commit pwdutils for openSUSE:Factory
Hello community, here is the log from the commit of package pwdutils for openSUSE:Factory checked in at 2012-09-01 22:01:08 Comparing /work/SRC/openSUSE:Factory/pwdutils (Old) and /work/SRC/openSUSE:Factory/.pwdutils.new (New) Package is pwdutils, Maintainer is ku...@suse.com Changes: --- /work/SRC/openSUSE:Factory/pwdutils/pwdutils.changes2012-07-30 20:39:30.0 +0200 +++ /work/SRC/openSUSE:Factory/.pwdutils.new/pwdutils.changes 2012-09-01 22:01:10.0 +0200 @@ -1,0 +2,12 @@ +Thu Aug 30 09:22:26 CDT 2012 - rgold...@suse.de + +- update-file-times-when-copying.patch: + Keep the access and modification times of files when moving a + user's home directory (FATE#313757) + +--- +Tue Aug 28 12:11:42 UTC 2012 - idon...@suse.com + +- Add pwdutils-selinux.patch to fix compilation with new selinux + +--- New: pwdutils-selinux.patch update-file-times-when-copying.patch Other differences: -- ++ pwdutils.spec ++ --- /var/tmp/diff_new_pack.aBD1Re/_old 2012-09-01 22:01:14.0 +0200 +++ /var/tmp/diff_new_pack.aBD1Re/_new 2012-09-01 22:01:14.0 +0200 @@ -29,7 +29,7 @@ %if %{enable_selinux} BuildRequires: libselinux-devel %endif -Url:http://www.thkukuk.de/pam/pwdutils/ +# There is no upstream anymore, so no URL to supply Version:3.2.19 Release:0 Summary:Utilities to Manage User and Group Accounts @@ -43,6 +43,8 @@ Patch0: 0001-add-support-for-sha512.diff Patch1: pwdutils-no-add-needed.patch Patch2: pwdutils-glibc216.patch +Patch3: pwdutils-selinux.patch +Patch4: update-file-times-when-copying.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -81,6 +83,8 @@ %patch0 -p1 %patch1 %patch2 -p1 +%patch3 -p1 +%patch4 -p1 %build autoreconf -fiv ++ pwdutils-selinux.patch ++ --- pwdutils-3.2.19.orig/lib/public.h 2005-06-22 11:05:53.0 +0200 +++ pwdutils-3.2.19/lib/public.h2012-05-26 07:35:09.397451177 +0200 @@ -115,7 +115,7 @@ #ifdef WITH_SELINUX -extern int selinux_check_access (const char *__chuser, +extern int pwdu_selinux_check_access (const char *__chuser, unsigned int __selaccess) __attribute_warn_unused_result__; extern int set_default_context (const char *filename, char **prev_context) __attribute_warn_unused_result__; --- pwdutils-3.2.19.orig/lib/selinux_utils.c2006-11-29 14:19:06.0 +0100 +++ pwdutils-3.2.19/lib/selinux_utils.c 2012-05-26 07:35:09.397451177 +0200 @@ -33,7 +33,7 @@ #include public.h int -selinux_check_access (const char *chuser, unsigned int selaccess) +pwdu_selinux_check_access (const char *chuser, unsigned int selaccess) { int status = -1; security_context_t user_context; --- pwdutils-3.2.19.orig/src/chfn.c 2006-11-29 14:19:39.0 +0100 +++ pwdutils-3.2.19/src/chfn.c 2012-05-26 07:35:09.394117844 +0200 @@ -578,7 +578,7 @@ if (is_selinux_enabled () 0) { if ((uid == 0) - (selinux_check_access (pw_data-pw.pw_name, PASSWD__CHFN) != 0)) + (pwdu_selinux_check_access (pw_data-pw.pw_name, PASSWD__CHFN) != 0)) { security_context_t user_context; if (getprevcon (user_context) 0) --- pwdutils-3.2.19.orig/src/chsh.c 2006-11-29 14:19:43.0 +0100 +++ pwdutils-3.2.19/src/chsh.c 2012-05-26 07:35:09.397451177 +0200 @@ -443,7 +443,7 @@ if (is_selinux_enabled () 0) { if ((uid == 0) - (selinux_check_access (pw_data-pw.pw_name, PASSWD__CHSH) != 0)) + (pwdu_selinux_check_access (pw_data-pw.pw_name, PASSWD__CHSH) != 0)) { security_context_t user_context; if (getprevcon (user_context) 0) --- pwdutils-3.2.19.orig/src/passwd.c 2012-05-08 14:12:35.0 +0200 +++ pwdutils-3.2.19/src/passwd.c2012-05-26 07:35:09.390784511 +0200 @@ -704,7 +704,7 @@ if (is_selinux_enabled () 0) { if ((uid == 0) - (selinux_check_access (pw-pw_name, PASSWD__PASSWD) != 0)) + (pwdu_selinux_check_access (pw-pw_name, PASSWD__PASSWD) != 0)) { security_context_t user_context; if (getprevcon (user_context) 0) ++ update-file-times-when-copying.patch ++ Index: pwdutils-3.2.19/lib/copy_dir_rec.c === --- pwdutils-3.2.19.orig/lib/copy_dir_rec.c 2010-10-11 10:30:50.0 -0500 +++ pwdutils-3.2.19/lib/copy_dir_rec.c 2012-08-28 15:09:48.0 -0500 @@ -25,6 +25,7 @@ #include
