Summary: Utilities for managing accounts and shadow password files

Name: shadow-utils

Version: 4.6

Release: 12%{?dist}

Epoch: 2

URL: http://pkg-shadow.alioth.debian.org/

Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz

Source1: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz.asc

Source2: shadow-utils.useradd

Source3: shadow-utils.login.defs

Source4: shadow-bsd.txt

Source5: https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt

Patch0: shadow-4.6-redhat.patch

Patch1: shadow-4.6-goodname.patch

Patch2: shadow-4.1.5.1-info-parent-dir.patch

Patch6: shadow-4.6-selinux.patch

Patch10: shadow-4.6-orig-context.patch

Patch11: shadow-4.1.5.1-logmsg.patch

Patch14: shadow-4.1.5.1-default-range.patch

Patch15: shadow-4.6-manfix.patch

Patch17: shadow-4.1.5.1-userdel-helpfix.patch

Patch19: shadow-4.2.1-date-parsing.patch

Patch21: shadow-4.6-move-home.patch

Patch22: shadow-4.6-audit-update.patch

Patch23: shadow-4.5-usermod-unlock.patch

Patch24: shadow-4.2.1-no-lock-dos.patch

Patch28: shadow-4.3.1-selinux-perms.patch

Patch29: shadow-4.2.1-null-tm.patch

Patch31: shadow-4.6-getenforce.patch

Patch32: shadow-4.5-crypt_h.patch

Patch33: shadow-4.5-long-entry.patch

Patch34: shadow-4.6-usermod-crash.patch

Patch35: shadow-4.6-coverity.patch

Patch36: shadow-4.6-use-itstool.patch

Patch37: shadow-4.6-sssd-flush.patch

Patch38: shadow-4.6-sysugid-min-limit.patch

Patch39: shadow-4.6-chgrp-guard.patch

Patch40: shadow-4.6-ignore-login-prompt.patch

Patch41: shadow-4.6-use-lckpwdf.patch

# Upstreamed

Patch42: shadow-4.6-regular-user.patch

# Upstreamed

Patch43: shadow-4.6-home_mode-directive.patch

# Upstreamed

Patch44: shadow-4.6-check-local-groups.patch

# https://github.com/shadow-maint/shadow/commit/e84df9e163e133eb11a2728024ff3e3440592cf8

Patch45: shadow-4.6-sssd-redirect-warning.patch

License: BSD and GPLv2+

Group: System Environment/Base

BuildRequires: gcc

BuildRequires: libselinux-devel >= 1.25.2-1

BuildRequires: audit-libs-devel >= 1.6.5

BuildRequires: libsemanage-devel

BuildRequires: libacl-devel, libattr-devel

BuildRequires: bison, flex, docbook-style-xsl, docbook-dtds

BuildRequires: autoconf, automake, libtool, gettext-devel

BuildRequires: /usr/bin/xsltproc, /usr/bin/itstool

Requires: libselinux >= 1.25.2-1

Requires: audit-libs >= 1.6.5

Requires: setup

Requires(pre): coreutils

Requires(post): coreutils

Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

%description

The shadow-utils package includes the necessary programs for

converting UNIX password files to the shadow password format, plus

programs for managing user and group accounts. The pwconv command

converts passwords to the shadow password format. The pwunconv command

unconverts shadow passwords and generates a passwd file (a standard

UNIX password file). The pwck command checks the integrity of password

and shadow files. The lastlog command prints out the last login times

for all users. The useradd, userdel, and usermod commands are used for

managing user accounts. The groupadd, groupdel, and groupmod commands

are used for managing group accounts.

