[Pkg-shadow-devel] Ubuntu (new upstream) shadow 1:4.1.3.1-1ubuntu1
Ubuntu Merge-o-Matic
mom at ubuntu.com
Wed May 6 02:49:23 UTC 2009
This e-mail has been sent due to an upload to Ubuntu of a new upstream
version which still contains Ubuntu changes. It contains the difference
between the Ubuntu version and the equivalent base version in Debian, note
that this difference may include the upstream changes.
-------------- next part --------------
Format: 1.7
Date: Tue, 05 May 2009 09:45:21 -0700
Source: shadow
Binary: passwd login
Architecture: source
Version: 1:4.1.3.1-1ubuntu1
Distribution: karmic
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description:
login - system login tools
passwd - change and administer password and group data
Closes: 474318 487105 498788 499578 505071 508785 511739 511961 513252 517809 523621 523798 524139 524193 524258
Changes:
shadow (1:4.1.3.1-1ubuntu1) karmic; urgency=low
.
* Merge from debian unstable, remaining changes:
- Ubuntu specific:
+ debian/login.defs: use SHA512 by default for password crypt routine.
- debian/patches/stdout-encrypted-password.patch: chpasswd can report
password hashes on stdout (debian bug 505640).
- debian/login.pam: Enable SELinux support (debian bug 527106).
- debian/securetty.linux: support Freescale MX-series (debian bug 527095).
* Add debian/patches/300_lastlog_failure: fixed upstream (debian bug 524873).
* Drop debian/patches/593_omit_lastchange_field_if_clock_is_misset: fixed
upstream.
.
shadow (1:4.1.3.1-1) unstable; urgency=low
.
* The "Le Puant Macéré" release.
Sorry for the lack of cheese name in 1:4.1.3-1. At least this one should
count for two.
* New upstream release:
- Fixed wrong parsing of octal permissions. This impacted login (permission
of the TTYs, UMASK, ERASECHAR or KILLCHAR) in release 1:4.1.3-1 only.
Closes: #524139, #524258
- removed debian/patches/200_bin_nb: Applied upstream.
- removed debian/patches/302_vim_selinux_support: Applied upstream.
- Fixed login segfault when called without a username. Closes: #524193
.
shadow (1:4.1.3-1) unstable; urgency=low
.
* The "" release.
* New upstream release:
- Fix possible login DOS. Closes: #505071
- Fix gpasswd and username with 32 characters. Closes: #508785
- Fix typo in nologin(8). Closes: #513252
- Remove old features from passwd(1). Closes: #499578
- login: Close passwd while waiting for exit. Closes: #474318
- login: fix the count of login failures. Closes: #498788
- Remove patches applied upstream (4.1.2):
+ debian/patches/434_login_stop_checking_args_after--
+ debian/patches/491_configure.in_friendly_selinux_detection
+ debian/patches/487_passwd_chauthtok_failed_message
+ debian/patches/406_vipw_resume_properly
+ debian/patches/414_remove-unwise-advices
+ debian/patches/300_SHA_crypt_method
+ debian/patches/301_manpages_missing_options
+ debian/patches/415_login_put-echoctl-back
+ debian/patches/431_su_uid_0_not_root
- Remove patches applied upstream (4.1.3):
+ debian/patches/200_Czech_binary_translation
+ debian/patches/302_remove_non_translated_polish_manpages
+ debian/patches/494_passwd_lock-no_account_lock
+ debian/patches/200_Czech_binary_translation
+ debian/patches/494_passwd_lock-no_account_lock
- Updated patches:
+ debian/patches/431_su_uid_0_not_root
+ debian/patches/463_login_delay_obeys_to_PAM
+ debian/patches/008_su_get_PAM_username
+ debian/patches/302_vim_selinux_support
+ debian/patches/008_login_log_failure_in_FTMP
+ debian/patches/429_login_FAILLOG_ENAB
+ debian/patches/428_grpck_add_prune_option
+ debian/patches/401_cppw_src.dpatch
+ debian/patches/506_relaxed_usernames
+ debian/patches/463_login_delay_obeys_to_PAM
+ debian/patches/542_useradd-O_option
- Translations
+ New Kazakh translation. Closes: #517809
+ Updated Slovak translation. Closes: #523621
* debian/patches/454_userdel_no_MAIL_FILE: Patch removed. If MAIL_FILE is
defined, the mailbox is not in MAIL_SPOOL_DIR.
* debian/patches/506_relaxed_usernames: Use an extra paragraph for the note
on username with a '/'.
