diff options
25 files changed, 2796 insertions, 0 deletions
@@ -0,0 +1 @@ +/shadow-4.13.tar.xz diff --git a/backport-Added-control-character-check.patch b/backport-Added-control-character-check.patch new file mode 100644 index 0000000..79d074e --- /dev/null +++ b/backport-Added-control-character-check.patch @@ -0,0 +1,45 @@ +From e5905c4b84d4fb90aefcd96ee618411ebfac663d Mon Sep 17 00:00:00 2001
+From: tomspiderlabs <128755403+tomspiderlabs@users.noreply.github.com>
+Date: Thu, 23 Mar 2023 23:39:38 +0000
+Subject: [PATCH] Added control character check
+
+Added control character check, returning -1 (to "err") if control characters are present.
+---
+ lib/fields.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/lib/fields.c b/lib/fields.c
+index 640be931..fb51b582 100644
+--- a/lib/fields.c
++++ b/lib/fields.c
+@@ -21,9 +21,9 @@
+ *
+ * The supplied field is scanned for non-printable and other illegal
+ * characters.
+- * + -1 is returned if an illegal character is present.
+- * + 1 is returned if no illegal characters are present, but the field
+- * contains a non-printable character.
++ * + -1 is returned if an illegal or control character is present.
++ * + 1 is returned if no illegal or control characters are present,
++ * but the field contains a non-printable character.
+ * + 0 is returned otherwise.
+ */
+ int valid_field (const char *field, const char *illegal)
+@@ -45,10 +45,13 @@ int valid_field (const char *field, const char *illegal)
+ }
+
+ if (0 == err) {
+- /* Search if there are some non-printable characters */
++ /* Search if there are non-printable or control characters */
+ for (cp = field; '\0' != *cp; cp++) {
+ if (!isprint (*cp)) {
+ err = 1;
++ }
++ if (!iscntrl (*cp)) {
++ err = -1;
+ break;
+ }
+ }
+--
+2.27.0
+
diff --git a/backport-Correctly-handle-illegal-system-file-in-tz.patch b/backport-Correctly-handle-illegal-system-file-in-tz.patch new file mode 100644 index 0000000..5355ec7 --- /dev/null +++ b/backport-Correctly-handle-illegal-system-file-in-tz.patch @@ -0,0 +1,55 @@ +From 37ae2320809cb16afa9dacd8e5ea317ae216ee36 Mon Sep 17 00:00:00 2001 +From: Samanta Navarro <ferivoz@riseup.net> +Date: Fri, 27 Jan 2023 11:57:51 +0000 +Subject: [PATCH] Correctly handle illegal system file in tz + +If the file referenced by ENV_TZ has a zero length string, then an out +of boundary write occurs. Also the result can be wrong because it is +assumed that the file will always end with a newline. + +Only override a newline character with '\0' to avoid these cases. + +This cannot be considered to be security relevant because login.defs +and its contained references to system files should be trusted to begin +with. + +Proof of Concept: + +1. Compile shadow's su with address sanitizer and --without-libpam + +2. Setup your /etc/login.defs to contain ENV_TZ=/etc/tzname + +3. Prepare /etc/tzname to contain a '\0' byte at the beginning + +`python -c "print('\x00')" > /etc/tzname` + +4. Use su + +`su -l` + +You can see the following output: + +`tz.c:45:8: runtime error: index 18446744073709551615 out of bounds for type 'char [8192]'` + +Signed-off-by: Samanta Navarro <ferivoz@riseup.net> +--- + libmisc/tz.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/libmisc/tz.c b/libmisc/tz.c +index f3f5733e..9f3a41f2 100644 +--- a/libmisc/tz.c ++++ b/libmisc/tz.c +@@ -42,7 +42,8 @@ + + strcpy (tzbuf, def_tz); + } else { +- tzbuf[strlen (tzbuf) - 1] = '\0'; ++ /* Remove optional trailing '\n'. */ ++ tzbuf[strcspn (tzbuf, "\n")] = '\0'; + } + + if (NULL != fp) { +-- +2.27.0 + diff --git a/backport-Explicitly-override-only-newlines.patch b/backport-Explicitly-override-only-newlines.patch new file mode 100644 index 0000000..a1fc8c6 --- /dev/null +++ b/backport-Explicitly-override-only-newlines.patch @@ -0,0 +1,55 @@ +From ffc480c2e93f05266e4b130229877ad13f71a8c0 Mon Sep 17 00:00:00 2001 +From: Samanta Navarro <ferivoz@riseup.net> +Date: Mon, 30 Jan 2023 11:53:47 +0000 +Subject: [PATCH] Explicitly override only newlines + +Override only newlines with '\0' to avoid undesired truncation of +actual line content. + +Signed-off-by: Samanta Navarro <ferivoz@riseup.net> +--- + lib/port.c | 6 +++--- + libmisc/console.c | 3 ++- + 2 files changed, 5 insertions(+), 4 deletions(-) + +diff --git a/lib/port.c b/lib/port.c +index 0bea2ef4..90eb1498 100644 +--- a/lib/port.c ++++ b/lib/port.c +@@ -130,8 +130,8 @@ static struct port *getportent (void) + again: + + /* +- * Get the next line and remove the last character, which +- * is a '\n'. Lines which begin with '#' are all ignored. ++ * Get the next line and remove optional trailing '\n'. ++ * Lines which begin with '#' are all ignored. + */ + + if (fgets (buf, (int) sizeof buf, ports) == 0) { +@@ -149,7 +149,7 @@ static struct port *getportent (void) + * TTY devices. + */ + +- buf[strlen (buf) - 1] = 0; ++ buf[strcspn (buf, "\n")] = 0; + + port.pt_names = ttys; + for (cp = buf, j = 0; j < PORT_TTY; j++) { +diff --git a/libmisc/console.c b/libmisc/console.c +index bc024eba..63d3ceb3 100644 +--- a/libmisc/console.c ++++ b/libmisc/console.c +@@ -71,7 +71,8 @@ static bool is_listed (const char *cfgin, const char *tty, bool def) + */ + + while (fgets (buf, (int) sizeof (buf), fp) != NULL) { +- buf[strlen (buf) - 1] = '\0'; ++ /* Remove optional trailing '\n'. */ ++ buf[strcspn (buf, "\n")] = '\0'; + if (strcmp (buf, tty) == 0) { + (void) fclose (fp); + return true; +-- +2.27.0 + diff --git a/backport-Fix-off-by-one-mistakes.patch b/backport-Fix-off-by-one-mistakes.patch new file mode 100644 index 0000000..fe11716 --- /dev/null +++ b/backport-Fix-off-by-one-mistakes.patch @@ -0,0 +1,74 @@ +From 587ce83e3ff4bea64ac028149ac9b66df37f688c Mon Sep 17 00:00:00 2001 +From: Alejandro Colomar <alx@kernel.org> +Date: Fri, 16 Dec 2022 00:52:27 +0100 +Subject: [PATCH] Fix off-by-one mistakes + +The buffers have a size of 512 (see xmalloc() above), which is what +snprintf(3) expects. + +Link: <https://github.com/shadow-maint/shadow/pull/607> +Signed-off-by: Alejandro Colomar <alx@kernel.org> +--- + src/groupmod.c | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +diff --git a/src/groupmod.c b/src/groupmod.c +index 006eca1c..828c7c0b 100644 +--- a/src/groupmod.c ++++ b/src/groupmod.c +@@ -554,13 +554,13 @@ static void prepare_failure_reports (void) + #endif + info_passwd.audit_msg = xmalloc (512); + +- (void) snprintf (info_group.audit_msg, 511, ++ (void) snprintf (info_group.audit_msg, 512, + "changing %s; ", gr_dbname ()); + #ifdef SHADOWGRP +- (void) snprintf (info_gshadow.audit_msg, 511, ++ (void) snprintf (info_gshadow.audit_msg, 512, + "changing %s; ", sgr_dbname ()); + #endif +- (void) snprintf (info_passwd.audit_msg, 511, ++ (void) snprintf (info_passwd.audit_msg, 512, + "changing %s; ", pw_dbname ()); + + info_group.action = info_group.audit_msg +@@ -573,16 +573,16 @@ static void prepare_failure_reports (void) + + strlen (info_passwd.audit_msg); + + (void) snprintf (info_group.action, +- 511 - strlen (info_group.audit_msg), ++ 512 - strlen (info_group.audit_msg), + "group %s/%lu", + group_name, (unsigned long int) group_id); + #ifdef SHADOWGRP + (void) snprintf (info_gshadow.action, +- 511 - strlen (info_group.audit_msg), ++ 512 - strlen (info_group.audit_msg), + "group %s", group_name); + #endif + (void) snprintf (info_passwd.action, +- 511 - strlen (info_group.audit_msg), ++ 512 - strlen (info_group.audit_msg), + "group %s/%lu", + group_name, (unsigned long int) group_id); + +@@ -617,13 +617,13 @@ static void prepare_failure_reports (void) + strncat (info_group.action, ", new gid: ", + 511 - strlen (info_group.audit_msg)); + (void) snprintf (info_group.action+strlen (info_group.action), +- 511 - strlen (info_group.audit_msg), ++ 512 - strlen (info_group.audit_msg), + "%lu", (unsigned long int) group_newid); + + strncat (info_passwd.action, ", new gid: ", + 511 - strlen (info_passwd.audit_msg)); + (void) snprintf (info_passwd.action+strlen (info_passwd.action), +- 511 - strlen (info_passwd.audit_msg), ++ 512 - strlen (info_passwd.audit_msg), + "%lu", (unsigned long int) group_newid); + } + info_group.audit_msg[511] = '\0'; +-- +2.27.0 + diff --git a/backport-Fix-typos-in-length-calculations.patch b/backport-Fix-typos-in-length-calculations.patch new file mode 100644 index 0000000..8d339ad --- /dev/null +++ b/backport-Fix-typos-in-length-calculations.patch @@ -0,0 +1,32 @@ +From ed69feaaff3c86745390c9839ecfc4b8f9706075 Mon Sep 17 00:00:00 2001 +From: Alejandro Colomar <alx@kernel.org> +Date: Fri, 16 Dec 2022 01:08:12 +0100 +Subject: [PATCH] Fix typos in length calculations + +Link: <https://github.com/shadow-maint/shadow/pull/607> +Signed-off-by: Alejandro Colomar <alx@kernel.org> +--- + src/groupmod.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/groupmod.c b/src/groupmod.c +index 7802e5b1..8c219194 100644 +--- a/src/groupmod.c ++++ b/src/groupmod.c +@@ -578,11 +578,11 @@ static void prepare_failure_reports (void) + group_name, (unsigned long int) group_id); + #ifdef SHADOWGRP + (void) snprintf (info_gshadow.action, +- 512 - strlen (info_group.audit_msg), ++ 512 - strlen (info_gshadow.audit_msg), + "group %s", group_name); + #endif + (void) snprintf (info_passwd.action, +- 512 - strlen (info_group.audit_msg), ++ 512 - strlen (info_passwd.audit_msg), + "group %s/%lu", + group_name, (unsigned long int) group_id); + +-- +2.27.0 + diff --git a/backport-Overhaul-valid_field.patch b/backport-Overhaul-valid_field.patch new file mode 100644 index 0000000..7573d17 --- /dev/null +++ b/backport-Overhaul-valid_field.patch @@ -0,0 +1,61 @@ +From 2eaea70111f65b16d55998386e4ceb4273c19eb4 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Fri, 31 Mar 2023 14:46:50 +0200
+Subject: [PATCH] Overhaul valid_field()
+
+e5905c4b ("Added control character check") introduced checking for
+control characters but had the logic inverted, so it rejects all
+characters that are not control ones.
