgver} + ./configure --prefix=/usr --bindir=/bin --without-included-regex + make +} + +check() { + cd ${srcdir}/${pkgname}-${pkgver} + make check +} + +package() { + cd ${srcdir}/${pkgname}-${pkgver} + make DESTDIR=${pkgdir} install +} diff --git a/testing/grep/grep.install b/testing/grep/grep.install new file mode 100644 index 000000000..7cd31301f --- /dev/null +++ b/testing/grep/grep.install @@ -0,0 +1,21 @@ +infodir=usr/share/info +filelist=(grep.info) + +post_install() { + [ -x usr/bin/install-info ] || return 0 + for file in ${filelist[@]}; do + install-info $infodir/$file.gz $infodir/dir 2> /dev/null + done +} + +post_upgrade() { + post_install $1 +} + +pre_remove() { + [ -x usr/bin/install-info ] || return 0 + for file in ${filelist[@]}; do + install-info --delete $infodir/$file.gz $infodir/dir 2> /dev/null + done +} + diff --git a/testing/less/PKGBUILD b/testing/less/PKGBUILD new file mode 100644 index 000000000..36b928066 --- /dev/null +++ b/testing/less/PKGBUILD @@ -0,0 +1,30 @@ +# $Id: PKGBUILD 128667 2011-06-25 12:14:07Z allan $ +# Maintainer: Allan McRae <allan@archlinux.org> +# Contributor: judd <jvinet@zeroflux.org> + +pkgname=less +pkgver=444 +pkgrel=1 +pkgdesc="A terminal based program for viewing text files" +license=('GPL3') +arch=('i686' 'x86_64') +url="http://www.greenwoodsoftware.com/less" +groups=('base') +depends=('ncurses' 'pcre') +source=(http://www.greenwoodsoftware.com/$pkgname/$pkgname-$pkgver.tar.gz) +md5sums=('56f9f76ffe13f70155f47f6b3c87d421') + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + + ./configure --prefix=/usr --sysconfdir=/etc --with-regex=pcre + make +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + + make prefix="${pkgdir}"/usr install + install -dm755 "${pkgdir}"/bin + mv "${pkgdir}"/usr/bin/${pkgname} "${pkgdir}"/bin +} diff --git a/testing/module-init-tools/PKGBUILD b/testing/module-init-tools/PKGBUILD new file mode 100644 index 000000000..e65f419df --- /dev/null +++ b/testing/module-init-tools/PKGBUILD @@ -0,0 +1,39 @@ +# $Id: PKGBUILD 128937 2011-06-25 14:35:00Z dreisner $ +# Maintainer: Aaron Griffin <aaron@archlinux.org> +# Contributor: judd <jvinet@zeroflux.org> + +pkgname=module-init-tools +pkgver=3.16 +pkgrel=1 +pkgdesc="utilities needed by Linux systems for managing loadable kernel modules" +arch=('i686' 'x86_64') +url="http://kerneltools.org" +license=('GPL') +depends=('glibc') +makedepends=('docbook2x') +backup=('etc/modprobe.d/modprobe.conf') +source=(http://www.kernel.org/pub/linux/utils/kernel/module-init-tools/module-init-tools-$pkgver.tar.bz2 + modprobe.conf + docfix.patch) +md5sums=('bc44832c6e41707b8447e2847d2019f5' + '316f1bda4c21af02b30252eb014a0a55' + '4320d19902ded43bed55c804b065cdc7') + +build() { + cd $srcdir/$pkgname-$pkgver + + # fix headers in SGML manpage sources and an XML typo + patch -Np0 < "$srcdir/docfix.patch" + + ./configure --prefix=/usr --exec-prefix=/ --enable-zlib + make +} + +package() { + cd $srcdir/$pkgname-$pkgver + + make DESTDIR=$pkgdir install + + # Install our custom (read: empty) modprobe.conf + install -Dm644 $srcdir/modprobe.conf $pkgdir/etc/modprobe.d/modprobe.conf +} diff --git a/testing/module-init-tools/docfix.patch b/testing/module-init-tools/docfix.patch new file mode 100644 index 000000000..0151ca3f1 --- /dev/null +++ b/testing/module-init-tools/docfix.patch @@ -0,0 +1,90 @@ +--- doc/depmod.conf.sgml.orig 2011-06-25 10:07:15.897805024 -0400 ++++ doc/depmod.conf.sgml 2011-06-25 10:07:48.810805020 -0400 +@@ -1,4 +1,5 @@ +-<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [ ++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1.2//EN" ++ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [ + <!ENTITY debian "<productname>Debian GNU/Linux</productname>"> + <!ENTITY docbook "<productname>DocBook</productname>"> + <!ENTITY sgml "<abbrev>SGML</abbrev>"> +--- doc/depmod.sgml.orig 2011-06-25 10:07:15.898805024 -0400 ++++ doc/depmod.sgml 2011-06-25 10:07:56.636805021 -0400 +@@ -1,4 +1,5 @@ +-<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [ ++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1.2//EN" ++ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [ + <!ENTITY debian "<productname>Debian GNU/Linux</productname>"> + <!ENTITY docbook "<productname>DocBook</productname>"> + <!ENTITY sgml "<abbrev>SGML</abbrev>"> +@@ -52,7 +52,7 @@ + <arg><option>-n</option></arg> + <arg><option>-v</option></arg> + <arg><option>-P <replaceable>prefix</replaceable></option></arg> +- <arg><option>-w</option><arg> ++ <arg><option>-w</option></arg> + <arg><option><replaceable>version</replaceable></option></arg> + <arg rep='repeat'><option><replaceable>filename</replaceable></option></arg> + </cmdsynopsis> +--- doc/insmod.sgml.orig 2011-06-25 10:07:15.899805024 -0400 ++++ doc/insmod.sgml 2011-06-25 10:07:59.228805019 -0400 +@@ -1,4 +1,5 @@ +-<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [ ++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1.2//EN" ++ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [ + <!ENTITY debian "<productname>Debian GNU/Linux</productname>"> + <!ENTITY docbook "<productname>DocBook</productname>"> + <!ENTITY sgml "<abbrev>SGML</abbrev>"> +--- doc/lsmod.sgml.orig 2011-06-25 10:07:15.899805024 -0400 ++++ doc/lsmod.sgml 2011-06-25 10:08:04.804805020 -0400 +@@ -1,4 +1,5 @@ +-<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [ ++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1.2//EN" ++ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [ + <!ENTITY debian "<productname>Debian GNU/Linux</productname>"> + <!ENTITY docbook "<productname>DocBook</productname>"> + <!ENTITY sgml "<abbrev>SGML</abbrev>"> +--- doc/modinfo.sgml.orig 2011-06-25 10:07:15.900805024 -0400 ++++ doc/modinfo.sgml 2011-06-25 10:08:07.630805019 -0400 +@@ -1,4 +1,5 @@ +-<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [ ++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1.2//EN" ++ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [ + <!ENTITY debian "<productname>Debian GNU/Linux</productname>"> + <!ENTITY docbook "<productname>DocBook</productname>"> + <!ENTITY sgml "<abbrev>SGML</abbrev>"> +--- doc/modprobe.conf.sgml.orig 2011-06-25 10:07:15.901805024 -0400 ++++ doc/modprobe.conf.sgml 2011-06-25 10:08:10.173805018 -0400 +@@ -1,4 +1,5 @@ +-<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [ ++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1.2//EN" ++ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [ + <!ENTITY debian "<productname>Debian GNU/Linux</productname>"> + <!ENTITY docbook "<productname>DocBook</productname>"> + <!ENTITY sgml "<abbrev>SGML</abbrev>"> +--- doc/modprobe.sgml.orig 2011-06-25 10:07:15.902805024 -0400 ++++ doc/modprobe.sgml 2011-06-25 10:08:13.623805019 -0400 +@@ -1,4 +1,5 @@ +-<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [ ++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1.2//EN" ++ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [ + <!ENTITY debian "<productname>Debian GNU/Linux</productname>"> + <!ENTITY docbook "<productname>DocBook</productname>"> + <!ENTITY sgml "<abbrev>SGML</abbrev>"> +--- doc/modules.dep.sgml.orig 2011-06-25 10:07:15.903805024 -0400 ++++ doc/modules.dep.sgml 2011-06-25 10:08:19.323805019 -0400 +@@ -1,4 +1,5 @@ +-<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [ ++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1.2//EN" ++ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [ + <!ENTITY debian "<productname>Debian GNU/Linux</productname>"> + <!ENTITY docbook "<productname>DocBook</productname>"> + <!ENTITY sgml "<abbrev>SGML</abbrev>"> +--- doc/rmmod.sgml.orig 2011-06-25 10:07:15.904805024 -0400 ++++ doc/rmmod.sgml 2011-06-25 10:08:27.691805017 -0400 +@@ -1,4 +1,5 @@ +-<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [ ++<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1.2//EN" ++ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [ + <!ENTITY debian "<productname>Debian GNU/Linux</productname>"> + <!ENTITY docbook "<productname>DocBook</productname>"> + <!ENTITY sgml "<abbrev>SGML</abbrev>"> diff --git a/testing/module-init-tools/modprobe.conf b/testing/module-init-tools/modprobe.conf new file mode 100644 index 000000000..83865a3af --- /dev/null +++ b/testing/module-init-tools/modprobe.conf @@ -0,0 +1,3 @@ +# +# /etc/modprobe.d/modprobe.conf (for v2.6 kernels) +# diff --git a/testing/mpfr/PKGBUILD b/testing/mpfr/PKGBUILD new file mode 100644 index 000000000..3f593116a --- /dev/null +++ b/testing/mpfr/PKGBUILD @@ -0,0 +1,38 @@ +# $Id: PKGBUILD 128942 2011-06-25 14:51:58Z allan $ +# Maintainer: Allan McRae <allan@archlinux.org> +# Maintainer: Jan de Groot <jgc@archlinux.org> +# Contributor: damir <damir@archlinux.org> + +pkgname=mpfr +_pkgver=3.0.1 +_patchlevel=p4 +pkgver=${_pkgver}.${_patchlevel} +pkgrel=1 +pkgdesc="Multiple-precision floating-point library" +arch=('i686' 'x86_64') +url="http://www.mpfr.org/" +license=('LGPL') +depends=('gmp>=5.0') +options=('!libtool') +install=mpfr.install +source=(http://www.mpfr.org/mpfr-current/mpfr-${_pkgver}.tar.xz + mpfr-${_pkgver}.${_patchlevel}.patch) +md5sums=('645882d9d179113a70af84d27086ed9f' + '52c2ac5ffbbbf0c68f08e89f016ba7aa') + +build() { + cd "${srcdir}/${pkgname}-${_pkgver}" + patch -Np1 -i $srcdir/mpfr-${_pkgver}.${_patchlevel}.patch + ./configure --prefix=/usr --enable-thread-safe --enable-shared + make +} + +check() { + cd "${srcdir}/${pkgname}-${_pkgver}" + make check +} + +package() { + cd "${srcdir}/${pkgname}-${_pkgver}" + make DESTDIR="${pkgdir}" install +} diff --git a/testing/mpfr/mpfr-3.0.1.p4.patch b/testing/mpfr/mpfr-3.0.1.p4.patch new file mode 100644 index 000000000..9604635a2 --- /dev/null +++ b/testing/mpfr/mpfr-3.0.1.p4.patch @@ -0,0 +1,367 @@ +diff -Naurd mpfr-3.0.1-a/PATCHES mpfr-3.0.1-b/PATCHES +--- mpfr-3.0.1-a/PATCHES 2011-04-12 10:50:02.000000000 +0000 ++++ mpfr-3.0.1-b/PATCHES 2011-04-12 10:50:02.000000000 +0000 +@@ -0,0 +1 @@ ++asin_exprange +diff -Naurd mpfr-3.0.1-a/VERSION mpfr-3.0.1-b/VERSION +--- mpfr-3.0.1-a/VERSION 2011-04-04 10:19:18.000000000 +0000 ++++ mpfr-3.0.1-b/VERSION 2011-04-12 10:50:02.000000000 +0000 +@@ -1 +1 @@ +-3.0.1 ++3.0.1-p1 +diff -Naurd mpfr-3.0.1-a/asin.c mpfr-3.0.1-b/asin.c +--- mpfr-3.0.1-a/asin.c 2011-04-04 10:19:18.000000000 +0000 ++++ mpfr-3.0.1-b/asin.c 2011-04-12 10:50:02.000000000 +0000 +@@ -63,11 +63,14 @@ + + compared = mpfr_cmp_ui (xp, 1); + ++ MPFR_SAVE_EXPO_MARK (expo); ++ + if (MPFR_UNLIKELY (compared >= 0)) + { + mpfr_clear (xp); + if (compared > 0) /* asin(x) = NaN for |x| > 1 */ + { ++ MPFR_SAVE_EXPO_FREE (expo); + MPFR_SET_NAN (asin); + MPFR_RET_NAN; + } +@@ -80,13 +83,11 @@ + inexact = -mpfr_const_pi (asin, MPFR_INVERT_RND(rnd_mode)); + MPFR_CHANGE_SIGN (asin); + } +- mpfr_div_2ui (asin, asin, 1, rnd_mode); /* May underflow */ +- return inexact; ++ mpfr_div_2ui (asin, asin, 1, rnd_mode); + } + } +- +- MPFR_SAVE_EXPO_MARK (expo); +- ++ else ++ { + /* Compute exponent of 1 - ABS(x) */ + mpfr_ui_sub (xp, 1, xp, MPFR_RNDD); + MPFR_ASSERTD (MPFR_GET_EXP (xp) <= 0); +@@ -115,6 +116,7 @@ + inexact = mpfr_set (asin, xp, rnd_mode); + + mpfr_clear (xp); ++ } + + MPFR_SAVE_EXPO_FREE (expo); + return mpfr_check_range (asin, inexact, rnd_mode); +diff -Naurd mpfr-3.0.1-a/mpfr.h mpfr-3.0.1-b/mpfr.h +--- mpfr-3.0.1-a/mpfr.h 2011-04-04 10:19:18.000000000 +0000 ++++ mpfr-3.0.1-b/mpfr.h 2011-04-12 10:50:02.000000000 +0000 +@@ -27,7 +27,7 @@ + #define MPFR_VERSION_MAJOR 3 + #define MPFR_VERSION_MINOR 0 + #define MPFR_VERSION_PATCHLEVEL 1 +-#define MPFR_VERSION_STRING "3.0.1" ++#define MPFR_VERSION_STRING "3.0.1-p1" + + /* Macros dealing with MPFR VERSION */ + #define MPFR_VERSION_NUM(a,b,c) (((a) << 16L) | ((b) << 8) | (c)) +diff -Naurd mpfr-3.0.1-a/tests/tasin.c mpfr-3.0.1-b/tests/tasin.c +--- mpfr-3.0.1-a/tests/tasin.c 2011-04-04 10:19:17.000000000 +0000 ++++ mpfr-3.0.1-b/tests/tasin.c 2011-04-12 10:50:02.000000000 +0000 +@@ -219,6 +219,49 @@ + mpfr_clear (y); + } + ++static void ++reduced_expo_range (void) ++{ ++ mpfr_exp_t emin, emax; ++ mpfr_t x, y, ex_y; ++ int inex, ex_inex; ++ unsigned int flags, ex_flags; ++ ++ emin = mpfr_get_emin (); ++ emax = mpfr_get_emax (); ++ ++ mpfr_inits2 (4, x, y, ex_y, (mpfr_ptr) 0); ++ mpfr_set_str (x, "-0.1e1", 2, MPFR_RNDN); ++ ++ mpfr_set_emin (1); ++ mpfr_set_emax (1); ++ mpfr_clear_flags (); ++ inex = mpfr_asin (y, x, MPFR_RNDA); ++ flags = __gmpfr_flags; ++ mpfr_set_emin (emin); ++ mpfr_set_emax (emax); ++ ++ mpfr_set_str (ex_y, "-0.1101e1", 2, MPFR_RNDN); ++ ex_inex = -1; ++ ex_flags = MPFR_FLAGS_INEXACT; ++ ++ if (SIGN (inex) != ex_inex || flags != ex_flags || ++ ! mpfr_equal_p (y, ex_y)) ++ { ++ printf ("Error in reduced_expo_range\non x = "); ++ mpfr_dump (x); ++ printf ("Expected y = "); ++ mpfr_out_str (stdout, 2, 0, ex_y, MPFR_RNDN); ++ printf ("\n inex = %d, flags = %u\n", ex_inex, ex_flags); ++ printf ("Got y = "); ++ mpfr_out_str (stdout, 2, 0, y, MPFR_RNDN); ++ printf ("\n inex = %d, flags = %u\n", SIGN (inex), flags); ++ exit (1); ++ } ++ ++ mpfr_clears (x, y, ex_y, (mpfr_ptr) 0); ++} ++ + int + main (void) + { +@@ -226,6 +269,7 @@ + + special (); + special_overflow (); ++ reduced_expo_range (); + + test_generic (2, 100, 15); + +diff -Naurd mpfr-3.0.1-a/version.c mpfr-3.0.1-b/version.c +--- mpfr-3.0.1-a/version.c 2011-04-04 10:19:18.000000000 +0000 ++++ mpfr-3.0.1-b/version.c 2011-04-12 10:50:02.000000000 +0000 +@@ -25,5 +25,5 @@ + const char * + mpfr_get_version (void) + { +- return "3.0.1"; ++ return "3.0.1-p1"; + } +diff -Naurd mpfr-3.0.1-a/PATCHES mpfr-3.0.1-b/PATCHES +--- mpfr-3.0.1-a/PATCHES 2011-05-04 11:18:33.000000000 +0000 ++++ mpfr-3.0.1-b/PATCHES 2011-05-04 11:18:33.000000000 +0000 +@@ -0,0 +1 @@ ++rec_sqrt-carry +diff -Naurd mpfr-3.0.1-a/VERSION mpfr-3.0.1-b/VERSION +--- mpfr-3.0.1-a/VERSION 2011-04-12 10:50:02.000000000 +0000 ++++ mpfr-3.0.1-b/VERSION 2011-05-04 11:18:33.000000000 +0000 +@@ -1 +1 @@ +-3.0.1-p1 ++3.0.1-p2 +diff -Naurd mpfr-3.0.1-a/mpfr.h mpfr-3.0.1-b/mpfr.h +--- mpfr-3.0.1-a/mpfr.h 2011-04-12 10:50:02.000000000 +0000 ++++ mpfr-3.0.1-b/mpfr.h 2011-05-04 11:18:33.000000000 +0000 +@@ -27,7 +27,7 @@ + #define MPFR_VERSION_MAJOR 3 + #define MPFR_VERSION_MINOR 0 + #define MPFR_VERSION_PATCHLEVEL 1 +-#define MPFR_VERSION_STRING "3.0.1-p1" ++#define MPFR_VERSION_STRING "3.0.1-p2" + + /* Macros dealing with MPFR VERSION */ + #define MPFR_VERSION_NUM(a,b,c) (((a) << 16L) | ((b) << 8) | (c)) +diff -Naurd mpfr-3.0.1-a/rec_sqrt.c mpfr-3.0.1-b/rec_sqrt.c +--- mpfr-3.0.1-a/rec_sqrt.c 2011-04-04 10:19:18.000000000 +0000 ++++ mpfr-3.0.1-b/rec_sqrt.c 2011-05-04 11:18:33.000000000 +0000 +@@ -375,20 +375,37 @@ + MPFR_ASSERTD(un == ln + 1 || un == ln + 2); + /* the high un-ln limbs of u will overlap the low part of {x+ln,xn}, + we need to add or subtract the overlapping part {u + ln, un - ln} */ ++ /* Warning! th may be 0, in which case the mpn_add_1 and mpn_sub_1 ++ below (with size = th) mustn't be used. In such a case, the limb ++ (carry) will be 0, so that this is semantically a no-op, but if ++ mpn_add_1 and mpn_sub_1 are used, GMP (currently) still does a ++ non-atomic read/write in a place that is not always allocated, ++ with the possible consequences: a crash if the corresponding ++ address is not mapped, or (rather unlikely) memory corruption ++ if another process/thread writes at the same place; things may ++ be worse with future GMP versions. Hence the tests carry != 0. */ + if (neg == 0) + { + if (ln > 0) + MPN_COPY (x, u, ln); + cy = mpn_add (x + ln, x + ln, xn, u + ln, un - ln); + /* add cu at x+un */ +- cy += mpn_add_1 (x + un, x + un, th, cu); ++ if (cu != 0) ++ { ++ MPFR_ASSERTD (th != 0); ++ cy += mpn_add_1 (x + un, x + un, th, cu); ++ } + } + else /* negative case */ + { + /* subtract {u+ln, un-ln} from {x+ln,un} */ + cy = mpn_sub (x + ln, x + ln, xn, u + ln, un - ln); + /* carry cy is at x+un, like cu */ +- cy = mpn_sub_1 (x + un, x + un, th, cy + cu); /* n - un = th */ ++ if (cy + cu != 0) ++ { ++ MPFR_ASSERTD (th != 0); ++ cy = mpn_sub_1 (x + un, x + un, th, cy + cu); /* n - un = th */ ++ } + /* cy cannot be zero, since the most significant bit of Xh is 1, + and the correction is bounded by 2^{-h+3} */ + MPFR_ASSERTD(cy == 0); +diff -Naurd mpfr-3.0.1-a/version.c mpfr-3.0.1-b/version.c +--- mpfr-3.0.1-a/version.c 2011-04-12 10:50:02.000000000 +0000 ++++ mpfr-3.0.1-b/version.c 2011-05-04 11:18:33.000000000 +0000 +@@ -25,5 +25,5 @@ + const char * + mpfr_get_version (void) + { +- return "3.0.1-p1"; ++ return "3.0.1-p2"; + } +diff -Naurd mpfr-3.0.1-a/PATCHES mpfr-3.0.1-b/PATCHES +--- mpfr-3.0.1-a/PATCHES 2011-05-05 00:00:35.000000000 +0000 ++++ mpfr-3.0.1-b/PATCHES 2011-05-05 00:00:35.000000000 +0000 +@@ -0,0 +1 @@ ++atan-expo-range +diff -Naurd mpfr-3.0.1-a/VERSION mpfr-3.0.1-b/VERSION +--- mpfr-3.0.1-a/VERSION 2011-05-04 11:18:33.000000000 +0000 ++++ mpfr-3.0.1-b/VERSION 2011-05-05 00:00:35.000000000 +0000 +@@ -1 +1 @@ +-3.0.1-p2 ++3.0.1-p3 +diff -Naurd mpfr-3.0.1-a/atan.c mpfr-3.0.1-b/atan.c +--- mpfr-3.0.1-a/atan.c 2011-04-04 10:19:18.000000000 +0000 ++++ mpfr-3.0.1-b/atan.c 2011-05-05 00:00:35.000000000 +0000 +@@ -431,5 +431,5 @@ + MPFR_GROUP_CLEAR (group); + + MPFR_SAVE_EXPO_FREE (expo); +- return mpfr_check_range (arctgt, inexact, rnd_mode); ++ return mpfr_check_range (atan, inexact, rnd_mode); + } +diff -Naurd mpfr-3.0.1-a/mpfr.h mpfr-3.0.1-b/mpfr.h +--- mpfr-3.0.1-a/mpfr.h 2011-05-04 11:18:33.000000000 +0000 ++++ mpfr-3.0.1-b/mpfr.h 2011-05-05 00:00:35.000000000 +0000 +@@ -27,7 +27,7 @@ + #define MPFR_VERSION_MAJOR 3 + #define MPFR_VERSION_MINOR 0 + #define MPFR_VERSION_PATCHLEVEL 1 +-#define MPFR_VERSION_STRING "3.0.1-p2" ++#define MPFR_VERSION_STRING "3.0.1-p3" + + /* Macros dealing with MPFR VERSION */ + #define MPFR_VERSION_NUM(a,b,c) (((a) << 16L) | ((b) << 8) | (c)) +diff -Naurd mpfr-3.0.1-a/tests/tatan.c mpfr-3.0.1-b/tests/tatan.c +--- mpfr-3.0.1-a/tests/tatan.c 2011-04-04 10:19:17.000000000 +0000 ++++ mpfr-3.0.1-b/tests/tatan.c 2011-05-05 00:00:35.000000000 +0000 +@@ -535,6 +535,52 @@ + mpfr_clears (a, x, y, (mpfr_ptr) 0); + } + ++/* http://websympa.loria.fr/wwsympa/arc/mpfr/2011-05/msg00008.html ++ * Incorrect flags (in debug mode on a 32-bit machine, assertion failure). ++ */ ++static void ++reduced_expo_range (void) ++{ ++ mpfr_exp_t emin, emax; ++ mpfr_t x, y, ex_y; ++ int inex, ex_inex; ++ unsigned int flags, ex_flags; ++ ++ emin = mpfr_get_emin (); ++ emax = mpfr_get_emax (); ++ ++ mpfr_inits2 (12, x, y, ex_y, (mpfr_ptr) 0); ++ mpfr_set_str (x, "0.1e-5", 2, MPFR_RNDN); ++ ++ mpfr_set_emin (-5); ++ mpfr_set_emax (-5); ++ mpfr_clear_flags (); ++ inex = mpfr_atan (y, x, MPFR_RNDN); ++ flags = __gmpfr_flags; ++ mpfr_set_emin (emin); ++ mpfr_set_emax (emax); ++ ++ mpfr_set_str (ex_y, "0.1e-5", 2, MPFR_RNDN); ++ ex_inex = 1; ++ ex_flags = MPFR_FLAGS_INEXACT; ++ ++ if (SIGN (inex) != ex_inex || flags != ex_flags || ++ ! mpfr_equal_p (y, ex_y)) ++ { ++ printf ("Error in reduced_expo_range\non x = "); ++ mpfr_dump (x); ++ printf ("Expected y = "); ++ mpfr_out_str (stdout, 2, 0, ex_y, MPFR_RNDN); ++ printf ("\n inex = %d, flags = %u\n", ex_inex, ex_flags); ++ printf ("Got y = "); ++ mpfr_out_str (stdout, 2, 0, y, MPFR_RNDN); ++ printf ("\n inex = %d, flags = %u\n", SIGN (inex), flags); ++ exit (1); ++ } ++ ++ mpfr_clears (x, y, ex_y, (mpfr_ptr) 0); ++} ++ + int + main (int argc, char *argv[]) + { +@@ -546,6 +592,7 @@ + smallvals_atan2 (); + atan2_bug_20071003 (); + atan2_different_prec (); ++ reduced_expo_range (); + + test_generic_atan (2, 200, 17); + test_generic_atan2 (2, 200, 17); +diff -Naurd mpfr-3.0.1-a/version.c mpfr-3.0.1-b/version.c +--- mpfr-3.0.1-a/version.c 2011-05-04 11:18:33.000000000 +0000 ++++ mpfr-3.0.1-b/version.c 2011-05-05 00:00:35.000000000 +0000 +@@ -25,5 +25,5 @@ + const char * + mpfr_get_version (void) + { +- return "3.0.1-p2"; ++ return "3.0.1-p3"; + } +diff -Naurd mpfr-3.0.1-a/PATCHES mpfr-3.0.1-b/PATCHES +--- mpfr-3.0.1-a/PATCHES 2011-05-09 14:48:24.000000000 +0000 ++++ mpfr-3.0.1-b/PATCHES 2011-05-09 14:48:24.000000000 +0000 +@@ -0,0 +1 @@ ++texp-zero +diff -Naurd mpfr-3.0.1-a/VERSION mpfr-3.0.1-b/VERSION +--- mpfr-3.0.1-a/VERSION 2011-05-05 00:00:35.000000000 +0000 ++++ mpfr-3.0.1-b/VERSION 2011-05-09 14:48:24.000000000 +0000 +@@ -1 +1 @@ +-3.0.1-p3 ++3.0.1-p4 +diff -Naurd mpfr-3.0.1-a/mpfr.h mpfr-3.0.1-b/mpfr.h +--- mpfr-3.0.1-a/mpfr.h 2011-05-05 00:00:35.000000000 +0000 ++++ mpfr-3.0.1-b/mpfr.h 2011-05-09 14:48:24.000000000 +0000 +@@ -27,7 +27,7 @@ + #define MPFR_VERSION_MAJOR 3 + #define MPFR_VERSION_MINOR 0 + #define MPFR_VERSION_PATCHLEVEL 1 +-#define MPFR_VERSION_STRING "3.0.1-p3" ++#define MPFR_VERSION_STRING "3.0.1-p4" + + /* Macros dealing with MPFR VERSION */ + #define MPFR_VERSION_NUM(a,b,c) (((a) << 16L) | ((b) << 8) | (c)) +diff -Naurd mpfr-3.0.1-a/tests/texp.c mpfr-3.0.1-b/tests/texp.c +--- mpfr-3.0.1-a/tests/texp.c 2011-04-04 10:19:17.000000000 +0000 ++++ mpfr-3.0.1-b/tests/texp.c 2011-05-09 14:48:24.000000000 +0000 +@@ -170,7 +170,9 @@ + mpfr_set_prec (x, prec); + mpfr_set_prec (y, prec); + mpfr_set_prec (z, prec); +- mpfr_urandomb (x, RANDS); ++ do ++ mpfr_urandomb (x, RANDS); ++ while (MPFR_IS_ZERO (x)); /* 0 is handled by mpfr_exp only */ + rnd = RND_RAND (); + mpfr_exp_2 (y, x, rnd); + mpfr_exp_3 (z, x, rnd); +diff -Naurd mpfr-3.0.1-a/version.c mpfr-3.0.1-b/version.c +--- mpfr-3.0.1-a/version.c 2011-05-05 00:00:35.000000000 +0000 ++++ mpfr-3.0.1-b/version.c 2011-05-09 14:48:24.000000000 +0000 +@@ -25,5 +25,5 @@ + const char * + mpfr_get_version (void) + { +- return "3.0.1-p3"; ++ return "3.0.1-p4"; + } diff --git a/testing/mpfr/mpfr.install b/testing/mpfr/mpfr.install new file mode 100644 index 000000000..d6dd0475b --- /dev/null +++ b/testing/mpfr/mpfr.install @@ -0,0 +1,20 @@ +info_dir=usr/share/info +info_files=(mpfr.info) + +post_install() { + [ -x usr/bin/install-info ] || return 0 + for f in ${info_files[@]}; do + install-info ${info_dir}/$f.gz ${info_dir}/dir 2> /dev/null + done +} + +post_upgrade() { + post_install $1 +} + +pre_remove() { + [ -x usr/bin/install-info ] || return 0 + for f in ${info_files[@]}; do + install-info --delete ${info_dir}/$f.gz ${info_dir}/dir 2> /dev/null + done +} diff --git a/testing/shadow/LICENSE b/testing/shadow/LICENSE new file mode 100644 index 000000000..c5ab15a56 --- /dev/null +++ b/testing/shadow/LICENSE @@ -0,0 +1,31 @@ +/* + * Copyright (c) 1990 - 1994, Julianne Frances Haugh + * Copyright (c) 1996 - 2000, Marek Michałkiewicz + * Copyright (c) 2001 - 2006, Tomasz Kłoczko + * Copyright (c) 2007 - 2009, Nicolas François + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the copyright holders or contributors may not be used to + * endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ diff --git a/testing/shadow/PKGBUILD b/testing/shadow/PKGBUILD new file mode 100644 index 000000000..b3a130166 --- /dev/null +++ b/testing/shadow/PKGBUILD @@ -0,0 +1,106 @@ +# $Id: PKGBUILD 129320 2011-06-26 16:36:48Z eric $ +# Maintainer: Aaron Griffin <aaron@archlinux.org> + +pkgname=shadow +pkgver=4.1.4.3 +pkgrel=2 +pkgdesc="Password and account management tool suite with support for shadow files and PAM" +arch=('i686' 'x86_64') +url='http://pkg-shadow.alioth.debian.org/' +license=('BSD') +groups=('base') +depends=('bash' 'pam' 'acl') +backup=(etc/login.defs + etc/pam.d/{chage,login,passwd,shadow,useradd,usermod,userdel} + etc/pam.d/{chpasswd,newusers,groupadd,groupdel,groupmod} + etc/pam.d/{chfn,chgpasswd,groupmems,chsh} + etc/default/useradd) +options=('!libtool') +install=shadow.install +#http://pkg-shadow.alioth.debian.org/releases/shadow-$pkgver.tar.bz2 +# shadow 4.1.4.3 is just shadow 4.1.4.2 with shadow_CVE-2011-0721.patch applied +source=(ftp://ftp.archlinux.org/other/shadow/shadow_4.1.4.2+svn3283.orig.tar.gz + adduser chgpasswd chpasswd defaults.pam login login.defs newusers + passwd shadow.cron.daily useradd.defaults LICENSE + xstrdup.patch shadow_CVE-2011-0721.patch shadow-strncpy-usage.patch + shadow-add-missing-include.patch) +sha1sums=('8b704b8f07718e329205f23d457c3121c0f3679e' + '78ec184a499f9708adcfcf0b7a3b22a60bf39f91' + '4ad0e059406a305c8640ed30d93c2a1f62c2f4ad' + 'd66096ed9477bd7242e8d2cc28eaa23170269788' + '0e56fed7fc93572c6bf0d8f3b099166558bb46f1' + '0b2d98a0ee3bfde8551ade48d4d35cc20ec702a1' + 'e5cab2118ecb1e61874cde842d7d04d1003f35cb' + 