* debian/patches/504_undef_USE_PAM.nolibpam,
debian/patches/504_undef_USE_PAM.dpatch, debian/rules: Patches removed.
Replaced by the --disable-account-tools-setuid configure option.
* debian/control: changed the "Replaces" on manpages-zh to a versioned
one on 1.5.1-1
* debian/control: drop all Replaces on manpages-* when the version is
prior to Etch
* Versioned Replaces on manpages-tr (<<1..5) as conflicting manpages have
been removed in that package
* debian/patches/402_cppw_selinux: Add SE Linux support for cppw / cpgr.
* debian/patches/900_testsuite_groupmems, debian/patches/901_testsuite_gcov:
Added patches, only intended to be used in the testsuite.
* debian/securetty.linux: Added ttyPZ0, ttyPZ1, ttyPZ2, ttyPZ3 for PowerMac
machines. Closes: #511739
* debian/patches/579_chowntty_debug: Removed. With the fix for 505071 and
505271, this additional debug information is no more needed.
* debian/patches/507_32char_grnames.dpatch: Patch removed. Replaced by the
--with-group-name-max-length=32 configure option.
* debian/patches/592_manpages_typos: No more needed.
* debian/patches/401_cppw_src.dpatch: Call fsync before closing the backup
file descriptor. This ensures that the backup file will be available on
the storage medium.
* debian/securetty.linux: Removed devfs devices. Usage of devfs enabled
kernel in Lenny was not supported. Closes: #511961
* debian/login.defs: Added /usr/local/games/ to ENV_PATH (for regular
users). Closes: #487105
* debian/patches/200_bin_nb: Updated Norwegian Bokmål translation.
Closes: #523798
* debian/login.defs: Update GID_MIN to 1000. This is more consistent with
UID_MIN, SYS_GID_MAX and the usage of the same ID for UID and GIDs. This
should also be more consistent with the assignment of system group IDs
starting from GID_MAX and going down.
Files:
f440de043d71ae49b8c88320c9527a88 1709 admin required shadow_4.1.3.1-1ubuntu1.dsc
07db539d5a064e010b24b86caaedca39 105338 admin required shadow_4.1.3.1-1ubuntu1.diff.gz
Original-Maintainer: Shadow package maintainers <pkg-shadow-devel at lists.alioth.debian.org>
-------------- next part --------------
diff -pruN 1:4.1.3.1-1/debian/changelog 1:4.1.3.1-1ubuntu1/debian/changelog
--- 1:4.1.3.1-1/debian/changelog 2009-05-06 03:34:25.000000000 +0100
+++ 1:4.1.3.1-1ubuntu1/debian/changelog 2009-05-06 03:22:35.000000000 +0100
@@ -1,3 +1,18 @@
+shadow (1:4.1.3.1-1ubuntu1) karmic; urgency=low
+
+ * Merge from debian unstable, remaining changes:
+ - Ubuntu specific:
+ + debian/login.defs: use SHA512 by default for password crypt routine.
+ - debian/patches/stdout-encrypted-password.patch: chpasswd can report
+ password hashes on stdout (debian bug 505640).
+ - debian/login.pam: Enable SELinux support (debian bug 527106).
+ - debian/securetty.linux: support Freescale MX-series (debian bug 527095).
+ * Add debian/patches/300_lastlog_failure: fixed upstream (debian bug 524873).
+ * Drop debian/patches/593_omit_lastchange_field_if_clock_is_misset: fixed
+ upstream.
+
+ -- Kees Cook <kees at ubuntu.com> Tue, 05 May 2009 09:45:21 -0700
+
shadow (1:4.1.3.1-1) unstable; urgency=low
* The "Le Puant Macéré" release.
@@ -93,6 +108,108 @@ shadow (1:4.1.3-1) unstable; urgency=low
-- Nicolas FRANCOIS (Nekral) <nicolas.francois at centraliens.net> Tue, 14 Apr 2009 23:33:22 +0200
+shadow (1:4.1.1-6ubuntu6) jaunty; urgency=low
+
+ * debian/login.preinst: fix typo in grep (LP: #354887).
+
+ -- Kees Cook <kees at ubuntu.com> Fri, 03 Apr 2009 22:12:07 -0700
+
+shadow (1:4.1.1-6ubuntu5) jaunty; urgency=low
+
+ * debian/login.preinst: add special-case handling to restore the
+ original white-space in /etc/login.defs that is changed by
+ system-tools-backends (LP: #316756).
