diff options
Diffstat (limited to 'testing/shadow')
-rw-r--r-- | testing/shadow/LICENSE | 31 | ||||
-rw-r--r-- | testing/shadow/PKGBUILD | 132 | ||||
-rw-r--r-- | testing/shadow/adduser | 399 | ||||
-rw-r--r-- | testing/shadow/chgpasswd | 4 | ||||
-rw-r--r-- | testing/shadow/chpasswd | 6 | ||||
-rw-r--r-- | testing/shadow/defaults.pam | 6 | ||||
-rw-r--r-- | testing/shadow/login | 21 | ||||
-rw-r--r-- | testing/shadow/login.defs | 197 | ||||
-rw-r--r-- | testing/shadow/newusers | 6 | ||||
-rw-r--r-- | testing/shadow/nscd-error-reporting.patch | 17 | ||||
-rw-r--r-- | testing/shadow/passwd | 4 | ||||
-rw-r--r-- | testing/shadow/shadow-add-missing-include.patch | 11 | ||||
-rw-r--r-- | testing/shadow/shadow-strncpy-usage.patch | 25 | ||||
-rwxr-xr-x | testing/shadow/shadow.cron.daily | 6 | ||||
-rw-r--r-- | testing/shadow/shadow.install | 9 | ||||
-rw-r--r-- | testing/shadow/useradd.defaults | 9 | ||||
-rw-r--r-- | testing/shadow/userdel-avoid-bad-mem-access.patch | 57 | ||||
-rw-r--r-- | testing/shadow/write-utmp-wtmp-entries.patch | 47 | ||||
-rw-r--r-- | testing/shadow/xstrdup.patch | 9 |
19 files changed, 0 insertions, 996 deletions
diff --git a/testing/shadow/LICENSE b/testing/shadow/LICENSE deleted file mode 100644 index c5ab15a56..000000000 --- a/testing/shadow/LICENSE +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright (c) 1990 - 1994, Julianne Frances Haugh - * Copyright (c) 1996 - 2000, Marek Michałkiewicz - * Copyright (c) 2001 - 2006, Tomasz Kłoczko - * Copyright (c) 2007 - 2009, Nicolas François - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the copyright holders or contributors may not be used to - * endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A - * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT - * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ diff --git a/testing/shadow/PKGBUILD b/testing/shadow/PKGBUILD deleted file mode 100644 index 5757df664..000000000 --- a/testing/shadow/PKGBUILD +++ /dev/null @@ -1,132 +0,0 @@ -# $Id: PKGBUILD 151351 2012-02-25 15:53:24Z dreisner $ -# Maintainer: Dave Reisner <dreisner@archlinux.org> -# Maintainer: Aaron Griffin <aaron@archlinux.org> - -pkgname=shadow -pkgver=4.1.5 -pkgrel=4 -pkgdesc="Password and account management tool suite with support for shadow files and PAM" -arch=('i686' 'x86_64') -url='http://pkg-shadow.alioth.debian.org/' -license=('BSD') -groups=('base') -depends=('bash' 'pam' 'acl') -backup=(etc/login.defs - etc/pam.d/{chage,login,passwd,shadow,useradd,usermod,userdel} - etc/pam.d/{chpasswd,newusers,groupadd,groupdel,groupmod} - etc/pam.d/{chfn,chgpasswd,groupmems,chsh} - etc/default/useradd) -options=('!libtool') -install='shadow.install' -source=("http://pkg-shadow.alioth.debian.org/releases/$pkgname-$pkgver.tar.bz2"{,.sig} - LICENSE - adduser - chgpasswd - chpasswd - defaults.pam - login - login.defs - newusers - passwd - shadow.cron.daily - useradd.defaults - nscd-error-reporting.patch - xstrdup.patch - shadow-strncpy-usage.patch - shadow-add-missing-include.patch - userdel-avoid-bad-mem-access.patch - write-utmp-wtmp-entries.patch) -sha1sums=('3ab1ae0e30af36d04445314fcb5a079bdf05de41' - '0a31aafceb948a91fe7370a6378cafd6fd883145' - '33a6cf1e44a1410e5c9726c89e5de68b78f5f922' - '78ec184a499f9708adcfcf0b7a3b22a60bf39f91' - '4ad0e059406a305c8640ed30d93c2a1f62c2f4ad' - '12427b1ca92a9b85ca8202239f0d9f50198b818f' - '0e56fed7fc93572c6bf0d8f3b099166558bb46f1' - '895aad07c192b288b457e19dd7b8c55841b4ad22' - 'e5cab2118ecb1e61874cde842d7d04d1003f35cb' - '12427b1ca92a9b85ca8202239f0d9f50198b818f' - '611be25d91c3f8f307c7fe2485d5f781e5dee75f' - '5d83ba7e11c765c951867cbe00b0ae7ff57148fa' - '9ae93de5987dd0ae428f0cc1a5a5a5cd53583f19' - 'ae6eebb842c433ac4022c493294a13ed68e06acc' - '6010fffeed1fc6673ad9875492e1193b1a847b53' - '21e12966a6befb25ec123b403cd9b5c492fe5b16' - '0697a21f7519de30821da7772677035652df4ad2' - 'e1dd93d82c6eba76b5f17a9fefad4bbc513cff5b' - 'bcef8558c9123b396d2d4df26c815a951f97a91a') - -build() { - cd "$pkgname-$pkgver" - - # avoid transitive linking issues with binutils 2.22 - sed -i '/^user\(mod\|add\)_LDADD/s|$| -lattr|' src/Makefile.am - - # link to glibc's crypt(3) - LDFLAGS+=" -lcrypt" - - # need to offer these upstream - patch -Np1 <"$srcdir/xstrdup.patch" - patch -Np1 <"$srcdir/shadow-strncpy-usage.patch" - - # backports