'd66096ed9477bd7242e8d2cc28eaa23170269788' + '6f183bc7709b0a8d20ad17481a4ad025cf6e5056' + '5d83ba7e11c765c951867cbe00b0ae7ff57148fa' + '9ae93de5987dd0ae428f0cc1a5a5a5cd53583f19' + '33a6cf1e44a1410e5c9726c89e5de68b78f5f922' + '6010fffeed1fc6673ad9875492e1193b1a847b53' + '6bfe6528391eb38d338beacedd620407877b637d' + '9db9e62ad173f31e1039121c0124cf60826ffd7e' + '0697a21f7519de30821da7772677035652df4ad2') + +build() { + cd "$srcdir/$pkgname-4.1.4.2+svn3283" + + #Ugh, force this to build shared libraries, for god's sake + sed -i "s/noinst_LTLIBRARIES/lib_LTLIBRARIES/g" lib/Makefile.am + libtoolize + autoreconf + export LDFLAGS="$LDFLAGS -lcrypt" + + patch -p1 -i "$srcdir/xstrdup.patch" + patch -p1 -i "$srcdir/shadow_CVE-2011-0721.patch" + patch -p1 -i "$srcdir/shadow-strncpy-usage.patch" + patch -p1 -i "$srcdir/shadow-add-missing-include.patch" + + # supress etc/pam.d/*, we provide our own + sed -i '/^SUBDIRS/s/pam.d//' etc/Makefile.in + + ./configure \ + --prefix=/usr --libdir=/lib \ + --mandir=/usr/share/man --sysconfdir=/etc \ + --enable-shared --disable-static \ + --with-libpam --without-selinux + make +} + +package() { + cd "$srcdir/$pkgname-4.1.4.2+svn3283" + make DESTDIR="$pkgdir" install + + # license + install -Dm644 "$srcdir/LICENSE" "$pkgdir/usr/share/licenses/shadow/LICENSE" + + # interactive useradd + install -Dm755 "$srcdir/adduser" "$pkgdir/usr/sbin/adduser" + + # useradd defaults + install -Dm644 "$srcdir/useradd.defaults" "$pkgdir/etc/default/useradd" + + # cron job + install -Dm744 "$srcdir/shadow.cron.daily" "$pkgdir/etc/cron.daily/shadow" + + # login.defs + install -Dm644 "$srcdir/login.defs" "$pkgdir/etc/login.defs" + + # PAM config - custom + install -Dm644 "$srcdir/login" "$pkgdir/etc/pam.d/login" + install -Dm644 "$srcdir/passwd" "$pkgdir/etc/pam.d/passwd" + install -Dm644 "$srcdir/chgpasswd" "$pkgdir/etc/pam.d/chgpasswd" + install -Dm644 "$srcdir/chpasswd" "$pkgdir/etc/pam.d/chpasswd" + install -Dm644 "$srcdir/newusers" "$pkgdir/etc/pam.d/newusers" + # PAM config - from tarball + install -Dm644 etc/pam.d/groupmems "$pkgdir/etc/pam.d/groupmems" + + # we use the 'useradd' PAM file for other similar utilities + for file in chage chfn chsh groupadd groupdel groupmod shadow \ + useradd usermod userdel; do + install -Dm644 "$srcdir/defaults.pam" "$pkgdir/etc/pam.d/$file" + done + + # Remove su - using su from coreutils instead + rm "$pkgdir/bin/su" + find "$pkgdir/usr/share/man" -name 'su.1' -delete +} diff --git a/testing/shadow/adduser b/testing/shadow/adduser new file mode 100644 index 000000000..a5d7fd4fa --- /dev/null +++ b/testing/shadow/adduser @@ -0,0 +1,399 @@ +#!/bin/bash +# +# Copyright 1995 Hrvoje Dogan, Croatia. +# Copyright 2002, 2003, 2004 Stuart Winter, West Midlands, England, UK. +# Copyright 2004 Slackware Linux, Inc., Concord, CA, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# +########################################################################## +# Program: /usr/sbin/adduser +# Purpose: Interactive front end to /usr/sbin/useradd for Slackware Linux +# Author : Stuart Winter <stuart@polplex.co.uk> +# Based on the original Slackware adduser by Hrvoje Dogan +# with modifications by Patrick Volkerding +# Version: 1.09 +########################################################################## +# Usage..: adduser [<new_user_name>] +########################################################################## +# History # +########### +# v1.09 - 07/06/04 +# * Added standard Slackware script licence to the head of this file. +# v1.08 - 25/04/04 +# * Disallow user names that begin with a numeric because useradd +# (from shadow v4.03) does not allow them. <sw> +# v1.07 - 07/03/03 +# * When supplying a null string for the uid (meaning 'Choose next available'), +# if there were file names in the range 'a-z' in the pwd then the +# egrep command considered these files rather than the null string. +# The egrep expression is now in quotes. +# Reported & fixed by Vadim O. Ustiansky <sw> +# v1.06 - 31/03/03 +# * Ask to chown user.group the home directory if it already exists. +# This helps reduce later confusion when adding users whose home dir +# already exists (mounted partition for example) and is owned +# by a user other than the user to which the directory is being +# assigned as home. Default is not to chown. +# Brought to my attention by mRgOBLIN. <sw> +# v1.05 - 04/01/03 +# * Advise & prevent users from creating logins with '.' characters +# in the user name. <sw> +# * Made pending account creation info look neater <sw> +# v1.04 - 09/06/02 +# * Catered for shadow-4.0.3's 'useradd' binary that no longer +# will let you create a user that has any uppercase chars in it +# This was reported on the userlocal.org forums +# by 'xcp' - thanks. <sw,pjv> +# v1.03 - 20/05/02 +# * Support 'broken' (null lines in) /etc/passwd and +# /etc/group files <sw> +# * For recycling UIDs (default still 'off'), we now look in +# /etc/login.defs for the UID_MIN value and use it +# If not found then default to 1000 <sw> +# v1.02 - 10/04/02 +# * Fix user-specified UID bug. <pjv> +# v1.01 - 23/03/02 +# * Match Slackware indenting style, simplify. <pjv> +# v1.00 - 22/03/02 +# * Created +####################################################################### + +# Path to files +pfile=/etc/passwd +gfile=/etc/group +sfile=/etc/shells + +# Paths to binaries +useradd=/usr/sbin/useradd +chfn=/usr/bin/chfn +passwd=/usr/bin/passwd + +# Defaults +defhome=/home +defshell=/bin/bash +defgroup=users + +# Determine what the minimum UID is (for UID recycling) +# (we ignore it if it's not at the beginning of the line (i.e. commented out with #)) +export recycleUIDMIN="$(grep ^UID_MIN /etc/login.defs | awk '{print $2}' 2>/dev/null)" +# If we couldn't find it, set it to the default of 1000 +if [ -z "$recycleUIDMIN" ]; then + export recycleUIDMIN=1000 # this is the default from Slackware's /etc/login.defs +fi + + +# This setting enables the 'recycling' of older unused UIDs. +# When you userdel a user, it removes it from passwd and shadow but it will +# never