This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 3.x development tree".
The branch, master has been updated via 76d991f79dbecc7a272371072da55807987764f3 (commit) via 30e0da8033bc00a6d2b767e3394207cba6633331 (commit) via 36a77b3a223c44565f3ff3abe3ca873e238c21b6 (commit) via f54c3df3a171cef25408fe77dbcadf7b129643ee (commit) via effd5ec1e2b0c50f9efd9a7355098e41beac7b0a (commit) via a04cd3604534bb37b950d3dbfb1c680e34891849 (commit) via d3eddbcf9510aa615dcaa4b5acabf84cee061a98 (commit) from d58a8ffee17f2a4867c0653b4d33666ec40f5b69 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 76d991f79dbecc7a272371072da55807987764f3 Merge: 30e0da8 a04cd36 Author: Michael Tremer michael.tremer@ipfire.org Date: Sat Oct 27 16:49:18 2012 +0200
Merge remote-tracking branch 'stevee/network-fix'
commit 30e0da8033bc00a6d2b767e3394207cba6633331 Merge: d3eddbc 36a77b3 Author: Michael Tremer michael.tremer@ipfire.org Date: Sat Oct 27 16:49:12 2012 +0200
Merge remote-tracking branch 'stevee/coreutils-8.19'
commit 36a77b3a223c44565f3ff3abe3ca873e238c21b6 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Sat Oct 27 15:20:18 2012 +0200
sysvinit: Remove utmpdump and sulogin.
This binaries will be provided and maintained by util-linux 2.22.
Fixes #10212.
commit f54c3df3a171cef25408fe77dbcadf7b129643ee Author: Stefan Schantl stefan.schantl@ipfire.org Date: Sun Sep 16 20:20:35 2012 +0200
util-linux: Update to 2.22.
Now util-linux will provide the "su" command. The new util-linux also will bring the new uuid daemon.
Reference #10212.
Conflicts: util-linux/util-linux.nm
commit effd5ec1e2b0c50f9efd9a7355098e41beac7b0a Author: Stefan Schantl stefan.schantl@ipfire.org Date: Sun Sep 16 18:02:21 2012 +0200
coreutils: Update to 8.19.
Drop support for su, now will be provided by util-linux.
Reference #10212.
Conflicts: coreutils/coreutils.nm
commit a04cd3604534bb37b950d3dbfb1c680e34891849 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Sat Oct 27 16:28:03 2012 +0200
network: Add missing file for routes.
The /etc/network/routes file was missing.
commit d3eddbcf9510aa615dcaa4b5acabf84cee061a98 Author: Stefan Schantl stefan.schantl@ipfire.org Date: Sat Oct 27 16:23:39 2012 +0200
pdns-recursor: Fix config dir in systemd file.
The config dir of the recursor has been changed to /etc/pdns. Without any agument, the recursor defaults to /etc/pdns-recursor as configuration directory.
-----------------------------------------------------------------------
Summary of changes: coreutils/coreutils.nm | 16 +- .../coreutils-8.17-ls-rootdir-symlink.patch | 21 - coreutils/patches/coreutils-8.5-pam.patch | 422 -------------------- coreutils/patches/coreutils-8.7-runuser.patch | 338 ---------------- coreutils/patches/coreutils-i18n.patch | 226 +++++++---- .../patches/coreutils-ipfire-disabled-tests.patch | 18 +- network/network.nm | 4 +- pdns-recursor/pdns-recursor.nm | 2 +- pdns-recursor/systemd/pdns-recursor.service | 2 +- .../patches/sysvinit-2.86-remove-utils-1.patch | 10 +- sysvinit/sysvinit.nm | 4 +- {coreutils => util-linux}/pam.d/su | 0 {coreutils => util-linux}/pam.d/su-l | 0 util-linux/util-linux.nm | 78 ++++- 14 files changed, 240 insertions(+), 901 deletions(-) delete mode 100644 coreutils/patches/coreutils-8.17-ls-rootdir-symlink.patch delete mode 100644 coreutils/patches/coreutils-8.5-pam.patch delete mode 100644 coreutils/patches/coreutils-8.7-runuser.patch rename {coreutils => util-linux}/pam.d/su (100%) rename {coreutils => util-linux}/pam.d/su-l (100%)
Difference in files: diff --git a/coreutils/coreutils.nm b/coreutils/coreutils.nm index eb0b962..6eff896 100644 --- a/coreutils/coreutils.nm +++ b/coreutils/coreutils.nm @@ -4,8 +4,8 @@ ###############################################################################
name = coreutils -version = 8.17 -release = 2 +version = 8.19 +release = 1
groups = System/Base url = http://www.gnu.org/software/coreutils/ @@ -31,7 +31,7 @@ build libcap-devel libselinux-devel ncurses-devel - pam-devel>=1.1.5 + texinfo end
CFLAGS += \ @@ -40,11 +40,10 @@ build
configure_options += \ --libexecdir=%{libdir} \ - --enable-pam \ --enable-selinux \ --enable-largefile \ --disable-rpath \ - --enable-install-program=arch,su \ + --enable-install-program=arch \ --enable-no-install-program=hostname,kill,uptime \ --with-tty-group \ \ @@ -64,11 +63,6 @@ build install_cmds mkdir -pv %{BUILDROOT}%{sbindir} mv -v %{BUILDROOT}/usr/bin/chroot %{BUILDROOT}%{sbindir} - mv -v %{BUILDROOT}/usr/bin/runuser %{BUILDROOT}%{sbindir} - - # su (set right capabilities) - chmod -v u-s %{BUILDROOT}%{bindir}/su - setcap cap_setgid,cap_setuid+ep %{BUILDROOT}%{bindir}/su
# Dump /etc/DIR_COLORS mkdir -pv %{BUILDROOT}%{sysconfdir} @@ -114,12 +108,10 @@ packages /bin/sleep /bin/sort /bin/stty - /bin/su /bin/sync /bin/touch /bin/true /bin/uname - /sbin/runuser end
conflicts diff --git a/coreutils/pam.d/su b/coreutils/pam.d/su deleted file mode 100644 index 85e67a8..0000000 --- a/coreutils/pam.d/su +++ /dev/null @@ -1,12 +0,0 @@ -#%PAM-1.0 -auth sufficient pam_rootok.so -# Uncomment the following line to implicitly trust users in the "wheel" group. -#auth sufficient pam_wheel.so trust use_uid -# Uncomment the following line to require a user to be in the "wheel" group. -#auth required pam_wheel.so use_uid -auth include system-auth -account sufficient pam_succeed_if.so uid = 0 use_uid quiet -account include system-auth -password include system-auth -session include system-auth -session optional pam_xauth.so diff --git a/coreutils/pam.d/su-l b/coreutils/pam.d/su-l deleted file mode 100644 index 656a139..0000000 --- a/coreutils/pam.d/su-l +++ /dev/null @@ -1,6 +0,0 @@ -#%PAM-1.0 -auth include su -account include su -password include su -session optional pam_keyinit.so force revoke -session include su diff --git a/coreutils/patches/coreutils-8.17-ls-rootdir-symlink.patch b/coreutils/patches/coreutils-8.17-ls-rootdir-symlink.patch deleted file mode 100644 index 7227afe..0000000 --- a/coreutils/patches/coreutils-8.17-ls-rootdir-symlink.