rpms/shadow-utils/devel shadow-4.0.15-login.defs, NONE, 1.1 shadow-4.0.15-redhat.patch, NONE, 1.1 .cvsignore, 1.10, 1.11 shadow-utils.spec, 1.70, 1.71 sources, 1.10, 1.11 shadow-4.0.14-redhat.patch, 1.1, NONE shadow-970616.login.defs, 1.2, NONE
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Apr 3 12:45:16 UTC 2006
Author: pvrabec
Update of /cvs/dist/rpms/shadow-utils/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv28668
Modified Files:
.cvsignore shadow-utils.spec sources
Added Files:
shadow-4.0.15-login.defs shadow-4.0.15-redhat.patch
Removed Files:
shadow-4.0.14-redhat.patch shadow-970616.login.defs
Log Message:
upgrade
--- NEW FILE shadow-4.0.15-login.defs ---
# *REQUIRED*
# Directory where mailboxes reside, _or_ name of file, relative to the
# home directory. If you _do_ define both, MAIL_DIR takes precedence.
# QMAIL_DIR is for Qmail
#
#QMAIL_DIR Maildir
MAIL_DIR /var/spool/mail
#MAIL_FILE .mail
# Password aging controls:
#
# PASS_MAX_DAYS Maximum number of days a password may be used.
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
# PASS_MIN_LEN Minimum acceptable password length.
# PASS_WARN_AGE Number of days warning given before a password expires.
#
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7
#
# Min/max values for automatic uid selection in useradd
#
UID_MIN 500
UID_MAX 60000
#
# Min/max values for automatic gid selection in groupadd
#
GID_MIN 500
GID_MAX 60000
#
# If defined, this command is run when removing a user.
# It should remove any at/cron/print jobs etc. owned by
# the user to be removed (passed as the first argument).
#
#USERDEL_CMD /usr/sbin/userdel_local
#
# If useradd should create home directories for users by default
# On RH systems, we do. This option is ORed with the -m flag on
# useradd command line.
#
CREATE_HOME yes
# The permission mask is initialized to this value. If not specified,
# the permission mask will be initialized to 022.
UMASK 077
shadow-4.0.15-redhat.patch:
man/groupadd.8 | 7 +++-
man/useradd.8 | 22 +++++++++++--
src/groupadd.c | 19 +++++++++--
src/useradd.c | 94 ++++++++++++++++++++++++++++++++++++++-------------------
4 files changed, 103 insertions(+), 39 deletions(-)
--- NEW FILE shadow-4.0.15-redhat.patch ---
--- shadow-4.0.15/man/groupadd.8.redhat 2006-03-06 19:57:18.000000000 +0100
+++ shadow-4.0.15/man/groupadd.8 2006-04-03 13:43:56.000000000 +0200
@@ -11,7 +11,7 @@
groupadd \- Create a new group
.SH "SYNOPSIS"
.HP 9
-\fBgroupadd\fR [\-g\ \fIGID\fR\ [\-o]] [\-f] [\-K\ \fIKEY\fR=\fIVALUE\fR] \fIgroup\fR
+\fBgroupadd\fR [\-g\ \fIgid\fR\ [\-o]] [\-r] [\-f] [\-K\ \fIKEY\fR=\fIVALUE\fR] \fIgroup\fR
.SH "DESCRIPTION"
.PP
The
@@ -29,10 +29,13 @@
\fB\-g\fR
is turned off).
.TP
+\fB-r\fR
+This flag instructs \fBgroupadd\fR to add a system account. The first available \fIgid\fR lower than 499 will be automatically selected unless the \fB-g\fR option is also given on the command line. This is an option added by Red Hat.
+.TP
\fB\-g\fR \fIGID\fR
The numerical value of the group's ID. This value must be unique, unless the
\fB\-o\fR
-option is used. The value must be non\-negative. The default is to use the smallest ID value greater than 999 and greater than every other group. Values between 0 and 999 are typically reserved for system accounts.
+option is used. The value must be non\-negative. The default is to use the smallest ID value greater than 500 and greater than every other group. Values between 0 and 499 are typically reserved for system accounts.