queued for 4.1.5.1 - patch -Np1 <"$srcdir/shadow-add-missing-include.patch" - patch -Np1 <"$srcdir/nscd-error-reporting.patch" - - # sent to ML - patch -Np0 <"$srcdir/userdel-avoid-bad-mem-access.patch" - - # revert to fix FS#28543 - patch -RNp1 <"$srcdir/write-utmp-wtmp-entries.patch" - - # supress etc/pam.d/*, we provide our own - sed -i '/^SUBDIRS/s/pam.d//' etc/Makefile.in - - ./configure \ - --prefix=/usr \ - --libdir=/lib \ - --mandir=/usr/share/man \ - --sysconfdir=/etc \ - --with-libpam \ - --without-selinux - - make -} - -package() { - cd "$pkgname-$pkgver" - - make DESTDIR="$pkgdir" install - - # license - install -Dm644 "$srcdir/LICENSE" "$pkgdir/usr/share/licenses/shadow/LICENSE" - - # interactive useradd - install -Dm755 "$srcdir/adduser" "$pkgdir/usr/sbin/adduser" - - # useradd defaults - install -Dm644 "$srcdir/useradd.defaults" "$pkgdir/etc/default/useradd" - - # cron job - install -Dm744 "$srcdir/shadow.cron.daily" "$pkgdir/etc/cron.daily/shadow" - - # login.defs - install -Dm644 "$srcdir/login.defs" "$pkgdir/etc/login.defs" - - # PAM config - custom - install -dm755 "$pkgdir/etc/pam.d" - install -t "$pkgdir/etc/pam.d" -m644 "$srcdir"/{login,passwd,chgpasswd,chpasswd,newusers} - - # PAM config - from tarball - install -Dm644 etc/pam.d/groupmems "$pkgdir/etc/pam.d/groupmems" - - # we use the 'useradd' PAM file for other similar utilities - for file in chage chfn chsh groupadd groupdel groupmod shadow \ - useradd usermod userdel; do - install -Dm644 "$srcdir/defaults.pam" "$pkgdir/etc/pam.d/$file" - done - - # Remove su - using su from coreutils instead - rm "$pkgdir/bin/su" - find "$pkgdir/usr/share/man" -name 'su.1' -delete -} diff --git a/testing/shadow/adduser b/testing/shadow/adduser deleted file mode 100644 index a5d7fd4fa..000000000 --- a/testing/shadow/adduser +++ /dev/null @@ -1,399 +0,0 @@ -#!/bin/bash -# -# Copyright 1995 Hrvoje Dogan, Croatia. -# Copyright 2002, 2003, 2004 Stuart Winter, West Midlands, England, UK. -# Copyright 2004 Slackware Linux, Inc., Concord, CA, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# -# -########################################################################## -# Program: /usr/sbin/adduser -# Purpose: Interactive front end to /usr/sbin/useradd for Slackware Linux -# Author : Stuart Winter <stuart@polplex.co.uk> -# Based on the original Slackware adduser by Hrvoje Dogan -# with modifications by Patrick Volkerding -# Version: 1.09 -########################################################################## -# Usage..: adduser [<new_user_name>] -########################################################################## -# History # -########### -# v1.09 - 07/06/04 -# * Added standard Slackware script licence to the head of this file. -# v1.08 - 25/04/04 -# * Disallow user names that begin with a numeric because useradd -# (from shadow v4.03) does not allow them. <sw> -# v1.07 - 07/03/03 -# * When supplying a null string for the uid (meaning 'Choose next available'), -# if there were file names in the range 'a-z' in the pwd then the -# egrep command considered these files rather than the null string. -# The egrep expression is now in quotes. -# Reported & fixed by Vadim O. Ustiansky <sw> -# v1.06 - 31/03/03 -# * Ask to chown user.group the home directory if it already exists. -# This helps reduce later confusion when adding users whose home dir -# already exists (mounted partition for example) and is owned -# by a user other than the user to which the directory is being -# assigned as home. Default is not to chown. -# Brought to my attention by mRgOBLIN. <sw> -# v1.05 - 04/01/03 -# * Advise & prevent users from creating logins with '.' characters -# in the user name. <sw> -# * Made pending account creation info look neater <sw> -# v1.04 - 09/06/02 -# * Catered for shadow-4.0.3's 'useradd' binary that no longer -# will let you create a user that has any uppercase chars in it -# This was reported on the userlocal.org forums -# by 'xcp' - thanks. <sw,pjv> -# v1.03 - 20/05/02 -# * Support 'broken' (null lines in) /etc/passwd and -# /etc/group files <sw> -# * For recycling UIDs (default still 'off'), we now look in -# /etc/login.defs for the UID_MIN value and use it -# If not found then default to 1000 <sw> -# v1.02 - 10/04/02 -# * Fix user-specified UID