commit pwdutils for openSUSE:Factory
Hello community, here is the log from the commit of package pwdutils for openSUSE:Factory checked in at 2012-07-30 20:38:35 Comparing /work/SRC/openSUSE:Factory/pwdutils (Old) and /work/SRC/openSUSE:Factory/.pwdutils.new (New) Package is pwdutils, Maintainer is ku...@suse.com Changes: --- /work/SRC/openSUSE:Factory/pwdutils/pwdutils.changes2012-05-10 14:34:36.0 +0200 +++ /work/SRC/openSUSE:Factory/.pwdutils.new/pwdutils.changes 2012-07-30 20:39:30.0 +0200 @@ -1,0 +2,6 @@ +Fri Jul 27 14:14:52 UTC 2012 - a...@suse.de + +- Do not use private glibc macros - those are not available with + glibc 2.16 anymore + +--- New: pwdutils-glibc216.patch Other differences: -- ++ pwdutils.spec ++ --- /var/tmp/diff_new_pack.xI10t1/_old 2012-07-30 20:39:33.0 +0200 +++ /var/tmp/diff_new_pack.xI10t1/_new 2012-07-30 20:39:33.0 +0200 @@ -42,6 +42,7 @@ Source4:baselibs.conf Patch0: 0001-add-support-for-sha512.diff Patch1: pwdutils-no-add-needed.patch +Patch2: pwdutils-glibc216.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -79,6 +80,7 @@ %setup -q %patch0 -p1 %patch1 +%patch2 -p1 %build autoreconf -fiv ++ pwdutils-glibc216.patch ++ Index: pwdutils-3.2.19/lib/read-files.c === --- pwdutils-3.2.19.orig/lib/read-files.c +++ pwdutils-3.2.19/lib/read-files.c @@ -30,8 +30,14 @@ #include errno.h #include fcntl.h #include nss.h -#include bits/libc-lock.h +#include pthread.h #define __libc_lock_t pthread_mutex_t +#define __libc_lock_define_initialized(CLASS,NAME) \ + CLASS __libc_lock_t NAME = PTHREAD_MUTEX_INITIALIZER; +#define __libc_lock_lock(NAME) \ + pthread_mutex_lock, ((NAME)) +#define __libc_lock_unlock(NAME) \ + pthread_mutex_unlock, ((NAME)) #include read-files.h Index: pwdutils-3.2.19/lib/read-files-group.c === --- pwdutils-3.2.19.orig/lib/read-files-group.c +++ pwdutils-3.2.19/lib/read-files-group.c @@ -32,8 +32,14 @@ #include errno.h #include fcntl.h #include nss.h -#include bits/libc-lock.h +#include pthread.h #define __libc_lock_t pthread_mutex_t +#define __libc_lock_define_initialized(CLASS,NAME) \ + CLASS __libc_lock_t NAME = PTHREAD_MUTEX_INITIALIZER; +#define __libc_lock_lock(NAME) \ + pthread_mutex_lock, ((NAME)) +#define __libc_lock_unlock(NAME) \ + pthread_mutex_unlock, ((NAME)) #include read-files.h -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit pwdutils for openSUSE:Factory
Hello community, here is the log from the commit of package pwdutils for openSUSE:Factory checked in at 2012-03-19 10:12:26 Comparing /work/SRC/openSUSE:Factory/pwdutils (Old) and /work/SRC/openSUSE:Factory/.pwdutils.new (New) Package is pwdutils, Maintainer is ku...@suse.com Changes: --- /work/SRC/openSUSE:Factory/pwdutils/pwdutils.changes2011-11-24 11:36:59.0 +0100 +++ /work/SRC/openSUSE:Factory/.pwdutils.new/pwdutils.changes 2012-03-19 10:12:28.0 +0100 @@ -1,0 +2,5 @@ +Tue Mar 13 15:56:01 CET 2012 - ku...@suse.de + +- Update to version 3.2.18 (fixes [bnc#738114]) + +--- Old: pwdutils-3.2.17.tar.bz2 New: pwdutils-3.2.18.tar.bz2 Other differences: -- ++ pwdutils.spec ++ --- /var/tmp/diff_new_pack.fd4LA6/_old 2012-03-19 10:12:30.0 +0100 +++ /var/tmp/diff_new_pack.fd4LA6/_new 2012-03-19 10:12:30.