[Pkg-shadow-devel] Diff from Debian 4.0.3 to 4.0.11.1

[Tomasz Kłoczko]

On Mon, 1 Aug 2005, Nicolas [iso-8859-1] François wrote:

> Hello,
> 
> (Tomasz, can you have a look at the attachment. Some parts may not be
> very clear, and some issues may be only Debian specific. Just ask. Also
> ask for an experimental archive if you could not connect to the anonymous
> svn (this port is sometimes filtered). I can make a daily snapshot if you
> wish).
> 
> 
> 
> That's it! I've finished reading the nearly half a million lines (424563)
> of diff between 4.0.3 and 4.0.11.1.
> 
> (Well, in fact the number of lines was greatly reduced by ignoring the man
> pages, the POs and some autogenerated files.)
> 
> I will commit a file in the experimental branch, with the list of (nearly)
> all files and some comments about their diff (do I think it is OK,
> should it be checked another time, and also when I think it is OK what is
> the rational of the change (it may help for a review of a 4.0.12 diff, you
> can use it to review my reviewing, and you can use it for your own
> review))
> 
> As my shadow TODO list is empty^Wdeleted, I will commit a new one to the
> experimental branch.

Very big thanks for review all this work :)

OK. My comments for your list:

1) lib/Makefile.am
    The line:
        # sources for dbm support (not yet used)
    should be removed. (in fact maybe the wrong line was removed)

Done. lib/{grpack,gspack,pwpack,sppack}.c removed.

2) lib/pwauth.c
    still use SKEY. Is SKEY support working?
    "(Echo on)" not translated. Is it normal?

Gentoo people reports it is still useable. S/KEY is used rarely so I 
decide ommit translate "(Echo on)" (IMO better will be use S/KEY 
support in PAM module instead hardcoded in shadow).

3) src/chage.c
    two pam_start. One part seems to have been cut and pasted.

I'll try look on this tmorrow.

4) src/chfn.c
    the string:
        printf ("\t%s: %s\n", _("Room Number"), roomno);
    is not OK for the French translation (in French, we add a space before
    the colon.
        printf (_("\tRoom Number: %s\n"), roomno);
    is prefered

Done. Also I'm fix two other translated messages coded in this ughly way.

5) src/chpasswd.c
    missing:
        nscd_flush_cache ("shadow");

Done.

    NOTE: I only have a little idea of what nscd_flush_cache is. So all
          these entries about nscd_flush_cache may be wrong.
          Also (just to be sure) it is related to the libc, and gshadow
          can't be flushed?

gshadow do not have now support in current glibc NSS. First it will be 
good prepare patch with gshadow support for glibc. If gshadow NSS map will 
be known for nscd it will be possible flushing them.

6) src/chsh.c
    There used to be some authentification. When compiled with PAM, I'm not
    sure ther will be any password requested?
    Is this right?

All depends on what will contain /etc/pam.d/chsh.
With example etc/pam.d/chsh from shadow tree which contain:

auth            sufficient      pam_rootok.so

but if you will change this to:

auth            sufficient      pam_rootok.so
auth            required        pam_unix.so

chsh will require user password.
Example with above works correctly for me:

[kloczek at boss]$ chsh -s /bin/bash
Password:
[kloczek at boss]$ finger kloczek | grep Shell
Directory: /home/users/prac/nd/kloczek  Shell: /bin/bash
[kloczek at boss]$ chsh -s /bin/tcsh
Password:
[kloczek at boss]$ finger kloczek | grep Shell
Directory: /home/users/prac/nd/kloczek  Shell: /bin/tcsh

7) src/groupadd.c
    some options are missing in the Usage
    OPENLOG twice

Fixed. I also discover other OPENLOG related bug :>
From Changelog:

        * NEWS, src/groupadd.c, src/groupdel.c, src/groupmod.c, src/userdel.c:
        do OPENLOG() before pam_start().

8) src/lastlog.c
    maybe another time_t size correction is needed
    The files are open before the options are parsed. -h won't work if the
    files can't be open. 5this is just a note, I'm not sure it is a problem)

Yes. This must be fixed. I know aout this.

9) src/pwck.c
   src/pwconv.c
    missing nscd_flush_cache for passwd and shadow?

I'll try look on this tmorrow. I'm not finish rewiev all possible places 
for use nscd_flush_cache().

10) src/useradd.c
    s/the the/the/

Fixed.

    missing nscd_flush_cache for shadow?

src/userdel.c
src/usermod.c
    missing nscd_flush_cache for shadow?

Done.
In current code nscd_flush_cache() is used in:

[src]$ grep nscd_flush_cache *c
chage.c:        nscd_flush_cache ("shadow");
chfn.c: nscd_flush_cache ("passwd");
chpasswd.c:     nscd_flush_cache ("passwd");
chpasswd.c:     nscd_flush_cache ("shadow");
chsh.c: nscd_flush_cache ("passwd");
groupadd.c:     nscd_flush_cache ("group");
groupdel.c:     nscd_flush_cache ("group");
groupmod.c:     nscd_flush_cache ("group");
newusers.c:     nscd_flush_cache ("passwd");
newusers.c:     nscd_flush_cache ("shadow");
newusers.c:     nscd_flush_cache ("group");
passwd.c:       nscd_flush_cache ("passwd");
passwd.c:       nscd_flush_cache ("shadow");
passwd.c:       nscd_flush_cache ("group");
pwunconv.c:     nscd_flush_cache ("passwd");
pwunconv.c:     nscd_flush_cache ("shadow");
useradd.c:      nscd_flush_cache ("passwd");
useradd.c:      nscd_flush_cache ("shadow");
useradd.c:      nscd_flush_cache ("group");
userdel.c:      nscd_flush_cache ("passwd");
userdel.c:      nscd_flush_cache ("shadow");
userdel.c:      nscd_flush_cache ("group");
usermod.c:      nscd_flush_cache ("passwd");
usermod.c:      nscd_flush_cache ("shadow");
usermod.c:      nscd_flush_cache ("group");
vipw.c: nscd_flush_cache ("passwd");
vipw.c: nscd_flush_cache ("shadow");
vipw.c: nscd_flush_cache ("group");

kloczek
-- 
-----------------------------------------------------------
*Ludzie nie mają problemów, tylko sobie sami je stwarzają*
-----------------------------------------------------------
Tomasz KÅ‚oczko, sys adm @zie.pg.gda.pl|*e-mail: kloczek at rudy.mif.pg.gda.pl*