bug. <pjv> -# v1.01 - 23/03/02 -# * Match Slackware indenting style, simplify. <pjv> -# v1.00 - 22/03/02 -# * Created -####################################################################### - -# Path to files -pfile=/etc/passwd -gfile=/etc/group -sfile=/etc/shells - -# Paths to binaries -useradd=/usr/sbin/useradd -chfn=/usr/bin/chfn -passwd=/usr/bin/passwd - -# Defaults -defhome=/home -defshell=/bin/bash -defgroup=users - -# Determine what the minimum UID is (for UID recycling) -# (we ignore it if it's not at the beginning of the line (i.e. commented out with #)) -export recycleUIDMIN="$(grep ^UID_MIN /etc/login.defs | awk '{print $2}' 2>/dev/null)" -# If we couldn't find it, set it to the default of 1000 -if [ -z "$recycleUIDMIN" ]; then - export recycleUIDMIN=1000 # this is the default from Slackware's /etc/login.defs -fi - - -# This setting enables the 'recycling' of older unused UIDs. -# When you userdel a user, it removes it from passwd and shadow but it will -# never get used again unless you specify it expliticly -- useradd (appears to) just -# look at the last line in passwd and increment the uid. I like the idea of -# recycling uids but you may have very good reasons not to (old forgotten -# confidential files still on the system could then be owned by this new user). -# We'll set this to no because this is what the original adduser shell script -# did and it's what users expect. -recycleuids=no - -# Function to read keyboard input. -# bash1 is broken (even ash will take read -ep!), so we work around -# it (even though bash1 is no longer supported on Slackware). -function get_input() { - local output - if [ "`echo $BASH_VERSION | cut -b1`" = "1" ]; then - echo -n "${1} " >&2 # fudge for use with bash v1 - read output - else # this should work with any other /bin/sh - read -ep "${1} " output - fi - echo $output -} - -# Function to display the account info -function display () { - local goose - goose="$(echo $2 | cut -d ' ' -f 2-)" # lop off the prefixed argument useradd needs - echo -n "$1 " - # If it's null then display the 'other' information - if [ -z "$goose" -a ! -z "$3" ]; then - echo "$3" - else - echo "$goose" - fi -} - -# Function to check whether groups exist in the /etc/group file -function check_group () { - local got_error group - if [ ! -z "$@" ]; then - for group in $@ ; do - local uid_not_named="" uid_not_num="" - grep -v "$^" $gfile | awk -F: '{print $1}' | grep "^${group}$" >/dev/null 2>&1 || uid_not_named=yes - grep -v "$^" $gfile | awk -F: '{print $3}' | grep "^${group}$" >/dev/null 2>&1 || uid_not_num=yes - if [ ! -z "$uid_not_named" -a ! -z "$uid_not_num" ]; then - echo "- Group '$group' does not exist" - got_error=yes - fi - done - fi - # Return exit code of 1 if at least one of the groups didn't exist - if [ ! -z "$got_error" ]; then - return 1 - fi -} - -#: Read the login name for the new user :# -# -# Remember that most Mail Transfer Agents are case independant, so having -# 'uSer' and 'user' may cause confusion/things to break. Because of this, -# useradd from shadow-4.0.3 no longer accepts usernames containing uppercase, -# and we must reject them, too. - -# Set the login variable to the command line param -echo -LOGIN="$1" -needinput=yes -while [ ! -z $needinput ]; do - if [ -z "$LOGIN" ]; then - while [ -z "$LOGIN" ]; do LOGIN="$(get_input "Login name for new user []:")" ; done - fi - grep "^${LOGIN}:" $pfile >/dev/null 2>&1 # ensure it's not already used - if [ $? -eq 0 ]; then - echo "- User '$LOGIN' already exists; please choose another" - unset LOGIN - elif [ ! -z "$( echo $LOGIN | grep "^[0-9]" )" ]; then - echo "- User names cannot begin with a number; please choose another" - unset LOGIN - elif [ ! "$LOGIN" = "`echo $LOGIN | tr A-Z a-z`" ]; then # useradd does not allow uppercase - echo "- User '$LOGIN' contains illegal characters (uppercase); please choose another" - unset LOGIN - elif [ ! -z "$( echo $LOGIN | grep '\.' )" ]; then - echo "- User '$LOGIN' contains illegal characters (period/dot); please choose another" - unset LOGIN - else - unset needinput - fi -done - -# Display the user name passed from the shell if it hasn't changed -if [ "$1" = "$LOGIN" ]; then - echo "Login name for new user: $LOGIN" -fi - -#: Get the UID for the user & ensure it's not already in use :# -# -# Whilst we _can_ allow users with identical UIDs, it's not a 'good thing' because -# when you change password for the uid, it finds the first match in /etc/passwd -# which isn't necessarily the correct user -# -echo -needinput=yes -while [ ! -z "$needinput" ]; do - _UID="$(get_input "User ID ('UID') [ defaults to next available ]:")" - grep -v "^$" $pfile | awk -F: '{print $3}' | grep "^${_UID}$" >/dev/null 2>&1 - if [ $? -eq 0 ]; then - echo "- That UID is already in use; please choose another" - elif [ ! -z "$(echo $_UID | egrep '[A-Za-z]')" ]; then - echo "- UIDs are numerics only" - else - unset needinput - fi -done -# If we were given a UID, then syntax up the variable to pass to useradd -if [ ! -z "$_UID" ]; then - U_ID="-u ${_UID}" -else - # Will we be recycling UIDs? - if [ "$recycleuids" = "yes" ]; then - U_ID="-u $(awk -F: '{uid[$3]=1} END { for (i=ENVIRON["recycleUIDMIN"];i in uid;i++);print i}' $pfile)" - fi -fi - -#: Get the initial group for the user & ensure it exists :# -# -# We check /etc/group for both the text version and the group ID number -echo -needinput=yes -while [ ! -z "$needinput" ]; do - GID="$(get_input "Initial group [ ${defgroup} ]:")" - check_group "$GID" - if [ $? -gt 0 ]; then - echo "- Please choose another" - else - unset needinput - fi -done -# Syntax the variable ready for useradd -if [ -z "$GID" ]; then - GID="-g ${defgroup}" -else - GID="-g ${GID}" -fi - -#: Get additional groups for the user :# -# -echo -needinput=yes -while [ ! -z "$needinput" ]; do - AGID="$(get_input "Additional groups (comma separated) []:")" - AGID="$(echo "$AGID" | tr -d ' ' | tr , ' ')" # fix up for parsing - if [ ! -z "$AGID" ]; then - check_group "$AGID" # check all groups at once (treated as N # of params) - if [ $? -gt 0 ]; then - echo "- Please re-enter the group(s)" - else - unset needinput # we found all groups specified - AGID="-G $(echo "$AGID" | tr ' ' ,)" - fi - else - unset needinput # we don't *have* to have additional groups - fi -done - -#: Get the new user's home dir :# -# -echo -needinput=yes -while [ ! -z "$needinput" ]; do - HME="$(get_input "Home directory [ ${defhome}/${LOGIN} ]")" - if [ -z "$HME" ]; then - HME="${defhome}/${LOGIN}" - fi - # Warn the user if the home dir already exists - if [ -d "$HME" ]; then - echo "- Warning: '$HME' already exists !" - getyn="$(get_input " Do you wish to change the home directory path ? (Y/n) ")" - if [ "$(echo $getyn | grep -i "n")" ]; then - unset needinput - # You're most likely going to only do this if you have the dir *mounted* for this user's $HOME - getyn="$(get_input " Do you want to chown $LOGIN.$( echo $GID | awk '{print $2}') $HME ? (y/N) ")" - if [ "$(echo $getyn | grep -i "y")" ]; then - CHOWNHOMEDIR=$HME # set this to the home directory - fi - fi - else - unset needinput - fi -done -HME="-d ${HME}" - -#: Get the new user's shell :# -echo -needinput=yes -while [ ! -z "$needinput" ]; do - unset got_error - SHL="$(get_input "Shell [ ${defshell} ]")" - if [ -z "$SHL" ]; then - SHL="${defshell}" - fi - # Warn the user if the shell doesn't exist in /etc/shells or as a file - if [ -z "$(grep "^${SHL}$" $sfile)" ]; then - echo "- Warning: ${SHL} is not in ${sfile} (potential problem using FTP)" - got_error=yes - fi - if [ ! -f "$SHL" ]; then - echo "- Warning: ${SHL} does not exist as a file" - got_error=yes - fi - if [ ! -z "$got_error" ]; then - getyn="$(get_input " Do you wish to change the shell ? (Y/n) ")" - if [ "$(echo $getyn | grep -i "n")" ]; then - unset needinput - fi - else - unset needinput - fi -done -SHL="-s ${SHL}" - -#: Get the expiry date :# -echo -needinput=yes -while [ ! -z "$needinput" ]; do - EXP="$(get_input "Expiry date (YYYY-MM-DD) []:")" - if [ ! -z "$EXP" ]; then - # Check to see whether the expiry date is in the valid format - if [ -z "$(echo "$EXP" | grep "^[[:digit:]]\{4\}[-]\?[[:digit:]]\{2\}[-]\?