[Pkg-shadow-devel] Ubuntu shadow 1:4.1.1-6ubuntu4
Ubuntu Merge-o-Matic
mom at ubuntu.com
Fri Apr 3 22:50:48 UTC 2009
This e-mail has been sent due to an upload to Ubuntu that contains Ubuntu
changes. It contains the difference between the new version and the
previous version of the same source package in Ubuntu.
-------------- next part --------------
Format: 1.7
Date: Thu, 02 Apr 2009 14:05:31 -0400
Source: shadow
Binary: passwd login
Architecture: source
Version: 1:4.1.1-6ubuntu4
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Michael Casadevall <mcasadevall at ubuntu.com>
Description:
login - system login tools
passwd - change and administer password and group data
Launchpad-Bugs-Fixed: 349504
Changes:
shadow (1:4.1.1-6ubuntu4) jaunty; urgency=low
.
* debian/patches/593_omit_lastchange_field_if_clock_is_misset (LP: #349504)
- If the system clock is set to Jan 01, 1970, and a new user is created
the last changed field gets set to 0, which tells login that the
password is expired and must be changed. During installation,
this can cause autologin to fail. Having the clock set to 01/01/1970
on a fresh install is common on the ARM architecture, so this is a high
priority bug since its likely to affect most ARM users on first install
Files:
66a39be4c331ea99d2b74a0bd2570250 1710 admin required shadow_4.1.1-6ubuntu4.dsc
e7cc76d615c4ed3969004a9ff4f5011f 94340 admin required shadow_4.1.1-6ubuntu4.diff.gz
Original-Maintainer: Shadow package maintainers <pkg-shadow-devel at lists.alioth.debian.org>
-------------- next part --------------
diff -pruN 1:4.1.1-6ubuntu3/debian/changelog 1:4.1.1-6ubuntu4/debian/changelog
--- 1:4.1.1-6ubuntu3/debian/changelog 2009-04-03 23:22:33.000000000 +0100
+++ 1:4.1.1-6ubuntu4/debian/changelog 2009-04-03 23:22:32.000000000 +0100
@@ -1,3 +1,15 @@
+shadow (1:4.1.1-6ubuntu4) jaunty; urgency=low
+
+ * debian/patches/593_omit_lastchange_field_if_clock_is_misset (LP: #349504)
+ - If the system clock is set to Jan 01, 1970, and a new user is created
+ the last changed field gets set to 0, which tells login that the
+ password is expired and must be changed. During installation,
+ this can cause autologin to fail. Having the clock set to 01/01/1970
+ on a fresh install is common on the ARM architecture, so this is a high
+ priority bug since its likely to affect most ARM users on first install
+
+ -- Michael Casadevall <mcasadevall at ubuntu.com> Thu, 02 Apr 2009 14:05:31 -0400
+
shadow (1:4.1.1-6ubuntu3) jaunty; urgency=low
[ Bryan McLellan ]
diff -pruN 1:4.1.1-6ubuntu3/debian/patches/593_omit_lastchange_field_if_clock_is_misset 1:4.1.1-6ubuntu4/debian/patches/593_omit_lastchange_field_if_clock_is_misset
--- 1:4.1.1-6ubuntu3/debian/patches/593_omit_lastchange_field_if_clock_is_misset 1970-01-01 01:00:00.000000000 +0100
+++ 1:4.1.1-6ubuntu4/debian/patches/593_omit_lastchange_field_if_clock_is_misset 2009-04-03 23:22:32.000000000 +0100
@@ -0,0 +1,223 @@
+Index: shadow-4.1.1/src/useradd.c
+===================================================================
+--- shadow-4.1.1.orig/src/useradd.c 2009-04-02 21:09:54.260892797 -0400
++++ shadow-4.1.1/src/useradd.c 2009-04-02 21:09:54.580852116 -0400
+@@ -710,6 +710,29 @@
+ spent->sp_namp = (char *) user_name;
+ spent->sp_pwdp = (char *) user_pass;
+ spent->sp_lstchg = time ((time_t *) 0) / SCALE;
++
++ /*
++ * If the system clock is set to Jan-01-1970, the lastchg field will
++ * come out as zero (which is the value used when a password is expired
++ * with passwd -e. In these cases, replace 0 with -1 to omit the field
++ * since whatever value we would come up would be wrong anyway.