.TP
\fB\-h\fR, \fB\-\-help\fR
Display help message and exit.
--- shadow-4.0.15/man/useradd.8.redhat 2006-03-06 19:57:18.000000000 +0100
+++ shadow-4.0.15/man/useradd.8 2006-04-03 13:43:56.000000000 +0200
@@ -22,7 +22,7 @@
\fB\-D\fR
option, the
\fBuseradd\fR
-command creates a new user account using the values specified on the command line and the default values from the system. Depending on command line options, the useradd command will update system files and may also create the new user's home directory and copy initial files.
+command creates a new user account using the values specified on the command line and the default values from the system. Depending on command line options, the useradd command will update system files and may also create the new user's home directory and copy initial files. The version provided with Red Hat Linux will create a group for each user added to the system by default.
.SH "OPTIONS"
.PP
The options which apply to the
@@ -62,8 +62,7 @@
The number of days after a password expires until the account is permanently disabled. A value of 0 disables the account as soon as the password has expired, and a value of \-1 disables the feature. The default value is \-1.
.TP
\fB\-g\fR, \fB\-\-gid\fR \fIGROUP\fR
-The group name or number of the user's initial login group. The group name must exist. A group number must refer to an already existing group. The default group number is 1 or whatever is specified in
-\fI/etc/default/useradd\fR.
+The group name or number of the user's initial login group. The group name must exist. A group number must refer to an already existing group.
.TP
\fB\-G\fR, \fB\-\-groups\fR \fIGROUP1\fR[\fI,GROUP2,...\fR[\fI,GROUPN\fR]]]
A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the
@@ -72,6 +71,9 @@
.TP
\fB\-h\fR, \fB\-\-help\fR
Display help message and exit.
+.TP
+\fB-M\fR
+The user's home directory will not be created, even if the system wide settings from \fI/etc/login.defs\fR is to create home dirs.
.TP
\fB\-m\fR, \fB\-\-create\-home\fR
The user's home directory will be created if it does not exist. The files contained in
@@ -89,6 +91,9 @@
option is only valid in conjunction with the
\fB\-m\fR
option. The default is to not create the directory and to not copy any files.
+.TP
+\fB-n\fR
+A group having the same name as the user being added to the system will be created by default. This option will turn off this Red Hat Linux specific behavior. When this option is used, users by default will be placed in whatever group is specified in \fI/etc/default/useradd\fR. If no default group is defined, group 1 will be used.
.TP
\fB\-K\fR, \fB\-\-key\fR \fIKEY\fR=\fIVALUE\fR
Overrides /etc/login.defs defaults (UID_MIN, UID_MAX, UMASK, PASS_MAX_DAYS and others).
@@ -110,6 +115,9 @@
\fB\-p\fR, \fB\-\-password\fR \fIPASSWORD\fR
The encrypted password, as returned by
\fBcrypt\fR(3). The default is to disable the account.
+.TP
+\fB-r\fR
+This flag is used to create a system account. That is, a user with a UID lower than the value of UID_MIN defined in \fI/etc/login.defs\fR and whose password does not expire. Note that \fBuseradd\fR will not create a home directory for such an user, regardless of the default setting in \fI/etc/login.defs\fR. You have to specify \fB-m\fR option if you want a home directory for a system account to be created. This is an option added by Red Hat
.TP
\fB\-s\fR, \fB\-\-shell\fR \fISHELL\fR
The name of the user's login shell. The default is to leave this field blank, which causes the system to select the default login shell.
@@ -153,6 +161,8 @@
The system administrator is responsible for placing the default user files in the
\fI/etc/skel/\fR
directory.
+.br
+This version of useradd was modified by Red Hat to suit Red Hat user/group conventions.
.SH "CAVEATS"
.PP
You may not add a user to a NIS group. This must be performed on the NIS server.