%prep

%setup -q -n shadow-%{version}

%patch0 -p1 -b .redhat

%patch1 -p1 -b .goodname

%patch2 -p1 -b .info-parent-dir

%patch6 -p1 -b .selinux

%patch10 -p1 -b .orig-context

%patch11 -p1 -b .logmsg

%patch14 -p1 -b .default-range

%patch15 -p1 -b .manfix

%patch17 -p1 -b .userdel

%patch19 -p1 -b .date-parsing

%patch21 -p1 -b .move-home

%patch22 -p1 -b .audit-update

%patch23 -p1 -b .unlock

%patch24 -p1 -b .no-lock-dos

%patch28 -p1 -b .selinux-perms

%patch29 -p1 -b .null-tm

%patch31 -p1 -b .getenforce

%patch32 -p1 -b .crypt_h

%patch33 -p1 -b .long-entry

%patch34 -p1 -b .usermod-crash

%patch35 -p1 -b .coverity

%patch36 -p1 -b .use-itstool

%patch37 -p1 -b .sssd-flush

%patch38 -p1 -b .sysugid-min-limit

%patch39 -p1 -b .chgrp-guard

%patch40 -p1 -b .login-prompt

%patch41 -p1 -b .use-lckpwdf

%patch42 -p1 -b .regular-user

%patch43 -p1 -b .home_mode-directive

%patch44 -p1 -b .check-local-groups

%patch45 -p1 -b .sssd-redirect-warning

iconv -f ISO88591 -t utf-8  doc/HOWTO > doc/HOWTO.utf8

cp -f doc/HOWTO.utf8 doc/HOWTO

cp -a %{SOURCE4} %{SOURCE5} .

# Force regeneration of getdate.c

rm libmisc/getdate.c

%build

%ifarch sparc64

#sparc64 need big PIE

export CFLAGS="$RPM_OPT_FLAGS -fPIE"

export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"

%else

export CFLAGS="$RPM_OPT_FLAGS -fpie"

export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now"

%endif

autoreconf

%configure \

        --enable-shadowgrp \

        --enable-man \

        --with-audit \

        --with-sha-crypt \

        --with-selinux \

        --without-libcrack \

        --without-libpam \

        --disable-shared \

        --with-group-name-max-length=32

%make_build

%install

rm -rf $RPM_BUILD_ROOT

%make_install gnulocaledir=$RPM_BUILD_ROOT/%{_datadir}/locale MKINSTALLDIRS=`pwd`/mkinstalldirs

install -d -m 755 $RPM_BUILD_ROOT/%{_sysconfdir}/default

install -p -c -m 0644 %{SOURCE3} $RPM_BUILD_ROOT/%{_sysconfdir}/login.defs

install -p -c -m 0600 %{SOURCE2} $RPM_BUILD_ROOT/%{_sysconfdir}/default/useradd

ln -s useradd $RPM_BUILD_ROOT%{_sbindir}/adduser

ln -s useradd.8 $RPM_BUILD_ROOT/%{_mandir}/man8/adduser.8

for subdir in $RPM_BUILD_ROOT/%{_mandir}/{??,??_??,??_??.*}/man* ; do

        test -d $subdir && test -e $subdir/useradd.8 && echo ".so man8/useradd.8" > $subdir/adduser.8

done

# Remove binaries we don't use.

rm $RPM_BUILD_ROOT/%{_bindir}/chfn

rm $RPM_BUILD_ROOT/%{_bindir}/chsh

rm $RPM_BUILD_ROOT/%{_bindir}/expiry

rm $RPM_BUILD_ROOT/%{_bindir}/groups

rm $RPM_BUILD_ROOT/%{_bindir}/login

rm $RPM_BUILD_ROOT/%{_bindir}/passwd

rm $RPM_BUILD_ROOT/%{_bindir}/su

rm $RPM_BUILD_ROOT/%{_bindir}/faillog

rm $RPM_BUILD_ROOT/%{_sysconfdir}/login.access

rm $RPM_BUILD_ROOT/%{_sysconfdir}/limits

rm $RPM_BUILD_ROOT/%{_sbindir}/logoutd

rm $RPM_BUILD_ROOT/%{_sbindir}/nologin

rm $RPM_BUILD_ROOT/%{_mandir}/man1/chfn.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/chfn.*

rm $RPM_BUILD_ROOT/%{_mandir}/man1/chsh.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/chsh.*

rm $RPM_BUILD_ROOT/%{_mandir}/man1/expiry.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/expiry.*

rm $RPM_BUILD_ROOT/%{_mandir}/man1/groups.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/groups.*

rm $RPM_BUILD_ROOT/%{_mandir}/man1/login.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/login.*

rm $RPM_BUILD_ROOT/%{_mandir}/man1/passwd.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/passwd.*