get used again unless you specify it expliticly -- useradd (appears to) just +# look at the last line in passwd and increment the uid. I like the idea of +# recycling uids but you may have very good reasons not to (old forgotten +# confidential files still on the system could then be owned by this new user). +# We'll set this to no because this is what the original adduser shell script +# did and it's what users expect. +recycleuids=no + +# Function to read keyboard input. +# bash1 is broken (even ash will take read -ep!), so we work around +# it (even though bash1 is no longer supported on Slackware). +function get_input() { + local output + if [ "`echo $BASH_VERSION | cut -b1`" = "1" ]; then + echo -n "${1} " >&2 # fudge for use with bash v1 + read output + else # this should work with any other /bin/sh + read -ep "${1} " output + fi + echo $output +} + +# Function to display the account info +function display () { + local goose + goose="$(echo $2 | cut -d ' ' -f 2-)" # lop off the prefixed argument useradd needs + echo -n "$1 " + # If it's null then display the 'other' information + if [ -z "$goose" -a ! -z "$3" ]; then + echo "$3" + else + echo "$goose" + fi +} + +# Function to check whether groups exist in the /etc/group file +function check_group () { + local got_error group + if [ ! -z "$@" ]; then + for group in $@ ; do + local uid_not_named="" uid_not_num="" + grep -v "$^" $gfile | awk -F: '{print $1}' | grep "^${group}$" >/dev/null 2>&1 || uid_not_named=yes + grep -v "$^" $gfile | awk -F: '{print $3}' | grep "^${group}$" >/dev/null 2>&1 || uid_not_num=yes + if [ ! -z "$uid_not_named" -a ! -z "$uid_not_num" ]; then + echo "- Group '$group' does not exist" + got_error=yes + fi + done + fi + # Return exit code of 1 if at least one of the groups didn't exist + if [ ! -z "$got_error" ]; then + return 1 + fi +} + +#: Read the login name for the new user :# +# +# Remember that most Mail Transfer Agents are case independant, so having +# 'uSer' and 'user' may cause confusion/things to break. Because of this, +# useradd from shadow-4.0.3 no longer accepts usernames containing uppercase, +# and we must reject them, too. + +# Set the login variable to the command line param +echo +LOGIN="$1" +needinput=yes +while [ ! -z $needinput ]; do + if [ -z "$LOGIN" ]; then + while [ -z "$LOGIN" ]; do LOGIN="$(get_input "Login name for new user []:")" ; done + fi + grep "^${LOGIN}:" $pfile >/dev/null 2>&1 # ensure it's not already used + if [ $? -eq 0 ]; then + echo "- User '$LOGIN' already exists; please choose another" + unset LOGIN + elif [ ! -z "$( echo $LOGIN | grep "^[0-9]" )" ]; then + echo "- User names cannot begin with a number; please choose another" + unset LOGIN + elif [ ! "$LOGIN" = "`echo $LOGIN | tr A-Z a-z`" ]; then # useradd does not allow uppercase + echo "- User '$LOGIN' contains illegal characters (uppercase); please choose another" + unset LOGIN + elif [ ! -z "$( echo $LOGIN | grep '\.' )" ]; then + echo "- User '$LOGIN' contains illegal characters (period/dot); please choose another" + unset LOGIN + else + unset needinput + fi +done + +# Display the user name passed from the shell if it hasn't changed +if [ "$1" = "$LOGIN" ]; then + echo "Login name for new user: $LOGIN" +fi + +#: Get the UID for the user & ensure it's not already in use :# +# +# Whilst we _can_ allow users with identical UIDs, it's not a 'good thing' because +# when you change password for the uid, it finds the first match in /etc/passwd +# which isn't necessarily the correct user +# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + _UID="$(get_input "User ID ('UID') [ defaults to next available ]:")" + grep -v "^$" $pfile | awk -F: '{print $3}' | grep "^${_UID}$" >/dev/null 2>&1 + if [ $? -eq 0 ]; then + echo "- That UID is already in use; please choose another" + elif [ ! -z "$(echo $_UID | egrep '[A-Za-z]')" ]; then + echo "- UIDs are numerics only" + else + unset needinput + fi +done +# If we were given a UID, then syntax up the variable to pass to useradd +if [ ! -z "$_UID" ]; then + U_ID="-u ${_UID}" +else + # Will we be recycling UIDs? + if [ "$recycleuids" = "yes" ]; then + U_ID="-u $(awk -F: '{uid[$3]=1} END { for (i=ENVIRON["recycleUIDMIN"];i in uid;i++);print i}' $pfile)" + fi +fi + +#: Get the initial group for the user & ensure it exists :# +# +# We check /etc/group for both the text version and the group ID number +echo +needinput=yes +while [ ! -z "$needinput" ]; do + GID="$(get_input "Initial group [ ${defgroup} ]:")" + check_group "$GID" + if [ $? -gt 0 ]; then + echo "- Please choose another" + else + unset needinput + fi +done +# Syntax the variable ready for useradd +if [ -z "$GID" ]; then + GID="-g ${defgroup}" +else + GID="-g ${GID}" +fi + +#: Get additional groups for the user :# +# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + AGID="$(get_input "Additional groups (comma separated) []:")" + AGID="$(echo "$AGID" | tr -d ' ' | tr , ' ')" # fix up for parsing + if [ ! -z "$AGID" ]; then + check_group "$AGID" # check all groups at once (treated as N # of params) + if [ $? -gt 0 ]; then + echo "- Please re-enter the group(s)" + else + unset needinput # we found all groups specified + AGID="-G $(echo "$AGID" | tr ' ' ,)" + fi + else + unset needinput # we don't *have* to have additional groups + fi +done + +#: Get the new user's home dir :# +# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + HME="$(get_input "Home directory [ ${defhome}/${LOGIN} ]")" + if [ -z "$HME" ]; then + HME="${defhome}/${LOGIN}" + fi + # Warn the user if the home dir already exists + if [ -d "$HME" ]; then + echo "- Warning: '$HME' already exists !" + getyn="$(get_input " Do you wish to change the home directory path ? (Y/n) ")" + if [ "$(echo $getyn | grep -i "n")" ]; then + unset needinput + # You're most likely going to only do this if you have the dir *mounted* for this user's $HOME + getyn="$(get_input " Do you want to chown $LOGIN.