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -urNp coreutils-8.17-orig/src/ls.c coreutils-8.17/src/ls.c ---- coreutils-8.17-orig/src/ls.c 2012-05-11 20:59:01.467946060 +0200 -+++ coreutils-8.17/src/ls.c 2012-05-11 21:00:38.276821883 +0200 -@@ -3206,14 +3206,9 @@ make_link_name (char const *name, char const *linkname) - if (IS_ABSOLUTE_FILE_NAME (linkname)) - return xstrdup (linkname); - -- /* The link is to a relative name. Prepend any leading directory -- in 'name' to the link name. */ -- size_t prefix_len = dir_len (name); -- if (prefix_len == 0) -- return xstrdup (linkname); -- -- char *p = xmalloc (prefix_len + 1 + strlen (linkname) + 1); -- stpcpy (stpncpy (p, name, prefix_len + 1), linkname); -+ char *d = dir_name (name); -+ char *p = file_name_concat (d, linkname, NULL); -+ free (d); - return p; - } - diff --git a/coreutils/patches/coreutils-8.5-pam.patch b/coreutils/patches/coreutils-8.5-pam.patch deleted file mode 100644 index 3d0e416..0000000 --- a/coreutils/patches/coreutils-8.5-pam.patch +++ /dev/null @@ -1,422 +0,0 @@ -diff -urNp coreutils-8.16-orig/configure.ac coreutils-8.16/configure.ac ---- coreutils-8.16-orig/configure.ac 2012-03-24 19:22:13.000000000 +0100 -+++ coreutils-8.16/configure.ac 2012-03-26 17:59:07.900139497 +0200 -@@ -185,6 +185,20 @@ fi - - AC_FUNC_FORK - -+AC_ARG_ENABLE(pam, AS_HELP_STRING([--disable-pam], -+ [Disable PAM support in su (default=auto)]), , [enable_pam=yes]) -+if test "x$enable_pam" != xno; then -+ AC_CHECK_LIB([pam], [pam_start], [enable_pam=yes], [enable_pam=no]) -+ AC_CHECK_LIB([pam_misc], [misc_conv], [:], [enable_pam=no]) -+ if test "x$enable_pam" != xno; then -+ AC_DEFINE(USE_PAM, 1, [Define if you want to use PAM]) -+ PAM_LIBS="-lpam -lpam_misc" -+ AC_SUBST(PAM_LIBS) -+ fi -+fi -+AC_MSG_CHECKING([whether to enable PAM support in su]) -+AC_MSG_RESULT([$enable_pam]) -+ - optional_bin_progs= - AC_CHECK_FUNCS([chroot], - gl_ADD_PROG([optional_bin_progs], [chroot])) -diff -urNp coreutils-8.16-orig/doc/coreutils.texi coreutils-8.16/doc/coreutils.texi ---- coreutils-8.16-orig/doc/coreutils.texi 2012-03-26 17:58:27.624763998 +0200 -+++ coreutils-8.16/doc/coreutils.texi 2012-03-26 17:59:07.907138599 +0200 -@@ -15804,7 +15804,9 @@ the exit status of @var{command} otherwi - - @command{su} allows one user to temporarily become another user. It runs a - command (often an interactive shell) with the real and effective user --ID, group ID, and supplemental groups of a given @var{user}. Synopsis: -+ID, group ID, and supplemental groups of a given @var{user}. When the -l -+option is given, the su-l PAM file is used instead of the default su PAM file. -+Synopsis: - - @example - su [@var{option}]@dots{} [@var{user} [@var{arg}]@dots{}] -@@ -15883,7 +15885,8 @@ environment variables except @env{TERM}, - (which are set, even for the super-user, as described above), and set - @env{PATH} to a compiled-in default value. Change to @var{user}'s home - directory. Prepend @samp{-} to the shell's name, intended to make it --read its login startup file(s). -+read its login startup file(s). When this option is given, /etc/pam.d/su-l -+PAM file is used instead of the default one. - - @item -m - @itemx -p -diff -urNp coreutils-8.16-orig/src/Makefile.am coreutils-8.16/src/Makefile.am ---- coreutils-8.16-orig/src/Makefile.am 2012-03-24 19:22:13.000000000 +0100 -+++ coreutils-8.16/src/Makefile.am 2012-03-26 17:59:07.928142551 +0200 -@@ -357,8 +357,8 @@ factor_LDADD += $(LIB_GMP) - # for getloadavg - uptime_LDADD += $(GETLOADAVG_LIBS) - --# for crypt --su_LDADD += $(LIB_CRYPT) -+# for crypt and pam -+su_LDADD += $(LIB_CRYPT) $(PAM_LIBS) - - # for various ACL functions - copy_LDADD += $(LIB_ACL) -diff -urNp coreutils-8.16-orig/src/su.c coreutils-8.16/src/su.c ---- coreutils-8.16-orig/src/su.c 2012-03-26 17:58:27.629764055 +0200 -+++ coreutils-8.16/src/su.c 2012-03-26 17:59:07.931138998 +0200 -@@ -37,6 +37,16 @@ - restricts who can su to UID 0 accounts. RMS considers that to - be fascist. - -+#ifdef USE_PAM -+ -+ Actually, with PAM, su has nothing to do with whether or not a -+ wheel group is enforced by su. RMS tries to restrict your access -+ to a su which implements the wheel group, but PAM considers that -+ to be fascist, and gives the user/sysadmin the opportunity to -+ enforce a wheel group by proper editing of /etc/pam.d/su -+ -+#endif -+ - Compile-time options: - -DSYSLOG_SUCCESS Log successful su's (by default, to root) with syslog. - -DSYSLOG_FAILURE Log failed su's (by default, to root) with syslog. -@@ -52,6 +62,13 @@ - #include <sys/types.h> - #include <pwd.h> - #include <grp.h> -+#ifdef USE_PAM -+#include <security/pam_appl.h> -+#include <security/pam_misc.h> -+#include <signal.h> -+#include <sys/wait.h> -+#include <sys/fsuid.h> -+#endif - - #include "system.h" - #include "getpass.h" -@@ -120,7 +137,9 @@ - /* The user to become if none is specified. */ - #define DEFAULT_USER "root" - -+#ifndef USE_PAM - char *crypt (char const *key, char const *salt); -+#endif - - static void run_shell (char const *, char const *, char **, size_t) - ATTRIBUTE_NORETURN; -@@ -134,6 +153,11 @@ static bool simulate_login; - /* If true, change some environment vars to indicate the user su'd to. */ - static bool change_environment; - -+#ifdef USE_PAM -+static bool _pam_session_opened; -+static bool _pam_cred_established; -+#endif -+ - static struct option const longopts[] = - { - {"command", required_argument, NULL, 'c'}, -@@ -212,7 +236,174 @@ log_su (struct passwd const *pw, bool su - } - #endif - -+#ifdef USE_PAM -+#define PAM_SERVICE_NAME PROGRAM_NAME -+#define PAM_SERVICE_NAME_L PROGRAM_NAME "-l" -+static sig_atomic_t volatile caught_signal = false; -+static pam_handle_t *pamh = NULL; -+static int retval; -+static struct pam_conv conv = -+{ -+ misc_conv, -+ NULL -+}; -+ -+#define PAM_BAIL_P(a) \ -+ if (retval) \ -+ { \ -+ pam_end (pamh, retval); \ -+ a; \ -+ } -+ -+static void -+cleanup_pam (int retcode) -+{ -+ if (_pam_session_opened) -+ pam_close_session (pamh, 0); -+ -+ if (_pam_cred_established) -+ pam_setcred (pamh, PAM_DELETE_CRED | PAM_SILENT); -+ -+ pam_end(pamh, retcode); -+} -+ -+/* Signal handler for parent process. */ -+static void -+su_catch_sig (int sig) -+{ -+ caught_signal = true; -+} -+ -+/* Export env variables declared by PAM modules. */ -+static void -+export_pamenv (void) -+{ -+ char **env; -+ -+ /* This is a copy but don't care to free as we exec later anyways. */ -+ env = pam_getenvlist (pamh); -+ while (env && *env) -+ { -+ if (putenv (*env) != 0) -+ xalloc_die (); -+ env++; -+ } -+} -+ -+static void -+create_watching_parent (void) -+{ -+ pid_t child; -+ sigset_t ourset, blockset; -+ int status = 0; -+ -+ retval = pam_open_session (pamh, 0); -+ if (retval != PAM_SUCCESS) -+ { -+ cleanup_pam (retval); -+ error (EXIT_FAILURE, 0, _("cannot not open session: %s"), -+ pam_strerror (pamh, retval)); -+ } -+ else -+ _pam_session_opened = 1; -+ -+ child = fork (); -+ if (child == (pid_t) -1) -+ { -+ cleanup_pam (PAM_ABORT); -+ error (EXIT_FAILURE, errno, _("cannot create child process")); -+ } -+ -+ /* the child proceeds to run the shell */ -+ if (child == 0) -+ return; -+ -+ /* In the parent watch the child. */ -+ -+ /* su without pam support does not have a helper that keeps -+ sitting on any directory so let's go to /. */ -+ if (chdir ("/") != 0) -+ error (0, errno, _("warning: cannot change directory to %s"), "/"); -+ -+ sigfillset (&ourset); -+ if (sigprocmask (SIG_BLOCK, &ourset, NULL)) -+ { -+ error (0, errno, _("cannot block signals")); -+ caught_signal = true; -+ } -+ if (!caught_signal) -+ { -+ struct sigaction action; -+ action.sa_handler = su_catch_sig; -+ sigemptyset (&action.sa_mask); -+ action.sa_flags = 0; -+ sigemptyset (&ourset); -+ if (sigaddset (&ourset, SIGTERM) -+ || sigaddset (&ourset, SIGALRM) -+ || sigaction (SIGTERM, &action, NULL) -+ || sigprocmask (SIG_UNBLOCK, &ourset, NULL)) -+ { -+ error (0, errno, _("cannot set signal handler")); -+ caught_signal = true; -+ } -+ } -+ if (!caught_signal) -+ { -+ pid_t pid; -+ for (;;) -+ { -+ pid = waitpid (child, &status, WUNTRACED); -+ -+ if (pid != (pid_t)-1 && WIFSTOPPED (status)) -+ { -+ /* tcsh sends SIGTSTP to the process group, and so is already pending */ -+ kill (getpid (), SIGSTOP); -+ if (WSTOPSIG(status) != SIGSTOP) { -+ sigemptyset(&blockset); -+ if (sigaddset(&blockset, WSTOPSIG(status)) || -+ sigprocmask(SIG_UNBLOCK, &blockset, &ourset) || -+ sigprocmask(SIG_SETMASK, &ourset, NULL)) -+ { -+ error (0, errno, _("cannot set signal handler")); -+ } -+ } -+ /* once we get here, we must have resumed */ -+ kill (pid, SIGCONT); -+ } -+ else -+ break; -+ } -+ if (pid != (pid_t)-1) -+ if (WIFSIGNALED (status)) -+ status = WTERMSIG (status) + 128; -+ else -+ status = WEXITSTATUS (status); -+ else -+ status = 1; -+ } -+ else -+ status = 1; -+ -+ if (caught_signal) -+ { -+ fprintf (stderr, _("\nSession terminated, killing shell...")); -+ kill (child, SIGTERM); -+ } -+ -+ cleanup_pam (PAM_SUCCESS); -+ -+ if (caught_signal) -+ { -+ sleep (2); -+ kill (child, SIGKILL); -+ fprintf (stderr, _(" ...killed.