[Pkg-shadow-devel] Preparation of the next 4.1.3 release

Nicolas François nicolas.francois at centraliens.net
Sun Apr 5 23:46:29 UTC 2009 

Hello,

It's been too long already that there were no new release. And even the
comprehensible changelog is becoming huge (see at the end).


Looking at my agenda, I would not have time to implement what I wanted
(new logging strategy, to avoid missing some case leading to system
inconsistencies; this is already implemented in some tools).

So, lets release ASAP.
I've prepared a snapshot on:
ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/snapshot/

I could already test it on my machine, and with the testsuite.
(It currently has a coverage of 70%, but users tends to always have test
cases which I would never have thought about)

I also checked for the previous build issue, so hopefully it will build
with whatever configure options.



I would appreciate if you could also test suite on your environment and if
packager could check the packaging.

I don't think I will have time to prepare a translation round, so this
will be delayed to 4.1.4 or 4.1.3.1.

Regarding the date, I will probably have no or sparse network access this
week and next week-end.

Depending on the feedbacks, I'm planning a release on April 13 or
April 19.

(Peter, let me know if a release on April 13 is better for your timing)




Here is the comprehensible changelog:

*** general:
- packaging
  * Added support for OpenPAM.
  * Added support for uclibc.
  * Added configure --enable-account-tools-setuid (default) /
    --disable-account-tools-setuid options. This permits to disable the
    PAM authentication of the caller for chage, chgpasswd, chpasswd,
    groupadd, groupdel, groupmod, newusers, useradd, userdel, and usermod.
    This authentication is not necessary when these tools are not
    installed setuid root.
  * Added configure --with-group-name-max-length (default) /
    --without-group-name-max-length options. This permits to configure the maximum length allowed for group names:
      <no option> -> default of 16 (like today)
      --with-group-name-max-length -> default of 16
      --without-group-name-max-length -> no max length
      --with-group-name-max-length=n > max is set to n
    No sanity checking is performed on n so people could do
    something neat like --with-group-name-max-length=MAX_INT
- addition of users or groups
  * Speed improvement in case UID_MAX/SYS_UID_MAX/GID_MAX/SYS_GID_MAX is
    used for an user/group. This should be noticeable in case of LDAP
    configured systems. This should impact useradd, groupadd, and newusers
- error handling improvement
  * Make sure errors and incomplete changes are reported to syslog and
    audit in case of unexpected failures.
  * Report system inconsistencies to syslog and audit.
  * Only report success to syslog and audit if the changes are really
    performed in the system databases.
    This is still not complete.
- /etc/login.defs
  * New CREATE_HOME variable to tell useradd to create a home directory by
    default.
- Translations
  * New Kazakh translation.

- faillog
  * Accept users specified as a numerical UID, or ranges of users (-user,
    user-, user1-user2).
  * -l, -m, and -r now apply not only to existing users, but to all the
    specified UIDs.
  * Options can be specified in any order.
- gpasswd
  * Added support for long options --add (-a), --delete (-d),
    --remove-password (-r), --restrict (-R), --administrators (-A), and
    --members (-M).
  * Added support for usernames with arbitrary length.
  * audit logging improvements.
  * error handling improvement (see above).
  * Log permission denied to syslog and audit.
- groupadd
  * audit logging improvements.
  * error handling improvement (see above).
  * Speedup (see "addition of users or groups" above).
  * do not create groups with GID set to (gid_t)-1.
- groupdel
  * audit logging improvements.
  * error handling improvement (see above).
- groupmems
  * Check if user exist before they are added to groups.
  * Avoid segfault in case the specified group does not exist in /etc/group.
  * Everybody is allowed to list the users of a group.
  * /etc/group is open readonly when one just wants to list the users of a
    group.
  * Added syslog support.
  * Use the groupmems PAM service name instead of groupmod.
  * Fix segmentation faults when adding or removing users from a group.
  * Added support for shadow groups.
  * Added support long options --add (-a), --delete (-d), --purge (-p),
    --list (-l), --group (-g).
- groupmod
  * audit logging improvements.
  * error handling improvement (see above).
  * do not create groups with GID set to (gid_t)-1.
- grpck
  * warn for groups with GID set to (gid_t)-1.
- newusers
  * Implement the -r, --system option.
  * Speedup (see "addition of users or groups" above).
  * do not create users with UID set to (gid_t)-1.
  * do not create groups with GID set to (gid_t)-1.
- passwd
  * For compatibility with other passwd version, the --lock an --unlock
    options do not lock or unlock the user account anymore.  They only
    lock or unlock the user's password.
- pwck
  * warn for users with UID set to (uid_t)-1.
- su
  * 
- useradd
  * audit logging improvements.
  * Speedup (see "addition of users or groups" above).
  * See CREATE_HOME above.
  * New -M/--no-create-home option to disable CREATE_HOME.
  * do not create users with UID set to (gid_t)-1.
- userdel
  * audit logging improvements.
  * Do not fail if the removed user is not in the shadow database.
  * When the user's group shall be removed, do not fail if this group is
    not in the gshadow file.
- usermod
  * Allow adding LDAP users (or any user not present in the local passwd
    file) to local groups
  * do not create users with UID set to (gid_t)-1.

Best Regards,
-- 
Nekral

More information about the Pkg-shadow-devel mailing list