[Pkg-shadow-devel] [Pam-patches] passverify/sp_lstchg handling (Bug #2730965)

Thorsten Kukuk kukuk at suse.de
Wed Aug 4 21:36:02 UTC 2010


On Wed, Aug 04, Steve Langasek wrote:

> As Debian has carried patches before that special-cased a 0 value in other
> shadow fields that caused interop problems with shadow, I'm forwarding this
> patch to the maintainers of the Debian shadow package for their input. 
> Guys, here's a patch that's being proposed for inclusion in PAM upstream -
> any thoughts?

It's the same as Debian did for their shadow package, beside that
Debian prints additional a warning.

  Thorsten

> On Wed, Aug 04, 2010 at 03:17:13PM +0200, Thorsten Kukuk wrote:
> 
> > Bug #2730965 is about, that the calculation of sp_lstchg on
> > systems, where the time is not yet set (means the date is 1.1.1970),
> > will be '0', which means the user is requested to change the password
> > at the next login. This Jan 01, 1970 date problem is common on 
> > embedded hardware.
> 
> > I propose the following patch for this special case:
> 
> > --- passverify.c        8 Dec 2009 09:15:51 -0000       1.14
> > +++ passverify.c        4 Aug 2010 13:14:32 -0000
> > @@ -909,6 +909,9 @@
> >         if (!strcmp(stmpent->sp_namp, forwho)) {
> >             stmpent->sp_pwdp = towhat;
> >             stmpent->sp_lstchg = time(NULL) / (60 * 60 * 24);
> > +           if (stmpent->sp_lstchg == 0)
> > +               stmpent->sp_lstchg = -1; /* Don't request passwort change
> > +                                           only because time isn't set yet. */
> >             wroteentry = 1;
> >             D(("Set password %s for %s", stmpent->sp_pwdp, forwho));
> >         }
> > @@ -928,6 +931,9 @@
> >         spwdent.sp_namp = forwho;
> >         spwdent.sp_pwdp = towhat;
> >         spwdent.sp_lstchg = time(NULL) / (60 * 60 * 24);
> > +       if (spwdent.sp_lstchg == 0)
> > +           spwdent.sp_lstchg = -1; /* Don't request passwort change
> > +                                      only because time isn't set yet. */
> >         spwdent.sp_min = spwdent.sp_max = spwdent.sp_warn = spwdent.sp_inact =
> >             spwdent.sp_expire = -1;
> >         spwdent.sp_flag = (unsigned long)-1l;
> 
> -- 
> Steve Langasek                   Give me a lever long enough and a Free OS
> Debian Developer                   to set it on, and I can move the world.
> Ubuntu Developer                                    http://www.debian.org/
> slangasek at ubuntu.com                                     vorlon at debian.org



> ------------------------------------------------------------------------------
> The Palm PDK Hot Apps Program offers developers who use the
> Plug-In Development Kit to bring their C/C++ apps to Palm for a share
> of $1 Million in cash or HP Products. Visit us here for more details:
> http://p.sf.net/sfu/dev2dev-palm
> _______________________________________________
> Pam-patches mailing list
> Pam-patches at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/pam-patches


-- 
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Markus Rex, HRB 16746 (AG Nuernberg)



More information about the Pkg-shadow-devel mailing list