\n")); -+ } -+ exit (status); -+} -+#endif -+ - /* Ask the user for a password. -+ If PAM is in use, let PAM ask for the password if necessary. - Return true if the user gives the correct password for entry PW, - false if not. Return true without asking for a password if run by UID 0 - or if PW has an empty password. */ -@@ -220,10 +411,52 @@ log_su (struct passwd const *pw, bool su - static bool - correct_password (const struct passwd *pw) - { -+#ifdef USE_PAM -+ const struct passwd *lpw; -+ const char *cp; -+ -+ retval = pam_start (simulate_login ? PAM_SERVICE_NAME_L : PAM_SERVICE_NAME, -+ pw->pw_name, &conv, &pamh); -+ PAM_BAIL_P (return false); -+ -+ if (isatty (0) && (cp = ttyname (0)) != NULL) -+ { -+ const char *tty; -+ -+ if (strncmp (cp, "/dev/", 5) == 0) -+ tty = cp + 5; -+ else -+ tty = cp; -+ retval = pam_set_item (pamh, PAM_TTY, tty); -+ PAM_BAIL_P (return false); -+ } -+#if 0 /* Manpage discourages use of getlogin. */ -+ cp = getlogin (); -+ if (!(cp && *cp && (lpw = getpwnam (cp)) != NULL && lpw->pw_uid == getuid ())) -+#endif -+ lpw = getpwuid (getuid ()); -+ if (lpw && lpw->pw_name) -+ { -+ retval = pam_set_item (pamh, PAM_RUSER, (const void *) lpw->pw_name); -+ PAM_BAIL_P (return false); -+ } -+ retval = pam_authenticate (pamh, 0); -+ PAM_BAIL_P (return false); -+ retval = pam_acct_mgmt (pamh, 0); -+ if (retval == PAM_NEW_AUTHTOK_REQD) -+ { -+ /* Password has expired. Offer option to change it. */ -+ retval = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK); -+ PAM_BAIL_P (return false); -+ } -+ PAM_BAIL_P (return false); -+ /* Must be authenticated if this point was reached. */ -+ return true; -+#else /* !USE_PAM */ - char *unencrypted, *encrypted, *correct; - #if HAVE_GETSPNAM && HAVE_STRUCT_SPWD_SP_PWDP - /* Shadow passwd stuff for SVR3 and maybe other systems. */ -- struct spwd *sp = getspnam (pw->pw_name); -+ const struct spwd *sp = getspnam (pw->pw_name); - - endspent (); - if (sp) -@@ -244,6 +477,7 @@ correct_password (const struct passwd *p - encrypted = crypt (unencrypted, correct); - memset (unencrypted, 0, strlen (unencrypted)); - return STREQ (encrypted, correct); -+#endif /* !USE_PAM */ - } - - /* Update 'environ' for the new shell based on PW, with SHELL being -@@ -286,19 +520,41 @@ modify_environment (const struct passwd - } - } - } -+ -+#ifdef USE_PAM -+ export_pamenv (); -+#endif - } - - /* Become the user and group(s) specified by PW. */ - - static void --change_identity (const struct passwd *pw) -+init_groups (const struct passwd *pw) - { - #ifdef HAVE_INITGROUPS - errno = 0; - if (initgroups (pw->pw_name, pw->pw_gid) == -1) -- error (EXIT_CANCELED, errno, _("cannot set groups")); -+ { -+#ifdef USE_PAM -+ cleanup_pam (PAM_ABORT); -+#endif -+ error (EXIT_FAILURE, errno, _("cannot set groups")); -+ } - endgrent (); - #endif -+ -+#ifdef USE_PAM -+ retval = pam_setcred (pamh, PAM_ESTABLISH_CRED); -+ if (retval != PAM_SUCCESS) -+ error (EXIT_FAILURE, 0, "%s", pam_strerror (pamh, retval)); -+ else -+ _pam_cred_established = 1; -+#endif -+} -+ -+static void -+change_identity (const struct passwd *pw) -+{ - if (setgid (pw->pw_gid)) - error (EXIT_CANCELED, errno, _("cannot set group id")); - if (setuid (pw->pw_uid)) -@@ -511,9 +767,21 @@ main (int argc, char **argv) - shell = NULL; - } - shell = xstrdup (shell ? shell : pw->pw_shell); -- modify_environment (pw, shell); -+ -+ init_groups (pw); -+ -+#ifdef USE_PAM -+ create_watching_parent (); -+ /* Now we're in the child. */ -+#endif - - change_identity (pw); -+ -+ /* Set environment after pam_open_session, which may put KRB5CCNAME -+ into the pam_env, etc. */ -+ -+ modify_environment (pw, shell); -+ - if (simulate_login && chdir (pw->pw_dir) != 0) - error (0, errno, _("warning: cannot change directory to %s"), pw->pw_dir); - diff --git a/coreutils/patches/coreutils-8.7-runuser.patch b/coreutils/patches/coreutils-8.7-runuser.patch deleted file mode 100644 index 533e15a..0000000 --- a/coreutils/patches/coreutils-8.7-runuser.patch +++ /dev/null @@ -1,338 +0,0 @@ -diff -urNp coreutils-8.7-orig/AUTHORS coreutils-8.7/AUTHORS ---- coreutils-8.7-orig/AUTHORS 2010-10-11 19:35:11.000000000 +0200 -+++ coreutils-8.7/AUTHORS 2010-11-15 10:08:04.222078001 +0100 -@@ -65,6 +65,7 @@ readlink: Dmitry V. Levin - rm: Paul Rubin, David MacKenzie, Richard M. Stallman, Jim Meyering - rmdir: David MacKenzie - runcon: Russell Coker -+runuser: David MacKenzie, Dan Walsh - seq: Ulrich Drepper - sha1sum: Ulrich Drepper, Scott Miller, David Madore - sha224sum: Ulrich Drepper, Scott Miller, David Madore -diff -urNp coreutils-8.7-orig/man/help2man coreutils-8.7/man/help2man ---- coreutils-8.7-orig/man/help2man 2010-10-11 19:35:11.000000000 +0200 -+++ coreutils-8.7/man/help2man 2010-11-15 10:08:51.331054884 +0100 -@@ -555,6 +555,9 @@ while (length) - $include{$sect} .= $content; - } - -+# There is no info documentation for runuser (shared with su). -+$opt_no_info = 1 if $program eq 'runuser'; -+ - # Refer to the real documentation. - unless ($opt_no_info) - { -diff -urNp coreutils-8.7-orig/man/Makefile.am coreutils-8.7/man/Makefile.am ---- coreutils-8.7-orig/man/Makefile.am 2010-10-11 19:35:11.000000000 +0200 -+++ coreutils-8.7/man/Makefile.am 2010-11-15 10:09:21.768922182 +0100 -@@ -94,6 +94,7 @@ readlink.1: $(common_dep) $(srcdir)/read - rm.1: $(common_dep) $(srcdir)/rm.x ../src/rm.c - rmdir.1: $(common_dep) $(srcdir)/rmdir.x ../src/rmdir.c - runcon.1: $(common_dep) $(srcdir)/runcon.x ../src/runcon.c -+runuser.1: $(common_dep) $(srcdir)/runuser.x ../src/su.c - seq.1: $(common_dep) $(srcdir)/seq.x ../src/seq.c - sha1sum.1: $(common_dep) $(srcdir)/sha1sum.x ../src/md5sum.c - sha224sum.1: $(common_dep) $(srcdir)/sha224sum.x ../src/md5sum.c -diff -urNp coreutils-8.7-orig/man/runuser.x coreutils-8.7/man/runuser.x ---- coreutils-8.7-orig/man/runuser.x 1970-01-01 01:00:00.000000000 +0100 -+++ coreutils-8.7/man/runuser.x 2010-11-15 10:09:57.437939015 +0100 -@@ -0,0 +1,12 @@ -+[NAME] -+runuser - run a shell with substitute user and group IDs -+[DESCRIPTION] -+." Add any additional description