@@ -173,9 +183,15 @@
\fI/etc/group\fR
group account information
.TP
+\fI/etc/gshadow\fR
+secure group information
+.TP
\fI/etc/default/useradd\fR
default information
.TP
+\fI/etc/login.defs\fR
+system-wide settings
+.TP
\fI/etc/skel/\fR
directory containing default files
.TP
--- shadow-4.0.15/src/useradd.c.redhat 2006-03-07 16:50:33.000000000 +0100
+++ shadow-4.0.15/src/useradd.c 2006-04-03 13:43:56.000000000 +0200
@@ -81,7 +81,7 @@
static gid_t def_group = 100;
static const char *def_gname = "other";
static const char *def_home = "/home";
-static const char *def_shell = "";
+static const char *def_shell = "/sbin/nologin";
static const char *def_template = SKEL_DIR;
static const char *def_create_mail_spool = "no";
@@ -93,7 +93,7 @@
#define VALID(s) (strcspn (s, ":\n") == strlen (s))
static const char *user_name = "";
-static const char *user_pass = "!";
+static const char *user_pass = "!!";
static uid_t user_id;
static gid_t user_gid;
static const char *user_comment = "";
@@ -124,8 +124,10 @@
Gflg = 0, /* secondary group set for new account */
kflg = 0, /* specify a directory to fill new user directory */
mflg = 0, /* create user's home directory if it doesn't exist */
- nflg = 0, /* create a group having the same name as the user */
+ Mflg = 0, /* do NOT create user's home directory no matter what */
+ nflg = 0, /* do NOT create a group having the same name as the user */
oflg = 0, /* permit non-unique user ID to be specified with -u */
+ rflg = 0, /* create a system account */
sflg = 0, /* shell program for new account */
uflg = 0; /* specify user ID for new account */
@@ -628,6 +630,8 @@
" -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
" -m, --create-home create home directory for the new user\n"
" account\n"
+ " -M, do not create user's home directory(overrides /etc/login.defs)\n"
+ " -r, create system account\n"
" -o, --non-unique allow create user with duplicate\n"
" (non-unique) UID\n"
" -p, --password PASSWORD use encrypted password for the new user\n"
@@ -679,11 +683,20 @@
spent->sp_namp = (char *) user_name;
spent->sp_pwdp = (char *) user_pass;
spent->sp_lstchg = time ((time_t *) 0) / SCALE;
- spent->sp_min = scale_age (getdef_num ("PASS_MIN_DAYS", -1));
- spent->sp_max = scale_age (getdef_num ("PASS_MAX_DAYS", -1));
- spent->sp_warn = scale_age (getdef_num ("PASS_WARN_AGE", -1));
- spent->sp_inact = scale_age (def_inactive);
- spent->sp_expire = scale_age (user_expire);
+ if (!rflg) {
+ spent->sp_min = scale_age (getdef_num ("PASS_MIN_DAYS", -1));
+ spent->sp_max = scale_age (getdef_num ("PASS_MAX_DAYS", -1));
+ spent->sp_warn = scale_age (getdef_num ("PASS_WARN_AGE", -1));
+ spent->sp_inact = scale_age (def_inactive);
+ spent->sp_expire = scale_age (user_expire);
+ }
+ else {
+ spent->sp_min = scale_age(-1);
+ spent->sp_max = scale_age(-1);
+ spent->sp_warn = scale_age(-1);
+ spent->sp_inact = scale_age(-1);
+ spent->sp_expire = scale_age(-1);
+ }
spent->sp_flag = -1;
}
@@ -831,8 +844,14 @@
const struct passwd *pwd;
uid_t uid_min, uid_max;
- uid_min = getdef_unum ("UID_MIN", 1000);
- uid_max = getdef_unum ("UID_MAX", 60000);
+ if (!rflg) {
+ uid_min = getdef_unum ("UID_MIN", 500);
+ uid_max = getdef_unum ("UID_MAX", 60000);
+ }
+ else {
+ uid_min = 1;
+ uid_max = getdef_unum ("UID_MIN", 500) - 1;
+ }
/*
* Start with some UID value if the user didn't provide us with
@@ -862,7 +881,7 @@
#endif
exit (E_NAME_IN_USE);
}
- if (uflg && user_id == pwd->pw_uid) {
+ if (!oflg && uflg && user_id == pwd->pw_uid) {
fprintf (stderr, _("%s: UID %u is not unique\n"),
Prog, (unsigned int) user_id);
#ifdef WITH_AUDIT
@@ -1016,7 +1035,7 @@
{NULL, 0, NULL, '\0'}
};
while ((c =
- getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMop:s:u:",
+ getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMnrop:s:u:",
long_options, NULL)) != -1) {
switch (c) {
case 'b':
@@ -1188,6 +1207,15 @@
user_id = get_uid (optarg);
uflg++;
break;
+ case 'n':
+ nflg++;
+ break;
+ case 'r':
+ rflg++;
+ break;
+ case 'M':
+ Mflg++;
+ break;
default:
usage ();
}
@@ -1195,6 +1223,9 @@
}
}
+ if (mflg && Mflg) /* the admin is not decided .. create or not ? */
+ usage();
+
/*
* Certain options are only valid in combination with others.
