Fri Feb 17 19:20:30 UTC 2012

author: root <root@rshg054.dnsready.net> 2012-02-17 19:20:30 +0000
committer: root <root@rshg054.dnsready.net> 2012-02-17 19:20:30 +0000
commit: 4fc59478d1180fd7984003f5b1645fe40954299f (patch)
tree: 35f3d7dada2cfcb8194cdaed447c431664746934 /core/shadow
parent: 76774d40da5ce246c9f2178fdf937706d99af4b2 (diff)
4 files changed, 81 insertions, 54 deletions
diff --git a/core/shadow/PKGBUILD b/core/shadow/PKGBUILD
index 000ffcbc1..ed42c0916 100644
--- a/core/shadow/PKGBUILD
+++ b/core/shadow/PKGBUILD
@@ -1,10 +1,10 @@
-# $Id: PKGBUILD 144463 2011-12-06 10:57:36Z dreisner $
+# $Id: PKGBUILD 150333 2012-02-16 23:20:09Z dreisner $
 # Maintainer: Dave Reisner <dreisner@archlinux.org>
 # Maintainer: Aaron Griffin <aaron@archlinux.org>
 
 pkgname=shadow
-pkgver=4.1.4.3
-pkgrel=5
+pkgver=4.1.5
+pkgrel=3
 pkgdesc="Password and account management tool suite with support for shadow files and PAM"
 arch=('i686' 'x86_64')
 url='http://pkg-shadow.alioth.debian.org/'
@@ -17,15 +17,26 @@ backup=(etc/login.defs
         etc/pam.d/{chfn,chgpasswd,groupmems,chsh}
         etc/default/useradd)
 options=('!libtool')
-install=shadow.install
-#http://pkg-shadow.alioth.debian.org/releases/shadow-$pkgver.tar.bz2
-# shadow 4.1.4.3 is just shadow 4.1.4.2 with shadow_CVE-2011-0721.patch applied
-source=(ftp://ftp.archlinux.org/other/shadow/shadow_4.1.4.2+svn3283.orig.tar.gz
-        adduser chgpasswd chpasswd defaults.pam login login.defs newusers
-        passwd shadow.cron.daily useradd.defaults LICENSE
-        xstrdup.patch shadow_CVE-2011-0721.patch shadow-strncpy-usage.patch
+install='shadow.install'
+source=("http://pkg-shadow.alioth.debian.org/releases/$pkgname-$pkgver.tar.bz2"{,.sig}
+        LICENSE
+        adduser
+        chgpasswd
+        chpasswd
+        defaults.pam
+        login
+        login.defs
+        newusers
+        passwd
+        shadow.cron.daily
+        useradd.defaults
+        nscd-error-reporting.patch
+        xstrdup.patch
+        shadow-strncpy-usage.patch
         shadow-add-missing-include.patch)
-sha1sums=('8b704b8f07718e329205f23d457c3121c0f3679e'
+sha1sums=('3ab1ae0e30af36d04445314fcb5a079bdf05de41'
+          '0a31aafceb948a91fe7370a6378cafd6fd883145'
+          '33a6cf1e44a1410e5c9726c89e5de68b78f5f922'
           '78ec184a499f9708adcfcf0b7a3b22a60bf39f91'
           '4ad0e059406a305c8640ed30d93c2a1f62c2f4ad'
           '12427b1ca92a9b85ca8202239f0d9f50198b818f'
@@ -36,39 +47,42 @@ sha1sums=('8b704b8f07718e329205f23d457c3121c0f3679e'
           '611be25d91c3f8f307c7fe2485d5f781e5dee75f'
           '5d83ba7e11c765c951867cbe00b0ae7ff57148fa'
           '9ae93de5987dd0ae428f0cc1a5a5a5cd53583f19'
-          '33a6cf1e44a1410e5c9726c89e5de68b78f5f922'
+          'ae6eebb842c433ac4022c493294a13ed68e06acc'
           '6010fffeed1fc6673ad9875492e1193b1a847b53'
-          '6bfe6528391eb38d338beacedd620407877b637d'
-          '9db9e62ad173f31e1039121c0124cf60826ffd7e'
+          '21e12966a6befb25ec123b403cd9b5c492fe5b16'
           '0697a21f7519de30821da7772677035652df4ad2')
 
 build() {
-  cd "$srcdir/$pkgname-4.1.4.2+svn3283"
+  cd "$pkgname-$pkgver"
+
+  # avoid transitive linking issues with binutils 2.22
+  sed -i '/^user\(mod\|add\)_LDADD/s|$| -lattr|' src/Makefile.am
 