+
+Cast the character to `unsigned char` before passing to the character
+checking functions to avoid UB.
+
+Use strpbrk(3) for the illegal character test and return early.
+---
+ lib/fields.c | 24 ++++++++++--------------
+ 1 file changed, 10 insertions(+), 14 deletions(-)
+
+diff --git a/lib/fields.c b/lib/fields.c
+index fb51b582..53929248 100644
+--- a/lib/fields.c
++++ b/lib/fields.c
+@@ -37,26 +37,22 @@ int valid_field (const char *field, const char *illegal)
+
+ /* For each character of field, search if it appears in the list
+ * of illegal characters. */
++ if (illegal && NULL != strpbrk (field, illegal)) {
++ return -1;
++ }
++
++ /* Search if there are non-printable or control characters */
+ for (cp = field; '\0' != *cp; cp++) {
+- if (strchr (illegal, *cp) != NULL) {
++ unsigned char c = *cp;
++ if (!isprint (c)) {
++ err = 1;
++ }
++ if (iscntrl (c)) {
+ err = -1;
+ break;
+ }
+ }
+
+- if (0 == err) {
+- /* Search if there are non-printable or control characters */
+- for (cp = field; '\0' != *cp; cp++) {
+- if (!isprint (*cp)) {
+- err = 1;
+- }
+- if (!iscntrl (*cp)) {
+- err = -1;
+- break;
+- }
+- }
+- }
+-
+ return err;
+ }
+
+--
+2.27.0
+
diff --git a/backport-Prevent-out-of-boundary-access.patch b/backport-Prevent-out-of-boundary-access.patch new file mode 100644 index 0000000..321b616 --- /dev/null +++ b/backport-Prevent-out-of-boundary-access.patch @@ -0,0 +1,56 @@ +From 8e0ad48c21bd7d5506ff44eb4c04f796b80045ce Mon Sep 17 00:00:00 2001 +From: Samanta Navarro <ferivoz@riseup.net> +Date: Mon, 30 Jan 2023 11:54:49 +0000 +Subject: [PATCH] Prevent out of boundary access + +If lines start with '\0' then it is possible to trigger out of +boundary accesses. + +Check if indices are valid before accessing them. + +Signed-off-by: Samanta Navarro <ferivoz@riseup.net> +--- + src/login_nopam.c | 4 ++-- + src/suauth.c | 3 ++- + 2 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/login_nopam.c b/src/login_nopam.c +index b09cffe4..18072a43 100644 +--- a/src/login_nopam.c ++++ b/src/login_nopam.c +@@ -100,7 +100,7 @@ int login_access (const char *user, const char *from) + int end; + lineno++; + end = (int) strlen (line) - 1; +- if (line[end] != '\n') { ++ if (line[0] == '\0' || line[end] != '\n') { + SYSLOG ((LOG_ERR, + "%s: line %d: missing newline or line too long", + TABLE, lineno)); +@@ -320,7 +320,7 @@ static bool from_match (const char *tok, const char *string) + if (strchr (string, '.') == NULL) { + return true; + } +- } else if ( (tok[(tok_len = strlen (tok)) - 1] == '.') /* network */ ++ } else if ( (tok[0] != '\0' && tok[(tok_len = strlen (tok)) - 1] == '.') /* network */ + && (strncmp (tok, resolve_hostname (string), tok_len) == 0)) { + return true; + } +diff --git a/src/suauth.c b/src/suauth.c +index 2641d334..d68a3340 100644 +--- a/src/suauth.c ++++ b/src/suauth.c +@@ -68,8 +68,9 @@ int check_su_auth (const char *actual_id, + + while (fgets (temp, sizeof (temp), authfile_fd) != NULL) { + lines++; ++ endline = strlen(temp) - 1; + +- if (temp[endline = strlen (temp) - 1] != '\n') { ++ if (temp[0] == '\0' || temp[endline] != '\n') { + SYSLOG ((LOG_ERR, + "%s, line %d: line too long or missing newline", + SUAUTHFILE, lines)); +-- +2.27.0 + diff --git a/backport-Read-whole-line-in-yes_or_no.patch b/backport-Read-whole-line-in-yes_or_no.patch new file mode 100644 index 0000000..c70a8b8 --- /dev/null +++ b/backport-Read-whole-line-in-yes_or_no.patch @@ -0,0 +1,67 @@ +From 0c83b981053b65c9bab4f1c2e60d004e920f8faf Mon Sep 17 00:00:00 2001
+From: Samanta Navarro <ferivoz@riseup.net>
+Date: Fri, 27 Jan 2023 11:53:57 +0000
+Subject: [PATCH] Read whole line in yes_or_no
+
+Do not stop after 79 characters. Read the complete line to avoid
+arbitrary limitations.
+
+Proof of Concept:
+
+```
+cat > passwd-poc << EOF
+root:x:0:0:root:/root:/bin/bash
+root:x:0:0:root:/root:/bin/bash
+root:x:0:0:root:/root:/bin/bash
+EOF
+python -c "print(80*'y')" | pwck passwd-poc
+```
+
+Two lines should still be within the file because we agreed only once
+to remove a duplicated line.
+
+Signed-off-by: Samanta Navarro <ferivoz@riseup.net>
+Reviewed-by: Alejandro Colomar <alx@kernel.org>
+Reviewed-by: Serge Hallyn <serge@hallyn.com>
+
+Conflict: NA
+Reference: https://github.com/shadow-maint/shadow/commit/0c83b981053b65c9bab4f1c2e60d004e920f8faf
+---
+ libmisc/yesno.c | 13 ++++++++-----
+ 1 file changed, 8 insertions(+), 5 deletions(-)
+
+diff --git a/libmisc/yesno.c b/libmisc/yesno.c
+index 1a1a3714..d8847e40 100644
+--- a/libmisc/yesno.c
++++ b/libmisc/yesno.c
+@@ -28,7 +28,8 @@
+ */
+ bool yes_or_no (bool read_only)
+ {
+- char buf[80];
++ int c;
++ bool result;
+
+ /*
+ * In read-only mode all questions are answered "no".
+@@ -46,11 +47,13 @@ bool yes_or_no (bool read_only)
+ /*
+ * Get a line and see what the first character is.
+ */
++ c = fgetc(stdin);
+ /* TODO: use gettext */
+- if (fgets (buf, (int) sizeof buf, stdin) == buf) {
+- return buf[0] == 'y' || buf[0] == 'Y';
+- }
++ result = (c == 'y' || c == 'Y');
++
++ while (c != '\n' && c != EOF)
++ c = fgetc(stdin);
+
+- return false;
++ return result;
+ }
+
+--
+2.27.0
+
diff --git a/backport-chgpasswd-fix-segfault-in-command-line-options.patch b/backport-chgpasswd-fix-segfault-in-command-line-options.patch new file mode 100644 index 0000000..db47426 --- /dev/null +++ b/backport-chgpasswd-fix-segfault-in-command-line-options.patch @@ -0,0 +1,36 @@ +From 53a17c1742a4b5fcf9280fd6dd85fc77588535c2 Mon Sep 17 00:00:00 2001 +From: Jeffrey Bencteux <jeffbencteux@gmail.com> +Date: Wed, 21 Jun 2023 15:12:43 +0200 +Subject: [PATCH] chgpasswd: fix segfault in command-line options + +Using the --sha-rounds option without first giving a crypt method via the --crypt-method option results in comparisons with a NULL pointer and thus make chgpasswd segfault: + +$ chgpasswd -s 1 +zsh: segmentation fault chgpasswd -s 1 + +Current patch add a sanity check before these comparisons to ensure there is a defined encryption method. +--- + src/chgpasswd.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/chgpasswd.c b/src/chgpasswd.c +index fe4055d8..7b773e2f 100644 +--- a/src/chgpasswd.c ++++ b/src/chgpasswd.c +@@ -186,6 +186,13 @@ static void process_flags (int argc, char **argv) + case 's': + sflg = true; + bad_s = 0; ++ ++ if (!crypt_method) { ++ fprintf (stderr, ++ _("%s: no crypt method defined\n"), ++ Prog); ++ usage (E_USAGE); ++ } + #if defined(USE_SHA_CRYPT) + if ( ( ((0 == strcmp (crypt_method, "SHA256")) || (0 == strcmp (crypt_method, "SHA512"))) + && (0 == getlong(optarg, &sha_rounds)))) { +-- +2.20.1 + diff --git a/backport-commonio-free-removed-database-entries.patch b/backport-commonio-free-removed-database-entries.patch new file mode 100644 index 0000000..13322f7 --- /dev/null +++ b/backport-commonio-free-removed-database-entries.patch @@ -0,0 +1,39 @@ +From a8dd8ce6c9a5f6e69ed4e9fa7b0c0976bb4ba332 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Sat, 1 Apr 2023 13:36:51 +0200
+Subject: [PATCH] commonio: free removed database entries
+
+Free the actual struct of the removed entry.
+
+Example userdel report:
+
+ Direct leak of 40 byte(s) in 1 object(s) allocated from:
+ #0 0x55b230efe857 in reallocarray (./src/userdel+0xda857)
+ #1 0x55b230f6041f in mallocarray ./lib/./alloc.h:97:9
+ #2 0x55b230f6041f in commonio_open ./lib/commonio.c:563:7
+ #3 0x55b230f39098 in open_files ./src/userdel.c:555:6
+ #4 0x55b230f39098 in main ./src/userdel.c:1189:2
+ #5 0x7f9b48c64189 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
+
+Conflict: NA
+Reference: https://github.com/shadow-maint/shadow/commit/a8dd8ce6c9a5f6e69ed4e9fa7b0c0976bb4ba332
+---
+ lib/commonio.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/lib/commonio.c b/lib/commonio.c
+index 40e62298..a0449c83 100644
+--- a/lib/commonio.c
++++ b/lib/commonio.c
+@@ -1060,6 +1060,8 @@ int commonio_remove (struct commonio_db *db, const char *name)
+ db->ops->free (p->eptr);
+ }
+
++ free(p);
++
+ return 1;
+ }
+
+--
+2.27.0
+
diff --git a/backport-run_parts-for-groupadd-and-groupdel.patch b/backport-run_parts-for-groupadd-and-groupdel.patch new file mode 100644 index 0000000..43c175b --- /dev/null +++ b/backport-run_parts-for-groupadd-and-groupdel.patch @@ -0,0 +1,127 @@ +From 4e1f674c41724dd96ad2c3a0c02ac9f6666697ba Mon Sep 17 00:00:00 2001
+From: ed neville <ed@s5h.net>
+Date: Mon, 27 Mar 2023 20:23:03 +0100
+Subject: [PATCH] run_parts for groupadd and groupdel
+
+run_parts currently exists in useradd and userdel, this commit mirrors
+the functionality with groupadd and groupdel
+
+Hook for group{add,del} to include killing processes that have group
+membership that would no longer exist to avoid membership ID reuse.