[[:digit:]]\{2\}$")" ]; then - echo "- That is not a valid expiration date" - else - unset needinput - EXP="-e ${EXP}" - fi - else - unset needinput - fi -done - -# Display the info about the new impending account -echo -echo "New account will be created as follows:" -echo -echo "---------------------------------------" -display "Login name.......: " "$LOGIN" -display "UID..............: " "$_UID" "[ Next available ]" -display "Initial group....: " "$GID" -display "Additional groups: " "$AGID" "[ None ]" -display "Home directory...: " "$HME" -display "Shell............: " "$SHL" -display "Expiry date......: " "$EXP" "[ Never ]" -echo - -echo "This is it... if you want to bail out, hit Control-C. Otherwise, press" -echo "ENTER to go ahead and make the account." -read junk - -echo -echo "Creating new account..." -echo -echo - -# Add the account to the system -CMD="$useradd "$HME" -m "$EXP" "$U_ID" "$GID" "$AGID" "$SHL" "$LOGIN"" -$CMD - -if [ $? -gt 0 ]; then - echo "- Error running useradd command -- account not created!" - echo "(cmd: $CMD)" - exit 1 -fi - -# chown the home dir ? We can only do this once the useradd has -# completed otherwise the user name doesn't exist. -if [ ! -z "${CHOWNHOMEDIR}" ]; then - chown "$LOGIN"."$( echo $GID | awk '{print $2}')" "${CHOWNHOMEDIR}" -fi - -# Set the finger information -$chfn "$LOGIN" -if [ $? -gt 0 ]; then - echo "- Warning: an error occurred while setting finger information" -fi - -# Set a password -$passwd "$LOGIN" -if [ $? -gt 0 ]; then - echo "* WARNING: An error occured while setting the password for" - echo " this account. Please manually investigate this *" - exit 1 -fi - -echo -echo -echo "Account setup complete." -exit 0 - diff --git a/testing/shadow/chgpasswd b/testing/shadow/chgpasswd deleted file mode 100644 index 8f49f5cc8..000000000 --- a/testing/shadow/chgpasswd +++ /dev/null @@ -1,4 +0,0 @@ -#%PAM-1.0 -auth sufficient pam_rootok.so -account required pam_permit.so -password include system-auth diff --git a/testing/shadow/chpasswd b/testing/shadow/chpasswd deleted file mode 100644 index 5d447985a..000000000 --- a/testing/shadow/chpasswd +++ /dev/null @@ -1,6 +0,0 @@ -#%PAM-1.0 -auth sufficient pam_rootok.so -auth required pam_unix.so -account required pam_unix.so -session required pam_unix.so -password required pam_unix.so sha512 shadow diff --git a/testing/shadow/defaults.pam b/testing/shadow/defaults.pam deleted file mode 100644 index a7bf8a4a5..000000000 --- a/testing/shadow/defaults.pam +++ /dev/null @@ -1,6 +0,0 @@ -#%PAM-1.0 -auth sufficient pam_rootok.so -auth required pam_unix.so -account required pam_unix.so -session required pam_unix.so -password required pam_permit.so diff --git a/testing/shadow/login b/testing/shadow/login deleted file mode 100644 index b8555f89c..000000000 --- a/testing/shadow/login +++ /dev/null @@ -1,21 +0,0 @@ -#%PAM-1.0 -auth required pam_securetty.so -auth requisite pam_nologin.so -auth required pam_unix.so nullok -auth required pam_tally.so onerr=succeed file=/var/log/faillog -# use this to lockout accounts for 10 minutes after 3 failed attempts -#auth required pam_tally.so deny=2 unlock_time=600 onerr=succeed file=/var/log/faillog -account required pam_access.so -account required pam_time.so -account required pam_unix.so -#password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 -#password required pam_unix.so sha512 shadow use_authtok -session required pam_unix.so -session required pam_env.so -session required pam_motd.so -session required pam_limits.so -session optional pam_mail.so dir=/var/spool/mail standard -session optional pam_lastlog.so -session optional pam_loginuid.so --session optional pam_ck_connector.so nox11 --session optional pam_systemd.so diff --git a/testing/shadow/login.defs b/testing/shadow/login.defs deleted file mode 100644 index 2500ee447..000000000 --- a/testing/shadow/login.defs +++ /dev/null @@ -1,197 +0,0 @@ -# -# /etc/login.defs - Configuration control definitions for the login package. -# -# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. -# If unspecified, some arbitrary (and possibly incorrect) value will -# be assumed. All other items are optional - if not specified then -# the described action or option will be inhibited. -# -# Comment lines (lines beginning with "#") and blank lines are ignored. -# -# Modified for Linux. --marekm - -# -# Delay in seconds before being allowed another attempt after a login failure -# -FAIL_DELAY 3 - -# -# Enable display of unknown usernames when login failures are recorded. -# -LOG_UNKFAIL_ENAB no - -# -# Enable logging of successful logins -# -LOG_OK_LOGINS no - -# -# Enable "syslog" logging of su activity - in addition to sulog file logging. -# SYSLOG_SG_ENAB does