* Check it here so that they can be specified in any order.
@@ -1703,6 +1734,14 @@
}
#endif /* USE_PAM */
+ if (!rflg) /* for system accounts defaults are ignored and we
+ * do not create a home dir -- gafton */
+ if (getdef_bool("CREATE_HOME"))
+ mflg = 1;
+
+ if (Mflg) /* absolutely sure that we do not create home dirs */
+ mflg = 0;
+
/*
* See if we are messing with the defaults file, or creating
* a new user.
@@ -1733,7 +1772,7 @@
* to that group, use useradd -g username username.
* --bero
*/
- if (!gflg) {
+ if ( !(nflg || gflg) ) {
if (getgrnam (user_name)) {
fprintf (stderr,
_
@@ -1784,25 +1823,18 @@
("%s: warning: the home directory already exists.\n"
"Not copying any file from skel directory into it.\n"),
Prog);
-
- } else if (getdef_str ("CREATE_HOME")) {
- /*
- * RedHat added the CREATE_HOME option in login.defs in their
- * version of shadow-utils (which makes -m the default, with
- * new -M option to turn it off). Unfortunately, this
- * changes the way useradd works (it can be run by scripts
- * expecting some standard behaviour), compared to other
- * Unices and other Linux distributions, and also adds a lot
- * of confusion :-(.
- * So we now recognize CREATE_HOME and give a warning here
- * (better than "configuration error ... notify administrator"
- * errors in every program that reads /etc/login.defs). -MM
- */
- fprintf (stderr,
- _
- ("%s: warning: CREATE_HOME not supported, please use -m instead.\n"),
- Prog);
}
+ /* Warning removed to protect the innocent. */
+ /*
+ * The whole idea about breaking some stupid scripts by creating a new
+ * variable is crap - I could care less about the scripts. Historically
+ * adduser type programs have always created the home directories and
+ * I don't like the idea of providing a script when we can fix the
+ * binary itself. And if the scripts are using the right options to the
+ * useradd then they will not break. If not, they depend on unspecified
+ * behavior and they will break, but they were broken anyway to begin
+ * with --gafton
+ */
create_mail ();
--- shadow-4.0.15/src/groupadd.c.redhat 2006-01-18 20:55:15.000000000 +0100
+++ shadow-4.0.15/src/groupadd.c 2006-04-03 13:43:56.000000000 +0200
@@ -74,6 +74,7 @@
static int oflg = 0; /* permit non-unique group ID to be specified with -g */
static int gflg = 0; /* ID value for the new group */
static int fflg = 0; /* if group already exists, do nothing and exit(0) */
+static int rflg = 0; /* for adding system accounts (Red Hat) */
/* local function prototypes */
static void usage (void);
@@ -99,6 +100,7 @@
"Options:\n"
" -f, --force force exit with success status if the specified\n"
" group already exists\n"
+ " -r, create system account\n"
" -g, --gid GID use GID for the new group\n"
" -h, --help display this help message and exit\n"
" -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
@@ -196,8 +198,13 @@
const struct group *grp;
gid_t gid_min, gid_max;
- gid_min = getdef_unum ("GID_MIN", 1000);
- gid_max = getdef_unum ("GID_MAX", 60000);
+ if (!rflg) {
+ gid_min = getdef_unum ("GID_MIN", 500);
+ gid_max = getdef_unum ("GID_MAX", 60000);
+ } else {
+ gid_min = 1;
+ gid_max = getdef_unum ("GID_MIN", 500) - 1;
+ }
/*