+
+Conflict: NA
+Reference: https://github.com/shadow-maint/shadow/commit/4e1f674c41724dd96ad2c3a0c02ac9f6666697ba
+---
+ .../groupdel-pre.d/01-kill_group_procs.sh | 26 +++++++++++++++++++
+ src/groupadd.c | 11 ++++++++
+ src/groupdel.c | 11 ++++++++
+ 3 files changed, 48 insertions(+)
+ create mode 100644 etc/shadow-maint/groupdel-pre.d/01-kill_group_procs.sh
+
+diff --git a/etc/shadow-maint/groupdel-pre.d/01-kill_group_procs.sh b/etc/shadow-maint/groupdel-pre.d/01-kill_group_procs.sh
+new file mode 100644
+index 00000000..10db5279
+--- /dev/null
++++ b/etc/shadow-maint/groupdel-pre.d/01-kill_group_procs.sh
+@@ -0,0 +1,26 @@
++#!/bin/sh
++
++PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
++GROUPID=`awk -F: '$1 == "'"${SUBJECT}"'" { print $3 }' /etc/group`
++
++if [ "${GROUPID}" = "" ]; then
++ exit 0
++fi
++
++for status in /proc/*/status; do
++ # either this isn't a process or its already dead since expanding the list
++ [ -f "$status" ] || continue
++
++ tbuf=${status%/status}
++ pid=${tbuf#/proc/}
++ case "$pid" in
++ "$$") continue;;
++ [0-9]*) :;;
++ *) continue
++ esac
++
++ grep -q '^Groups:.*\b'"${GROUPID}"'\b.*' "/proc/$pid/status" || continue
++
++ kill -9 "$pid" || echo "cannot kill $pid" 1>&2
++done
++
+diff --git a/src/groupadd.c b/src/groupadd.c
+index 31142101..2eda1c68 100644
+--- a/src/groupadd.c
++++ b/src/groupadd.c
+@@ -34,6 +34,7 @@
+ #include "sgroupio.h"
+ #endif
+ #include "shadowlog.h"
++#include "run_part.h"
+
+ /*
+ * exit status values
+@@ -603,6 +604,11 @@ int main (int argc, char **argv)
+
+ check_perms ();
+
++ if (run_parts ("/etc/shadow-maint/groupadd-pre.d", group_name,
++ "groupadd")) {
++ exit(1);
++ }
++
+ #ifdef SHADOWGRP
+ is_shadow_grp = sgr_file_present ();
+ #endif
+@@ -621,6 +627,11 @@ int main (int argc, char **argv)
+
+ grp_update ();
+ close_files ();
++ if (run_parts ("/etc/shadow-maint/groupadd-post.d", group_name,
++ "groupadd")) {
++ exit(1);
++ }
++
+
+ nscd_flush_cache ("group");
+ sssd_flush_cache (SSSD_DB_GROUP);
+diff --git a/src/groupdel.c b/src/groupdel.c
+index fdccf5e1..bae4367b 100644
+--- a/src/groupdel.c
++++ b/src/groupdel.c
+@@ -32,6 +32,7 @@
+ #include "sgroupio.h"
+ #endif
+ #include "shadowlog.h"
++#include "run_part.h"
+ /*
+ * Global variables
+ */
+@@ -461,6 +462,11 @@ int main (int argc, char **argv)
+ group_busy (group_id);
+ }
+
++ if (run_parts ("/etc/shadow-maint/groupdel-pre.d", group_name,
++ "groupdel")) {
++ exit(1);
++ }
++
+ /*
+ * Do the hard stuff - open the files, delete the group entries,
+ * then close and update the files.
+@@ -471,6 +477,11 @@ int main (int argc, char **argv)
+
+ close_files ();
+
++ if (run_parts ("/etc/shadow-maint/groupdel-post.d", group_name,
++ "groupdel")) {
++ exit(1);
++ }
++
+ nscd_flush_cache ("group");
+ sssd_flush_cache (SSSD_DB_GROUP);
+
+--
+2.27.0
+
diff --git a/backport-semanage-disconnect-to-free-libsemanage-internals.patch b/backport-semanage-disconnect-to-free-libsemanage-internals.patch new file mode 100644 index 0000000..94a0722 --- /dev/null +++ b/backport-semanage-disconnect-to-free-libsemanage-internals.patch @@ -0,0 +1,76 @@ +From 7078ed1e0b8a197aa9e5103986bce927abef87a4 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Sat, 1 Apr 2023 14:11:06 +0200
+Subject: [PATCH] semanage: disconnect to free libsemanage internals
+
+Destroying the handle does not actually disconnect, see [1].
+Also free the key on user removal.
+
+[1]: https://github.com/SELinuxProject/selinux/blob/e9072e7d45f4559887d11b518099135cbe564163/libsemanage/src/direct_api.c#L330
+
+Example adduser leak:
+
+ Direct leak of 1008 byte(s) in 14 object(s) allocated from:
+ #0 0x5638f2e782ae in __interceptor_malloc (./src/useradd+0xee2ae)
+ #1 0x7fb5cfffad09 in dbase_file_init src/database_file.c:170:45
+
+ Direct leak of 392 byte(s) in 7 object(s) allocated from:
+ #0 0x5638f2e782ae in __interceptor_malloc (./src/useradd+0xee2ae)
+ #1 0x7fb5cfffc929 in dbase_policydb_init src/database_policydb.c:187:27
+
+ Direct leak of 144 byte(s) in 2 object(s) allocated from:
+ #0 0x5638f2e782ae in __interceptor_malloc (./src/useradd+0xee2ae)
+ #1 0x7fb5cfffb519 in dbase_join_init src/database_join.c:249:28
+
+ [...]
+
+Conflict: NA
+Reference: https://github.com/shadow-maint/shadow/commit/7078ed1e0b8a197aa9e5103986bce927abef87a4
+---
+ lib/semanage.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/lib/semanage.c b/lib/semanage.c
+index 5d336b08..d412186c 100644
+--- a/lib/semanage.c
++++ b/lib/semanage.c
+@@ -97,6 +97,8 @@ static semanage_handle_t *semanage_init (void)
+ return handle;
+
+ fail:
++ if (handle)
++ semanage_disconnect (handle);
+ semanage_handle_destroy (handle);
+ return NULL;
+ }
+@@ -156,7 +158,7 @@ done:
+
+
+ static int semanage_user_add (semanage_handle_t *handle,
+- semanage_seuser_key_t *key,
++ const semanage_seuser_key_t *key,
+ const char *login_name,
+ const char *seuser_name)
+ {
+@@ -279,6 +281,8 @@ int set_seuser (const char *login_name, const char *seuser_name)
+
+ done:
+ semanage_seuser_key_free (key);
++ if (handle)
++ semanage_disconnect (handle);
+ semanage_handle_destroy (handle);
+ return ret;
+ }
+@@ -353,6 +357,9 @@ int del_seuser (const char *login_name)
+
+ ret = 0;
+ done:
++ semanage_seuser_key_free (key);
++ if (handle)
++ semanage_disconnect (handle);
+ semanage_handle_destroy (handle);
+ return ret;
+ }
+--
+2.27.0
+
diff --git a/backport-useradd-check-if-subid-range-exists-for-user.patch b/backport-useradd-check-if-subid-range-exists-for-user.patch new file mode 100644 index 0000000..62c172f --- /dev/null +++ b/backport-useradd-check-if-subid-range-exists-for-user.patch @@ -0,0 +1,41 @@ +From e0524e813a3bae2891b33a66f35876841c11cee7 Mon Sep 17 00:00:00 2001 +From: Iker Pedrosa <ipedrosa@redhat.com> +Date: Mon, 24 Oct 2022 10:46:36 +0200 +Subject: [PATCH 1/4] useradd: check if subid range exists for user + +Check if a user already has a subid range before assigning one. + +Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2012929 + +Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com> + +Reference: https://github.com/shadow-maint/shadow/commit/e0524e813a3bae2891b33a66f35876841c11cee7 +Conflict: NA +--- + src/useradd.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/useradd.c b/src/useradd.c +index 7ea0a9c4..e784d602 100644 +--- a/src/useradd.c ++++ b/src/useradd.c +@@ -2188,14 +2188,14 @@ static void usr_update (unsigned long subuid_count, unsigned long subgid_count) + fail_exit (E_PW_UPDATE); + } + #ifdef ENABLE_SUBIDS +- if (is_sub_uid && ++ if (is_sub_uid && !local_sub_uid_assigned(user_name) && + (sub_uid_add(user_name, sub_uid_start, subuid_count) == 0)) { + fprintf (stderr, + _("%s: failed to prepare the new %s entry\n"), + Prog, sub_uid_dbname ()); + fail_exit (E_SUB_UID_UPDATE); + } +- if (is_sub_gid && ++ if (is_sub_gid && !local_sub_gid_assigned(user_name) && + (sub_gid_add(user_name, sub_gid_start, subgid_count) == 0)) { + fprintf (stderr, + _("%s: failed to prepare the new %s entry\n"), +-- +2.12.3 + diff --git a/chpasswd b/chpasswd new file mode 100644 index 0000000..15c4663 --- /dev/null +++ b/chpasswd @@ -0,0 +1,5 @@ +#%PAM-1.0 +# This tool only uses the password stack. +password substack system-auth +-password optional pam_gnome_keyring.so use_authtok +password substack postlogin diff --git a/gpl-2.0.txt b/gpl-2.0.txt new file mode 100644 index 0000000..d159169 --- /dev/null +++ b/gpl-2.0.txt @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + <signature of Ty Coon>, 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/newusers b/newusers new file mode 100644 index 0000000..15c4663 --- /dev/null +++ b/newusers @@ -0,0 +1,5 @@ +#%PAM-1.0 +# This tool only uses the password stack. +password substack system-auth +-password optional pam_gnome_keyring.so use_authtok +password substack postlogin diff --git a/shadow-Remove-encrypted-passwd-for-useradd-gr.patch b/shadow-Remove-encrypted-passwd-for-useradd-gr.patch new file mode 100644 index 0000000..07b29c1 --- /dev/null +++ b/shadow-Remove-encrypted-passwd-for-useradd-gr.patch @@ -0,0 +1,133 @@ +From 280a8474ad87f44f9620eeac75cbf8a34b5edc2f Mon Sep 17 00:00:00 2001 +From: xiongshenglan <xiongshenglan@huawei.com> +Date: Thu, 27 Jul 2023 09:30:16 +0800 +Subject: [PATCH] shadow: Remove encrypted passwd for + useradd-groupadd-groupmod-usermod + +Remove encrypted passwd for useradd/groupadd/groupmod/usermod +In groupadd/useradd, p parameter does not meet password complexity checks. Do +not satisfy security requirements. + +Signed-off-by: xiongshenglan <xiongshenglan@huawei.com> +--- + src/groupadd.c | 4 ++++ + src/groupmod.c | 4 ++++ + src/useradd.c | 4 ++++ + src/usermod.c | 4 ++++ + 4 files changed, 16 insertions(+) + +diff --git a/src/groupadd.c b/src/groupadd.c +index d7f68b1..9b7a521 100644 +--- a/src/groupadd.c ++++ b/src/groupadd.c +@@ -125,7 +125,9 @@ static /*@noreturn@*/void usage (int status) + (void) fputs (_(" -K, --key KEY=VALUE override /etc/login.defs defaults\n"), usageout); + (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" + " (non-unique) GID\n"), usageout); ++#ifndef CONFIG_SHADOW_REMOVE_POPTION + (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), usageout); ++#endif + (void) fputs (_(" -r, --system create a system account\n"), usageout); + (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); + (void) fputs (_(" -P, --prefix PREFIX_DI directory prefix\n"), usageout); +@@ -459,10 +461,12 @@ static void process_flags (int argc, char **argv) + case 'o': + oflg = true; + break; ++#ifndef