+
+ -- Kees Cook <kees at ubuntu.com> Fri, 03 Apr 2009 14:33:43 -0700
+
+shadow (1:4.1.1-6ubuntu4) jaunty; urgency=low
+
+ * debian/patches/593_omit_lastchange_field_if_clock_is_misset (LP: #349504)
+ - If the system clock is set to Jan 01, 1970, and a new user is created
+ the last changed field gets set to 0, which tells login that the
+ password is expired and must be changed. During installation,
+ this can cause autologin to fail. Having the clock set to 01/01/1970
+ on a fresh install is common on the ARM architecture, so this is a high
+ priority bug since its likely to affect most ARM users on first install
+
+ -- Michael Casadevall <mcasadevall at ubuntu.com> Thu, 02 Apr 2009 14:05:31 -0400
+
+shadow (1:4.1.1-6ubuntu3) jaunty; urgency=low
+
+ [ Bryan McLellan ]
+ * Don't do the vm-builder root password check on fresh installations
+ (LP: #340841).
+
+ -- Colin Watson <cjwatson at ubuntu.com> Tue, 17 Mar 2009 13:32:55 +0000
+
+shadow (1:4.1.1-6ubuntu2) jaunty; urgency=low
+
+ * debian/securetty.linux (LP: #316841)
+ - Updated securetty support for Freescale MX-series boards
+
+ -- Michael Casadevall <sonicmctails at gmail.com> Tue, 13 Jan 2009 12:56:38 -0500
+
+shadow (1:4.1.1-6ubuntu1) jaunty; urgency=low
+
+ * Merge from debian unstable, remaining changes:
+ - Ubuntu specific:
+ + debian/login.pam: Enable SELinux support in login.pam.
+ + debian/rules: regenerate autoconf to avoid libtool-caused FTBFS.
+ + debian/login.defs: use SHA512 by default for password crypt routine.
+ + debian/passwd.postinst: disable the root password for virtual
+ machines created with vm-builder on Ubuntu 8.10.
+ - debian/patches/stdout-encrypted-password.patch: allow chpasswd to
+ report encrypted passwords to stdout for tools needing encrypted
+ passwords (debian bug 505640).
+
+ -- Kees Cook <kees at ubuntu.com> Mon, 08 Dec 2008 00:44:46 -0800
+
+shadow (1:4.1.1-6) unstable; urgency=medium
+
+ * The "Rollot" release.
+ * debian/patches/303_login_symlink_attack: Fix a race condition that could
+ lead to gaining ownership or changing mode of arbitrary files.
+ Closes: #505271
+ * debian/patches/304_su.1_synopsis: Fix the su synopsis. username is
+ referenced in the manpage, not LOGIN. Closes: #501830
+ * debian/patches/305_login.1_japanese: Fix the path of the utmp and wtmp
+ files. Closes: #501353
+
+ -- Nicolas FRANCOIS (Nekral) <nicolas.francois at centraliens.net> Fri, 14 Nov 2008 21:52:42 +0100
+
+shadow (1:4.1.1-5ubuntu3) jaunty; urgency=low
+
+ * disable the root password for virtual machines created with vm-builder
+ on Ubuntu 8.10. (LP: #296841)
+
+ -- Jamie Strandboge <jamie at ubuntu.com> Thu, 13 Nov 2008 20:32:42 -0600
+
+shadow (1:4.1.1-5ubuntu2) jaunty; urgency=low
+
+ * debian/login.defs: use SHA512 by default for password crypt routine
+ (LP: #51551, currently Ubuntu specific).
+ * debian/patches/stdout-encrypted-password.patch: allow chpasswd to report
+ encrypted passwords to stdout for tools needing encrypted passwords
+ (debian bug 505640).
+ * debian/rules: regenerate autoconf to avoid libtool-caused FTBFS.
+
+ -- Kees Cook <kees at ubuntu.com> Thu, 13 Nov 2008 16:43:48 -0800
+
+shadow (1:4.1.1-5ubuntu1) jaunty; urgency=low
+
+ * Merge from debian unstable, remaining changes:
+ - debian/login.pam: Enable SELinux support in login.pam.
+
+ -- Scott James Remnant <scott at ubuntu.com> Wed, 05 Nov 2008 07:26:43 +0000
+
+shadow (1:4.1.1-5) unstable; urgency=low
+
+ * The "Bergues" release.