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package pwdutils # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,21 +15,26 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -# norootforbuild %define enable_selinux 1 Name: pwdutils -BuildRequires: audit-devel libnscd-devel libtool openldap2-devel openslp-devel openssl-devel pam-devel +BuildRequires: audit-devel +BuildRequires: libnscd-devel +BuildRequires: libtool +BuildRequires: openldap2-devel +BuildRequires: openslp-devel +BuildRequires: openssl-devel +BuildRequires: pam-devel %if %{enable_selinux} BuildRequires: libselinux-devel %endif Url:http://www.thkukuk.de/pam/pwdutils/ +Version:3.2.18 +Release:0 +Summary:Utilities to Manage User and Group Accounts License:GPL-2.0 Group: System/Base -Version:3.2.17 -Release:4 -Summary:Utilities to Manage User and Group Accounts Requires: pam-modules Source: pwdutils-%{version}.tar.bz2 Source2:ldap.conf @@ -47,11 +52,9 @@ %package plugin-audit -License:GPL-2.0 Summary:Plugin for the Linux Audit-Subsystem Group: System/Base Requires: pwdutils = %{version} -AutoReqProv:on %description plugin-audit This package includes the plugin for the password/account management @@ -62,11 +65,9 @@ %package rpasswd -License:GPL-2.0 Summary:Server/Client for secure remote password changing Group: System/Base Requires: pwdutils = %{version} -AutoReqProv:on %description rpasswd This package includes the server, client and a PAM module to change the ++ pwdutils-3.2.17.tar.bz2 - pwdutils-3.2.18.tar.bz2 ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pwdutils-3.2.17/ChangeLog new/pwdutils-3.2.18/ChangeLog --- old/pwdutils-3.2.17/ChangeLog 2011-05-16 11:25:30.0 +0200 +++ new/pwdutils-3.2.18/ChangeLog 2012-03-13 14:15:33.0 +0100 @@ -1,3 +1,20 @@ +2012-03-13 Thorsten Kukuk ku...@suse.de + + * release version 3.2.18 + +2012-01-31 Thorsten Kukuk ku...@suse.de + + * lib/chown_dir_rec.c (chown_entry): Check against correct + old values [bnc#738114]. + +2011-08-05 Thorsten Kukuk ku...@suse.de + + * src/gpasswd.c (main): Remove dead code. + +2011-05-23 Thorsten Kukuk ku...@suse.de + + * lib/user.c (write_user_data): jump to correct label. + 2011-05=16 Thorsten Kukuk ku...@suse.de * release 3.2.17 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pwdutils-3.2.17/NEWS new/pwdutils-3.2.18/NEWS --- old/pwdutils-3.2.17/NEWS2011-05-16 11:25:51.0 +0200 +++ new/pwdutils-3.2.18/NEWS2012-03-13 14:15:03.0 +0100 @@ -1,9 +1,12 @@ pwdutils NEWS -- history of user-visible changes. -Copyright (C) 2002-2011 Thorsten Kukuk +Copyright (C) 2002-2012 Thorsten Kukuk Please send bug reports, questions and suggestions to ku...@thkukuk.de. +Version 3.2.18 +* Fix changing of permissions if uid/gid of user will be modified + Version 3.2.17 * Fix useradd.local diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pwdutils-3.2.17/configure new/pwdutils-3.2.18/configure --- old/pwdutils-3.2.17/configure 2011-05-16 11:26:05.0 +0200 +++ new/pwdutils-3.2.18/configure 2012-03-13 14:15:42.0 +0100 @@ -2431,7 +2431,7 @@ # Define the
commit pwdutils for openSUSE:Factory
Hello community, here is the log from the commit of package pwdutils for openSUSE:Factory checked in at 2011-12-06 18:54:15 Comparing /work/SRC/openSUSE:Factory/pwdutils (Old) and /work/SRC/openSUSE:Factory/.pwdutils.new (New) Package is pwdutils, Maintainer is ku...@suse.com Changes: Other differences: -- ++ pwdutils.spec ++ --- /var/tmp/diff_new_pack.WchZQr/_old 2011-12-06 19:27:09.0 +0100 +++ /var/tmp/diff_new_pack.WchZQr/_new 2011-12-06 19:27:09.0 +0100 @@ -25,7 +25,7 @@ BuildRequires: libselinux-devel %endif Url:http://www.thkukuk.de/pam/pwdutils/ -License:GPLv2 +License:GPL-2.0 Group: System/Base Version:3.2.17 Release:4 @@ -47,7 +47,7 @@ %package plugin-audit -License:GPLv2 +License:GPL-2.0 Summary:Plugin for the Linux Audit-Subsystem Group: System/Base Requires: pwdutils = %{version} @@ -62,7 +62,7 @@ %package rpasswd -License:GPLv2 +License:GPL-2.0 Summary:Server/Client for secure remote password changing Group: System/Base Requires: pwdutils = %{version} -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit pwdutils for openSUSE:Factory