$( echo $GID | awk '{print $2}') $HME ? (y/N) ")" + if [ "$(echo $getyn | grep -i "y")" ]; then + CHOWNHOMEDIR=$HME # set this to the home directory + fi + fi + else + unset needinput + fi +done +HME="-d ${HME}" + +#: Get the new user's shell :# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + unset got_error + SHL="$(get_input "Shell [ ${defshell} ]")" + if [ -z "$SHL" ]; then + SHL="${defshell}" + fi + # Warn the user if the shell doesn't exist in /etc/shells or as a file + if [ -z "$(grep "^${SHL}$" $sfile)" ]; then + echo "- Warning: ${SHL} is not in ${sfile} (potential problem using FTP)" + got_error=yes + fi + if [ ! -f "$SHL" ]; then + echo "- Warning: ${SHL} does not exist as a file" + got_error=yes + fi + if [ ! -z "$got_error" ]; then + getyn="$(get_input " Do you wish to change the shell ? (Y/n) ")" + if [ "$(echo $getyn | grep -i "n")" ]; then + unset needinput + fi + else + unset needinput + fi +done +SHL="-s ${SHL}" + +#: Get the expiry date :# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + EXP="$(get_input "Expiry date (YYYY-MM-DD) []:")" + if [ ! -z "$EXP" ]; then + # Check to see whether the expiry date is in the valid format + if [ -z "$(echo "$EXP" | grep "^[[:digit:]]\{4\}[-]\?[[:digit:]]\{2\}[-]\?[[:digit:]]\{2\}$")" ]; then + echo "- That is not a valid expiration date" + else + unset needinput + EXP="-e ${EXP}" + fi + else + unset needinput + fi +done + +# Display the info about the new impending account +echo +echo "New account will be created as follows:" +echo +echo "---------------------------------------" +display "Login name.......: " "$LOGIN" +display "UID..............: " "$_UID" "[ Next available ]" +display "Initial group....: " "$GID" +display "Additional groups: " "$AGID" "[ None ]" +display "Home directory...: " "$HME" +display "Shell............: " "$SHL" +display "Expiry date......: " "$EXP" "[ Never ]" +echo + +echo "This is it... if you want to bail out, hit Control-C. Otherwise, press" +echo "ENTER to go ahead and make the account." +read junk + +echo +echo "Creating new account..." +echo +echo + +# Add the account to the system +CMD="$useradd "$HME" -m "$EXP" "$U_ID" "$GID" "$AGID" "$SHL" "$LOGIN"" +$CMD + +if [ $? -gt 0 ]; then + echo "- Error running useradd command -- account not created!" + echo "(cmd: $CMD)" + exit 1 +fi + +# chown the home dir ? We can only do this once the useradd has +# completed otherwise the user name doesn't exist. +if [ ! -z "${CHOWNHOMEDIR}" ]; then + chown "$LOGIN"."$( echo $GID | awk '{print $2}')" "${CHOWNHOMEDIR}" +fi + +# Set the finger information +$chfn "$LOGIN" +if [ $? -gt 0 ]; then + echo "- Warning: an error occurred while setting finger information" +fi + +# Set a password +$passwd "$LOGIN" +if [ $? -gt 0 ]; then + echo "* WARNING: An error occured while setting the password for" + echo " this account. Please manually investigate this *" + exit 1 +fi + +echo +echo +echo "Account setup complete." +exit 0 + diff --git a/testing/shadow/chgpasswd b/testing/shadow/chgpasswd new file mode 100644 index 000000000..8f49f5cc8 --- /dev/null +++ b/testing/shadow/chgpasswd @@ -0,0 +1,4 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +account required pam_permit.so +password include system-auth diff --git a/testing/shadow/chpasswd b/testing/shadow/chpasswd new file mode 100644 index 000000000..bc14857dc --- /dev/null +++ b/testing/shadow/chpasswd @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_unix.so md5 shadow diff --git a/testing/shadow/defaults.pam b/testing/shadow/defaults.pam new file mode 100644 index 000000000..a7bf8a4a5 --- /dev/null +++ b/testing/shadow/defaults.pam @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_permit.so diff --git a/testing/shadow/login b/testing/shadow/login new file mode 100644 index 000000000..51ff96a4a --- /dev/null +++ b/testing/shadow/login @@ -0,0 +1,20 @@ +#%PAM-1.0 +auth required pam_securetty.so +auth requisite pam_nologin.so +auth required pam_unix.so nullok +auth required pam_tally.so onerr=succeed file=/var/log/faillog +# use this to lockout accounts for 10 minutes after 3 failed attempts +#auth required pam_tally.so deny=2 unlock_time=600 onerr=succeed file=/var/log/faillog +account required pam_access.so +account required pam_time.so +account required pam_unix.so +#password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 +#password required pam_unix.so md5 shadow use_authtok +session required pam_unix.so +session required pam_env.so +session required pam_motd.so +session required pam_limits.so +session optional pam_mail.so dir=/var/spool/mail standard +session optional pam_lastlog.so +session optional pam_loginuid.so +-session optional pam_ck_connector.so nox11 diff --git a/testing/shadow/login.defs b/testing/shadow/login.defs new file mode 100644 index 000000000..2500ee447 --- /dev/null +++ b/testing/shadow/login.defs @@ -0,0 +1,197 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# +# Delay in seconds before being allowed another attempt after a login failure +# +FAIL_DELAY 3 + +# +# Enable display of unknown usernames when login failures are recorded. +# +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +CONSOLE /etc/securetty +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# *REQUIRED* +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define both, MAIL_DIR takes precedence. +# QMAIL_DIR is for Qmail +# +#QMAIL_DIR Maildir +MAIL_DIR /var/spool/mail + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin +ENV_PATH PATH=/bin:/usr/bin + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# The ULIMIT is used only if the system supports it. +# (now it works with setrlimit too; ulimit is in 512-byte units) +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 077 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +SYS_UID_MIN 500 +SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +SYS_GID_MIN 500 +SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# Enable setting of the umask group bits to be the same as owner bits +# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is +# the same as gid, and username is the same as the primary group name. +# +# This also enables userdel to remove