+ * debian/login.pam: restore the Etch behavior of pam_securetty.so in case of
+ unknown user. Closes: #443322, #495831
+
+ -- Nicolas FRANCOIS (Nekral) <nicolas.francois at centraliens.net> Sun, 14 Sep 2008 19:13:34 +0200
+
shadow (1:4.1.1-4) unstable; urgency=low
* The "Rocamadour" release.
@@ -170,6 +287,13 @@ shadow (1:4.1.1-2) unstable; urgency=low
-- Nicolas FRANCOIS (Nekral) <nicolas.francois at centraliens.net> Fri, 13 Jun 2008 01:27:16 +0200
+shadow (1:4.1.1-1ubuntu1) intrepid; urgency=low
+
+ * Merge from debian unstable, remaining changes:
+ - debian/login.pam: Enable SELinux support in login.pam.
+
+ -- Kees Cook <kees at ubuntu.com> Mon, 09 Jun 2008 10:08:38 -0700
+
shadow (1:4.1.1-1) unstable; urgency=low
* New upstream release. This closes the following bugs:
@@ -295,6 +419,20 @@ shadow (1:4.1.0-1) unstable; urgency=low
-- Christian Perrier <bubulle at debian.org> Sat, 12 Jan 2008 20:40:02 +0100
+shadow (1:4.0.18.2-1ubuntu2) hardy; urgency=low
+
+ * Add 498_make_useradd_faster_with_ldap: make useradd faster when
+ nsswitch uses LDAP or some other remote names database (LP: #120015),
+ thanks to Vince Busam.
+
+ -- Matt T. Proud <mtp at google.com> Fri, 08 Feb 2008 18:30:51 -0800
+
+shadow (1:4.0.18.2-1ubuntu1) hardy; urgency=low
+
+ * debian/login.pam: Enable SELinux support in login.pam (LP: #191326).
+
+ -- Caleb Case <ccase at tresys.com> Fri, 08 Feb 2008 02:20:06 -0500
+
shadow (1:4.0.18.2-1) unstable; urgency=low
* The "Vacherin" release.
@@ -1237,7 +1375,7 @@ shadow (1:4.0.12-5) unstable; urgency=lo
* Really add /etc/pam.d/su. Closes: #330291
-- Christian Perrier <bubulle at debian.org> Wed, 28 Sep 2005 19:59:31 +0200
-
+
shadow (1:4.0.12-4) unstable; urgency=low
* The "Epoisses" release
@@ -2569,7 +2707,7 @@ shadow (20000902-6.1) unstable; urgency=
* Upgrade to latest config.sub and config.guess. Closes: #88547
-- Gerhard Tonn <gt at debian.org> Fri, 1 Jun 2001 20:38:43 +0200
-
+
shadow (20000902-6) unstable; urgency=medium
* actually set root's password when appropriate
diff -pruN 1:4.1.3.1-1/debian/control 1:4.1.3.1-1ubuntu1/debian/control
--- 1:4.1.3.1-1/debian/control 2009-05-06 03:34:25.000000000 +0100
+++ 1:4.1.3.1-1ubuntu1/debian/control 2009-05-06 03:22:35.000000000 +0100
@@ -1,7 +1,8 @@
Source: shadow
Section: admin
Priority: required
-Maintainer: Shadow package maintainers <pkg-shadow-devel at lists.alioth.debian.org>
+Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
+XSBC-Original-Maintainer: Shadow package maintainers <pkg-shadow-devel at lists.alioth.debian.org>
Standards-Version: 3.8.0
Uploaders: Christian Perrier <bubulle at debian.org>, Martin Quinson <mquinson at debian.org>, Nicolas FRANCOIS (Nekral) <nicolas.francois at centraliens.net>
Build-Depends: autoconf, automake1.9, libtool, gettext, libpam0g-dev, debhelper (>= 5.0.0), quilt, dpkg-dev (>= 1.13.5), xsltproc, docbook-xsl, docbook-xml, libxml2-utils, cdbs, libselinux1-dev [!hurd-i386 !kfreebsd-i386 !kfreebsd-amd64], gnome-doc-utils (>= 0.4.3-1)
diff -pruN 1:4.1.3.1-1/debian/login.defs 1:4.1.3.1-1ubuntu1/debian/login.defs
--- 1:4.1.3.1-1/debian/login.defs 2009-05-06 03:34:25.000000000 +0100
+++ 1:4.1.3.1-1ubuntu1/debian/login.defs 2009-05-06 03:22:35.000000000 +0100
@@ -286,7 +286,7 @@ USERGROUPS_ENAB yes
# Note: It is recommended to use a value consistent with
# the PAM modules configuration.
#
-#ENCRYPT_METHOD DES
+ENCRYPT_METHOD SHA512
#
# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512.