Hello community, here is the log from the commit of package pwdutils for openSUSE:Factory checked in at 2011-11-24 12:36:53 Comparing /work/SRC/openSUSE:Factory/pwdutils (Old) and /work/SRC/openSUSE:Factory/.pwdutils.new (New) Package is pwdutils, Maintainer is ku...@suse.com Changes: --- /work/SRC/openSUSE:Factory/pwdutils/pwdutils.changes2011-09-23 12:42:09.0 +0200 +++ /work/SRC/openSUSE:Factory/.pwdutils.new/pwdutils.changes 2011-11-24 11:36:59.0 +0100 @@ -1,0 +2,5 @@ +Wed Nov 23 12:48:42 UTC 2011 - co...@suse.com + +- add libtool as buildrequire to avoid implicit dependency + +--- Other differences: -- ++ pwdutils.spec ++ --- /var/tmp/diff_new_pack.pYPP2h/_old 2011-11-24 11:37:01.0 +0100 +++ /var/tmp/diff_new_pack.pYPP2h/_new 2011-11-24 11:37:01.0 +0100 @@ -20,14 +20,13 @@ %define enable_selinux 1 Name: pwdutils -BuildRequires: audit-devel libnscd-devel openldap2-devel openslp-devel openssl-devel pam-devel +BuildRequires: audit-devel libnscd-devel libtool openldap2-devel openslp-devel openssl-devel pam-devel %if %{enable_selinux} BuildRequires: libselinux-devel %endif Url:http://www.thkukuk.de/pam/pwdutils/ License:GPLv2 Group: System/Base -AutoReqProv:on Version:3.2.17 Release:4 Summary:Utilities to Manage User and Group Accounts -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit pwdutils for openSUSE:Factory
Hello community, here is the log from the commit of package pwdutils for openSUSE:Factory checked in at Tue Aug 30 10:48:42 CEST 2011. --- pwdutils/pwdutils.changes 2011-07-14 16:56:29.0 +0200 +++ /mounts/work_src_done/STABLE/pwdutils/pwdutils.changes 2011-08-29 17:46:15.0 +0200 @@ -1,0 +2,5 @@ +Mon Aug 29 15:45:00 UTC 2011 - crrodrig...@opensuse.org + +- Fix build with new gnu LD. + +--- calling whatdependson for head-i586 New: pwdutils-no-add-needed.patch Other differences: -- ++ pwdutils.spec ++ --- /var/tmp/diff_new_pack.N7D2rH/_old 2011-08-30 10:48:16.0 +0200 +++ /var/tmp/diff_new_pack.N7D2rH/_new 2011-08-30 10:48:16.0 +0200 @@ -29,7 +29,7 @@ Group: System/Base AutoReqProv:on Version:3.2.17 -Release:2 +Release:4 Summary:Utilities to Manage User and Group Accounts Requires: pam-modules Source: pwdutils-%{version}.tar.bz2 @@ -37,6 +37,7 @@ Source3:useradd.default Source4:baselibs.conf Patch0: 0001-add-support-for-sha512.diff +Patch1: pwdutils-no-add-needed.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -77,8 +78,10 @@ %prep %setup -q %patch0 -p1 +%patch1 %build +autoreconf -fiv %configure --with-ldap-conf-file=/etc/ldap.conf \ %ifnarch hppa --enable-selinux \ ++ pwdutils-no-add-needed.patch ++ --- configure.in.orig +++ configure.in @@ -3,9 +3,11 @@ dnl Copyright (c) 2001-2010 Thorsten Kuk dnl dnl Author: Thorsten Kukuk ku...@thkukuk.de dnl -AC_INIT(src/passwd.c) +AC_INIT +AC_CONFIG_SRCDIR([src/passwd.c]) AM_INIT_AUTOMAKE(pwdutils, 3.2.17) -AM_CONFIG_HEADER(config.h) +AC_CONFIG_MACRO_DIR([m4]) +AC_CONFIG_HEADERS([config.h]) AC_PREFIX_DEFAULT(/usr) AC_CANONICAL_HOST @@ -45,13 +47,13 @@ dnl Choose between lib and lib64 fi dnl Checks for programs. -AC_PROG_CC +AC_PROG_CC_STDC AM_PROG_CC_C_O -AC_GNU_SOURCE -AC_ISC_POSIX +AC_USE_SYSTEM_EXTENSIONS +AC_SEARCH_LIBS([strerror],[cposix]) AC_PROG_INSTALL AC_PROG_MAKE_SET -AC_PROG_LIBTOOL +LT_INIT AC_SYS_LARGEFILE EXTRA_CFLAGS= @@ -93,15 +95,14 @@ AM_WITH_DMALLOC dnl Should we build pam_rpasswd? AC_ARG_ENABLE([pam_rpasswd], - AC_HELP_STRING([--enable-pam_rpasswd],[Enable build of pam_rpasswd])) + AS_HELP_STRING([--enable-pam_rpasswd],[Enable build of pam_rpasswd])) AM_CONDITIONAL(build_PAM_RPASSWD, test $enable_pam_rpasswd = yes) dnl Should we compile with SELinux support? default: no AC_ARG_ENABLE([selinux], - AC_HELP_STRING([--disable-selinux],[Disable SELinux support])) + AS_HELP_STRING([--disable-selinux],[Disable SELinux support])) AC_ARG_ENABLE([static-selinux], - AC_HELP_STRING([--enable-static-selinux], - [Compile in SELinux support static])) + AS_HELP_STRING([--enable-static-selinux],[Compile in SELinux support static])) if test $enable_selinux \!= no -a $enable_static_selinux = yes ; then AC_CHECK_LIB(selinux,is_selinux_enabled, [AC_DEFINE(WITH_SELINUX,1, @@ -120,7 +121,7 @@ AC_SUBST(SELINUX_LIB) dnl Check for SLP support for rpasswd/rpasswdd AC_ARG_ENABLE([slp], - AC_HELP_STRING([--disable-slp],[Disable SLP support])) + AS_HELP_STRING([--disable-slp],[Disable SLP support])) AC_CHECK_HEADERS([slp.h]) @@ -137,7 +138,7 @@ AC_SUBST(SLP_LIBS) LAUS_LIBS= AC_ARG_ENABLE([laus-plugin], - AC_HELP_STRING([--disable-laus-plugin],[Disable build of LAuS plugin])) + AS_HELP_STRING([--disable-laus-plugin],[Disable build of LAuS plugin])) if test $enable_laus_plugin \!= no then AC_CHECK_HEADER([laus.h], [ laus_header=yes ], [ laus_header=no ]) @@ -151,7 +152,7 @@ AM_CONDITIONAL(build_LAUS_PLUGIN, test - AUDIT_LIBS= AC_ARG_ENABLE([audit-plugin], - AC_HELP_STRING([--disable-audit-plugin],[Disable build of Linux audit plugin])) + AS_HELP_STRING([--disable-audit-plugin],[Disable build of Linux audit plugin])) if test $enable_audit_plugin \!= no then AC_CHECK_HEADER([libaudit.h], [audit_header=yes], [audit_header=no]) @@ -298,9 +299,9 @@ if test $enable_ldap \!= no; then AC_CHECK_FUNCS(ldap_set_rebind_proc) AC_CACHE_CHECK(whether ldap_set_rebind_proc takes 3 arguments, pam_ldap_cv_ldap_set_rebind_proc, [ - AC_TRY_COMPILE([ + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include lber.h -#include ldap.h], [ldap_set_rebind_proc(0, 0, 0);], [pam_ldap_cv_ldap_set_rebind_proc=3], [pam_ldap_cv_ldap_set_rebind_proc=2]) ]) +#include ldap.h]], [[ldap_set_rebind_proc(0, 0, 0);]])],[pam_ldap_cv_ldap_set_rebind_proc=3],[pam_ldap_cv_ldap_set_rebind_proc=2]) ]) AC_DEFINE_UNQUOTED(LDAP_SET_REBIND_PROC_ARGS, $pam_ldap_cv_ldap_set_rebind_proc, [Define to the number of arguments to ldap_set_rebindproc]) dnl restore old LIBS variable @@ -321,7 +322,7 @@ AC_CHECK_FUNCS(nscd_flush_cache)
commit pwdutils for openSUSE:Factory
Hello community, here is the log from the commit of package pwdutils for openSUSE:Factory checked in at Wed Jul 27 09:49:55 CEST 2011. --- pwdutils/pwdutils.changes 2011-05-16 13:50:16.0 +0200 +++ /mounts/work_src_done/STABLE/pwdutils/pwdutils.changes 2011-07-14 16:56:29.0 +0200 @@ -1,0 +2,7 @@ +Thu Jul 14 14:56:05 UTC 2011 - lnus...@suse.de + +* add support for sha512 +* use implicit defaults in /etc/default/passwd +* use glibc's crypt_gensalt if available + +--- calling whatdependson for head-i586 New: 0001-add-support-for-sha512.diff Other differences: -- ++ pwdutils.spec ++ --- /var/tmp/diff_new_pack.9OeQLM/_old 2011-07-27 09:39:27.0 +0200 +++ /var/tmp/diff_new_pack.9OeQLM/_new 2011-07-27 09:39:27.0 +0200 @@ -29,13 +29,14 @@ Group: System/Base AutoReqProv:on Version:3.2.17 -Release:1 +Release:2 Summary:Utilities to Manage User and Group Accounts Requires: pam-modules Source: pwdutils-%{version}.tar.bz2 Source2:ldap.conf Source3:useradd.default Source4:baselibs.conf +Patch0: 0001-add-support-for-sha512.