user groups if no members exist. +# +USERGROUPS_ENAB yes + diff --git a/testing/shadow/newusers b/testing/shadow/newusers new file mode 100644 index 000000000..bc14857dc --- /dev/null +++ b/testing/shadow/newusers @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_unix.so +account required pam_unix.so +session required pam_unix.so +password required pam_unix.so md5 shadow diff --git a/testing/shadow/passwd b/testing/shadow/passwd new file mode 100644 index 000000000..1ffd1bdd8 --- /dev/null +++ b/testing/shadow/passwd @@ -0,0 +1,4 @@ +#%PAM-1.0 +#password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 +#password required pam_unix.so md5 shadow use_authtok +password required pam_unix.so md5 shadow nullok diff --git a/testing/shadow/shadow-add-missing-include.patch b/testing/shadow/shadow-add-missing-include.patch new file mode 100644 index 000000000..5c9e946ef --- /dev/null +++ b/testing/shadow/shadow-add-missing-include.patch @@ -0,0 +1,11 @@ +diff -Naur shadow-4.1.4.2+svn3283/libmisc/copydir.c shadow-4.1.4.2+svn3283.new/libmisc/copydir.c +--- shadow-4.1.4.2+svn3283/libmisc/copydir.c 2010-09-05 11:35:26.000000000 -0400 ++++ shadow-4.1.4.2+svn3283.new/libmisc/copydir.c 2011-06-26 01:26:52.000000000 -0400 +@@ -34,6 +34,7 @@ + + #ident "$Id: copydir.c 3283 2010-09-05 15:34:42Z nekral-guest $" + ++#include <stdarg.h> + #include <assert.h> + #include <sys/stat.h> + #include <sys/types.h> diff --git a/testing/shadow/shadow-strncpy-usage.patch b/testing/shadow/shadow-strncpy-usage.patch new file mode 100644 index 000000000..46df74ace --- /dev/null +++ b/testing/shadow/shadow-strncpy-usage.patch @@ -0,0 +1,27 @@ +diff -ur shadow-4.1.4.3.orig/src/login.c shadow-4.1.4.3/src/login.c +--- shadow-4.1.4.3.orig/src/login.c 2011-03-05 22:17:10.032524948 -0800 ++++ shadow-4.1.4.3/src/login.c 2011-03-05 22:17:59.154342059 -0800 +@@ -748,8 +748,9 @@ + sizeof (loginprompt), + _("%s login: "), hostn); + } else { ++ loginprompt[sizeof (loginprompt) - 1] = '\0'; + strncpy (loginprompt, _("login: "), +- sizeof (loginprompt)); ++ sizeof (loginprompt) - 1); + } + + retcode = pam_set_item (pamh, PAM_USER_PROMPT, loginprompt); +diff -ur shadow-4.1.4.3.orig/src/usermod.c shadow-4.1.4.3/src/usermod.c +--- shadow-4.1.4.3.orig/src/usermod.c 2011-03-05 22:17:10.029191265 -0800 ++++ shadow-4.1.4.3/src/usermod.c 2011-03-05 22:18:42.665576968 -0800 +@@ -182,7 +182,8 @@ + struct tm *tp; + + if ((negativ != NULL) && (date < 0)) { +- strncpy (buf, negativ, maxsize); ++ buf[maxsize - 1] = '\0'; ++ strncpy (buf, negativ, maxsize - 1); + } else { + time_t t = (time_t) date; + tp = gmtime (&t); diff --git a/testing/shadow/shadow.cron.daily b/testing/shadow/shadow.cron.daily new file mode 100755 index 000000000..1931a793e --- /dev/null +++ b/testing/shadow/shadow.cron.daily @@ -0,0 +1,6 @@ +#!/bin/sh + +# Verify integrity of password and group files +/usr/sbin/pwck -r +/usr/sbin/grpck -r + diff --git a/testing/shadow/shadow.install b/testing/shadow/shadow.install new file mode 100644 index 000000000..c1bd1066b --- /dev/null +++ b/testing/shadow/shadow.install @@ -0,0 +1,8 @@ +post_upgrade() { + grpck -r &>/dev/null + if [ $? -eq 2 ]; then + echo "Fixing gshadow file ..." + while :; do echo "y"; done | grpck &>/dev/null + fi + return 0 +} diff --git a/testing/shadow/shadow_CVE-2011-0721.patch b/testing/shadow/shadow_CVE-2011-0721.patch new file mode 100644 index 000000000..eb9ad80a2 --- /dev/null +++ b/testing/shadow/shadow_CVE-2011-0721.patch @@ -0,0 +1,57 @@ +Goal: Input sanitization for chfn and chsh + +Fixes: CVE-2011-0721 + +Status wrt upstream: Already applied upstream (4.1.4.3) + +--- a/src/chfn.c ++++ b/src/chfn.c +@@ -551,14 +551,14 @@ + static void check_fields (void) + { + int err; +- err = valid_field (fullnm, ":,="); ++ err = valid_field (fullnm, ":,=\n"); + if (err > 0) { + fprintf (stderr, _("%s: name with non-ASCII characters: '%s'\n"), Prog, fullnm); + } else if (err < 0) { + fprintf (stderr, _("%s: invalid name: '%s'\n"), Prog, fullnm); + fail_exit (E_NOPERM); + } +- err = valid_field (roomno, ":,="); ++ err = valid_field (roomno, ":,=\n"); + if (err > 0) { + fprintf (stderr, _("%s: room number with non-ASCII characters: '%s'\n"), Prog, roomno); + } else if (err < 0) { +@@ -566,17 +566,17 @@ + Prog, roomno); + fail_exit (E_NOPERM); + } +- if (valid_field (workph, ":,=") != 0) { ++ if (valid_field (workph, ":,=\n") != 0) { + fprintf (stderr, _("%s: invalid work phone: '%s'\n"), + Prog, workph); + fail_exit (E_NOPERM); + } +- if (valid_field (homeph, ":,=") != 0) { ++ if (valid_field (homeph, ":,=\n") != 0) { + fprintf (stderr, _("%s: invalid home phone: '%s'\n"), + Prog, homeph); + fail_exit (E_NOPERM); + } +- err = valid_field (slop, ":"); ++ err = valid_field (slop, ":\n"); + if (err > 0) { + fprintf (stderr, _("%s: '%s' contains non-ASCII characters\n"), Prog, slop); + } else if (err < 0) { +--- a/src/chsh. ++++ b/src/chsh.c +@@ -528,7 +528,7 @@ + * users are restricted to using the shells in /etc/shells. + * The shell must be executable by the user. + */ +- if (valid_field (loginsh, ":,=") != 0) { ++ if (valid_field (loginsh, ":,=\n") != 0) { + fprintf (stderr, _("%s: Invalid entry: %s\n"), Prog, loginsh); + fail_exit (1); + } diff --git a/testing/shadow/useradd.defaults b/testing/shadow/useradd.defaults new file mode 100644 index 000000000..b800b1777 --- /dev/null +++ b/testing/shadow/useradd.defaults @@ -0,0 +1,9 @@ +# useradd defaults file for ArchLinux +# original changes by TomK +GROUP=100 +HOME=/home +INACTIVE=-1 +EXPIRE= +SHELL=/bin/bash +SKEL=/etc/skel +CREATE_MAIL_SPOOL=no diff --git a/testing/shadow/xstrdup.patch b/testing/shadow/xstrdup.patch new file mode 100644 index 000000000..bce434264 --- /dev/null +++ b/testing/shadow/xstrdup.patch @@ -0,0 +1,9 @@ +--- shadow-4.1.2.1/libmisc/xmalloc.c 2008-08-30 21:55:44.000000000 -0500 ++++ shadow-4.1.2.1/libmisc/xmalloc.c.new 2008-08-30 21:55:36.000000000 -0500 +@@ -61,5 +61,6 @@ + + char *xstrdup (const char *str) + { ++ if(str == NULL) return NULL; + return strcpy (xmalloc (strlen (str) + 1), str); + } |