here -+[SEE ALSO] -+.TP -+More detailed Texinfo documentation could be found by command -+.TP -+\t\fBinfo coreutils (aqsu invocation(aq\fR\t -+.TP -+since the command \fBrunuser\fR is trimmed down version of command \fBsu\fR. -+.br -diff -urNp coreutils-8.7-orig/README coreutils-8.7/README ---- coreutils-8.7-orig/README 2010-10-11 19:35:11.000000000 +0200 -+++ coreutils-8.7/README 2010-11-15 10:10:43.002922253 +0100 -@@ -11,8 +11,8 @@ The programs that can be built with this - factor false fmt fold groups head hostid hostname id install join kill - link ln logname ls md5sum mkdir mkfifo mknod mktemp mv nice nl nohup - nproc od paste pathchk pinky pr printenv printf ptx pwd readlink realpath -- rm rmdir runcon seq sha1sum sha224sum sha256sum sha384sum sha512sum shred -- shuf sleep sort split stat stdbuf stty su sum sync tac tail tee test -+ rm rmdir runcon runuser seq sha1sum sha224sum sha256sum sha384sum sha512sum -+ shred shuf sleep sort split stat stdbuf stty su sum sync tac tail tee test - timeout touch tr true truncate tsort tty uname unexpand uniq unlink - uptime users vdir wc who whoami yes - -diff -urNp coreutils-8.7-orig/src/Makefile.am coreutils-8.7/src/Makefile.am ---- coreutils-8.7-orig/src/Makefile.am 2010-11-15 10:07:07.339171659 +0100 -+++ coreutils-8.7/src/Makefile.am 2010-11-15 10:12:14.847094550 +0100 -@@ -100,6 +100,7 @@ EXTRA_PROGRAMS = \ - rm \ - rmdir \ - runcon \ -+ runuser \ - seq \ - sha1sum \ - sha224sum \ -@@ -300,6 +301,10 @@ cp_LDADD += $(copy_LDADD) - ginstall_LDADD += $(copy_LDADD) - mv_LDADD += $(copy_LDADD) - -+runuser_SOURCES = su.c -+runuser_CFLAGS = -DRUNUSER -DAUTHORS=""David MacKenzie, Dan Walsh"" -+runuser_LDADD = $(LDADD) $(LIB_CRYPT) $(PAM_LIBS) -+ - remove_LDADD = - mv_LDADD += $(remove_LDADD) - rm_LDADD += $(remove_LDADD) -@@ -395,7 +400,7 @@ RELEASE_YEAR = \ - `sed -n '/.*COPYRIGHT_YEAR = ([0-9][0-9][0-9][0-9]) };/s//\1/p' \ - $(top_srcdir)/lib/version-etc.c` - --all-local: su$(EXEEXT) -+all-local: su$(EXEEXT) runuser - - installed_su = $(DESTDIR)$(bindir)/`echo su|sed '$(transform)'` - -diff -urNp coreutils-8.7-orig/src/su.c coreutils-8.7/src/su.c ---- coreutils-8.7-orig/src/su.c 2010-11-15 10:07:07.372933288 +0100 -+++ coreutils-8.7/src/su.c 2010-11-15 10:42:12.569159230 +0100 -@@ -100,9 +100,15 @@ - #include "error.h" - - /* The official name of this program (e.g., no 'g' prefix). */ -+#ifndef RUNUSER - #define PROGRAM_NAME "su" -+#else -+#define PROGRAM_NAME "runuser" -+#endif - -+#ifndef AUTHORS - #define AUTHORS proper_name ("David MacKenzie") -+#endif - - #if HAVE_PATHS_H - # include <paths.h> -@@ -140,6 +146,9 @@ - #ifndef USE_PAM - char *crypt (char const *key, char const *salt); - #endif -+#ifndef CHECKPASSWD -+#define CHECKPASSWD 1 -+#endif - - static void run_shell (char const *, char const *, char **, size_t) - ATTRIBUTE_NORETURN; -@@ -169,6 +178,10 @@ static struct option const longopts[] = - {"login", no_argument, NULL, 'l'}, - {"preserve-environment", no_argument, NULL, 'p'}, - {"shell", required_argument, NULL, 's'}, -+#ifdef RUNUSER -+ {"group", required_argument, NULL, 'g'}, -+ {"supp-group", required_argument, NULL, 'G'}, -+#endif - {GETOPT_HELP_OPTION_DECL}, - {GETOPT_VERSION_OPTION_DECL}, - {NULL, 0, NULL, 0} -@@ -444,6 +457,11 @@ correct_password (const struct passwd *p - retval = pam_set_item (pamh, PAM_RUSER, (const void *) lpw->pw_name); - PAM_BAIL_P (return false); - } -+#ifdef RUNUSER -+ if (getuid() != geteuid()) -+ /* safety net: deny operation if we are suid by accident */ -+ error(EXIT_FAILURE, 1, "runuser may not be setuid"); -+#else - retval = pam_authenticate (pamh, 0); - PAM_BAIL_P (return false); - retval = pam_acct_mgmt (pamh, 0); -@@ -454,6 +472,7 @@ correct_password (const struct passwd *p - PAM_BAIL_P (return false); - } - PAM_BAIL_P (return false); -+#endif - /* Must be authenticated if this point was reached. */ - return true; - #else /* !USE_PAM */ -@@ -533,11 +552,22 @@ modify_environment (const struct passwd - /* Become the user and group(s) specified by PW. */ - - static void --init_groups (const struct passwd *pw) -+init_groups (const struct passwd *pw -+#ifdef RUNUSER -+ , gid_t *groups, int num_groups -+#endif -+ ) - { - #ifdef HAVE_INITGROUPS -+ int rc = 0; - errno = 0; -- if (initgroups (pw->pw_name, pw->pw_gid) == -1) -+#ifdef RUNUSER -+ if (num_groups) -+ rc = setgroups(num_groups, groups); -+ else -+#endif -+ rc = initgroups(pw->pw_name, pw->pw_gid); -+ if (rc == -1) - { - #ifdef USE_PAM - cleanup_pam (PAM_ABORT); -@@ -639,6 +669,28 @@ usage (int status) - else - { - printf (_("Usage: %s [OPTION]... [-] [USER [ARG]...]\n"), program_name); -+#ifdef RUNUSER -+ printf (_("\ -+Change the effective user id and group id to that of USER. Only session PAM\n\ -+hooks are run, and there is no password prompt. This command is useful only\n\ -+when run as the root user. If run as a non-root user without privilege\n\ -+to set user ID, the command will fail as the binary is not setuid.\n\ -+As %s doesn't run auth and account PAM hooks, it runs with lower overhead\n\ -+than su.\n\ -+\n\ -+ -, -l, --login make the shell a login shell, uses runuser-l\n\ -+ PAM file instead of default one\n\ -+ -g --group=group specify the primary group\n\ -+ -G --supp-group=group specify a supplemental group\n\ -+ -c, --command=COMMAND pass a single COMMAND to the shell with -c\n\ -+ --session-command=COMMAND pass a single COMMAND to the shell with -c\n\ -+ and do not create a new session\n\ -+ -f, --fast pass -f to the shell (for csh or tcsh)\n\ -+ -m, --preserve-environment do not reset environment variables\n\ -+ -p same as -m\n\ -+ -s, --shell=SHELL run SHELL if /etc/shells allows it\n\ -+"), program_name); -+#else - fputs (_("\ - Change the effective user id and group id to that of USER.\n\ - \n\ -@@ -651,6 +703,7 @@ Change the effective user id and group i - -p same as -m\n\ - -s, --shell=SHELL run SHELL if /etc/shells allows it\n\ - "), stdout); -+#endif - fputs (HELP_OPTION_DESCRIPTION, stdout); - fputs (VERSION_OPTION_DESCRIPTION, stdout); - fputs (_("\ -@@ -672,6 +725,12 @@ main (int argc, char **argv) - char *shell = NULL; - struct passwd *pw; - struct passwd pw_copy; -+#ifdef RUNUSER -+ struct group *gr; -+ gid_t groups[NGROUPS_MAX]; -+ int num_supp_groups = 0; -+ int use_gid = 0; -+#endif - - initialize_main (&argc, &argv); - set_program_name (argv[0]); -@@ -686,7 +745,11 @@ main (int argc, char **argv) - simulate_login = false; - change_environment = true; - -- while ((optc = getopt_long (argc, argv, "c:flmps:", longopts, NULL)) != -1) -+ while ((optc = getopt_long (argc, argv, "c:flmps:" -+#ifdef RUNUSER -+ "g:G:" -+#endif -+ , longopts, NULL)) != -1) - { - switch (optc) - { -@@ -716,6 +779,28 @@ main (int argc, char **argv) - shell = optarg; - break; - -+#ifdef RUNUSER -+ case 'g': -+ gr = getgrnam(optarg); -+ if (!gr) -+ error (EXIT_FAILURE, 0, _("group %s does not exist"), optarg); -+ use_gid = 1; -+ groups[0] = gr->gr_gid; -+ break; -+ -+ case 'G': -+ num_supp_groups++; -+ if (num_supp_groups >= NGROUPS_MAX) -+ error (EXIT_FAILURE, 0, -+ _("Can't specify more than %d supplemental groups"), -+ NGROUPS_MAX - 1); -+ gr = getgrnam(optarg); -+ if (!gr) -+ error (EXIT_FAILURE, 0, _("group %s does not exist"), optarg); -+ groups[num_supp_groups] = gr->gr_gid; -+ break; -+#endif -+ - case_GETOPT_HELP_CHAR; - - case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS); -@@ -754,7 +839,20 @@ main (int argc, char **argv) - : DEFAULT_SHELL); - endpwent (); - -- if (!correct_password (pw)) -+#ifdef RUNUSER -+ if (num_supp_groups && !use_gid) -+ { -+ pw->pw_gid = groups[1]; -+ memmove (groups, groups + 1, sizeof(gid_t) * num_supp_groups); -+ } -+ else if (use_gid) -+ { -+ pw->pw_gid = groups[0]; -+ num_supp_groups++; -+ } -+#endif -+ -+ if (CHECKPASSWD && !correct_password (pw)) - { - #ifdef SYSLOG_FAILURE - log_su (pw, false); -@@ -784,7 +882,11 @@ main (int argc, char **argv) - } - shell = xstrdup (shell ? shell : pw->pw_shell); - -- init_groups (pw); -+ init_groups (pw -+#ifdef RUNUSER -+ , groups, num_supp_groups -+#endif -+ ); - - #ifdef USE_PAM - create_watching_parent (); -diff -urNp coreutils-8.7-orig/tests/misc/help-version coreutils-8.7/tests/misc/help-version ---- coreutils-8.7-orig/tests/misc/help-version 2010-10-11 19:35:11.000000000 +0200 -+++ coreutils-8.7/tests/misc/help-version 2010-11-15 10:45:18.473682325 +0100 -@@ -32,6 +32,7 @@ expected_failure_status_nohup=125 - expected_failure_status_stdbuf=125 - expected_failure_status_su=125 - expected_failure_status_timeout=125 -+expected_failure_status_runuser=125 - expected_failure_status_printenv=2 - expected_failure_status_tty=3 - expected_failure_status_sort=2 -@@ -209,6 +210,7 @@ seq_setup () { args=10; } - sleep_setup () { args=0; } - su_setup () { args=--version; } - stdbuf_setup () { args="-oL true"; } -+runuser_setup () { args=--version; } - timeout_setup () { args=--version; } - - # I'd rather not run sync, since it spins up disks that I've -diff -urNp coreutils-8.7-orig/tests/misc/invalid-opt coreutils-8.7/tests/misc/invalid-opt ---- coreutils-8.7-orig/tests/misc/invalid-opt 2010-10-11 19:35:11.000000000 +0200 -+++ coreutils-8.7/tests/misc/invalid-opt 2010-11-15 10:45:46.451938873 +0100 -@@ -37,6 +37,7 @@ my %exit_status = - sort => 2, - stdbuf => 125, - su => 125, -+ runuser => 125, - test => 0, - timeout => 125, - true => 0, diff --git a/coreutils/patches/coreutils-i18n.patch b/coreutils/patches/coreutils-i18n.patch index 5b0d3b8..a5b9aaf 100644 --- a/coreutils/patches/coreutils-i18n.patch +++ b/coreutils/patches/coreutils-i18n.patch @@ -1,6 +1,6 @@ -diff -urNp coreutils-8.16-orig/lib/linebuffer.h coreutils-8.16/lib/linebuffer.h ---- coreutils-8.16-orig/lib/linebuffer.h 2012-01-06 10:14:31.000000000 +0100 -+++ coreutils-8.16/lib/linebuffer.h 2012-03-26 18:02:00.993889446 +0200 +diff -urNp coreutils-8.19-orig/lib/linebuffer.h coreutils-8.19/lib/linebuffer.h +--- coreutils-8.19-orig/lib/linebuffer.h 2012-01-06 10:14:31.000000000 +0100 ++++ coreutils-8.19/lib/linebuffer.h 2012-08-20 13:52:04.061593006 +0200 @@ -21,6 +21,11 @@
# include <stdio.h> @@ -23,9 +23,9 @@ diff -urNp coreutils-8.16-orig/lib/linebuffer.h coreutils-8.16/lib/linebuffer.h };
/* Initialize linebuffer LINEBUFFER for use. */ -diff -urNp coreutils-8.16-orig/src/cut.c coreutils-8.16/src/cut.c ---- coreutils-8.16-orig/src/cut.c 2012-03-24 21:26:51.000000000 +0100 -+++ coreutils-8.16/src/cut.c 2012-03-26 17:46:48.000000000 +0200 +diff -urNp coreutils-8.19-orig/src/cut.c coreutils-8.19/src/cut.c +--- coreutils-8.19-orig/src/cut.c 2012-07-21 16:54:31.000000000 +0200 ++++ coreutils-8.19/src/cut.c 2012-08-20 13:52:52.299593173 +0200 @@ -28,6 +28,11 @@ #include <assert.h> #include <getopt.h> @@ -376,7 +376,7 @@ diff -urNp coreutils-8.16-orig/src/cut.c coreutils-8.16/src/cut.c + break; + } + -+ if (wc == WEOF) ++ if (len <= 0 && wc == WEOF) + break; + + /* If the first field extends to the end of line (it is not @@ -633,9 +633,9 @@ diff -urNp coreutils-8.16-orig/src/cut.c coreutils-8.16/src/cut.c }
if (optind == argc) -diff -urNp coreutils-8.16-orig/src/expand.c coreutils-8.16/src/expand.c ---- coreutils-8.16-orig/src/expand.c 2012-03-24 21:26:51.000000000 +0100 -+++ coreutils-8.16/src/expand.c 2012-03-26 17:42:56.000000000 +0200 +diff -urNp coreutils-8.19-orig/src/expand.c coreutils-8.19/src/expand.c +--- coreutils-8.19-orig/src/expand.c 2012-07-21 16:54:31.000000000 +0200 ++++ coreutils-8.19/src/expand.c 2012-08-20 13:54:02.974621693 +0200 @@ -37,12 +37,29 @@ #include <stdio.h> #include <getopt.h> @@ -733,7 +733,7 @@ diff -urNp coreutils-8.16-orig/src/expand.c coreutils-8.16/src/expand.c + if (convert) + { + ++column; -+ if (convert_entire_line == 0) ++ if (convert_entire_line == 0 && !isblank(*bufpos)) + convert = 0; + } + putchar (*bufpos); @@ -793,7 +793,7 @@ diff -urNp coreutils-8.16-orig/src/expand.c coreutils-8.16/src/expand.c + + width = wcwidth (wc); + column += (width > 0) ? width : 0; -+ if (convert_entire_line == 0) ++ if (convert_entire_line == 0 && !iswblank(wc)) + convert = 0; + } + } @@ -823,9 +823,9 @@ diff -urNp coreutils-8.16-orig/src/expand.c coreutils-8.16/src/expand.c
if (have_read_stdin && fclose (stdin) != 0) error (EXIT_FAILURE, errno, "-"); -diff -urNp coreutils-8.16-orig/src/fold.c coreutils-8.16/src/fold.c ---- coreutils-8.16-orig/src/fold.c 2012-03-24 19:22:13.000000000 +0100 -+++ coreutils-8.16/src/fold.c 2012-03-26 17:48:37.000000000 +0200 +diff -urNp coreutils-8.19-orig/src/fold.c coreutils-8.19/src/fold.c +--- coreutils-8.19-orig/src/fold.c 2012-07-21 16:54:31.000000000 +0200 ++++ coreutils-8.19/src/fold.c 2012-08-20 13:52:04.066592980 +0200 @@ -22,12 +22,34 @@ #include <getopt.h> #include <sys/types.h> @@ -1223,9 +1223,9 @@ diff -urNp coreutils-8.16-orig/src/fold.c coreutils-8.16/src/fold.c break;
case 's': /* Break at word boundaries. */ -diff -urNp coreutils-8.16-orig/src/join.c coreutils-8.16/src/join.c ---- coreutils-8.16-orig/src/join.c 2012-03-24 21:26:51.000000000 +0100 -+++ coreutils-8.16/src/join.c 2012-03-26 17:50:02.000000000 +0200 +diff -urNp coreutils-8.19-orig/src/join.c coreutils-8.19/src/join.c +--- coreutils-8.19-orig/src/join.c 2012-07-21 16:54:31.000000000 +0200 ++++ coreutils-8.19/src/join.c 2012-08-20 13:52:04.069594876 +0200 @@ -22,18 +22,32 @@ #include <sys/types.h> #include <getopt.h> @@ -1701,9 +1701,9 @@ diff -urNp coreutils-8.16-orig/src/join.c coreutils-8.16/src/join.c break;
case NOCHECK_ORDER_OPTION: -diff -urNp coreutils-8.16-orig/src/pr.c coreutils-8.16/src/pr.c ---- coreutils-8.16-orig/src/pr.c 2012-03-24 21:26:51.000000000 +0100 -+++ coreutils-8.16/src/pr.c 2012-03-26 17:50:48.000000000 +0200 +diff -urNp coreutils-8.19-orig/src/pr.c coreutils-8.19/src/pr.c +--- coreutils-8.19-orig/src/pr.c 2012-07-21 16:54:31.000000000 +0200 ++++ coreutils-8.19/src/pr.c 2012-08-20 13:52:04.074593445 +0200 @@ -312,6 +312,32 @@
#include <getopt.h> @@ -2447,20 +2447,13 @@ diff -urNp coreutils-8.16-orig/src/pr.c coreutils-8.16/src/pr.c /* We've just printed some files and need to clean up things before looking for more options and printing the next batch of files.
-diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c ---- coreutils-8.17-orig/src/sort.c -+++ coreutils-8.17/src/sort.c -@@ -22,12 +22,21 @@ - - #include <config.h> - -+#include <assert.h> - #include <getopt.h> - #include <pthread.h> - #include <sys/resource.h> - #include <sys/types.h> +diff -urNp coreutils-8.19-orig/src/sort.c coreutils-8.19/src/sort.c +--- coreutils-8.19-orig/src/sort.c 2012-08-18 07:39:29.000000000 +0200 ++++ coreutils-8.19/src/sort.c 2012-08-20 13:52:04.079596072 +0200 +@@ -29,6 +29,14 @@ #include <sys/wait.h> #include <signal.h> + #include <assert.h> +#if HAVE_WCHAR_H +# include <wchar.h> +#endif @@ -2472,7 +2465,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c #include "system.h" #include "argmatch.h" #include "error.h" -@@ -167,12 +176,34 @@ static int thousands_sep; +@@ -166,12 +174,34 @@ static int thousands_sep;
/* Nonzero if the corresponding locales are hard. */ static bool hard_LC_COLLATE; @@ -2508,7 +2501,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c /* The kind of blanks for '-b' to skip in various options. */ enum blanktype { bl_start, bl_end, bl_both };
-@@ -343,13 +374,11 @@ static bool reverse; +@@ -345,13 +375,11 @@ static bool reverse; they were read if all keys compare equal. */ static bool stable;
@@ -2525,7 +2518,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c
/* Flag to remove consecutive duplicate lines from the output. Only the last of a sequence of equal lines will be output. */ -@@ -782,6 +811,46 @@ reap_all (void) +@@ -784,6 +812,46 @@ reap_all (void) reap (-1); }
@@ -2572,7 +2565,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c /* Clean up any remaining temporary files. */
static void -@@ -1214,7 +1283,7 @@ zaptemp (char const *name) +@@ -1224,7 +1292,7 @@ zaptemp (char const *name) free (node); }
@@ -2581,7 +2574,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c
static int struct_month_cmp (void const *m1, void const *m2) -@@ -1229,7 +1298,7 @@ struct_month_cmp (void const *m1, void c +@@ -1239,7 +1307,7 @@ struct_month_cmp (void const *m1, void c /* Initialize the character class tables. */
static void @@ -2590,7 +2583,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c { size_t i;
-@@ -1241,7 +1310,7 @@ inittables (void) +@@ -1251,7 +1319,7 @@ inittables (void) fold_toupper[i] = toupper (i); }
@@ -2599,7 +2592,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c /* If we're not in the "C" locale, read different names for months. */ if (hard_LC_TIME) { -@@ -1323,6 +1392,84 @@ specify_nmerge (int oi, char c, char con +@@ -1333,6 +1401,84 @@ specify_nmerge (int oi, char c, char con xstrtol_fatal (e, oi, c, long_options, s); }
@@ -2684,7 +2677,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c /* Specify the amount of main memory to use when sorting. */ static void specify_sort_size (int oi, char c, char const *s) -@@ -1551,7 +1698,7 @@ buffer_linelim (struct buffer const *buf +@@ -1565,7 +1711,7 @@ buffer_linelim (struct buffer const *buf by KEY in LINE. */
static char * @@ -2693,7 +2686,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c { char *ptr = line->text, *lim = ptr + line->length - 1; size_t sword = key->sword; -@@ -1560,10 +1707,10 @@ begfield (struct line const *line, struc +@@ -1574,10 +1720,10 @@ begfield (struct line const *line, struc /* The leading field separator itself is included in a field when -t is absent. */
@@ -2706,7 +2699,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c ++ptr; if (ptr < lim) ++ptr; -@@ -1589,11 +1736,70 @@ begfield (struct line const *line, struc +@@ -1603,11 +1749,70 @@ begfield (struct line const *line, struc return ptr; }
@@ -2778,7 +2771,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c { char *ptr = line->text, *lim = ptr + line->length - 1; size_t eword = key->eword, echar = key->echar; -@@ -1608,10 +1814,10 @@ limfield (struct line const *line, struc +@@ -1622,10 +1827,10 @@ limfield (struct line const *line, struc 'beginning' is the first character following the delimiting TAB. Otherwise, leave PTR pointing at the first 'blank' character after the preceding field. */ @@ -2791,7 +2784,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c ++ptr; if (ptr < lim && (eword || echar)) ++ptr; -@@ -1657,10 +1863,10 @@ limfield (struct line const *line, struc +@@ -1671,10 +1876,10 @@ limfield (struct line const *line, struc */
/* Make LIM point to the end of (one byte past) the current field. */ @@ -2804,7 +2797,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c if (newlim) lim = newlim; } -@@ -1691,6 +1897,130 @@ limfield (struct line const *line, struc +@@ -1705,6 +1910,130 @@ limfield (struct line const *line, struc return ptr; }
@@ -2935,7 +2928,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c /* Fill BUF reading from FP, moving buf->left bytes from the end of buf->buf to the beginning first. If EOF is reached and the file wasn't terminated by a newline, supply one. Set up BUF's line -@@ -1777,8 +2107,22 @@ fillbuf (struct buffer *buf, FILE *fp, c +@@ -1791,8 +2120,22 @@ fillbuf (struct buffer *buf, FILE *fp, c else { if (key->skipsblanks) @@ -2960,7 +2953,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c line->keybeg = line_start; } } -@@ -1899,7 +2243,7 @@ human_numcompare (char const *a, char co +@@ -1913,7 +2256,7 @@ human_numcompare (char const *a, char co hideously fast. */
static int @@ -2969,7 +2962,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c { while (blanks[to_uchar (*a)]) a++; -@@ -1909,6 +2253,25 @@ numcompare (char const *a, char const *b +@@ -1923,6 +2266,25 @@ numcompare (char const *a, char const *b return strnumcmp (a, b, decimal_point, thousands_sep); }
@@ -2995,7 +2988,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c /* Work around a problem whereby the long double value returned by glibc's strtold ("NaN", ...) contains uninitialized bits: clear all bytes of A and B before calling strtold. FIXME: remove this function once -@@ -1959,7 +2322,7 @@ general_numcompare (char const *sa, char +@@ -1973,7 +2335,7 @@ general_numcompare (char const *sa, char Return 0 if the name in S is not recognized. */
static int @@ -3004,7 +2997,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c { size_t lo = 0; size_t hi = MONTHS_PER_YEAR; -@@ -2234,15 +2597,14 @@ debug_key (struct line const *line, stru +@@ -2248,15 +2610,14 @@ debug_key (struct line const *line, stru char saved = *lim; *lim = '\0';
@@ -3022,7 +3015,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c else if (key->general_numeric) ignore_value (strtold (beg, &tighter_lim)); else if (key->numeric || key->human_numeric) -@@ -2386,7 +2748,7 @@ key_warnings (struct keyfield const *gke +@@ -2400,7 +2761,7 @@ key_warnings (struct keyfield const *gke bool maybe_space_aligned = !hard_LC_COLLATE && default_key_compare (key) && !(key->schar || key->echar); bool line_offset = key->eword == 0 && key->echar != 0; /* -k1.x,1.y */ @@ -3031,7 +3024,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c && ((!key->skipsblanks && !(implicit_skip || maybe_space_aligned)) || (!key->skipsblanks && key->schar) || (!key->skipeblanks && key->echar))) -@@ -2444,11 +2806,83 @@ key_warnings (struct keyfield const *gke +@@ -2458,11 +2819,83 @@ key_warnings (struct keyfield const *gke error (0, 0, _("option '-r' only applies to last-resort comparison")); }
@@ -3116,7 +3109,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c { struct keyfield *key = keylist;
-@@ -2533,7 +2967,7 @@ keycompare (struct line const *a, struct +@@ -2547,7 +2980,7 @@ keycompare (struct line const *a, struct else if (key->human_numeric) diff = human_numcompare (ta, tb); else if (key->month) @@ -3125,7 +3118,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c else if (key->random) diff = compare_random (ta, tlena, tb, tlenb); else if (key->version) -@@ -2649,6 +3083,180 @@ keycompare (struct line const *a, struct +@@ -2663,6 +3096,180 @@ keycompare (struct line const *a, struct return key->reverse ? -diff : diff; }
@@ -3306,7 +3299,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c /* Compare two lines A and B, returning negative, zero, or positive depending on whether A compares less than, equal to, or greater than B. */
-@@ -4109,7 +4717,7 @@ main (int argc, char **argv) +@@ -4158,7 +4765,7 @@ main (int argc, char **argv) initialize_exit_failure (SORT_FAILURE);
hard_LC_COLLATE = hard_locale (LC_COLLATE); @@ -3315,7 +3308,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c hard_LC_TIME = hard_locale (LC_TIME); #endif