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -75,6 +76,7 @@ %prep %setup -q +%patch0 -p1 %build %configure --with-ldap-conf-file=/etc/ldap.conf \ ++ 0001-add-support-for-sha512.diff ++ From eeb5baaeceb5e04c9fa7fe3a4316ab4a3fd3b40c Mon Sep 17 00:00:00 2001 From: Ludwig Nussel ludwig.nus...@suse.de Date: Thu, 14 Jul 2011 15:26:07 +0200 Subject: [PATCH] add support for sha512 * use implicit defaults in /etc/default/passwd * make it work without xcrypt --- configure.in |2 +- etc/default/passwd| 48 + lib/logindefs.c |2 +- lib/parse_crypt_arg.c | 41 +--- lib/parse_crypt_arg.h |5 +++- src/chpasswd.c| 66 +++-- src/gpasswd.c | 70 7 files changed, 90 insertions(+), 144 deletions(-) diff --git a/configure.in b/configure.in index ea0bc27..e9e4cd8 100644 --- a/configure.in +++ b/configure.in @@ -192,7 +192,7 @@ dnl Save old LIBS variable and add crypt library BACKUP_LIBS=$LIBS LIBS=$LIBS $CRYPT_LIB dnl Function check for blowfish crypt -AC_CHECK_FUNCS(crypt crypt_r xcrypt_gensalt_r) +AC_CHECK_FUNCS(crypt crypt_r xcrypt_gensalt_r crypt_gensalt_rn) dnl restore old LIBS variable LIBS=$BACKUP_LIBS diff --git a/etc/default/passwd b/etc/default/passwd index 87057ea..ec6f0d4 100644 --- a/etc/default/passwd +++ b/etc/default/passwd @@ -2,29 +2,53 @@ # the passwd (1) command and other tools # creating or modifying passwords. -# Define default crypt hash. This hash will be -# used, if there is no hash for a special service -# the user is stored in. -# CRYPT={des,md5,sha256,sha512} -CRYPT=md5 +# Define default crypt hash. +# CRYPT={des,md5,blowfish,sha256,sha512} +CRYPT= # Use another crypt hash for group passwords. # This is used by gpasswd, fallback is the CRYPT entry. # GROUP_CRYPT=des +# We can override the default for a specific service +# by appending the service name (FILES, YP, NISPLUS, LDAP) + +# for local files, use a more secure hash. We +# don't need to be portable here: +# CRYPT_FILES=sha512 +# +# For NIS, we should always use DES: +# CRYPT_YP=des + # We can override the default for a special service # by appending the service name (FILES, YP, NISPLUS, LDAP) # for local files, use a more secure hash. We # don't need to be portable here: -CRYPT_FILES=sha512 -# sometimes we need to specify special options for -# a hash (variable is prepended by the name of the -# crypt hash). +# CRYPT_FILES=blowfish + +# sometimes we need to specify special options for a hash (variable +# is prepended by the name of the crypt hash). In case of blowfish +# and sha* this is the number of rounds # blowfish: 4-31 +# BLOWFISH_CRYPT_FILES=5 # sha256/sha512: 1000-999 -#SHA512_CRYPT_FILES=1000 +# SHA512_CRYPT_FILES=1000 -# For NIS, we should always use DES: -CRYPT_YP=des +# In June 2011 it was discovered that the Linux crypt_blowfish +# implementation contained a bug that made passwords with non-ASCII +# characters easier to crack (CVE-2011-2483). Affected passwords are +# also incompatible with the original, correct OpenBSD +# implementation. Therefore the $2a hash identifier previously used +# for blowfish now is ambiguous as it could mean the hash was +# generated with the correct implementation on OpenBSD or the buggy +# one on Linux. To avoid the ambiguity two new identifier were +# introduced. $2x now explicitly identifies hashes that were +# generated with the buggy algorithm while $2y is used for hashes +# generated with
commit pwdutils for openSUSE:Factory