CONFIG_SHADOW_REMOVE_POPTION + case 'p': + pflg = true; + group_passwd = optarg; + break; ++#endif + case 'r': + rflg = true; + break; +diff --git a/src/groupmod.c b/src/groupmod.c +index acd6f35..f9dcabd 100644 +--- a/src/groupmod.c ++++ b/src/groupmod.c +@@ -139,8 +139,10 @@ static void usage (int status) + (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); + (void) fputs (_(" -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"), usageout); + (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout); ++#ifndef CONFIG_SHADOW_REMOVE_POPTION + (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" + " PASSWORD\n"), usageout); ++#endif + (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); + (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); + (void) fputs (_(" -U, --users USERS list of user members of this group\n"), usageout); +@@ -449,10 +451,12 @@ static void process_flags (int argc, char **argv) + case 'o': + oflg = true; + break; ++#ifndef CONFIG_SHADOW_REMOVE_POPTION + case 'p': + group_passwd = optarg; + pflg = true; + break; ++#endif + case 'R': /* no-op, handled in process_root_flag () */ + break; + case 'P': /* no-op, handled in process_prefix_flag () */ +diff --git a/src/useradd.c b/src/useradd.c +index 89abd5e..e5ba3dd 100644 +--- a/src/useradd.c ++++ b/src/useradd.c +@@ -907,7 +907,9 @@ static void usage (int status) + " the user\n"), usageout); + (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" + " (non-unique) UID\n"), usageout); ++#ifndef CONFIG_SHADOW_REMOVE_POPTION + (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), usageout); ++#endif + (void) fputs (_(" -r, --system create a system account\n"), usageout); + (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); + (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); +@@ -1366,6 +1368,7 @@ static void process_flags (int argc, char **argv) + case 'o': + oflg = true; + break; ++#ifndef CONFIG_SHADOW_REMOVE_POPTION + case 'p': /* set encrypted password */ + if (!VALID (optarg)) { + fprintf (stderr, +@@ -1375,6 +1378,7 @@ static void process_flags (int argc, char **argv) + } + user_pass = optarg; + break; ++#endif + case 'r': + rflg = true; + break; +diff --git a/src/usermod.c b/src/usermod.c +index ca8db92..509a50b 100644 +--- a/src/usermod.c ++++ b/src/usermod.c +@@ -384,7 +384,9 @@ static /*@noreturn@*/void usage (int status) + (void) fputs (_(" -m, --move-home move contents of the home directory to the\n" + " new location (use only with -d)\n"), usageout); + (void) fputs (_(" -o, --non-unique allow using duplicate (non-unique) UID\n"), usageout); ++#ifndef CONFIG_SHADOW_REMOVE_POPTION + (void) fputs (_(" -p, --password PASSWORD use encrypted password for the new password\n"), usageout); ++#endif + (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); + (void) fputs (_(" -r, --remove remove the user from only the supplemental GROUPS\n" + " mentioned by the -G option without removing\n" +@@ -1121,10 +1123,12 @@ static void process_flags (int argc, char **argv) + case 'o': + oflg = true; + break; ++#ifndef CONFIG_SHADOW_REMOVE_POPTION + case 'p': + user_pass = optarg; + pflg = true; + break; ++#endif + case 'r': + rflg = true; + break; +-- +2.12.3 + diff --git a/shadow-add-sm3-crypt-support.patch b/shadow-add-sm3-crypt-support.patch new file mode 100644 index 0000000..bfb5184 --- /dev/null +++ b/shadow-add-sm3-crypt-support.patch @@ -0,0 +1,782 @@ +From d7fa75bbd22a08b4e0b8c7e3ccab588c87d23835 Mon Sep 17 00:00:00 2001
+From: root <root@localhost.localdomain>
+Date: Wed, 29 Dec 2021 16:05:56 +0800
+Subject: [PATCH] shadow add sm3 crypt support
+
+---
+ configure.ac | 9 ++++
+ etc/login.defs | 17 ++++++++
+ lib/encrypt.c | 3 ++
+ lib/getdef.c | 4 ++
+ libmisc/obscure.c | 3 ++
+ libmisc/salt.c | 106 +++++++++++++++++++++++++++++++++++++++++++---
+ src/chgpasswd.c | 48 +++++++++++++++------
+ src/chpasswd.c | 46 ++++++++++++++------
+ src/newusers.c | 61 +++++++++++++++++++-------
+ src/passwd.c | 7 ++-
+ 10 files changed, 254 insertions(+), 50 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 924254a..dde1de8 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -274,6 +274,9 @@ AC_ARG_WITH(libcrack,
+ AC_ARG_WITH(sha-crypt,
+ [AS_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
+ [with_sha_crypt=$withval], [with_sha_crypt=yes])
++AC_ARG_WITH(sm3-crypt,
++ [AS_HELP_STRING([--with-sm3-crypt], [allow the SM3 password encryption algorithms @<:@default=yes@:>@])],
++ [with_sm3_crypt=$withval], [with_sm3_crypt=yes])
+ AC_ARG_WITH(bcrypt,
+ [AS_HELP_STRING([--with-bcrypt], [allow the bcrypt password encryption algorithm @<:@default=no@:>@])],
+ [with_bcrypt=$withval], [with_bcrypt=no])
+@@ -307,6 +310,11 @@ if test "$with_sha_crypt" = "yes"; then
+ AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
+ fi
+
++AM_CONDITIONAL(USE_SM3_CRYPT, test "x$with_sm3_crypt" = "xyes")
++if test "$with_sm3_crypt" = "yes"; then
++ AC_DEFINE(USE_SM3_CRYPT, 1, [Define to allow the SM3 password encryption algorithms])
++fi
++
+ AM_CONDITIONAL(USE_BCRYPT, test "x$with_bcrypt" = "xyes")
+ if test "$with_bcrypt" = "yes"; then
+ AC_DEFINE(USE_BCRYPT, 1, [Define to allow the bcrypt password encryption algorithm])
+@@ -752,6 +760,7 @@ echo " tcb support (incomplete): $with_tcb"
+ echo " shadow group support: $enable_shadowgrp"
+ echo " S/Key support: $with_skey"
+ echo " SHA passwords encryption: $with_sha_crypt"
++echo " SM3 passwords encryption: $with_sm3_crypt"
+ echo " bcrypt passwords encryption: $with_bcrypt"
+ echo " yescrypt passwords encryption: $with_yescrypt"
+ echo " nscd support: $with_nscd"
+diff --git a/etc/login.defs b/etc/login.defs
+index 114dbcd..fd310b7 100644
+--- a/etc/login.defs
++++ b/etc/login.defs
+@@ -353,6 +353,23 @@ CHFN_RESTRICT rwh
+ #SHA_CRYPT_MIN_ROUNDS 5000
+ #SHA_CRYPT_MAX_ROUNDS 5000
+
++#
++# Only works if ENCRYPT_METHOD is set to SM3.
++#
++# Define the number of SM3 rounds.
++# With a lot of rounds, it is more difficult to brute-force the password.
++# However, more CPU resources will be needed to authenticate users if
++# this value is increased.
++#
++# If not specified, the libc will choose the default number of rounds (5000),
++# which is orders of magnitude too low for modern hardware.
++# The values must be within the 1000-999999999 range.
++# If only one of the MIN or MAX values is set, then this value will be used.
++# If MIN > MAX, the highest value will be used.
++#
++#SM3_CRYPT_MAX_ROUNDS 5000
++#SM3_CRYPT_MIN_ROUNDS 5000
++
+ #
+ # Only works if ENCRYPT_METHOD is set to BCRYPT.
+ #
+diff --git a/lib/encrypt.c b/lib/encrypt.c
+index c84a255..11b301b 100644
+--- a/lib/encrypt.c
++++ b/lib/encrypt.c
+@@ -52,6 +52,9 @@
+ case '6':
+ method = "SHA512";
+ break;
++ case 's': // salt = $sm3$...
++ method = "SM3";
++ break;
+ case 'y':
+ method = "YESCRYPT";
+ break;
+diff --git a/lib/getdef.c b/lib/getdef.c
+index dcd1fe7..9a8089a 100644
+--- a/lib/getdef.c
++++ b/lib/getdef.c
+@@ -102,6 +102,10 @@ static struct itemdef def_table[] = {
+ {"SHA_CRYPT_MAX_ROUNDS", NULL},
+ {"SHA_CRYPT_MIN_ROUNDS", NULL},
+ #endif
++#ifdef USE_SM3_CRYPT
++ {"SM3_CRYPT_MAX_ROUNDS", NULL},
++ {"SM3_CRYPT_MIN_ROUNDS", NULL},
++#endif
+ #ifdef USE_BCRYPT
+ {"BCRYPT_MAX_ROUNDS", NULL},
+ {"BCRYPT_MIN_ROUNDS", NULL},
+diff --git a/libmisc/obscure.c b/libmisc/obscure.c
+index 3daaa95..644259d 100644
+--- a/libmisc/obscure.c
++++ b/libmisc/obscure.c
+@@ -246,6 +246,9 @@ static /*@observer@*//*@null@*/const char *obscure_msg (
+ || (strcmp (result, "SHA256") == 0)
+ || (strcmp (result, "SHA512") == 0)
+ #endif
++#ifdef USE_SM3_CRYPT
++ || (strcmp (result, "SM3") == 0)
++#endif
+ #ifdef USE_BCRYPT
+ || (strcmp (result, "BCRYPT") == 0)
+ #endif
+diff --git a/libmisc/salt.c b/libmisc/salt.c
+index e5f633a..df4b328 100644
+--- a/libmisc/salt.c
++++ b/libmisc/salt.c
+@@ -63,6 +63,17 @@
+ #define SHA_ROUNDS_MAX 999999999
+ #endif
+
++#ifdef USE_SM3_CRYPT
++/* Fixed salt len for sm3 crypt. */
++#define SM3_CRYPT_SALT_SIZE 16
++/* Default number of rounds if not explicitly specified. */
++#define SM3_ROUNDS_DEFAULT 5000
++/* Minimum number of rounds. */
++#define SM3_ROUNDS_MIN 1000
++/* Maximum number of rounds. */
++#define SM3_ROUNDS_MAX 999999999
++#endif
++
+ #ifdef USE_YESCRYPT
+ /*
+ * Default number of base64 characters used for the salt.
+@@ -95,13 +106,17 @@ static long read_random_bytes (void);
+ #if !USE_XCRYPT_GENSALT
+ static /*@observer@*/const char *gensalt (size_t salt_size);
+ #endif /* !USE_XCRYPT_GENSALT */
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_SM3_CRYPT)
+ static long shadow_random (long min, long max);
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_SM3_CRYPT*/
+ #ifdef USE_SHA_CRYPT
+ static /*@observer@*/unsigned long SHA_get_salt_rounds (/*@null@*/const int *prefered_rounds);
+ static /*@observer@*/void SHA_salt_rounds_to_buf (char *buf, unsigned long rounds);
+ #endif /* USE_SHA_CRYPT */
++#ifdef USE_SM3_CRYPT
++static /*@observer@*/const unsigned long SM3_get_salt_rounds (/*@null@*/int *prefered_rounds);
++static /*@observer@*/void SM3_salt_rounds_to_buf (char *buf, unsigned long rounds);
++#endif
+ #ifdef USE_BCRYPT
+ static /*@observer@*/unsigned long BCRYPT_get_salt_rounds (/*@null@*/const int *prefered_rounds);
+ static /*@observer@*/void BCRYPT_salt_rounds_to_buf (char *buf, unsigned long rounds);
+@@ -195,7 +210,7 @@ end:
+ return randval;
+ }
+
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_SM3_CRYPT)
+ /*
+ * Return a random number between min and max (both included).