-@@ -4130,6 +4738,29 @@ main (int argc, char **argv) +@@ -4179,6 +4786,29 @@ main (int argc, char **argv) thousands_sep = -1; }
@@ -3345,7 +3338,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c have_read_stdin = false; inittables ();
-@@ -4400,13 +5031,34 @@ main (int argc, char **argv) +@@ -4453,13 +5083,34 @@ main (int argc, char **argv)
case 't': { @@ -3384,7 +3377,7 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c else { /* Provoke with 'sort -txx'. Complain about -@@ -4417,9 +5069,12 @@ main (int argc, char **argv) +@@ -4470,9 +5121,12 @@ main (int argc, char **argv) quote (optarg)); } } @@ -3399,9 +3392,9 @@ diff -urNp coreutils-8.17-orig/src/sort.c coreutils-8.17/src/sort.c } break;
-diff -urNp coreutils-8.16-orig/src/unexpand.c coreutils-8.16/src/unexpand.c ---- coreutils-8.16-orig/src/unexpand.c 2012-03-24 21:26:51.000000000 +0100 -+++ coreutils-8.16/src/unexpand.c 2012-03-26 17:51:46.000000000 +0200 +diff -urNp coreutils-8.19-orig/src/unexpand.c coreutils-8.19/src/unexpand.c +--- coreutils-8.19-orig/src/unexpand.c 2012-07-21 16:54:31.000000000 +0200 ++++ coreutils-8.19/src/unexpand.c 2012-08-20 13:52:04.081596774 +0200 @@ -38,12 +38,29 @@ #include <stdio.h> #include <getopt.h> @@ -3655,9 +3648,9 @@ diff -urNp coreutils-8.16-orig/src/unexpand.c coreutils-8.16/src/unexpand.c
if (have_read_stdin && fclose (stdin) != 0) error (EXIT_FAILURE, errno, "-"); -diff -urNp coreutils-8.16-orig/src/uniq.c coreutils-8.16/src/uniq.c ---- coreutils-8.16-orig/src/uniq.c 2012-03-24 21:26:51.000000000 +0100 -+++ coreutils-8.16/src/uniq.c 2012-03-26 17:35:09.000000000 +0200 +diff -urNp coreutils-8.19-orig/src/uniq.c coreutils-8.19/src/uniq.c +--- coreutils-8.19-orig/src/uniq.c 2012-07-21 16:54:31.000000000 +0200 ++++ coreutils-8.19/src/uniq.c 2012-08-20 13:52:04.083502506 +0200 @@ -21,6 +21,16 @@ #include <getopt.h> #include <sys/types.h> @@ -4023,10 +4016,10 @@ diff -urNp coreutils-8.16-orig/src/uniq.c coreutils-8.16/src/uniq.c skip_chars = 0; skip_fields = 0; check_chars = SIZE_MAX; -diff -urNp coreutils-8.16-orig/tests/Makefile.am coreutils-8.16/tests/Makefile.am ---- coreutils-8.16-orig/tests/Makefile.am 2012-03-26 18:01:35.564014659 +0200 -+++ coreutils-8.16/tests/Makefile.am 2012-03-26 18:02:01.023015013 +0200 -@@ -242,6 +242,7 @@ TESTS = \ +diff -urNp coreutils-8.19-orig/tests/Makefile.am coreutils-8.19/tests/Makefile.am +--- coreutils-8.19-orig/tests/Makefile.am 2012-08-20 13:51:39.856841699 +0200 ++++ coreutils-8.19/tests/Makefile.am 2012-08-20 13:52:04.085491266 +0200 +@@ -247,6 +247,7 @@ TESTS = \ misc/sort-debug-warn \ misc/sort-discrim \ misc/sort-files0-from \ @@ -4034,7 +4027,7 @@ diff -urNp coreutils-8.16-orig/tests/Makefile.am coreutils-8.16/tests/Makefile.a misc/sort-float \ misc/sort-merge \ misc/sort-merge-fdlimit \ -@@ -537,6 +538,10 @@ TESTS = \ +@@ -551,6 +552,10 @@ TESTS = \ $(root_tests)
pr_data = \ @@ -4045,9 +4038,9 @@ diff -urNp coreutils-8.16-orig/tests/Makefile.am coreutils-8.16/tests/Makefile.a pr/0F \ pr/0FF \ pr/0FFnt \ -diff -urNp coreutils-8.16-orig/tests/misc/cut coreutils-8.16/tests/misc/cut ---- coreutils-8.16-orig/tests/misc/cut 2012-02-03 10:22:06.000000000 +0100 -+++ coreutils-8.16/tests/misc/cut 2012-03-26 17:40:49.000000000 +0200 +diff -urNp coreutils-8.19-orig/tests/misc/cut coreutils-8.19/tests/misc/cut +--- coreutils-8.19-orig/tests/misc/cut 2012-07-21 16:54:31.000000000 +0200 ++++ coreutils-8.19/tests/misc/cut 2012-08-20 13:52:04.086593767 +0200 @@ -23,14 +23,15 @@ use strict; # Turn off localization of executable's output. @ENV{qw(LANGUAGE LANG LC_ALL)} = ('C') x 3; @@ -4077,41 +4070,98 @@ diff -urNp coreutils-8.16-orig/tests/misc/cut coreutils-8.16/tests/misc/cut ['inval2', qw(-f -), {IN=>''}, {OUT=>''}, {EXIT=>1}, {ERR=>$no_endpoint}], ['inval3', '-f', '4,-', {IN=>''}, {OUT=>''}, {EXIT=>1}, {ERR=>$no_endpoint}], ['inval4', '-f', '1-2,-', {IN=>''}, {OUT=>''}, {EXIT=>1}, -diff -urNp coreutils-8.16-orig/tests/misc/mb1.I coreutils-8.16/tests/misc/mb1.I ---- coreutils-8.16-orig/tests/misc/mb1.I 1970-01-01 01:00:00.000000000 +0100 -+++ coreutils-8.16/tests/misc/mb1.I 2012-03-26 17:35:09.000000000 +0200 +diff -urNp coreutils-8.19-orig/tests/misc/expand coreutils-8.19/tests/misc/expand +--- coreutils-8.19-orig/tests/misc/expand 2012-07-21 16:54:31.000000000 +0200 ++++ coreutils-8.19/tests/misc/expand 2012-08-20 13:55:44.188467648 +0200 +@@ -23,6 +23,15 @@ use strict; + # Turn off localization of executable's output. + @ENV{qw(LANGUAGE LANG LC_ALL)} = ('C') x 3; + ++# uncommented according to upstream commit enabling multibyte paths ++my $mb_locale = $ENV{LOCALE_FR_UTF8}; ++! defined $mb_locale || $mb_locale eq 'none' ++ and $mb_locale = 'C'; ++ ++my $prog = 'expand'; ++my $try = "Try `$prog --help' for more information.\n"; ++my $inval = "$prog: invalid byte, character or field list\n$try"; ++ + my @Tests = + ( + ['t1', '--tabs=3', {IN=>"a\tb"}, {OUT=>"a b"}], +@@ -31,6 +40,37 @@ my @Tests = + ['i2', '--tabs=3 -i', {IN=>" \ta\tb"}, {OUT=>" a\tb"}], + ); + ++if ($mb_locale ne 'C') ++ { ++ # Duplicate each test vector, appending "-mb" to the test name and ++ # inserting {ENV => "LC_ALL=$mb_locale"} in the copy, so that we ++ # provide coverage for the distro-added multi-byte code paths. ++ my @new; ++ foreach my $t (@Tests) ++ { ++ my @new_t = @$t; ++ my $test_name = shift @new_t; ++ ++ # Depending on whether expand is multi-byte-patched, ++ # it emits different diagnostics: ++ # non-MB: invalid byte or field list ++ # MB: invalid byte, character or field list ++ # Adjust the expected error output accordingly. ++ if (grep {ref $_ eq 'HASH' && exists $_->{ERR} && $_->{ERR} eq $inval} ++ (@new_t)) ++ { ++ my $sub = {ERR_SUBST => 's/, character//'}; ++ push @new_t, $sub; ++ push @$t, $sub; ++ } ++ push @new, ["$test_name-mb", @new_t, {ENV => "LC_ALL=$mb_locale"}]; ++ } ++ push @Tests, @new; ++ } ++ ++ ++@Tests = triple_test @Tests; ++ + my $save_temps = $ENV{DEBUG}; + my $verbose = $ENV{VERBOSE}; + +diff -urNp coreutils-8.19-orig/tests/misc/mb1.I coreutils-8.19/tests/misc/mb1.I +--- coreutils-8.19-orig/tests/misc/mb1.I 1970-01-01 01:00:00.000000000 +0100 ++++ coreutils-8.19/tests/misc/mb1.I 2012-08-20 13:52:04.086593767 +0200 @@ -0,0 +1,4 @@ +Apple@10 +Banana@5 +Citrus@20 +Cherry@30 -diff -urNp coreutils-8.16-orig/tests/misc/mb1.X coreutils-8.16/tests/misc/mb1.X ---- coreutils-8.16-orig/tests/misc/mb1.X 1970-01-01 01:00:00.000000000 +0100 -+++ coreutils-8.16/tests/misc/mb1.X 2012-03-26 17:35:09.000000000 +0200 +diff -urNp coreutils-8.19-orig/tests/misc/mb1.X coreutils-8.19/tests/misc/mb1.X +--- coreutils-8.19-orig/tests/misc/mb1.X 1970-01-01 01:00:00.000000000 +0100 ++++ coreutils-8.19/tests/misc/mb1.X 2012-08-20 13:52:04.087526516 +0200 @@ -0,0 +1,4 @@ +Banana@5 +Apple@10 +Citrus@20 +Cherry@30 -diff -urNp coreutils-8.16-orig/tests/misc/mb2.I coreutils-8.16/tests/misc/mb2.I ---- coreutils-8.16-orig/tests/misc/mb2.I 1970-01-01 01:00:00.000000000 +0100 -+++ coreutils-8.16/tests/misc/mb2.I 2012-03-26 17:35:09.000000000 +0200 +diff -urNp coreutils-8.19-orig/tests/misc/mb2.I coreutils-8.19/tests/misc/mb2.I +--- coreutils-8.19-orig/tests/misc/mb2.I 1970-01-01 01:00:00.000000000 +0100 ++++ coreutils-8.19/tests/misc/mb2.I 2012-08-20 13:52:04.088593815 +0200 @@ -0,0 +1,4 @@ +Apple@AA10@@20 +Banana@AA5@@30 +Citrus@AA20@@5 +Cherry@AA30@@10 -diff -urNp coreutils-8.16-orig/tests/misc/mb2.X coreutils-8.16/tests/misc/mb2.X ---- coreutils-8.16-orig/tests/misc/mb2.X 1970-01-01 01:00:00.000000000 +0100 -+++ coreutils-8.16/tests/misc/mb2.X 2012-03-26 17:35:09.000000000 +0200 +diff -urNp coreutils-8.19-orig/tests/misc/mb2.X coreutils-8.19/tests/misc/mb2.X +--- coreutils-8.19-orig/tests/misc/mb2.X 1970-01-01 01:00:00.000000000 +0100 ++++ coreutils-8.19/tests/misc/mb2.X 2012-08-20 13:52:04.088593815 +0200 @@ -0,0 +1,4 @@ +Citrus@AA20@@5 +Cherry@AA30@@10 +Apple@AA10@@20 +Banana@AA5@@30 -diff -urNp coreutils-8.16-orig/tests/misc/sort-mb-tests coreutils-8.16/tests/misc/sort-mb-tests ---- coreutils-8.16-orig/tests/misc/sort-mb-tests 1970-01-01 01:00:00.000000000 +0100 -+++ coreutils-8.16/tests/misc/sort-mb-tests 2012-03-26 17:35:09.000000000 +0200 +diff -urNp coreutils-8.19-orig/tests/misc/sort-mb-tests coreutils-8.19/tests/misc/sort-mb-tests +--- coreutils-8.19-orig/tests/misc/sort-mb-tests 1970-01-01 01:00:00.000000000 +0100 ++++ coreutils-8.19/tests/misc/sort-mb-tests 2012-08-20 13:52:04.089593318 +0200 @@ -0,0 +1,58 @@ +#! /bin/sh +case $# in diff --git a/coreutils/patches/coreutils-ipfire-disabled-tests.patch b/coreutils/patches/coreutils-ipfire-disabled-tests.patch index 92b51c2..775e638 100644 --- a/coreutils/patches/coreutils-ipfire-disabled-tests.patch +++ b/coreutils/patches/coreutils-ipfire-disabled-tests.patch @@ -1,6 +1,6 @@ diff -Nur a/tests/Makefile.am b/tests/Makefile.am ---- a/tests/Makefile.am 2012-03-24 19:22:13.000000000 +0100 -+++ b/tests/Makefile.am 2012-04-28 15:42:22.861910633 +0200 +--- a/tests/Makefile.am 2012-08-18 08:02:47.000000000 +0200 ++++ b/tests/Makefile.am 2012-08-26 14:57:03.065516651 +0200 @@ -24,7 +24,6 @@