++ */
++
++ if (spent->sp_lstchg == 0)
++ {
++ if (spent->sp_pwdp != "!") {
++ /* If we're setting a password, display a warning that password aging will be disabled */
++ fprintf (stderr,
++ _
++ ("%s: warning: system clock set to January 01, 1970.\n"
++ "The last changed field will be omitted from /etc/shadow.\n"
++ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
++ Prog);
++ }
++
++ spent->sp_lstchg = -1;
++ }
++
+ if (!rflg) {
+ spent->sp_min = scale_age (getdef_num ("PASS_MIN_DAYS", -1));
+ spent->sp_max = scale_age (getdef_num ("PASS_MAX_DAYS", -1));
+Index: shadow-4.1.1/src/chpasswd.c
+===================================================================
+--- shadow-4.1.1.orig/src/chpasswd.c 2009-04-02 21:09:54.568871823 -0400
++++ shadow-4.1.1/src/chpasswd.c 2009-04-02 21:09:54.580852116 -0400
+@@ -341,6 +341,15 @@
+
+ process_flags (argc, argv);
+
++ if (now == 0) {
++ fprintf (stderr,
++ _
++ ("%s: warning: system clock set to January 01, 1970.\n"
++ "The last changed field will be omitted from /etc/shadow.\n"
++ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
++ Prog);
++ }
++
+ if (!use_stdout) {
+ check_perms ();
+
+@@ -439,7 +448,18 @@
+ if (NULL != sp) {
+ newsp = *sp;
+ newsp.sp_pwdp = cp;
++
++ /*
++ * If the system clock is set to Jan-01-1970, the lastchg field will
++ * come out as zero (which is the value used when a password is expired
++ * with passwd -e. In these cases, replace 0 with -1 to omit the field
++ * since whatever value we would come up would be wrong anyway.
++ */
++
+ newsp.sp_lstchg = now;
++ if (newsp.sp_lstchg == 0)
++ newsp.sp_lstchg = -1;
++
+ } else {
+ newpw = *pw;
+ newpw.pw_passwd = cp;
+Index: shadow-4.1.1/src/passwd.c
+===================================================================
+--- shadow-4.1.1.orig/src/passwd.c 2009-04-02 21:09:54.512870154 -0400
++++ shadow-4.1.1/src/passwd.c 2009-04-02 21:09:54.580852116 -0400
+@@ -572,6 +572,24 @@
+ nsp->sp_lstchg = time ((time_t *) 0) / SCALE;
+
+ /*
++ * If the system clock is set to Jan-01-1970, the lastchg field will
++ * come out as zero (which is the value used when a password is expired
++ * with passwd -e. In these cases, replace 0 with -1 to omit the field
++ * since whatever value we would come up would be wrong anyway.
++ */
++
++ if (nsp->sp_lstchg == 0) {
++ fprintf (stderr,
++ _
++ ("%s: warning: system clock set to January 01, 1970.\n"
++ "The last changed field will be omitted from /etc/shadow.\n"
++ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
++ Prog);
++
++ nsp->sp_lstchg = -1;
++ }
++
++ /*
+ * Force change on next login, like SunOS 4.x passwd -e or Solaris
+ * 2.x passwd -f. Solaris 2.x seems to do the same thing (set
+ * sp_lstchg to 0).
+Index: shadow-4.1.1/libmisc/pwd2spwd.c
+===================================================================
+--- shadow-4.1.1.orig/libmisc/pwd2spwd.c 2009-04-02 21:09:48.284851709 -0400
++++ shadow-4.1.1/libmisc/pwd2spwd.c 2009-04-02 21:09:54.580852116 -0400
+@@ -62,6 +62,10 @@
+ sp.sp_min = 0;
+ sp.sp_max = (10000L * DAY) / SCALE;
+ sp.sp_lstchg = time ((time_t *) 0) / SCALE;
++
++ if (sp.sp_lstchg == 0) {
++ sp.sp_lstchg = -1;
++ }
+ }
+
+ /*
+Index: shadow-4.1.1/src/newusers.c
+===================================================================
+--- shadow-4.1.1.orig/src/newusers.c 2009-04-02 21:09:54.476851191 -0400
++++ shadow-4.1.1/src/newusers.c 2009-04-02 21:09:54.580852116 -0400
+@@ -65,6 +65,7 @@
+ static int cflg = 0;
+ static int rflg = 0; /* create a system account */
+ static int sflg = 0;
++static long now = 0;
+
+ static char *crypt_method = NULL;
+ static long sha_rounds = 5000;
+@@ -419,7 +420,18 @@
+ const char *salt = crypt_make_salt (crypt_method, crypt_arg);
+ spent.sp_pwdp = pw_encrypt (password, salt);
+ }
+- spent.sp_lstchg = time ((time_t *) 0) / SCALE;
++ spent.sp_lstchg = now;
++
++ /*
++ * If the system clock is set to Jan-01-1970, the lastchg field will
++ * come out as zero (which is the value used when a password is expired
++ * with passwd -e. In these cases, replace 0 with -1 to omit the field
++ * since whatever value we would come up would be wrong anyway.
