[Pkg-shadow-commits] r787 - trunk/debian/patches

Nicolas FRANCOIS nekral-guest at costa.debian.org
Fri Jan 13 09:32:30 UTC 2006 

Author: nekral-guest
Date: 2006-01-13 09:32:29 +0000 (Fri, 13 Jan 2006)
New Revision: 787

Added:
   trunk/debian/patches/483_su_fakelogin_wrong_arg0
Modified:
   trunk/debian/patches/463_login_delay_obeys_to_PAM
Log:
I committed 463_login_delay_obeys_to_PAM instead of
483_su_fakelogin_wrong_arg0 in revision 786.
Revert the changes on 463_login_delay_obeys_to_PAM and commit the new
483_su_fakelogin_wrong_arg0 patch


Modified: trunk/debian/patches/463_login_delay_obeys_to_PAM
===================================================================
--- trunk/debian/patches/463_login_delay_obeys_to_PAM	2006-01-12 13:47:28 UTC (rev 786)
+++ trunk/debian/patches/463_login_delay_obeys_to_PAM	2006-01-13 09:32:29 UTC (rev 787)
@@ -5,43 +5,11 @@
 
 Status wrt upstream: Forwarded but not applied yet
 
-Index: shadow-4.0.14/src/login.c
+Index: shadow-4.0.13/src/login.c
 ===================================================================
---- shadow-4.0.14.orig/src/login.c	2006-01-11 00:03:20.000000000 +0100
-+++ shadow-4.0.14/src/login.c	2006-01-11 01:07:23.000000000 +0100
-@@ -327,7 +327,6 @@
- 	char ptime[80];
- #endif
- 	int reason = PW_LOGIN;
--	int delay;
- 	int retries;
- 	int failed;
- 	int flag;
-@@ -346,6 +345,7 @@
- 	pid_t child;
- 	char *pam_user;
- #else
-+	int delay;
- 	struct spwd *spwd = NULL;
- #endif
- 	/*
-@@ -568,7 +568,6 @@
- 			alarm (timeout);
- 
- 		environ = newenvp;	/* make new environment active */
--		delay = getdef_num ("FAIL_DELAY", 1);
- 		retries = getdef_num ("LOGIN_RETRIES", RETRIES);
- 
- #ifdef USE_PAM
-@@ -584,17 +583,12 @@
- 
- 		/*
- 		 * hostname & tty are either set to NULL or their correct values,
--		 * depending on how much we know. We also set PAM's fail delay to
--		 * ours.
-+		 * depending on how much we know.
- 		 */
- 		retcode = pam_set_item (pamh, PAM_RHOST, hostname);
+--- shadow-4.0.13.orig/src/login.c	2005-10-27 16:10:53.130114016 +0200
++++ shadow-4.0.13/src/login.c	2005-10-27 16:18:17.602543936 +0200
+@@ -595,10 +595,6 @@
  		PAM_FAIL_CHECK;
  		retcode = pam_set_item (pamh, PAM_TTY, tty);
  		PAM_FAIL_CHECK;
@@ -52,73 +20,25 @@
  		/* if fflg == 1, then the user has already been authenticated */
  		if (!fflg || (getuid () != 0)) {
  			int failcount = 0;
-@@ -635,8 +629,6 @@
+@@ -639,8 +635,6 @@
  			  failed = 0;
- 
+ 			  
  			  failcount++;
 -			  if (delay > 0)
 -			    retcode = pam_fail_delay(pamh, 1000000*delay);
  
  			  retcode = pam_authenticate (pamh, 0);
- 
-@@ -931,13 +923,16 @@
- 		if (pwent.pw_passwd[0] == '\0')
- 			pw_auth ("!", username, reason, (char *) 0);
- 
-+#ifndef USE_PAM
- 		/*
- 		 * Wait a while (a la SVR4 /usr/bin/login) before attempting
- 		 * to login the user again. If the earlier alarm occurs
+ 			  
+@@ -915,10 +909,9 @@
  		 * before the sleep() below completes, login will exit.
  		 */
-+		delay = getdef_num ("FAIL_DELAY", 1);
- 		if (delay > 0)
- 			sleep (delay);
-+#endif
- 
+ #ifndef USE_PAM
+-		if (delay > 0)
+-			sleep (delay);
++ 		if (delay > 0)
++		   sleep (delay); */
+ #endif
+-
  		puts (_("Login incorrect"));
  
-Index: shadow-4.0.14/debian/login.defs
-===================================================================
---- shadow-4.0.14.orig/debian/login.defs	2006-01-11 00:03:20.000000000 +0100
-+++ shadow-4.0.14/debian/login.defs	2006-01-11 01:07:15.000000000 +0100
-@@ -36,11 +36,6 @@
- #MAIL_FILE      .mail
- 
- #
--# Delay in seconds before being allowed another attempt after a login failure
--#
--FAIL_DELAY		3
--
--#
- # Enable logging and display of /var/log/faillog login failure info.
- # This option conflicts with the pam_tally PAM module.
- #
-@@ -321,6 +316,7 @@
- #ENV_HZ
- #CHFN_AUTH
- #CHSH_AUTH
-+#FAIL_DELAY
- 
- ################# OBSOLETED #######################
- #						  #
-Index: shadow-4.0.14/lib/getdef.c
-===================================================================
---- shadow-4.0.14.orig/lib/getdef.c	2006-01-11 00:03:20.000000000 +0100
-+++ shadow-4.0.14/lib/getdef.c	2006-01-11 01:07:15.000000000 +0100
-@@ -55,7 +55,6 @@
- 	{"ENV_PATH", NULL},
- 	{"ENV_SUPATH", NULL},
- 	{"ERASECHAR", NULL},
--	{"FAIL_DELAY", NULL},
- 	{"FAILLOG_ENAB", NULL},
- 	{"FAKE_SHELL", NULL},
- 	{"FTMP_FILE", NULL},
-@@ -91,6 +90,7 @@
- 	{"ENV_HZ", NULL},
- 	{"ENV_TZ", NULL},
- 	{"ENVIRON_FILE", NULL},
-+	{"FAIL_DELAY", NULL},
- 	{"ISSUE_FILE", NULL},
- 	{"LASTLOG_ENAB", NULL},
- 	{"LOGIN_STRING", NULL},
+ 		/* allow only one attempt with -r or -f */

Added: trunk/debian/patches/483_su_fakelogin_wrong_arg0
===================================================================
--- trunk/debian/patches/483_su_fakelogin_wrong_arg0	2006-01-12 13:47:28 UTC (rev 786)
+++ trunk/debian/patches/483_su_fakelogin_wrong_arg0	2006-01-13 09:32:29 UTC (rev 787)
@@ -0,0 +1,17 @@
+Goal: shell's name must be -su when a su fakes a login
+
+Status wrt upstream: not reported yet
+
+Index: shadow-4.0.14/src/su.c
+===================================================================
+--- shadow-4.0.14.orig/src/su.c	2006-01-12 14:35:45.000000000 +0100
++++ shadow-4.0.14/src/su.c	2006-01-12 14:41:10.000000000 +0100
+@@ -902,7 +902,7 @@
+ 		 * Use the shell and create an argv
+ 		 * with the rest of the command line included.
+ 		 */
+-		argv[-1] = shellstr;
++		argv[-1] = cp;
+ #ifndef USE_PAM
+ 		(void) execv (shellstr, &argv[-1]);
+ #else

More information about the Pkg-shadow-commits mailing list