diff -pruN 1:4.1.3.1-1/debian/login.pam 1:4.1.3.1-1ubuntu1/debian/login.pam
--- 1:4.1.3.1-1/debian/login.pam 2009-05-06 03:34:25.000000000 +0100
+++ 1:4.1.3.1-1ubuntu1/debian/login.pam 2009-05-06 03:22:35.000000000 +0100
@@ -26,6 +26,12 @@ auth requisite pam_securetty.so
# (Replaces the `NOLOGINS_FILE' option from login.defs)
auth requisite pam_nologin.so
+# SELinux needs to be the first session rule. This ensures that any
+# lingering context has been cleared. Without out this it is possible
+# that a module could execute code in the wrong domain. (When SELinux
+# is disabled, this returns success.)
+session required pam_selinux.so close
+
# This module parses environment configuration file(s)
# and also allows you to use an extended config
# file /etc/security/pam_env.conf.
@@ -78,12 +84,13 @@ session optional pam_motd.so
# See comments in /etc/login.defs
session optional pam_mail.so standard
-# SELinux needs to intervene at login time to ensure that the process
-# starts in the proper default security context.
-# Uncomment the following line to enable SELinux
-# session required pam_selinux.so select_context
-
# Standard Un*x account and session
@include common-account
@include common-session
@include common-password
+
+# SELinux needs to intervene at login time to ensure that the process
+# starts in the proper default security context. Only sessions which are
+# intended to run in the user's context should be run after this. (When
+# SELinux is disabled, this returns success.)
+session required pam_selinux.so open
diff -pruN 1:4.1.3.1-1/debian/patches/300_lastlog_failure 1:4.1.3.1-1ubuntu1/debian/patches/300_lastlog_failure
--- 1:4.1.3.1-1/debian/patches/300_lastlog_failure 1970-01-01 01:00:00.000000000 +0100
+++ 1:4.1.3.1-1ubuntu1/debian/patches/300_lastlog_failure 2009-05-06 03:22:35.000000000 +0100
@@ -0,0 +1,25 @@
+Description: lastlog does not work at all.
+Upstream: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524873
+
+Index: shadow-4.1.3.1/src/lastlog.c
+===================================================================
+--- shadow-4.1.3.1.orig/src/lastlog.c 2009-05-05 14:55:36.000000000 -0700
++++ shadow-4.1.3.1/src/lastlog.c 2009-05-05 14:55:52.000000000 -0700
+@@ -266,8 +266,7 @@
+ exit (1);
+ }
+
+- print ();
+- /* Get the laslog size */
++ /* Get the lastlog size */
+ if (fstat (fileno (lastlogfile), &statbuf) != 0) {
+ fprintf (stderr,
+ _("lastlog: Cannot get the size of %s: %s\n"),
+@@ -275,6 +274,7 @@
+ exit (1);
+ }
+
++ print ();
+ fclose (lastlogfile);
+ exit (0);
+ }
diff -pruN 1:4.1.3.1-1/debian/patches/495_stdout-encrypted-password 1:4.1.3.1-1ubuntu1/debian/patches/495_stdout-encrypted-password
--- 1:4.1.3.1-1/debian/patches/495_stdout-encrypted-password 1970-01-01 01:00:00.000000000 +0100
+++ 1:4.1.3.1-1ubuntu1/debian/patches/495_stdout-encrypted-password 2009-05-06 03:22:35.000000000 +0100
@@ -0,0 +1,118 @@
+Description: allow chpasswd to report a correctly hashed password (using
+ system defaults for hash mechanism) to stdout.