+ *
+@@ -217,7 +232,7 @@ static long shadow_random (long min, long max)
+ }
+ return ret;
+ }
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_SM3_CRYPT*/
+
+ #ifdef USE_SHA_CRYPT
+ /* Return the the rounds number for the SHA crypt methods. */
+@@ -293,6 +308,80 @@ static /*@observer@*/void SHA_salt_rounds_to_buf (char *buf, unsigned long round
+ }
+ #endif /* USE_SHA_CRYPT */
+
++#ifdef USE_SM3_CRYPT
++/* Return the the rounds number for the SM3 crypt methods. */
++static /*@observer@*/const unsigned long SM3_get_salt_rounds (/*@null@*/int *prefered_rounds)
++{
++ unsigned long rounds;
++
++ if (NULL == prefered_rounds) {
++ long min_rounds = getdef_long ("SM3_CRYPT_MIN_ROUNDS", -1);
++ long max_rounds = getdef_long ("SM3_CRYPT_MAX_ROUNDS", -1);
++
++ if ((-1 == min_rounds) && (-1 == max_rounds)) {
++ rounds = SM3_ROUNDS_DEFAULT;
++ }
++ else {
++ if (-1 == min_rounds) {
++ min_rounds = max_rounds;
++ }
++
++ if (-1 == max_rounds) {
++ max_rounds = min_rounds;
++ }
++
++ if (min_rounds > max_rounds) {
++ max_rounds = min_rounds;
++ }
++
++ rounds = (unsigned long) shadow_random (min_rounds, max_rounds);
++ }
++ } else if (0 == *prefered_rounds) {
++ rounds = SM3_ROUNDS_DEFAULT;
++ } else {
++ rounds = (unsigned long) *prefered_rounds;
++ }
++
++ /* Sanity checks. The libc should also check this, but this
++ * protects against a rounds_prefix overflow. */
++ if (rounds < SM3_ROUNDS_MIN) {
++ rounds = SM3_ROUNDS_MIN;
++ }
++
++ if (rounds > SM3_ROUNDS_MAX) {
++ rounds = SM3_ROUNDS_MAX;
++ }
++
++ return rounds;
++}
++
++/*
++ * Fill a salt prefix specifying the rounds number for the SM3 crypt methods
++ * to a buffer.
++ */
++static /*@observer@*/void SM3_salt_rounds_to_buf (char *buf, unsigned long rounds)
++{
++ const size_t buf_begin = strlen (buf);
++
++ /* Nothing to do here if SM3_ROUNDS_DEFAULT is used. */
++ if (rounds == SM3_ROUNDS_DEFAULT) {
++ return;
++ }
++
++ /*
++ * Check if the result buffer is long enough.
++ * We are going to write a maximum of 17 bytes,
++ * plus one byte for the terminator.
++ * rounds=XXXXXXXXX$
++ * 00000000011111111
++ * 12345678901234567
++ */
++ assert (GENSALT_SETTING_SIZE > buf_begin + 17);
++
++ (void) snprintf (buf + buf_begin, 18, "rounds=%lu$", rounds);
++}
++#endif /* USE_SM3_CRYPT */
++
+ #ifdef USE_BCRYPT
+ /* Return the the rounds number for the BCRYPT method. */
+ static /*@observer@*/unsigned long BCRYPT_get_salt_rounds (/*@null@*/const int *prefered_rounds)
+@@ -463,7 +552,7 @@ static /*@observer@*/const char *gensalt (size_t salt_size)
+ * which can both be set inside the login.defs file.
+ *
+ * If meth is specified, an additional parameter can be provided.
+- * * For the SHA256 and SHA512 method, this specifies the number of rounds
++ * * For the SHA256 and SHA512 and SM3 method, this specifies the number of rounds
+ * (if not NULL).
+ * * For the YESCRYPT method, this specifies the cost factor (if not NULL).
+ */
+@@ -515,6 +604,13 @@ static /*@observer@*/const char *gensalt (size_t salt_size)
+ rounds = SHA_get_salt_rounds ((int *) arg);
+ SHA_salt_rounds_to_buf (result, rounds);
+ #endif /* USE_SHA_CRYPT */
++#ifdef USE_SM3_CRYPT
++ } else if (0 == strcmp (method, "SM3")) {
++ strcpy(result, "$sm3$");
++ salt_len = SM3_CRYPT_SALT_SIZE;
++ rounds = SM3_get_salt_rounds ((int *) arg);
++ SM3_salt_rounds_to_buf (result, rounds);
++#endif /* USE_SM3_CRYPT */
+ } else if (0 != strcmp (method, "DES")) {
+ fprintf (log_get_logfd(),
+ _("Invalid ENCRYPT_METHOD value: '%s'.\n"
+diff --git a/src/chgpasswd.c b/src/chgpasswd.c
+index d17acb6..9b00520 100644
+--- a/src/chgpasswd.c
++++ b/src/chgpasswd.c
+@@ -39,15 +39,18 @@
+ const char *Prog;
+ static bool eflg = false;
+ static bool md5flg = false;
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ static bool sflg = false;
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+
+ static /*@null@*//*@observer@*/const char *crypt_method = NULL;
+ #define cflg (NULL != crypt_method)
+ #ifdef USE_SHA_CRYPT
+ static long sha_rounds = 5000;
+ #endif
++#ifdef USE_SM3_CRYPT
++static long sm3_rounds = 5000;
++#endif
+ #ifdef USE_BCRYPT
+ static long bcrypt_rounds = 13;
+ #endif
+@@ -119,6 +122,9 @@ static /*@noreturn@*/void usage (int status)
+ #if defined(USE_YESCRYPT)
+ " YESCRYPT"
+ #endif
++#if defined(USE_SM3_CRYPT)
++ " SM3"
++ #endif
+ );
+ (void) fputs (_(" -e, --encrypted supplied passwords are encrypted\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+@@ -126,11 +132,11 @@ static /*@noreturn@*/void usage (int status)
+ " the MD5 algorithm\n"),
+ usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
+- (void) fputs (_(" -s, --sha-rounds number of rounds for the SHA, BCRYPT\n"
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
++ (void) fputs (_(" -s, --sha-rounds number of rounds for the SHA, BCRYPT, SM3\n"
+ " or YESCRYPT crypt algorithms\n"),
+ usageout);
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+ (void) fputs ("\n", usageout);
+
+ exit (status);
+@@ -144,22 +150,22 @@ static /*@noreturn@*/void usage (int status)
+ static void process_flags (int argc, char **argv)
+ {
+ int c;
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ int bad_s;
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+ static struct option long_options[] = {
+ {"crypt-method", required_argument, NULL, 'c'},
+ {"encrypted", no_argument, NULL, 'e'},
+ {"help", no_argument, NULL, 'h'},
+ {"md5", no_argument, NULL, 'm'},
+ {"root", required_argument, NULL, 'R'},
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ {"sha-rounds", required_argument, NULL, 's'},
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+ {NULL, 0, NULL, '\0'}
+ };
+ while ((c = getopt_long (argc, argv,
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ "c:ehmR:s:",
+ #else
+ "c:ehmR:",
+@@ -180,7 +186,7 @@ static void process_flags (int argc, char **argv)
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ case 's':
+ sflg = true;
+ bad_s = 0;
+@@ -202,6 +208,12 @@ static void process_flags (int argc, char **argv)
+ bad_s = 1;
+ }
+ #endif /* USE_YESCRYPT */
++#if defined(USE_SM3_CRYPT)
++ if (( (0 == strcmp (crypt_method, "SM3"))
++ && (0 == getlong(optarg, &sm3_rounds)))) {
++ bad_s = 1;
++ }
++#endif /* USE_SM3_CRYPT */
+ if (bad_s != 0) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+@@ -209,7 +221,7 @@ static void process_flags (int argc, char **argv)
+ usage (E_USAGE);
+ }
+ break;
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+
+ default:
+ usage (E_USAGE);
+@@ -228,7 +240,7 @@ static void process_flags (int argc, char **argv)
+ */
+ static void check_flags (void)
+ {
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ if (sflg && !cflg) {
+ fprintf (stderr,
+ _("%s: %s flag is only allowed with the %s flag\n"),
+@@ -259,6 +271,9 @@ static void check_flags (void)
+ #ifdef USE_YESCRYPT
+ && (0 != strcmp (crypt_method, "YESCRYPT"))
+ #endif /* USE_YESCRYPT */
++#ifdef USE_SM3_CRYPT
++ && (0 != strcmp (crypt_method, "SM3"))
++#endif /* USE_SM3_CRYPT */
+ ) {
+ fprintf (stderr,
+ _("%s: unsupported crypt method: %s\n"),
+@@ -483,7 +498,7 @@ int main (int argc, char **argv)
+ if (md5flg) {
+ crypt_method = "MD5";
+ }
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ if (sflg) {
+ #if defined(USE_SHA_CRYPT)
+ if ( (0 == strcmp (crypt_method, "SHA256"))
+@@ -501,6 +516,11 @@ int main (int argc, char **argv)
+ arg = &yescrypt_cost;
+ }
+ #endif /* USE_YESCRYPT */
++#if defined(USE_SM3_CRYPT)
++ if (0 == strcmp (crypt_method, "SM3")) {
++ arg = &sm3_rounds;
++ }
++#endif /* USE_SM3_CRYPT */
+ }
+ #endif
+ salt = crypt_make_salt (crypt_method, arg);
+diff --git a/src/chpasswd.c b/src/chpasswd.c
+index 48d5178..9003c18 100644
+--- a/src/chpasswd.c
++++ b/src/chpasswd.c
+@@ -38,7 +38,7 @@
+ const char *Prog;
+ static bool eflg = false;
+ static bool md5flg = false;
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ static bool sflg = false;
+ #endif
+
+@@ -47,6 +47,9 @@ static /*@null@*//*@observer@*/const char *crypt_method = NULL;
+ #ifdef USE_SHA_CRYPT
+ static long sha_rounds = 5000;
+ #endif
++#ifdef USE_SM3_CRYPT
++static long sm3_rounds = 5000;
++#endif
+ #ifdef USE_BCRYPT
+ static long bcrypt_rounds = 13;
+ #endif
+@@ -113,6 +116,9 @@ static /*@noreturn@*/void usage (int status)
+ #endif
+ #if defined(USE_YESCRYPT)
+ " YESCRYPT"
++#endif
++#if defined(USE_SM3_CRYPT)
++ " SM3"
+ #endif
+ );
+ (void) fputs (_(" -e, --encrypted supplied passwords are encrypted\n"), usageout);
+@@ -121,11 +127,11 @@ static /*@noreturn@*/void usage (int status)
+ " the MD5 algorithm\n"),
+ usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
+- (void) fputs (_(" -s, --sha-rounds number of rounds for the SHA, BCRYPT\n"
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
++ (void) fputs (_(" -s, --sha-rounds number of rounds for the SHA, BCRYPT, SM3\n"
+ " or YESCRYPT crypt algorithms\n"),
+ usageout);
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+ (void) fputs ("\n", usageout);
+
+ exit (status);
+@@ -139,23 +145,23 @@ static /*@noreturn@*/void usage (int status)
+ static void process_flags (int argc, char **argv)
+ {
+ int c;
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ int bad_s;
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+ static struct option long_options[] = {
+ {"crypt-method", required_argument, NULL, 'c'},
+ {"encrypted", no_argument, NULL, 'e'},
+ {"help", no_argument, NULL, 'h'},
+ {"md5", no_argument, NULL, 'm'},
+ {"root", required_argument, NULL, 'R'},
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ {"sha-rounds", required_argument, NULL, 's'},
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv,
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ "c:ehmR:s:",
+ #else
+ "c:ehmR:",
+@@ -176,7 +182,7 @@ static void process_flags (int argc, char **argv)
+ break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ case 's':
+ sflg = true;
+ bad_s = 0;
+@@ -198,14 +204,20 @@ static void process_flags (int argc, char **argv)
+ bad_s = 1;