Hello community, here is the log from the commit of package pwdutils for openSUSE:Factory checked in at Mon May 16 16:26:36 CEST 2011. --- pwdutils/pwdutils.changes 2011-05-11 16:26:15.0 +0200 +++ /mounts/work_src_done/STABLE/pwdutils/pwdutils.changes 2011-05-16 13:50:16.0 +0200 @@ -1,0 +2,5 @@ +Mon May 16 12:17:13 CEST 2011 - ku...@suse.de + +- Fix syntax errors in useradd.local + +--- calling whatdependson for head-i586 Old: pwdutils-3.2.16.tar.bz2 New: pwdutils-3.2.17.tar.bz2 Other differences: -- ++ pwdutils.spec ++ --- /var/tmp/diff_new_pack.mukQoo/_old 2011-05-16 16:25:39.0 +0200 +++ /var/tmp/diff_new_pack.mukQoo/_new 2011-05-16 16:25:39.0 +0200 @@ -28,7 +28,7 @@ License:GPLv2 Group: System/Base AutoReqProv:on -Version:3.2.16 +Version:3.2.17 Release:1 Summary:Utilities to Manage User and Group Accounts Requires: pam-modules ++ pwdutils-3.2.16.tar.bz2 - pwdutils-3.2.17.tar.bz2 ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pwdutils-3.2.16/ChangeLog new/pwdutils-3.2.17/ChangeLog --- old/pwdutils-3.2.16/ChangeLog 2011-05-11 12:09:03.0 +0200 +++ new/pwdutils-3.2.17/ChangeLog 2011-05-16 11:25:30.0 +0200 @@ -1,3 +1,9 @@ +2011-05=16 Thorsten Kukuk ku...@suse.de + + * release 3.2.17 + + * etc/useradd.local: Fix syntax error. + 2011-05-11 Thorsten Kukuk ku...@suse.de * release 3.2.16 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pwdutils-3.2.16/NEWS new/pwdutils-3.2.17/NEWS --- old/pwdutils-3.2.16/NEWS2011-05-11 16:22:21.0 +0200 +++ new/pwdutils-3.2.17/NEWS2011-05-16 11:25:51.0 +0200 @@ -4,6 +4,9 @@ Please send bug reports, questions and suggestions to ku...@thkukuk.de. +Version 3.2.17 +* Fix useradd.local + Version 3.2.16 * Make sha512 new default password hash diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pwdutils-3.2.16/configure new/pwdutils-3.2.17/configure --- old/pwdutils-3.2.16/configure 2011-05-11 16:22:38.0 +0200 +++ new/pwdutils-3.2.17/configure 2011-05-16 11:26:05.0 +0200 @@ -2431,7 +2431,7 @@ # Define the identity of the package. PACKAGE=pwdutils - VERSION=3.2.16 + VERSION=3.2.17 cat confdefs.h _ACEOF diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pwdutils-3.2.16/configure.in new/pwdutils-3.2.17/configure.in --- old/pwdutils-3.2.16/configure.in2011-05-11 16:12:26.0 +0200 +++ new/pwdutils-3.2.17/configure.in2011-05-16 11:25:40.0 +0200 @@ -4,7 +4,7 @@ dnl Author: Thorsten Kukuk ku...@thkukuk.de dnl AC_INIT(src/passwd.c) -AM_INIT_AUTOMAKE(pwdutils, 3.2.16) +AM_INIT_AUTOMAKE(pwdutils, 3.2.17) AM_CONFIG_HEADER(config.h) AC_PREFIX_DEFAULT(/usr) AC_CANONICAL_HOST diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pwdutils-3.2.16/etc/useradd.local new/pwdutils-3.2.17/etc/useradd.local --- old/pwdutils-3.2.16/etc/useradd.local 2011-02-02 11:02:32.0 +0100 +++ new/pwdutils-3.2.17/etc/useradd.local 2011-05-16 13:20:20.0 +0200 @@ -26,7 +26,7 @@ # If SELinux is enabled, we have to run restorecon to assign # appropriate fcontexts to the respective $HOME and files under it -if [ -x /usr/sbin/selinuxenabled /usr/sbin/selinuxenabled ] ; then +if [ -x /usr/sbin/selinuxenabled -a ! /usr/sbin/selinuxenabled ] ; then test -x /sbin/restorecon || exit 2 if [ $# -lt 4 ]; then @@ -38,6 +38,7 @@ if [ -d $home_dir ]; then /sbin/restorecon -R $home_dir fi +fi # All done. exit 0 Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit pwdutils for openSUSE:Factory
Hello community, here is the log from the commit of package pwdutils for openSUSE:Factory checked in at Thu May 12 10:49:41 CEST 2011. --- pwdutils/pwdutils.changes 2011-02-02 13:05:56.0 +0100 +++ /mounts/work_src_done/STABLE/pwdutils/pwdutils.changes 2011-05-11 16:26:15.0 +0200 @@ -1,0 +2,8 @@ +Wed May 11 16:23:00 CEST 2011 - ku...