the same for newgrp and sg. -# -SYSLOG_SU_ENAB yes -SYSLOG_SG_ENAB yes - -# -# If defined, either full pathname of a file containing device names or -# a ":" delimited list of device names. Root logins will be allowed only -# upon these devices. -# -CONSOLE /etc/securetty -#CONSOLE console:tty01:tty02:tty03:tty04 - -# -# If defined, all su activity is logged to this file. -# -#SULOG_FILE /var/log/sulog - -# -# If defined, file which maps tty line to TERM environment parameter. -# Each line of the file is in a format something like "vt100 tty01". -# -#TTYTYPE_FILE /etc/ttytype - -# -# If defined, the command name to display when running "su -". For -# example, if this is defined as "su" then a "ps" will display the -# command is "-su". If not defined, then "ps" would display the -# name of the shell actually being run, e.g. something like "-sh". -# -SU_NAME su - -# -# *REQUIRED* -# Directory where mailboxes reside, _or_ name of file, relative to the -# home directory. If you _do_ define both, MAIL_DIR takes precedence. -# QMAIL_DIR is for Qmail -# -#QMAIL_DIR Maildir -MAIL_DIR /var/spool/mail - -# -# If defined, file which inhibits all the usual chatter during the login -# sequence. If a full pathname, then hushed mode will be enabled if the -# user's name or shell are found in the file. If not a full pathname, then -# hushed mode will be enabled if the file exists in the user's home directory. -# -HUSHLOGIN_FILE .hushlogin -#HUSHLOGIN_FILE /etc/hushlogins - -# -# *REQUIRED* The default PATH settings, for superuser and normal users. -# -# (they are minimal, add the rest in the shell startup files) -ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin -ENV_PATH PATH=/bin:/usr/bin - -# -# Terminal permissions -# -# TTYGROUP Login tty will be assigned this group ownership. -# TTYPERM Login tty will be set to this permission. -# -# If you have a "write" program which is "setgid" to a special group -# which owns the terminals, define TTYGROUP to the group number and -# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign -# TTYPERM to either 622 or 600. -# -TTYGROUP tty -TTYPERM 0600 - -# -# Login configuration initializations: -# -# ERASECHAR Terminal ERASE character ('\010' = backspace). -# KILLCHAR Terminal KILL character ('\025' = CTRL/U). -# UMASK Default "umask" value. -# -# The ERASECHAR and KILLCHAR are used only on System V machines. -# The ULIMIT is used only if the system supports it. -# (now it works with setrlimit too; ulimit is in 512-byte units) -# -# Prefix these values with "0" to get octal, "0x" to get hexadecimal. -# -ERASECHAR 0177 -KILLCHAR 025 -UMASK 077 - -# -# Password aging controls: -# -# PASS_MAX_DAYS Maximum number of days a password may be used. -# PASS_MIN_DAYS Minimum number of days allowed between password changes. -# PASS_WARN_AGE Number of days warning given before a password expires. -# -PASS_MAX_DAYS 99999 -PASS_MIN_DAYS 0 -PASS_WARN_AGE 7 - -# -# Min/max values for automatic uid selection in useradd -# -UID_MIN 1000 -UID_MAX 60000 -# System accounts -SYS_UID_MIN 500 -SYS_UID_MAX 999 - -# -# Min/max values for automatic gid selection in groupadd -# -GID_MIN 1000 -GID_MAX 60000 -# System accounts -SYS_GID_MIN 500 -SYS_GID_MAX 999 - -# -# Max number of login retries if password is bad -# -LOGIN_RETRIES 5 - -# -# Max time in seconds for login -# -LOGIN_TIMEOUT 60 - -# -# Which fields may be changed by regular users using chfn - use -# any combination of letters "frwh" (full name, room number, work -# phone, home phone). If not defined, no changes are allowed. -# For backward compatibility, "yes" = "rwh" and "no" = "frwh". -# -CHFN_RESTRICT rwh - -# -# List of groups to add to the user's supplementary group set -# when logging in on the console (as determined by the CONSOLE -# setting). Default is none. -# -# Use with caution - it is possible for users to gain permanent -# access to these groups, even when not logged in on the console. -# How to do it is left as an exercise for the reader... -# -#CONSOLE_GROUPS floppy:audio:cdrom - -# -# Should login be allowed if we can't cd to the home directory? -# Default in no. -# -DEFAULT_HOME yes - -# -# If defined, this command is run when removing a user. -# It should remove any at/cron/print jobs etc. owned by -# the user to be removed (passed as