+ }
+ #endif /* USE_YESCRYPT */
+- if (bad_s != 0) {
++#if defined(USE_SM3_CRYPT)
++ if (( (0 == strcmp (crypt_method, "SM3"))
++ && (0 == getlong(optarg, &sm3_rounds)))) {
++ bad_s = 1;
++ }
++#endif /* USE_SM3_CRYPT */
++ if (bad_s != 0) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (E_USAGE);
+ }
+ break;
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+
+ default:
+ usage (E_USAGE);
+@@ -224,7 +236,7 @@ static void process_flags (int argc, char **argv)
+ */
+ static void check_flags (void)
+ {
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ if (sflg && !cflg) {
+ fprintf (stderr,
+ _("%s: %s flag is only allowed with the %s flag\n"),
+@@ -249,6 +261,9 @@ static void check_flags (void)
+ &&(!IS_CRYPT_METHOD("SHA256"))
+ &&(!IS_CRYPT_METHOD("SHA512"))
+ #endif /* USE_SHA_CRYPT */
++#ifdef USE_SM3_CRYPT
++ &&(!IS_CRYPT_METHOD("SM3"))
++#endif /* USE_SM3_CRYPT */
+ #ifdef USE_BCRYPT
+ &&(!IS_CRYPT_METHOD("BCRYPT"))
+ #endif /* USE_BCRYPT */
+@@ -422,6 +437,11 @@ static const char *get_salt(void)
+ arg = &yescrypt_cost;
+ }
+ #endif /* USE_YESCRYPT */
++#if defined(USE_SM3_CRYPT)
++ if (IS_CRYPT_METHOD("SM3")) {
++ arg = &sm3_rounds;
++ }
++#endif /* USE_SM3_CRYPT */
+ }
+ #endif
+ return crypt_make_salt (crypt_method, arg);
+diff --git a/src/newusers.c b/src/newusers.c
+index deeb361..149670e 100644
+--- a/src/newusers.c
++++ b/src/newusers.c
+@@ -58,12 +58,15 @@ static bool rflg = false; /* create a system account */
+ #ifndef USE_PAM
+ static /*@null@*//*@observer@*/char *crypt_method = NULL;
+ #define cflg (NULL != crypt_method)
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_SM3_CRYPT)
+ static bool sflg = false;
+ #endif
+ #ifdef USE_SHA_CRYPT
+ static long sha_rounds = 5000;
+ #endif /* USE_SHA_CRYPT */
++#ifdef USE_SM3_CRYPT
++static long sm3_rounds = 5000;
++#endif /* USE_SM3_CRYPT */
+ #ifdef USE_BCRYPT
+ static long bcrypt_rounds = 13;
+ #endif /* USE_BCRYPT */
+@@ -129,6 +132,9 @@ static void usage (int status)
+ #endif
+ #if defined(USE_YESCRYPT)
+ " YESCRYPT"
++#endif
++#if defined(USE_SM3_CRYPT)
++ " SM3"
+ #endif
+ );
+ #endif /* !USE_PAM */
+@@ -136,11 +142,11 @@ static void usage (int status)
+ (void) fputs (_(" -r, --system create system accounts\n"), usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+ #ifndef USE_PAM
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
+- (void) fputs (_(" -s, --sha-rounds number of rounds for the SHA, BCRYPT\n"
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
++ (void) fputs (_(" -s, --sha-rounds number of rounds for the SHA, BCRYPT, SM3\n"
+ " or YESCRYPT crypt algorithms\n"),
+ usageout);
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+ #endif /* !USE_PAM */
+ (void) fputs ("\n", usageout);
+
+@@ -436,6 +442,13 @@ static int update_passwd (struct passwd *pwd, const char *password)
+ }
+ }
+ #endif /* USE_YESCRYPT */
++#if defined(USE_SM3_CRYPT)
++ if (sflg) {
++ if (0 == strcmp (crypt_method, "SM3")) {
++ crypt_arg = &sm3_rounds;
++ }
++ }
++#endif /* USE_SM3_CRYPT */
+ }
+
+ if ((NULL != crypt_method) && (0 == strcmp(crypt_method, "NONE"))) {
+@@ -492,6 +505,13 @@ static int add_passwd (struct passwd *pwd, const char *password)
+ }
+ }
+ #endif /* USE_PAM */
++#if defined(USE_SM3_CRYPT)
++ if (sflg) {
++ if (0 == strcmp (crypt_method, "SM3")) {
++ crypt_arg = &sm3_rounds;
++ }
++ }
++#endif /* USE_SM3_CRYPT */
+ }
+
+ /*
+@@ -609,9 +629,9 @@ static void process_flags (int argc, char **argv)
+ {
+ int c;
+ #ifndef USE_PAM
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ int bad_s;
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+ #endif /* !USE_PAM */
+ static struct option long_options[] = {
+ {"badname", no_argument, NULL, 'b'},
+@@ -622,20 +642,20 @@ static void process_flags (int argc, char **argv)
+ {"system", no_argument, NULL, 'r'},
+ {"root", required_argument, NULL, 'R'},
+ #ifndef USE_PAM
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ {"sha-rounds", required_argument, NULL, 's'},
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+ #endif /* !USE_PAM */
+ {NULL, 0, NULL, '\0'}
+ };
+
+ while ((c = getopt_long (argc, argv,
+ #ifndef USE_PAM
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ "c:bhrs:",
+-#else /* !USE_SHA_CRYPT && !USE_BCRYPT && !USE_YESCRYPT */
++#else /* !USE_SHA_CRYPT && !USE_BCRYPT && !USE_YESCRYPT && !USE_SM3_CRYPT */
+ "c:bhr",
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+ #else /* USE_PAM */
+ "bhr",
+ #endif
+@@ -658,7 +678,7 @@ static void process_flags (int argc, char **argv)
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
+ #ifndef USE_PAM
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ case 's':
+ sflg = true;
+ bad_s = 0;
+@@ -680,14 +700,20 @@ static void process_flags (int argc, char **argv)
+ bad_s = 1;
+ }
+ #endif /* USE_YESCRYPT */
+- if (bad_s != 0) {
++#if defined(USE_SM3_CRYPT)
++ if (( (0 == strcmp (crypt_method, "SM3"))
++ && (0 == getlong(optarg, &sm3_rounds)))) {
++ bad_s = 1;
++ }
++#endif /* USE_SM3_CRYPT */
++ if (bad_s != 0) {
+ fprintf (stderr,
+ _("%s: invalid numeric argument '%s'\n"),
+ Prog, optarg);
+ usage (EXIT_FAILURE);
+ }
+ break;
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+ #endif /* !USE_PAM */
+ default:
+ usage (EXIT_FAILURE);
+@@ -721,14 +747,14 @@ static void process_flags (int argc, char **argv)
+ static void check_flags (void)
+ {
+ #ifndef USE_PAM
+-#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
++#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) || defined(USE_SM3_CRYPT)
+ if (sflg && !cflg) {
+ fprintf (stderr,
+ _("%s: %s flag is only allowed with the %s flag\n"),
+ Prog, "-s", "-c");
+ usage (EXIT_FAILURE);
+ }
+-#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
++#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT || USE_SM3_CRYPT */
+
+ if (cflg) {
+ if ( (0 != strcmp (crypt_method, "DES"))
+@@ -738,6 +764,9 @@ static void check_flags (void)
+ && (0 != strcmp (crypt_method, "SHA256"))
+ && (0 != strcmp (crypt_method, "SHA512"))
+ #endif /* USE_SHA_CRYPT */
++#ifdef USE_SM3_CRYPT
++ && (0 != strcmp (crypt_method, "SM3"))
++#endif /* USE_SM3_CRYPT */
+ #ifdef USE_BCRYPT
+ && (0 != strcmp (crypt_method, "BCRYPT"))
+ #endif /* USE_BCRYPT */
+diff --git a/src/passwd.c b/src/passwd.c
+index 8c6f81a..00711da 100644
+--- a/src/passwd.c
++++ b/src/passwd.c
+@@ -84,7 +84,7 @@ static bool spw_locked = false;
+ #ifndef USE_PAM
+ /*
+ * Size of the biggest passwd:
+- * $6$ 3
++ * $sm3$ 5
+ * rounds= 7
+ * 999999999 9
+ * $ 1
+@@ -93,7 +93,7 @@ static bool spw_locked = false;
+ * SHA512 123
+ * nul 1
+ *
+- * total 161
++ * total 163
+ */
+ static char crypt_passwd[256];
+ static bool do_update_pwd = false;
+@@ -263,6 +263,9 @@ static int new_password (const struct passwd *pw)
+ #ifdef USE_YESCRYPT
+ || (strcmp (method, "YESCRYPT") == 0)
+ #endif /* USE_YESCRYPT*/
++#ifdef USE_SM3_CRYPT
++ || (strcmp (method, "SM3") == 0)
++#endif /* USE_SM3_CRYPT */
+
+ ) {
+ pass_max_len = -1;
+--
+2.27.0
+
diff --git a/shadow-bsd.txt b/shadow-bsd.txt new file mode 100644 index 0000000..a2c1609 --- /dev/null +++ b/shadow-bsd.txt @@ -0,0 +1,32 @@ +/* + * Copyright (c) 1990 - 1994, Julianne Frances Haugh + * Copyright (c) 1996 - 2000, Marek Michałkiewicz + * Copyright (c) 2000 - 2006, Tomasz Kłoczko + * Copyright (c) 2007 - 2011, Nicolas François + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the copyright holders or contributors may not be used to + * endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + diff --git a/shadow-utils.login.defs b/shadow-utils.login.defs new file mode 100644 index 0000000..1a04a8d --- /dev/null +++ b/shadow-utils.login.defs @@ -0,0 +1,306 @@ +# +# Please note that the parameters in this configuration file control the +# behavior of the tools from the shadow-utils component. None of these +# tools uses the PAM mechanism, and the utilities that use PAM (such as the +# passwd command) should therefore be configured elsewhere. Refer to +# /etc/pam.d/system-auth for more information. +# + +# +# Delay in seconds before being allowed another attempt after a login failure +# Note: When PAM is used, some modules may enforce a minimum delay (e.g. +# pam_unix(8) enforces a 2s delay) +# +#FAIL_DELAY 3 + +# Currently FAILLOG_ENAB is not supported + +# +# Enable display of unknown usernames when login(1) failures are recorded. +# +#LOG_UNKFAIL_ENAB no + +# Currently LOG_OK_LOGINS is not supported + +# Currently LASTLOG_ENAB is not supported + +# +# Limit the highest user ID number for which the lastlog entries should +# be updated. +# +# No LASTLOG_UID_MAX means that there is no user ID limit for writing +# lastlog entries. +# +#LASTLOG_UID_MAX + +# Currently MAIL_CHECK_ENAB is not supported + +# Currently OBSCURE_CHECKS_ENAB is not supported + +# Currently PORTTIME_CHECKS_ENAB is not supported + +# Currently QUOTAS_ENAB is not supported + +# Currently SYSLOG_SU_ENAB is not supported + +# +# Enable "syslog" logging of newgrp(1) and sg(1) activity. +# +#SYSLOG_SG_ENAB yes + +# Currently CONSOLE is not supported + +# Currently SULOG_FILE is not supported + +# Currently MOTD_FILE is not supported + +# Currently ISSUE_FILE is not supported + +# Currently TTYTYPE_FILE is not supported + +# Currently FTMP_FILE is not supported + +# Currently NOLOGINS_FILE is not supported + +# Currently SU_NAME is not supported + +# *REQUIRED* +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define both, MAIL_DIR takes precedence. +# +MAIL_DIR /var/spool/mail +#MAIL_FILE .mail + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +#HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# Currently ENV_TZ is not supported + +# Currently ENV_HZ is not supported + +# +# The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +#ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin +#ENV_PATH PATH=/bin:/usr/bin + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a write(1) program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP as the number of such group +# and TTYPERM as 0620. Otherwise leave TTYGROUP commented out and +# set TTYPERM to either 622 or 600. +# +#TTYGROUP tty +#TTYPERM 0600 + +# Currently ERASECHAR, KILLCHAR and ULIMIT are not supported + +# Default initial "umask" value used by login(1) on non-PAM enabled systems. +# Default "umask" value for pam_umask(8) on PAM enabled systems. +# UMASK is also used by useradd(8) and newusers(8) to set the mode for new +# home directories if HOME_MODE is not set. +# 022 is the default value, but 027, or even 077, could be considered +# for increased privacy. There is no One True Answer here: each sysadmin +# must make up their mind. +UMASK 077 + +# HOME_MODE is used by useradd(8) and newusers(8) to set the mode for new +# home directories. +# If HOME_MODE is not set, the value of UMASK is used to create the mode. +#HOME_MODE 0700 + +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_MIN_LEN Minimum acceptable password length. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_MIN_LEN 5 +PASS_WARN_AGE 7 + +# Currently PASS_MIN_LEN is not supported + +# Currently SU_WHEEL_ONLY is not supported + +# Currently CRACKLIB_DICTPATH is not supported + +# +# Min/max values for automatic uid selection in useradd(8) +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +SYS_UID_MIN 201 +SYS_UID_MAX 999 +# Extra per user uids +SUB_UID_MIN 100000 +SUB_UID_MAX 600100000 +SUB_UID_COUNT 65536 + +# +# Min/max values for automatic gid selection in groupadd(8) +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +SYS_GID_MIN 201 +SYS_GID_MAX 999 +# Extra per user group ids +SUB_GID_MIN 100000 +SUB_GID_MAX 600100000 +SUB_GID_COUNT 65536 + +# +# Max number of login(1) retries if password is bad +# +#LOGIN_RETRIES 3 + +# +# Max time in seconds for login(1) +# +#LOGIN_TIMEOUT 60 + +# Currently PASS_CHANGE_TRIES is not supported + +# Currently PASS_ALWAYS_WARN is not supported + +# Currently PASS_MAX_LEN is not supported + +# Currently CHFN_AUTH is not supported + +# +# Which fields may be changed by regular users using chfn(1) - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +#CHFN_RESTRICT rwh + +# Currently LOGIN_STRING is not supported + +# Currently MD5_CRYPT_ENAB is not supported + +# +# If set to MD5, MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password (default) +# If set to BCRYPT, BCRYPT-based algorithm will be used for encrypting password +# If set to YESCRYPT, YESCRYPT-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password +# +ENCRYPT_METHOD SHA512 + +# +# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute-force the password. +# However, more CPU resources will be needed to authenticate users if +# this value is increased. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be within the 1000-999999999 range. +# +#SHA_CRYPT_MAX_ROUNDS 5000 + +# Currently SHA_CRYPT_MIN_ROUNDS is not supported + +# +# Only works if ENCRYPT_METHOD is set to BCRYPT. +# +# Define the number of BCRYPT rounds. +# With a lot of rounds, it is more difficult to brute-force the password. +# However, more CPU resources will be needed to authenticate users if +# this value is increased. +# +# If not specified, 13 rounds will be attempted. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +#BCRYPT_MIN_ROUNDS 13 +#BCRYPT_MAX_ROUNDS 31 + +# +# Only works if ENCRYPT_METHOD is set to YESCRYPT. +# +# Define the YESCRYPT cost factor. +# With a higher cost factor, it is more difficult to brute-force the password. +# However, more CPU time and more memory will be needed to authenticate users +# if this value is increased. +# +# If not specified, a cost factor of 5 will be used. +# The value must be within the 1-11 range. +# +#YESCRYPT_COST_FACTOR 5 + +# Currently CONSOLE_GROUPS is not supported + +# +# Should login be allowed if we can't cd to the home directory? +# Default is yes. +# +#DEFAULT_HOME yes + +# Currently ENVIRON_FILE is not supported + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# Enables userdel(8) to remove user groups if no members exist. +# +USERGROUPS_ENAB yes + +# +# If set to a non-zero number, the shadow utilities will make sure that +# groups never have more than this number of users on one line. +# This permits to support split groups (groups split into multiple lines, +# with the same group ID, to avoid limitation of the line length in the +# group file). +# +# 0 is the default value and disables this feature. +# +#MAX_MEMBERS_PER_GROUP 0 + +# +# If useradd(8) should create home directories for users by default (non +# system users only). +# This option is overridden with the -M or -m flags on the useradd(8) +# command-line. +# +CREATE_HOME yes + +# +# Force use shadow, even if shadow passwd & shadow group files are +# missing. +# +#FORCE_SHADOW yes + +# +# Select the HMAC cryptography algorithm. +# Used in pam_timestamp module to calculate the keyed-hash message +# authentication code. +# +# Note: It is recommended to check hmac(3) to see the possible algorithms +# that are available in your system. +# +#HMAC_CRYPTO_ALGO SHA512 diff --git a/shadow-utils.useradd b/shadow-utils.useradd new file mode 100644 index 0000000..a7db290 --- /dev/null +++ b/shadow-utils.useradd @@ -0,0 +1,8 @@ +# useradd defaults file +GROUP=100 +HOME=/home +INACTIVE=-1 +SHELL=/bin/bash +SKEL=/etc/skel +CREATE_MAIL_SPOOL=yes + diff --git a/shadow.spec b/shadow.spec new file mode 100644 index 0000000..e1a7176 --- /dev/null +++ b/shadow.spec @@ -0,0 +1,355 @@ +Name: shadow +Version: 4.13 +Release: 7 +Epoch: 2 +License: BSD and GPLv2+ +Summary: Tools for managing accounts and shadow password files +URL: http://pkg-shadow.alioth.debian.org/ +Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz +Source2: shadow-utils.useradd +Source3: shadow-utils.login.defs +Source4: shadow-bsd.txt +Source5: https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt +Source6: chpasswd +Source7: newusers + +%global includesubiddir %{_includedir}/shadow + +# fix unknown item 'LASTLOG_MAX_UID' +Patch0: usermod-unlock.patch +Patch1: backport-useradd-check-if-subid-range-exists-for-user.patch +Patch2: shadow-add-sm3-crypt-support.patch +Patch3: backport-Fix-off-by-one-mistakes.patch +Patch4: backport-Fix-typos-in-length-calculations.patch +Patch5: backport-Correctly-handle-illegal-system-file-in-tz.patch +Patch6: backport-Explicitly-override-only-newlines.patch +Patch7: backport-Prevent-out-of-boundary-access.patch +Patch8: backport-Added-control-character-check.patch +Patch9: backport-Overhaul-valid_field.patch +Patch10: backport-Read-whole-line-in-yes_or_no.patch +Patch11: backport-commonio-free-removed-database-entries.patch +Patch12: backport-semanage-disconnect-to-free-libsemanage-internals.patch +Patch13: backport-run_parts-for-groupadd-and-groupdel.patch +Patch14: shadow-Remove-encrypted-passwd-for-useradd-gr.patch +Patch15: backport-chgpasswd-fix-segfault-in-command-line-options.patch + +BuildRequires: gcc, libselinux-devel, audit-libs-devel, libsemanage-devel +BuildRequires: libacl-devel, libattr-devel +BuildRequires: bison, flex, gnome-doc-utils, docbook-style-xsl, docbook-dtds +BuildRequires: autoconf, automake, libtool, gettext-devel, itstool, pam-devel +Requires: libselinux +Requires: audit-libs +Requires: setup +Requires(pre): coreutils +Requires(post): coreutils +Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + +Provides: shadow-utils = %{version}-%{release} +Obsoletes: shadow-utils < %{version}-%{release} + +%description +This package includes the necessary programs for converting plain +password files to the shadow password format and to manage user and +group accounts. + +%package subid-devel +Summary: Development package for shadow-utils-subid +License: BSD and GPLv2+ + +%description subid-devel +Development files for shadow-utils-subid. + +%package_help + +%prep +%autosetup -n shadow-%{version} -p1 + +iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 +cp -f doc/HOWTO.utf8 doc/HOWTO + +cp -a %{SOURCE4} %{SOURCE5} . + +%build +export CFLAGS="$RPM_OPT_FLAGS -fpie" +export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now" + +autoreconf -fiv +%configure \ + --enable-shadowgrp \ + --enable-man \ + --with-audit \ + --with-sha-crypt \ + --with-selinux \ + --without-libcrack \ + --with-libpam \ + --enable-shared \ + --with-group-name-max-length=32 +%make_build + +%install +rm -rf $RPM_BUILD_ROOT +%make_install gnulocaledir=$RPM_BUILD_ROOT/%{_datadir}/locale MKINSTALLDIRS=`pwd`/mkinstalldirs +install -d -m 755 $RPM_BUILD_ROOT/%{_sysconfdir}/default +install -p -c -m 0644 %{SOURCE3} $RPM_BUILD_ROOT/%{_sysconfdir}/login.defs +install -p -c -m 0600 %{SOURCE2} $RPM_BUILD_ROOT/%{_sysconfdir}/default/useradd +install -p -c -m 0644 %{SOURCE6} $RPM_BUILD_ROOT/%{_sysconfdir}/pam.d/chpasswd +install -p -c -m 0644 %{SOURCE7} $RPM_BUILD_ROOT/%{_sysconfdir}/pam.d/newusers + +ln -s useradd $RPM_BUILD_ROOT%{_sbindir}/adduser +ln -s useradd.8 $RPM_BUILD_ROOT/%{_mandir}/man8/adduser.8 +for subdir in $RPM_BUILD_ROOT/%{_mandir}/{??,??_??,??_??.*}/man* ; do + test -d $subdir && test -e $subdir/useradd.8 && echo ".so man8/useradd.8" > $subdir/adduser.8 +done + +# Remove binaries we don't use. +rm $RPM_BUILD_ROOT/%{_bindir}/chfn +rm $RPM_BUILD_ROOT/%{_bindir}/chsh +rm $RPM_BUILD_ROOT/%{_bindir}/expiry +rm $RPM_BUILD_ROOT/%{_bindir}/groups +rm $RPM_BUILD_ROOT/%{_bindir}/login +rm $RPM_BUILD_ROOT/%{_bindir}/passwd +rm $RPM_BUILD_ROOT/%{_bindir}/su +rm $RPM_BUILD_ROOT/%{_bindir}/faillog +rm $RPM_BUILD_ROOT/%{_sbindir}/logoutd +rm $RPM_BUILD_ROOT/%{_sbindir}/nologin +rm $RPM_BUILD_ROOT/%{_mandir}/man1/chfn.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/chfn.* +rm $RPM_BUILD_ROOT/%{_mandir}/man1/chsh.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/chsh.* +rm $RPM_BUILD_ROOT/%{_mandir}/man1/expiry.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/expiry.* +rm $RPM_BUILD_ROOT/%{_mandir}/man1/groups.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/groups.