-  #Ugh, force this to build shared libraries, for god's sake
-  sed -i "s/noinst_LTLIBRARIES/lib_LTLIBRARIES/g" lib/Makefile.am
-  libtoolize
-  autoreconf
-  export LDFLAGS="$LDFLAGS -lcrypt"
+  # link to glibc's crypt(3)
+  LDFLAGS+=" -lcrypt"
 
-  patch -p1 -i "$srcdir/xstrdup.patch"
-  patch -p1 -i "$srcdir/shadow_CVE-2011-0721.patch"
-  patch -p1 -i "$srcdir/shadow-strncpy-usage.patch"
-  patch -p1 -i "$srcdir/shadow-add-missing-include.patch"
+  patch -Np1 <"$srcdir/xstrdup.patch"
+  patch -Np1 <"$srcdir/shadow-strncpy-usage.patch"
+  patch -Np1 <"$srcdir/shadow-add-missing-include.patch"
+  patch -Np1 <"$srcdir/nscd-error-reporting.patch"
 
   # supress etc/pam.d/*, we provide our own
   sed -i '/^SUBDIRS/s/pam.d//' etc/Makefile.in
 
   ./configure \
-    --prefix=/usr --libdir=/lib \
-    --mandir=/usr/share/man --sysconfdir=/etc \
-    --enable-shared --disable-static \
-    --with-libpam --without-selinux
+    --prefix=/usr \
+    --libdir=/lib \
+    --mandir=/usr/share/man \
+    --sysconfdir=/etc \
+    --with-libpam \
+    --without-selinux
+
   make
 }
 
 package() {
-  cd "$srcdir/$pkgname-4.1.4.2+svn3283"
+  cd "$pkgname-$pkgver"
+
   make DESTDIR="$pkgdir" install
 
   # license
@@ -87,11 +101,9 @@ package() {
   install -Dm644 "$srcdir/login.defs" "$pkgdir/etc/login.defs"
 
   # PAM config - custom
-  install -Dm644 "$srcdir/login" "$pkgdir/etc/pam.d/login"
-  install -Dm644 "$srcdir/passwd" "$pkgdir/etc/pam.d/passwd"
-  install -Dm644 "$srcdir/chgpasswd" "$pkgdir/etc/pam.d/chgpasswd"
-  install -Dm644 "$srcdir/chpasswd" "$pkgdir/etc/pam.d/chpasswd"
-  install -Dm644 "$srcdir/newusers" "$pkgdir/etc/pam.d/newusers"
+  install -dm755 "$pkgdir/etc/pam.d"
+  install -t "$pkgdir/etc/pam.d" -m644 "$srcdir"/{login,passwd,chgpasswd,chpasswd,newusers}
+
   # PAM config - from tarball
   install -Dm644 etc/pam.d/groupmems "$pkgdir/etc/pam.d/groupmems"
 