+Upstream: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505640
+
+Index: shadow-4.1.3.1-1ubuntu1/src/chpasswd.c
+===================================================================
+--- shadow-4.1.3.1-1ubuntu1.orig/src/chpasswd.c 2009-04-15 21:49:48.000000000 -0700
++++ shadow-4.1.3.1-1ubuntu1/src/chpasswd.c 2009-05-05 10:15:48.000000000 -0700
+@@ -60,6 +60,7 @@
+ #ifdef USE_SHA_CRYPT
+ static bool sflg = false;
+ #endif
++static int use_stdout = 0;
+
+ static const char *crypt_method = NULL;
+ #ifdef USE_SHA_CRYPT
+@@ -114,6 +115,8 @@
+ " -c, --crypt-method the crypt method (one of %s)\n"
+ " -e, --encrypted supplied passwords are encrypted\n"
+ " -h, --help display this help message and exit\n"
++ " -S, --stdout report encrypted passwords to stdout\n"
++ " instead of changing the passwd file\n"
+ " -m, --md5 encrypt the clear text password using\n"
+ " the MD5 algorithm\n"
+ "%s"
+@@ -144,6 +147,7 @@
+ {"encrypted", no_argument, NULL, 'e'},
+ {"help", no_argument, NULL, 'h'},
+ {"md5", no_argument, NULL, 'm'},
++ {"stdout", no_argument, NULL, 'S'},
+ #ifdef USE_SHA_CRYPT
+ {"sha-rounds", required_argument, NULL, 's'},
+ #endif
+@@ -152,9 +156,9 @@
+
+ while ((c = getopt_long (argc, argv,
+ #ifdef USE_SHA_CRYPT
+- "c:ehms:",
++ "c:ehmSs:",
+ #else
+- "c:ehm",
++ "c:ehmS",
+ #endif
+ long_options, &option_index)) != -1) {
+ switch (c) {
+@@ -171,6 +175,9 @@
+ case 'm':
+ md5flg = true;
+ break;
++ case 'S':
++ use_stdout = 1;
++ break;
+ #ifdef USE_SHA_CRYPT
+ case 's':
+ sflg = true;
+@@ -248,6 +255,7 @@
+ */
+ static void check_perms (void)
+ {
++ if (use_stdout) return;
+ #ifdef ACCT_TOOLS_SETUID
+ #ifdef USE_PAM
+ pam_handle_t *pamh = NULL;
+@@ -384,11 +392,13 @@
+
+ OPENLOG ("chpasswd");
+
++ if (!use_stdout) {
+ check_perms ();
+
+ is_shadow_pwd = spw_file_present ();
+
+ open_files ();
++ }
+
+ /*
+ * Read each line, separating the user name from the password. The
+@@ -451,6 +461,11 @@
+ crypt_make_salt(crypt_method, arg));
+ }
+
++ if (use_stdout) {
++ fprintf (stdout, "%s:%s\n", name, cp);
++ continue;
++ }
++
+ /*
+ * Get the password file entry for this user. The user must
+ * already exist.
+@@ -525,9 +540,11 @@
+ fail_exit (1);
+ }
+
++ if (!use_stdout) {
+ close_files ();
+
+ nscd_flush_cache ("passwd");
++ }
+
+ return (0);
+ }
+Index: shadow-4.1.3.1-1ubuntu1/man/chpasswd.8.xml
+===================================================================
+--- shadow-4.1.3.1-1ubuntu1.orig/man/chpasswd.8.xml 2009-04-15 21:49:50.000000000 -0700
++++ shadow-4.1.3.1-1ubuntu1/man/chpasswd.8.xml 2009-05-05 10:13:29.000000000 -0700
+@@ -111,6 +111,12 @@
+ </listitem>
+ </varlistentry>
+ <varlistentry>
++ <term><option>-S</option>, <option>--stdout</option></term>
++ <listitem>
++ <para>Report encrypted passwords to stdout instead of updating password file.</para>
++ </listitem>
++ </varlistentry>
++ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
diff -pruN 1:4.1.3.1-1/debian/patches/series 1:4.1.3.1-1ubuntu1/debian/patches/series
--- 1:4.1.3.1-1/debian/patches/series 2009-05-06 03:34:25.000000000 +0100
+++ 1:4.1.3.1-1ubuntu1/debian/patches/series 2009-05-06 03:22:35.000000000 +0100
@@ -20,3 +20,5 @@
508_nologin_in_usr_sbin
505_useradd_recommend_adduser
402_cppw_selinux
+495_stdout-encrypted-password
+300_lastlog_failure
diff -pruN 1:4.1.3.1-1/debian/securetty.linux 1:4.1.3.1-1ubuntu1/debian/securetty.linux
--- 1:4.1.3.1-1/debian/securetty.linux 2009-05-06 03:34:25.000000000 +0100
+++ 1:4.1.3.1-1ubuntu1/debian/securetty.linux 2009-05-06 03:22:35.000000000 +0100
@@ -11,6 +11,11 @@ ttyUSB0
ttyUSB1
ttyUSB2
+# Freescale MX-series serial ports
+ttymxc0
+ttymxc1
+ttymxc2
+
# PowerMac
ttyPZ0
ttyPZ1
More information about the Pkg-shadow-devel
mailing list