[Pkg-shadow-devel] [Pam-patches] passverify/sp_lstchg handling (Bug #2730965)
Steve Langasek
vorlon at debian.org
Wed Aug 4 21:28:21 UTC 2010
As Debian has carried patches before that special-cased a 0 value in other
shadow fields that caused interop problems with shadow, I'm forwarding this
patch to the maintainers of the Debian shadow package for their input.
Guys, here's a patch that's being proposed for inclusion in PAM upstream -
any thoughts?
For my part, this looks ok.
On Wed, Aug 04, 2010 at 03:17:13PM +0200, Thorsten Kukuk wrote:
> Bug #2730965 is about, that the calculation of sp_lstchg on
> systems, where the time is not yet set (means the date is 1.1.1970),
> will be '0', which means the user is requested to change the password
> at the next login. This Jan 01, 1970 date problem is common on
> embedded hardware.
> I propose the following patch for this special case:
> --- passverify.c 8 Dec 2009 09:15:51 -0000 1.14
> +++ passverify.c 4 Aug 2010 13:14:32 -0000
> @@ -909,6 +909,9 @@
> if (!strcmp(stmpent->sp_namp, forwho)) {
> stmpent->sp_pwdp = towhat;
> stmpent->sp_lstchg = time(NULL) / (60 * 60 * 24);
> + if (stmpent->sp_lstchg == 0)
> + stmpent->sp_lstchg = -1; /* Don't request passwort change
> + only because time isn't set yet. */
> wroteentry = 1;
> D(("Set password %s for %s", stmpent->sp_pwdp, forwho));
> }
> @@ -928,6 +931,9 @@
> spwdent.sp_namp = forwho;
> spwdent.sp_pwdp = towhat;
> spwdent.sp_lstchg = time(NULL) / (60 * 60 * 24);
> + if (spwdent.sp_lstchg == 0)
> + spwdent.sp_lstchg = -1; /* Don't request passwort change
> + only because time isn't set yet. */
> spwdent.sp_min = spwdent.sp_max = spwdent.sp_warn = spwdent.sp_inact =
> spwdent.sp_expire = -1;
> spwdent.sp_flag = (unsigned long)-1l;
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek at ubuntu.com vorlon at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 828 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20100804/043971ae/attachment.pgp>
More information about the Pkg-shadow-devel
mailing list