diff --git a/core/shadow/nscd-error-reporting.patch b/core/shadow/nscd-error-reporting.patch
new file mode 100644
index 000000000..a4075756e
--- /dev/null
+++ b/core/shadow/nscd-error-reporting.patch
@@ -0,0 +1,17 @@
+diff --git a/upstream/trunk/lib/nscd.c b/upstream/trunk/lib/nscd.c
+index 227c205..7adb58f 100644
+--- a/lib/nscd.c
++++ b/lib/nscd.c
+@@ -39,8 +39,11 @@ int nscd_flush_cache (const char *service)
+ 		/* nscd is not installed, or it is installed but uses an
+ 		   interpreter that is missing.  Probably the former. */
+ 		return 0;
++	} else if (code == 1) {
++		/* nscd is installed, but it isn't active. */
++		return 0;
+ 	} else if (code != 0) {
+-		(void) fprintf (stderr, _("%s: nscd exited with status %d"),
++		(void) fprintf (stderr, _("%s: nscd exited with status %d\n"),
+ 		                Prog, code);
+ 		(void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
+ 		return -1;
diff --git a/core/shadow/shadow-strncpy-usage.patch b/core/shadow/shadow-strncpy-usage.patch
index 46df74ace..5aba8fa01 100644
--- a/core/shadow/shadow-strncpy-usage.patch
+++ b/core/shadow/shadow-strncpy-usage.patch
@@ -1,27 +1,25 @@
-diff -ur shadow-4.1.4.3.orig/src/login.c shadow-4.1.4.3/src/login.c
---- shadow-4.1.4.3.orig/src/login.c	2011-03-05 22:17:10.032524948 -0800
-+++ shadow-4.1.4.3/src/login.c	2011-03-05 22:17:59.154342059 -0800
-@@ -748,8 +748,9 @@
- 			          sizeof (loginprompt),
+diff -u shadow-4.1.5/src/usermod.c.orig shadow-4.1.5/src/usermod.c
+--- shadow-4.1.5/src/usermod.c.orig	2012-02-13 08:19:43.792146449 -0500
++++ shadow-4.1.5/src/usermod.c	2012-02-13 08:21:19.375114500 -0500
+@@ -182,7 +182,7 @@
+ 	struct tm *tp;
+ 
+ 	if (date < 0) {
+-		strncpy (buf, "never", maxsize);
++		strncpy (buf, "never", maxsize - 1);
+ 	} else {
+ 		time_t t = (time_t) date;
+ 		tp = gmtime (&t);
+diff -u shadow-4.1.5/src/login.c.orig shadow-4.1.5/src/login.c
+--- shadow-4.1.5/src/login.c.orig	2012-02-13 08:19:50.951994454 -0500
++++ shadow-4.1.5/src/login.c	2012-02-13 08:21:04.490430937 -0500
+@@ -752,7 +752,8 @@
  			          _("%s login: "), hostn);
  		} else {
-+		        loginprompt[sizeof (loginprompt) - 1] = '\0';
  			strncpy (loginprompt, _("login: "),
 -			         sizeof (loginprompt));
 +			         sizeof (loginprompt) - 1);
++			loginprompt[sizeof (loginprompt) - 1] = '\0';
  		}
  
  		retcode = pam_set_item (pamh, PAM_USER_PROMPT, loginprompt);
-diff -ur shadow-4.1.4.3.orig/src/usermod.c shadow-4.1.4.3/src/usermod.c
---- shadow-4.1.4.3.orig/src/usermod.c	2011-03-05 22:17:10.029191265 -0800
-+++ shadow-4.1.4.3/src/usermod.c	2011-03-05 22:18:42.665576968 -0800
-@@ -182,7 +182,8 @@
- 	struct tm *tp;
- 
- 	if ((negativ != NULL) && (date < 0)) {
--		strncpy (buf, negativ, maxsize);
-+	        buf[maxsize - 1] = '\0';
-+		strncpy (buf, negativ, maxsize - 1);
- 	} else {
- 		time_t t = (time_t) date;
- 		tp = gmtime (&t);
diff --git a/core/shadow/shadow.install b/core/shadow/shadow.install
index e990bfe39..14384c333 100644
--- a/core/shadow/shadow.install
+++ b/core/shadow/shadow.install
@@ -2,7 +2,7 @@ post_upgrade() {
   grpck -r >/dev/null 2>&1
   if [ $? -eq 2 ]; then
     printf '%s\n' \
-      "==> Warning: /etc/group or /etc/gshadow are inconsistant." \
+      "==> Warning: /etc/group or /etc/gshadow are inconsistent." \
       "    Run 'grpck' to correct this."
   fi
   return 0
author	root <root@rshg054.dnsready.net>	2012-02-17 19:20:30 +0000
committer	root <root@rshg054.dnsready.net>	2012-02-17 19:20:30 +0000
commit	4fc59478d1180fd7984003f5b1645fe40954299f (patch)
tree	35f3d7dada2cfcb8194cdaed447c431664746934 /core/shadow
parent	76774d40da5ce246c9f2178fdf937706d99af4b2 (diff)