@suse.de + +- Update to pwdutils version 3.2.16 + - sha512 new default password hash [FATE#312321]. + - newgrp: honour dynamically assigned groups [bnc#680833]. +- Don't link against libxcrypt + +--- calling whatdependson for head-i586 Old: pwdutils-3.2.14.tar.bz2 pwdutils-selinux-useradd.patch New: pwdutils-3.2.16.tar.bz2 Other differences: -- ++ pwdutils.spec ++ --- /var/tmp/diff_new_pack.5Dev8V/_old 2011-05-12 10:48:33.0 +0200 +++ /var/tmp/diff_new_pack.5Dev8V/_new 2011-05-12 10:48:33.0 +0200 @@ -20,7 +20,7 @@ %define enable_selinux 1 Name: pwdutils -BuildRequires: audit-devel libnscd-devel libxcrypt-devel openldap2-devel openslp-devel openssl-devel pam-devel +BuildRequires: audit-devel libnscd-devel openldap2-devel openslp-devel openssl-devel pam-devel %if %{enable_selinux} BuildRequires: libselinux-devel %endif @@ -28,7 +28,7 @@ License:GPLv2 Group: System/Base AutoReqProv:on -Version:3.2.14 +Version:3.2.16 Release:1 Summary:Utilities to Manage User and Group Accounts Requires: pam-modules @@ -36,7 +36,6 @@ Source2:ldap.conf Source3:useradd.default Source4:baselibs.conf -Patch0: %{name}-selinux-useradd.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -76,7 +75,6 @@ %prep %setup -q -%patch0 %build %configure --with-ldap-conf-file=/etc/ldap.conf \ ++ pwdutils-3.2.14.tar.bz2 - pwdutils-3.2.16.tar.bz2 ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pwdutils-3.2.14/ChangeLog new/pwdutils-3.2.16/ChangeLog --- old/pwdutils-3.2.14/ChangeLog 2011-02-01 17:26:43.0 +0100 +++ new/pwdutils-3.2.16/ChangeLog 2011-05-11 12:09:03.0 +0200 @@ -1,3 +1,22 @@ +2011-05-11 Thorsten Kukuk ku...@suse.de + + * release 3.2.16 + + * etc/default/passwd: remove blowfish, make sha512 default + [FATE#312321]. + +2011-05-10 Thorsten Kukuk ku...@suse.de + + * release 3.2.15 + + * src/newgrp.c (main): Try at first getgroups to honour + dynamically assigned groups (for example by pam_group) + [bnc#680833]. + +2011-02-02 Thorsten Kukuk ku...@suse.de + + * etc/useradd.local: Merge SELinux patch. + 2011-02-01 Thorsten Kukuk ku...@suse.de * release 3.2.14 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pwdutils-3.2.14/configure new/pwdutils-3.2.16/configure --- old/pwdutils-3.2.14/configure 2011-02-01 17:28:17.0 +0100 +++ new/pwdutils-3.2.16/configure 2011-05-11 16:22:38.0 +0200 @@ -2431,7 +2431,7 @@ # Define the identity of the package. PACKAGE=pwdutils - VERSION=3.2.14 + VERSION=3.2.16 cat confdefs.h _ACEOF diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pwdutils-3.2.14/configure.in new/pwdutils-3.2.16/configure.in --- old/pwdutils-3.2.14/configure.in2011-02-01 17:27:09.0 +0100 +++ new/pwdutils-3.2.16/configure.in2011-05-11 16:12:26.0 +0200 @@ -4,7 +4,7 @@ dnl Author: Thorsten Kukuk ku...@thkukuk.de dnl AC_INIT(src/passwd.c) -AM_INIT_AUTOMAKE(pwdutils, 3.2.14) +AM_INIT_AUTOMAKE(pwdutils, 3.2.16) AM_CONFIG_HEADER(config.h) AC_PREFIX_DEFAULT(/usr) AC_CANONICAL_HOST diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/pwdutils-3.2.14/etc/default/passwd new/pwdutils-3.2.16/etc/default/passwd --- old/pwdutils-3.2.14/etc/default/passwd 2009-04-22 14:15:44.0 +0200 +++ new/pwdutils-3.2.16/etc/default/passwd 2011-05-11 12:20:24.0 +0200 @@ -5,7 +5,7 @@ # Define default crypt hash. This hash will be # used, if there is no hash for a special service # the user is stored in. -# CRYPT={des,md5,blowfish,sha256,sha512} +# CRYPT={des,md5,sha256,sha512} CRYPT=md5 # Use another crypt hash for group passwords. @@ -18,11 +18,13 @@ # for local files, use a more secure hash. We # don't need to be portable here: -CRYPT_FILES=blowfish +CRYPT_FILES=sha512 # sometimes we need to specify special options for # a hash (variable is prepended by the name of the # crypt hash). -BLOWFISH_CRYPT_FILES=10 +# blowfish: 4-31 +# sha256/sha512: 1000-999 +#SHA512_CRYPT_FILES=1000 # For NIS, we should always use DES: CRYPT_YP=des diff -urN '--exclude=CVS'