the first argument). -# -#USERDEL_CMD /usr/sbin/userdel_local - -# -# Enable setting of the umask group bits to be the same as owner bits -# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is -# the same as gid, and username is the same as the primary group name. -# -# This also enables userdel to remove user groups if no members exist. -# -USERGROUPS_ENAB yes - diff --git a/testing/shadow/newusers b/testing/shadow/newusers deleted file mode 100644 index 5d447985a..000000000 --- a/testing/shadow/newusers +++ /dev/null @@ -1,6 +0,0 @@ -#%PAM-1.0 -auth sufficient pam_rootok.so -auth required pam_unix.so -account required pam_unix.so -session required pam_unix.so -password required pam_unix.so sha512 shadow diff --git a/testing/shadow/nscd-error-reporting.patch b/testing/shadow/nscd-error-reporting.patch deleted file mode 100644 index a4075756e..000000000 --- a/testing/shadow/nscd-error-reporting.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff --git a/upstream/trunk/lib/nscd.c b/upstream/trunk/lib/nscd.c -index 227c205..7adb58f 100644 ---- a/lib/nscd.c -+++ b/lib/nscd.c -@@ -39,8 +39,11 @@ int nscd_flush_cache (const char *service) - /* nscd is not installed, or it is installed but uses an - interpreter that is missing. Probably the former. */ - return 0; -+ } else if (code == 1) { -+ /* nscd is installed, but it isn't active. */ -+ return 0; - } else if (code != 0) { -- (void) fprintf (stderr, _("%s: nscd exited with status %d"), -+ (void) fprintf (stderr, _("%s: nscd exited with status %d\n"), - Prog, code); - (void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog); - return -1; diff --git a/testing/shadow/passwd b/testing/shadow/passwd deleted file mode 100644 index ab56da496..000000000 --- a/testing/shadow/passwd +++ /dev/null @@ -1,4 +0,0 @@ -#%PAM-1.0 -#password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 -#password required pam_unix.so sha512 shadow use_authtok -password required pam_unix.so sha512 shadow nullok diff --git a/testing/shadow/shadow-add-missing-include.patch b/testing/shadow/shadow-add-missing-include.patch deleted file mode 100644 index 5c9e946ef..000000000 --- a/testing/shadow/shadow-add-missing-include.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -Naur shadow-4.1.4.2+svn3283/libmisc/copydir.c shadow-4.1.4.2+svn3283.new/libmisc/copydir.c ---- shadow-4.1.4.2+svn3283/libmisc/copydir.c 2010-09-05 11:35:26.000000000 -0400 -+++ shadow-4.1.4.2+svn3283.new/libmisc/copydir.c 2011-06-26 01:26:52.000000000 -0400 -@@ -34,6 +34,7 @@ - - #ident "$Id: copydir.c 3283 2010-09-05 15:34:42Z nekral-guest $" - -+#include <stdarg.h> - #include <assert.h> - #include <sys/stat.h> - #include <sys/types.h> diff --git a/testing/shadow/shadow-strncpy-usage.patch b/testing/shadow/shadow-strncpy-usage.patch deleted file mode 100644 index 5aba8fa01..000000000 --- a/testing/shadow/shadow-strncpy-usage.patch +++ /dev/null @@ -1,25 +0,0 @@ -diff -u shadow-4.1.5/src/usermod.c.orig shadow-4.1.5/src/usermod.c ---- shadow-4.1.5/src/usermod.c.orig 2012-02-13 08:19:43.792146449 -0500 -+++ shadow-4.1.5/src/usermod.c 2012-02-13 08:21:19.375114500 -0500 -@@ -182,7 +182,7 @@ - struct tm *tp; - - if (date < 0) { -- strncpy (buf, "never", maxsize); -+ strncpy (buf, "never", maxsize - 1); - } else { - time_t t = (time_t) date; - tp = gmtime (&t); -diff -u shadow-4.1.5/src/login.c.orig shadow-4.1.5/src/login.c ---- shadow-4.1.5/src/login.c.orig 2012-02-13 08:19:50.951994454 -0500 -+++ shadow-4.1.5/src/login.c 2012-02-13 08:21:04.490430937 -0500 -@@ -752,7 +752,8 @@ - _("%s login: "), hostn); - } else { - strncpy (loginprompt, _("login: "), -- sizeof (loginprompt)); -+ sizeof (loginprompt) - 1); -+ loginprompt[sizeof (loginprompt) - 1] = '\0'; - } - - retcode = pam_set_item (pamh, PAM_USER_PROMPT, loginprompt); diff --git a/testing/shadow/shadow.cron.daily b/testing/shadow/shadow.cron.daily deleted file mode 100755 index 1931a793e..000000000 --- a/testing/shadow/shadow.cron.daily +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -# Verify integrity of password and group files -/usr/sbin/pwck -r -/usr/sbin/grpck -r - diff --git a/testing/shadow/shadow.install b/testing/shadow/shadow.install deleted file mode 100644 index 14384c333..000000000 --- a/testing/shadow/shadow.install +++ /dev/null @@ -1,9 +0,0 @@ -post_upgrade() { - grpck -r >/dev/null 2>&1 - if [ $? -eq 2 ]; then - printf '%s\n' \ - "==> Warning: /etc/group or /etc/gshadow are inconsistent." \ - " Run 'grpck' to correct this." - fi - return 0 -} diff --git a/testing/shadow/useradd.defaults b/testing/shadow/useradd.defaults deleted file mode 100644 index b800b1777..000000000 --- a/testing/shadow/useradd.defaults +++ /dev/null @@ -1,9 +0,0 @@ -# useradd defaults file for ArchLinux -# original changes by TomK -GROUP=100 -HOME=/home -INACTIVE=-1 -EXPIRE= -SHELL=/bin/bash -SKEL=/etc/skel -CREATE_MAIL_SPOOL=no diff --git a/testing/shadow/userdel-avoid-bad-mem-access.patch b/testing/shadow/userdel-avoid-bad-mem-access.patch deleted file mode 100644 index 1d36562b2..000000000 --- a/testing/shadow/userdel-avoid-bad-mem-access.patch +++ /dev/null @@ -1,57 +0,0 @@ -Index: src/userdel.c -=================================================================== ---- src/userdel.c (revision 3713) -+++ src/userdel.c (working copy) -@@ -329,26 +329,33 @@ - } - - if (NULL == pwd) { -+ char gr_name[GROUP_NAME_MAX_LENGTH + 1]; -+ -+ /* make a copy of the group name before we delete it. -+ * we can't use ->gr_name after the group is deleted -+ * for logging purposes */ -+ snprintf(gr_name, GROUP_NAME_MAX_LENGTH, "%s", grp->gr_name); -+ - /* - * We can remove this group, it is not the primary - * group of any remaining user. - */ -- if (gr_remove (grp->gr_name) == 0) { -+ if (gr_remove (gr_name) == 0) { - fprintf (stderr, - _("%s: cannot remove entry '%s' from %s\n"), -- Prog, grp->gr_name, gr_dbname ()); -+ Prog, gr_name, gr_dbname ()); - fail_exit (E_GRP_UPDATE); - } - - #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_GROUP, Prog, - "deleting group", -- grp->gr_name, AUDIT_NO_ID, -+ gr_name, AUDIT_NO_ID, - SHADOW_AUDIT_SUCCESS); - #endif /* WITH_AUDIT */ - SYSLOG ((LOG_INFO, - "removed group '%s' owned by '%s'\n", -- grp->gr_name, user_name)); -+ gr_name, user_name)); - - #ifdef SHADOWGRP - if (sgr_locate (user_name) != NULL) { -@@ -361,12 +368,12 @@ - #ifdef WITH_AUDIT - audit_logger (AUDIT_DEL_GROUP, Prog, - "deleting shadow group", -- grp->gr_name, AUDIT_NO_ID, -+ gr_name, AUDIT_NO_ID, - SHADOW_AUDIT_SUCCESS); - #endif /* WITH_AUDIT */ - SYSLOG ((LOG_INFO, - "removed shadow group '%s' owned by '%s'\n", -- grp->gr_name, user_name)); -+ gr_name, user_name)); - - } - #endif /* SHADOWGRP */ diff --git a/testing/shadow/write-utmp-wtmp-entries.patch b/testing/shadow/write-utmp-wtmp-entries.patch deleted file mode 100644 index b4272ca61..000000000 --- a/testing/shadow/write-utmp-wtmp-entries.patch +++ /dev/null @@ -1,47 +0,0 @@ -Index: upstream/trunk/src/login.c -=================================================================== ---- a/src/login.c (revision 3437) -+++ b/src/login.c (revision 3438) -@@ -126,10 +126,12 @@ - static void setup_tty (void); - static void process_flags (int argc, char *const *argv); - static /*@observer@*/const char *get_failent_user (/*@returned@*/const char *user); -+#ifndef USE_PAM - static void update_utmp (const char *user, - const char *tty, - const char *host, - /*@null@*/const struct utmp *utent); -+#endif /* ! USE_PAM */ - - #ifndef USE_PAM - static struct faillog faillog; -@@ -471,6 +473,7 @@ - return failent_user; - } - -+#ifndef USE_PAM - /* - * update_utmp - Update or create an utmp entry in utmp, wtmp, utmpw, and - * wtmpx -@@ -496,6 +499,7 @@ - free (utx); - #endif /* USE_UTMPX */ - } -+#endif /* ! USE_PAM */ - - /* - * login - create a new login session for a user -@@ -1208,11 +1212,13 @@ - } - } - -+#ifndef USE_PAM - /* - * The utmp entry needs to be updated to indicate the new status - * of the session, the new PID and SID. - */ - update_utmp (username, tty, hostname, utent); -+#endif /* ! USE_PAM */ - - /* The pwd and spwd entries for the user have been copied. - * diff --git a/testing/shadow/xstrdup.patch b/testing/shadow/xstrdup.patch deleted file mode 100644 index bce434264..000000000 --- a/testing/shadow/xstrdup.patch +++ /dev/null @@ -1,9 +0,0 @@ ---- shadow-4.1.2.1/libmisc/xmalloc.c 2008-08-30 21:55:44.000000000 -0500 -+++ shadow-4.1.2.1/libmisc/xmalloc.c.new 2008-08-30 21:55:36.000000000 -0500 -@@ -61,5 +61,6 @@ - - char *xstrdup (const char *str) - { -+ if(str == NULL) return NULL; - return strcpy (xmalloc (strlen (str) + 1), str); - } |