* +rm $RPM_BUILD_ROOT/%{_mandir}/man1/login.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/login.* +rm $RPM_BUILD_ROOT/%{_mandir}/man1/passwd.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/passwd.* +rm $RPM_BUILD_ROOT/%{_mandir}/man1/su.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/su.* +rm $RPM_BUILD_ROOT/%{_mandir}/man5/passwd.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man5/passwd.* +rm $RPM_BUILD_ROOT/%{_mandir}/man5/suauth.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man5/suauth.* +rm $RPM_BUILD_ROOT/%{_mandir}/man8/logoutd.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/logoutd.* +rm $RPM_BUILD_ROOT/%{_mandir}/man8/nologin.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/nologin.* +rm $RPM_BUILD_ROOT/%{_mandir}/man3/getspnam.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man3/getspnam.* +rm $RPM_BUILD_ROOT/%{_mandir}/man5/faillog.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man5/faillog.* +rm $RPM_BUILD_ROOT/%{_mandir}/man8/faillog.* +rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/faillog.* +rm $RPM_BUILD_ROOT/%{_sysconfdir}/pam.d/chfn +rm $RPM_BUILD_ROOT/%{_sysconfdir}/pam.d/chsh +rm $RPM_BUILD_ROOT/%{_sysconfdir}/pam.d/login +rm $RPM_BUILD_ROOT/%{_sysconfdir}/pam.d/passwd +rm $RPM_BUILD_ROOT/%{_sysconfdir}/pam.d/su + +find $RPM_BUILD_ROOT%{_mandir} -depth -type d -empty -delete +%find_lang shadow +for dir in $(ls -1d $RPM_BUILD_ROOT%{_mandir}/{??,??_??}) ; do + dir=$(echo $dir | sed -e "s|^$RPM_BUILD_ROOT||") + lang=$(basename $dir) +done + +# Move subid.h to its own folder +echo $(ls) +mkdir -p $RPM_BUILD_ROOT/%{includesubiddir} +install -m 644 libsubid/subid.h $RPM_BUILD_ROOT/%{includesubiddir}/ + +# Remove .la files created by libsubid +rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.{la,a} + +%files -f shadow.lang +%doc NEWS doc/HOWTO README +%{!?_licensedir:%global license %%doc} +%license gpl-2.0.txt shadow-bsd.txt +%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/login.defs +%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/default/useradd +%{_bindir}/sg +%attr(4755,root,root) %{_bindir}/chage +%attr(4755,root,root) %{_bindir}/gpasswd +%{_bindir}/lastlog +%attr(4755,root,root) %{_bindir}/newgrp +%attr(4755,root,root) %{_bindir}/newgidmap +%attr(4755,root,root) %{_bindir}/newuidmap +%{_sbindir}/adduser +%attr(0755,root,root) %{_sbindir}/user* +%attr(0755,root,root) %{_sbindir}/group* +%{_bindir}/getsubids +%{_sbindir}/grpck +%{_sbindir}/pwck +%{_sbindir}/*conv +%{_sbindir}/chpasswd +%{_sbindir}/chgpasswd +%{_sbindir}/newusers +%{_sbindir}/vipw +%{_sbindir}/vigr +%{_sysconfdir}/pam.d/chpasswd +%{_sysconfdir}/pam.d/groupmems +%{_sysconfdir}/pam.d/newusers + +%files subid-devel +%{_libdir}/libsubid.so.* +%{includesubiddir}/subid.h +%{_libdir}/libsubid.so + +%files help +%{_mandir}/*/* + +%changelog +* Wed Sep 20 2023 lvgenggeng <lvgenggeng@uniontech.com> - 2:4.13-7 +- backport patches from upstream + +* Fri Aug 11 2023 xiongshenglan<xiongshenglan@huawei.com> - 2:4.13-6 +- Remove encrypted passwd for useradd-groupadd-groupmod-usermod + +* Mon Jun 19 2023 yunjia_w<yunjia.wang@huawei.com> - 2:4.13-5 +- backport patches from upstream + +* Thu Apr 20 2023 yunjia_w<yunjia.wang@huawei.com> - 2:4.13-4 +- fix CVE-2023-29383 + +* Thu Mar 23 2023 fuanan <fuanan3@h-partners.com> - 2:4.13-3 +- backport patches from upstream + +* Thu Feb 9 2023 yunjia_w<yunjia.wang@huawei.com> - 2:4.13-2 +- SM3 patch is compatible with version 4.13 + +* Wed Feb 8 2023 yunjia_w<yunjia.wang@huawei.com> - 2:4.13-1 +- update version to 4.13 + +* Thu Dec 1 2022 xiongshenglan<xiongshenglan@huawei.com> - 2:4.9-8 +- backport useradd check if subid range exists for user + +* Tue Nov 22 2022 yunjia_w<yunjia.wang@huawei.com> - 2:4.9-7 +- chpasswd fix function problem with R parameter + +* Mon Oct 31 2022 yunjia_w<yunjia.wang@huawei.com> - 2:4.9-6 +- add some backport to optimize some functions + +* Tue Aug 23 2022 fushanqing <fushanqing@kylinos.cn> - 2:4.9-5 +- remove patch 'shadow-4.1.5.1-var-lock.patch' and 'shadow-utils-fix-lock-file-residue.patch' + +* Tue Aug 2 2022 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 2:4.9-4 +- add-sm3-crypt-support.patch add update release to 4.9-4 + +* Mon Feb 21 2022 panxiaohe <panxh.life@foxmail.com> - 2:4.9-1 +- update to 4.9 +- synchronized login.defs with upstream file +- useradd: modify check ID range for system users + +* Thu Sep 30 2021 steven Y.Gui <steven_ygui@163.com> - 2:4.8.1-7 +- backport some patches to fix memory leak + +* Mon Jul 26 2021 wangchen<wangchen137@huawei.com> - 2:4.8.1-6 +- delete unnecessary gdb from BuildRequires + +* Thu Apr 29 2021 Hugel<gengqihu1@huawei.com> - 2:4.8.1-5 +- shadow should depend on audit-libs + +* Thu Jul 9 2020 Anakin Zhang<benjamin93@163.com> - 2:4.8.1-4 +- fix zh_CN typo + +* Sun Jun 28 2020 Anakin Zhang<benjamin93@163.com> - 2:4.8.1-3 +- generate /var/spool/mail/$USER with the proper SELinux user identity + +* Tue May 12 2020 steven<steven_ygui@163.com> - 2:4.8.1-2 +- Enable --with-libpam config during compiling + +* Fri Apr 24 2020 steven<steven_ygui@163.com> - 2:4.8.1-1 +- Upgrade version to 4.8.1 + +* Sat Mar 21 2020 openEuler Buildteam <buildteam@openEuler.org> - 2:4.7-10 +- Only package man file into shadow-help; add buildrequires of gdb + +* Tue Mar 17 2020 openEuler Buildteam <buildteam@openEuler.org> - 2:4.7-9 +- Remove redundant file + +* Fri Feb 21 2020 openEuler Buildteam <buildteam@openEuler.org> - 2:4.7-8 +- Remove redundant patches + +* Thu Feb 6 2020 openEuler Buildteam <buildteam@openEuler.org> - 2:4.7-7 +- User name can start with an upper case letter + +* Sat Jan 18 2020 openEuler Buildteam <buildteam@openEuler.org> - 2:4.7-6 +- Delete ALWAYS_SET_PATH, which has been set by security-tool + +* Thu Jan 16 2020 openEuler Buildteam <buildteam@openEuler.org> - 2:4.7-5 +- Fix unknown item 'LASTLOG_MAX_UID' + +* Sun Jan 12 2020 openEuler Buildteam <buildteam@openEuler.org> - 2:4.7-4 +- Delete unused patch + +* Thu Dec 19 2019 openEuler Buildteam <buildteam@openEuler.org> - 2:4.7-3 +- Delete unused infomation + +* Mon Dec 16 2019 openEuler Buildteam <buildteam@openeuler.org> - 2:4.7-2 +- fix invaild path + +* Thu Aug 29 2019 hexiaowen <hexiaowen@huawei.com> - 2:4.7-1 +- update to 4.7 + +* Tue Aug 20 2019 guoxiaoqi<guoxiaoqi2@huawei.com> - 2:4.6-2.h9 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:rename patches + +* Thu Aug 8 2019 guoxiaoqi <guoxiaoqi2@huawei.com> - 2:4.6-2.h8 +- Type:NA +- ID:NA +- SUG:NA +- DESC: format patches + +* Thu Aug 1 2019 Jiangchuangang<Jiangchuangang@huawei.com> - 2:4.6-2.h7 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:openEuler Debranding + +* Fri May 3 2019 lubing<lubing6@huawei.com> - 2:4.6-2.h6 +- Type:bugfix +- ID:NA +- SUG:restart +- DESC:fix lock file residue + +* Tue Mar 12 2019 yangzhuangzhuang<yangzhuangzhuang1@huawei.com> - 2:4.6-2.h5 +- Type:bugfix +- ID:NA +- SUG:restart +- DESC:su.c: run pam_getenvlist() after setup_env + Log UID in nologin + Fix some issues found in Coverity scan. + useradd: fix segfault trying to overwrite const data with mkstemp + Fix the default mentioned in man page for SUB_UID/GID_COUNT variables. + +* Wed Mar 6 2019 hanzhijun<hanzhijun@huawei.com> - 2:4.6-2.h4 +- Type:bugfix +- ID:NA +- SUG:NA + DESC:shadow 4.1.5.1 var lock + +* Thu Jan 31 2019 liuqianya<liuqianya@huawei.com> - 2:4.6-2.h3 +- Type:bugfix +- ID:NA +- SUG:NA + DESC:Revert"shadow 4.1.5.1 var lock" + +* Mon Jan 28 2019 liuqianya<liuqianya@huawei.com> - 2:4.6-2.h2 +- Type:bugfix +- ID:NA +- SUG:NA + DESC:Revert "shadow-utils: sync patches" + +* Fri Jan 25 2019 liuqianya<liuqianya@huawei.com> - 2:4.6-2.h1 +- Type:bugfix +- ID:NA +- SUG:NA + DESC:add ruserok to avoid compilation failure + hulk shadow remove passwd param for useradd + shadow 4.1.5.1 var lock + +* Sat Jul 14 2018 Jiangchuangang<Jiangchuangang@huawei.com> - 2:4.6-2 +- Package Initialization @@ -0,0 +1 @@ +b1ab01b5462ddcf43588374d57bec123 shadow-4.13.tar.xz diff --git a/usermod-unlock.patch b/usermod-unlock.patch new file mode 100644 index 0000000..ff9602d --- /dev/null +++ b/usermod-unlock.patch @@ -0,0 +1,65 @@ +Index: shadow-4.5/src/usermod.c +=================================================================== +--- a/src/usermod.c ++++ b/src/usermod.c +@@ -466,14 +466,17 @@ static char *new_pw_passwd (char *pw_pass) + strcat (buf, pw_pass); + pw_pass = buf; + } else if (Uflg && pw_pass[0] == '!') { +- char *s; ++ char *s = pw_pass; + +- if (pw_pass[1] == '\0') { ++ while ('!' == *s) ++ ++s; ++ ++ if (*s == '\0') { + fprintf (stderr, + _("%s: unlocking the user's password would result in a passwordless account.\n" + "You should set a password with usermod -p to unlock this user's password.\n"), + Prog); +- return pw_pass; ++ return NULL; + } + + #ifdef WITH_AUDIT +@@ -482,12 +485,15 @@ static char *new_pw_passwd (char *pw_pass) + user_newname, (unsigned int) user_newid, 0); + #endif + SYSLOG ((LOG_INFO, "unlock user '%s' password", user_newname)); +- s = pw_pass; +- while ('\0' != *s) { +- *s = *(s + 1); +- s++; +- } ++ memmove (pw_pass, s, strlen (s) + 1); + } else if (pflg) { ++ if (strchr (user_pass, ':') != NULL) { ++ fprintf (stderr, ++ _("%s: The password field cannot contain a colon character.\n"), ++ Prog); ++ return NULL; ++ ++ } + #ifdef WITH_AUDIT + audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + "changing password", +@@ -536,6 +542,8 @@ static void new_pwent (struct passwd *pwent) + if ( (!is_shadow_pwd) + || (strcmp (pwent->pw_passwd, SHADOW_PASSWD_STRING) != 0)) { + pwent->pw_passwd = new_pw_passwd (pwent->pw_passwd); ++ if (pwent->pw_passwd == NULL) ++ fail_exit (E_PW_UPDATE); + } + + if (uflg) { +@@ -650,6 +658,8 @@ static void new_spent (struct spwd *spent) + * + aging has been requested + */ + spent->sp_pwdp = new_pw_passwd (spent->sp_pwdp); ++ if (spent->sp_pwdp == NULL) ++ fail_exit(E_PW_UPDATE); + + if (pflg) { + spent->sp_lstchg = (long) gettime () / SCALE; + |