* Start with some GID value if the user didn't provide us with
@@ -411,7 +418,7 @@
};
while ((c =
- getopt_long (argc, argv, "fg:hK:o", long_options,
+ getopt_long (argc, argv, "frg:hK:o", long_options,
&option_index)) != -1) {
switch (c) {
case 'f':
@@ -424,6 +431,12 @@
*/
fflg++;
break;
+ case 'r':
+ /*
+ * create a system group
+ */
+ rflg++;
+ break;
case 'g':
gflg++;
if (!isdigit (optarg[0]))
Index: .cvsignore
===================================================================
RCS file: /cvs/dist/rpms/shadow-utils/devel/.cvsignore,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- .cvsignore 6 Jan 2006 09:56:57 -0000 1.10
+++ .cvsignore 3 Apr 2006 12:45:14 -0000 1.11
@@ -1 +1 @@
-shadow-4.0.14.tar.bz2
+shadow-4.0.15.tar.bz2
Index: shadow-utils.spec
===================================================================
RCS file: /cvs/dist/rpms/shadow-utils/devel/shadow-utils.spec,v
retrieving revision 1.70
retrieving revision 1.71
diff -u -r1.70 -r1.71
--- shadow-utils.spec 10 Mar 2006 14:02:43 -0000 1.70
+++ shadow-utils.spec 3 Apr 2006 12:45:14 -0000 1.71
@@ -4,14 +4,14 @@
Summary: Utilities for managing accounts and shadow password files.
Name: shadow-utils
-Version: 4.0.14
-Release: 4
+Version: 4.0.15
+Release: 1
Epoch: 2
URL: http://shadow.pld.org.pl/
Source0: ftp://ftp.pld.org.pl/software/shadow/shadow-%{version}.tar.bz2
-Source1: shadow-970616.login.defs
+Source1: shadow-4.0.15-login.defs
Source2: shadow-970616.useradd
-Patch0: shadow-4.0.14-redhat.patch
+Patch0: shadow-4.0.15-redhat.patch
Patch1: shadow-4.0.3-noinst.patch
Patch2: shadow-4.0.11.1-vipw.patch
Patch3: shadow-4.0.14-goodname.patch
@@ -99,6 +99,7 @@
rm $RPM_BUILD_ROOT/%{_sbindir}/vipw
rm $RPM_BUILD_ROOT/%{_sbindir}/vigr
rm $RPM_BUILD_ROOT/%{_sbindir}/nologin
+rm $RPM_BUILD_ROOT/%{_sbindir}/chgpasswd
rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/id.*
rm $RPM_BUILD_ROOT/%{_mandir}/man1/chfn.*
rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/chfn.*
@@ -128,6 +129,8 @@
rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/logoutd.*
rm $RPM_BUILD_ROOT/%{_mandir}/man8/vipw.*
rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/vipw.*
+rm $RPM_BUILD_ROOT/%{_mandir}/man8/nologin.*
+rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/nologin.*
rm $RPM_BUILD_ROOT/%{_mandir}/man8/vigr.*
rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/vigr.*
rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/sulogin.*
@@ -200,6 +203,9 @@
%{_mandir}/*/man8/faillog.8*
%changelog
+* Mon Apr 03 2006 Peter Vrabec <pvrabec at redhat.com> 2:4.0.15-1
+- upgrade
+
* Fri Mar 10 2006 Peter Vrabec <pvrabec at redhat.com> 2:4.0.14-4
- fix lrename() function to handle relative symlinks too
Index: sources
===================================================================
RCS file: /cvs/dist/rpms/shadow-utils/devel/sources,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- sources 6 Jan 2006 09:56:57 -0000 1.10
+++ sources 3 Apr 2006 12:45:14 -0000 1.11
@@ -1 +1 @@
-903f55cf05bbe082617d3337743792fb shadow-4.0.14.tar.bz2
+a0452fa989f8ba45023cc5a08136568e shadow-4.0.15.tar.bz2
--- shadow-4.0.14-redhat.patch DELETED ---
--- shadow-970616.login.defs DELETED ---
More information about the fedora-cvs-commits
mailing list