root_tests = \ @@ -9,15 +9,23 @@ diff -Nur a/tests/Makefile.am b/tests/Makefile.am cp/preserve-gid \ cp/special-bits \ cp/cp-mv-enotsup-xattr \ -@@ -195,7 +194,6 @@ +@@ -199,7 +198,6 @@ misc/groups-version \ misc/head-c \ misc/head-pos \ - misc/id-context \ misc/id-groups \ + misc/id-setgid \ misc/md5sum \ - misc/md5sum-bsd \ -@@ -408,12 +406,10 @@ +@@ -252,7 +250,6 @@ + misc/sort-merge \ + misc/sort-merge-fdlimit \ + misc/sort-month \ +- misc/sort-exit-early \ + misc/sort-rand \ + misc/sort-spinlock-abuse \ + misc/sort-stale-thread-mem \ +@@ -421,12 +418,10 @@ du/trailing-slash \ du/two-args \ id/gnu-zero-uids \ diff --git a/network/network.nm b/network/network.nm index 03816d7..9d4d5a5 100644 --- a/network/network.nm +++ b/network/network.nm @@ -6,7 +6,7 @@ name = network epoch = 1 version = 005 -release = 1.3 +release = 2 arch = noarch
maintainer = Michael Tremer michael.tremer@ipfire.org @@ -28,7 +28,7 @@ build install_cmds # Create some dummy configuration files. mkdir -pv %{BUILDROOT}%{sysconfdir}/{firewall,network} - touch %{BUILDROOT}%{sysconfdir}/network/{config,dns-servers} + touch %{BUILDROOT}%{sysconfdir}/network/{config,dns-servers,routes} end end
diff --git a/pdns-recursor/pdns-recursor.nm b/pdns-recursor/pdns-recursor.nm index aa22152..cbcaa2e 100644 --- a/pdns-recursor/pdns-recursor.nm +++ b/pdns-recursor/pdns-recursor.nm @@ -5,7 +5,7 @@
name = pdns-recursor version = 3.3 -release = 8 +release = 9
groups = Networking/DNS url = http://powerdns.com/ diff --git a/pdns-recursor/systemd/pdns-recursor.service b/pdns-recursor/systemd/pdns-recursor.service index 0d3c99a..095b595 100644 --- a/pdns-recursor/systemd/pdns-recursor.service +++ b/pdns-recursor/systemd/pdns-recursor.service @@ -3,7 +3,7 @@ Description=Power DNS Recursor Daemon After=network.target
[Service] -ExecStart=/usr/sbin/pdns_recursor --daemon=no +ExecStart=/usr/sbin/pdns_recursor --config-dir=/etc/pdns --daemon=no ExecStopPost=/bin/rm -f /run/pdns-recursor/pdns_recursor.pid ExecStopPost=/bin/rm -f /run/pdns-recursor/pdns_recursor.controlsocket Restart=on-failure diff --git a/sysvinit/patches/sysvinit-2.86-remove-utils-1.patch b/sysvinit/patches/sysvinit-2.86-remove-utils-1.patch index 8e6881d..e5a2182 100644 --- a/sysvinit/patches/sysvinit-2.86-remove-utils-1.patch +++ b/sysvinit/patches/sysvinit-2.86-remove-utils-1.patch @@ -26,19 +26,19 @@ -USRBIN += utmpdump wall -MAN1 += mountpoint.1 wall.1 -MAN8 += sulogin.8 bootlogd.8 -+SBIN += sulogin -+USRBIN += utmpdump ++SBIN += ++USRBIN += +MAN1 += mountpoint.1 -+MAN8 += sulogin.8 ++MAN8 += endif
ifeq ($(DISTRO),Debian) BIN += mountpoint -SBIN += sulogin bootlogd -+SBIN += sulogin ++SBIN += MAN1 += mountpoint.1 -MAN8 += sulogin.8 bootlogd.8 -+MAN8 += sulogin.8 ++MAN8 += endif
ifeq ($(DISTRO),Owl) diff --git a/sysvinit/sysvinit.nm b/sysvinit/sysvinit.nm index 5627f76..637b564 100644 --- a/sysvinit/sysvinit.nm +++ b/sysvinit/sysvinit.nm @@ -5,7 +5,7 @@
name = sysvinit version = 2.86 -release = 4 +release = 5
groups = System/Base url = https://alioth.debian.org/projects/pkg-sysvinit/ @@ -13,7 +13,7 @@ license = GPLv2+ summary = Programs which control basic system processes.
description - The sysvinit package contains a group of processes that control \ + The sysvinit package contains a group of processes that control the very basic functions of your system. end
diff --git a/util-linux/pam.d/su b/util-linux/pam.d/su new file mode 100644 index 0000000..85e67a8 --- /dev/null +++ b/util-linux/pam.d/su @@ -0,0 +1,12 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +# Uncomment the following line to implicitly trust users in the "wheel" group. +#auth sufficient pam_wheel.so trust use_uid +# Uncomment the following line to require a user to be in the "wheel" group. +#auth required pam_wheel.so use_uid +auth include system-auth +account sufficient pam_succeed_if.so uid = 0 use_uid quiet +account include system-auth +password include system-auth +session include system-auth +session optional pam_xauth.so diff --git a/util-linux/pam.d/su-l b/util-linux/pam.d/su-l new file mode 100644 index 0000000..656a139 --- /dev/null +++ b/util-linux/pam.d/su-l @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth include su +account include su +password include su +session optional pam_keyinit.so force revoke +session include su diff --git a/util-linux/util-linux.nm b/util-linux/util-linux.nm index 040c415..676683d 100644 --- a/util-linux/util-linux.nm +++ b/util-linux/util-linux.nm @@ -4,9 +4,9 @@ ###############################################################################
name = util-linux -major_ver = 2.21 +major_ver = 2.22 version = %{major_ver} -release = 4 +release = 1
groups = System/Base url = http://kernel.org/~kzak/util-linux/ @@ -25,12 +25,14 @@ source_dl = ftp://ftp.kernel.org/pub/linux/utils/util-linux/v%{major_ver}/ build requires audit-devel + coreutils >= 8.19 gettext libcap-devel libselinux-devel libsepol-devel ncurses-devel pam-devel + libudev-devel zlib-devel end
@@ -40,14 +42,18 @@ build -D_FILE_OFFSET_BITS=64
configure_options += \ + --with-systemdsystemunitdir=%{unitdir} \ --disable-wall \ + --enable-eject \ --enable-kill \ - --enable-login-utils \ --enable-partx \ --enable-write \ + --enable-su \ + --enable-socket-activation \ --enable-libmount-mount \ --with-selinux \ --with-audit \ + --with-udev \ --disable-makeinstall-chown \ --disable-static
@@ -63,8 +69,10 @@ build
install_cmds mkdir -pv \ + %{BUILDROOT}/var/lib/libuuid \ %{BUILDROOT}/var/lib/hwclock \ %{BUILDROOT}/usr/share/man/man8 \ + %{BUILDROOT}/run/uuidd \ %{BUILDROOT}/var/log
install -m 755 %{DIR_APP}/nologin %{BUILDROOT}%{sbindir} @@ -85,6 +93,10 @@ build setcap CAP_DAC_OVERRIDE,CAP_SYS_ADMIN=ep %{BUILDROOT}%{bindir}/mount chmod -v -s %{BUILDROOT}%{bindir}/umount setcap CAP_DAC_OVERRIDE,CAP_SYS_ADMIN=ep %{BUILDROOT}%{bindir}/umount + + # su (set right capabilities) + chmod -v u-s %{BUILDROOT}%{bindir}/su + setcap cap_setgid,cap_setuid+ep %{BUILDROOT}%{bindir}/su end end
@@ -97,10 +109,13 @@ packages end
provides + eject = %{thisver} /bin/dmesg + /bin/eject /bin/kill /bin/more /bin/mount + /bin/su /bin/umount /sbin/blkid /sbin/blockdev @@ -109,10 +124,14 @@ packages /sbin/nologin end
- obsoletes = util-linux-ng + obsoletes + util-linux-ng + eject <= 2.1.5 + end
conflicts filesystem < 002 + coreutils < 8.19 setup < 3.0-2 util-linux-ng sysvinit <= 2.86-2 @@ -169,6 +188,10 @@ packages part of util-linux. end
+ requires + uuidd=%{thisver} + end + conflicts = filesystem < 002
files @@ -217,6 +240,53 @@ packages end end
+ package uuidd + summary = Helper daemon to guarantee uniqueness of time-based UUIDs. + description + The uuidd package contains a userspace daemon (uuidd) which guarantees + uniqueness of time-based UUID generation even at very high rates on + SMP systems. + end + + groups += Base + + files + %{sbindir}/uuidd + %{mandir}/man8/uuidd.8* + %{sharedstatedir}/libuuid + %{unitdir}/uuidd* + /run/uuidd + end + + prerequires += shadow-utils + + script prein + getent group uuidd >/dev/null || groupadd -r uuidd + getent passwd uuidd >/dev/null || \ + useradd -r -g uuidd -d %{sharedstatedir}/libuuid -s /sbin/nologin \ + -c "UUID generator helper daemon" uuidd + end + + script postin + systemctl daemon-reload >/dev/null 2>&1 || : + systemctl enable uuidd.service >/dev/null 2>&1 || : + end + + script preun + systemctl --no-reload disable uuidd.service >/dev/null 2>&1 || : + systemctl stop uuidd.service >/dev/null 2>&1 || : + end + + script postun + systemctl daemon-reload >/dev/null 2>&1 || : + end + + script postup + systemctl daemon-reload >/dev/null 2>&1 || : + systemctl try-restart uuidd.service >/dev/null 2>&1 || : + end + end + package %{name}-debuginfo template DEBUGINFO end
hooks/post-receive -- IPFire 3.x development tree