++ */
++
++ if (spent.sp_lstchg == 0)
++ spent.sp_lstchg = -1;
++
+ spent.sp_min = getdef_num ("PASS_MIN_DAYS", 0);
+ /* 10000 is infinity this week */
+ spent.sp_max = getdef_num ("PASS_MAX_DAYS", 10000);
+@@ -668,6 +680,8 @@
+ uid_t uid;
+ gid_t gid;
+
++ now = time ((time_t *) 0) / SCALE;
++
+ Prog = Basename (argv[0]);
+
+ setlocale (LC_ALL, "");
+@@ -678,6 +692,15 @@
+
+ check_perms ();
+
++ if (now == 0) {
++ fprintf (stderr,
++ _
++ ("%s: warning: system clock set to January 01, 1970.\n"
++ "The last changed field will be omitted from /etc/shadow.\n"
++ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
++ Prog);
++ }
++
+ is_shadow = spw_file_present ();
+
+ #ifdef SHADOWGRP
+Index: shadow-4.1.1/src/pwconv.c
+===================================================================
+--- shadow-4.1.1.orig/src/pwconv.c 2009-04-02 21:09:48.244903334 -0400
++++ shadow-4.1.1/src/pwconv.c 2009-04-02 21:09:54.584850879 -0400
+@@ -79,6 +79,7 @@
+ const struct spwd *sp;
+ struct spwd spent;
+ char *Prog = argv[0];
++ long now = time ((time_t *) 0) / (24L * 3600L);
+
+ setlocale (LC_ALL, "");
+ bindtextdomain (PACKAGE, LOCALEDIR);
+@@ -104,6 +105,15 @@
+ fail_exit (E_FAILURE);
+ }
+
++ if (now == 0) {
++ fprintf (stderr,
++ _
++ ("%s: warning: system clock set to January 01, 1970.\n"
++ "The last changed field will be omitted from /etc/shadow.\n"
++ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
++ Prog);
++ }
++
+ /*
+ * Remove /etc/shadow entries for users not in /etc/passwd.
+ */
+@@ -149,7 +159,19 @@
+ spent.sp_flag = -1;
+ }
+ spent.sp_pwdp = pw->pw_passwd;
+- spent.sp_lstchg = time ((time_t *) 0) / (24L * 3600L);
++ spent.sp_lstchg = now;
++
++ /*
++ * If the system clock is set to Jan-01-1970, the lastchg field will
++ * come out as zero (which is the value used when a password is expired
++ * with passwd -e. In these cases, replace 0 with -1 to omit the field
++ * since whatever value we would come up would be wrong anyway.
++ */
++
++ if (spent.sp_lstchg == 0) {
++ spent.sp_lstchg = -1;
++ }
++
+ if (!spw_update (&spent)) {
+ fprintf (stderr,
+ _
diff -pruN 1:4.1.1-6ubuntu3/debian/patches/series 1:4.1.1-6ubuntu4/debian/patches/series
--- 1:4.1.1-6ubuntu3/debian/patches/series 2009-04-03 23:22:33.000000000 +0100
+++ 1:4.1.1-6ubuntu4/debian/patches/series 2009-04-03 23:22:32.000000000 +0100
@@ -38,3 +38,4 @@
304_su.1_synopsis
305_login.1_japanese
495_stdout-encrypted-password
+593_omit_lastchange_field_if_clock_is_misset
More information about the Pkg-shadow-devel
mailing list