rm $RPM_BUILD_ROOT/%{_mandir}/man1/su.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man1/su.*

rm $RPM_BUILD_ROOT/%{_mandir}/man5/limits.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man5/limits.*

rm $RPM_BUILD_ROOT/%{_mandir}/man5/login.access.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man5/login.access.*

rm $RPM_BUILD_ROOT/%{_mandir}/man5/passwd.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man5/passwd.*

rm $RPM_BUILD_ROOT/%{_mandir}/man5/porttime.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man5/porttime.*

rm $RPM_BUILD_ROOT/%{_mandir}/man5/suauth.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man5/suauth.*

rm $RPM_BUILD_ROOT/%{_mandir}/man8/logoutd.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/logoutd.*

rm $RPM_BUILD_ROOT/%{_mandir}/man8/nologin.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/nologin.*

rm $RPM_BUILD_ROOT/%{_mandir}/man3/getspnam.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man3/getspnam.*

rm $RPM_BUILD_ROOT/%{_mandir}/man5/faillog.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man5/faillog.*

rm $RPM_BUILD_ROOT/%{_mandir}/man8/faillog.*

rm $RPM_BUILD_ROOT/%{_mandir}/*/man8/faillog.*

find $RPM_BUILD_ROOT%{_mandir} -depth -type d -empty -delete

%find_lang shadow

for dir in $(ls -1d $RPM_BUILD_ROOT%{_mandir}/{??,??_??}) ; do

    dir=$(echo $dir | sed -e "s|^$RPM_BUILD_ROOT||")

    lang=$(basename $dir)

#   echo "%%lang($lang) $dir" >> shadow.lang

#   echo "%%lang($lang) $dir/man*" >> shadow.lang

    echo "%%lang($lang) $dir/man*/*" >> shadow.lang

done

%files -f shadow.lang

%doc NEWS doc/HOWTO README

%{!?_licensedir:%global license %%doc}

%license gpl-2.0.txt shadow-bsd.txt

%attr(0644,root,root)   %config(noreplace) %{_sysconfdir}/login.defs

%attr(0644,root,root)   %config(noreplace) %{_sysconfdir}/default/useradd

%{_bindir}/sg

%attr(4755,root,root) %{_bindir}/chage

%attr(4755,root,root) %{_bindir}/gpasswd

%{_bindir}/lastlog

%attr(4755,root,root) %{_bindir}/newgrp

%attr(0755,root,root) %caps(cap_setgid=ep) %{_bindir}/newgidmap

%attr(0755,root,root) %caps(cap_setuid=ep) %{_bindir}/newuidmap

%{_sbindir}/adduser

%attr(0755,root,root)   %{_sbindir}/user*

%attr(0755,root,root)   %{_sbindir}/group*

%{_sbindir}/grpck

%{_sbindir}/pwck

%{_sbindir}/*conv

%{_sbindir}/chpasswd

%{_sbindir}/chgpasswd

%{_sbindir}/newusers

%{_sbindir}/vipw

%{_sbindir}/vigr

%{_mandir}/man1/chage.1*

%{_mandir}/man1/gpasswd.1*

%{_mandir}/man1/sg.1*

%{_mandir}/man1/newgrp.1*

%{_mandir}/man1/newgidmap.1*

%{_mandir}/man1/newuidmap.1*

%{_mandir}/man3/shadow.3*

%{_mandir}/man5/shadow.5*

%{_mandir}/man5/login.defs.5*

%{_mandir}/man5/gshadow.5*

%{_mandir}/man5/subuid.5*

%{_mandir}/man5/subgid.5*

%{_mandir}/man8/adduser.8*

%{_mandir}/man8/group*.8*

%{_mandir}/man8/user*.8*

%{_mandir}/man8/pwck.8*

%{_mandir}/man8/grpck.8*

%{_mandir}/man8/chpasswd.8*

%{_mandir}/man8/chgpasswd.8*

%{_mandir}/man8/newusers.8*

%{_mandir}/man8/*conv.8*

%{_mandir}/man8/lastlog.8*

%{_mandir}/man8/vipw.8*

%{_mandir}/man8/vigr.8*

%changelog

* Fri Oct 23 2020 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.6-12

- lib/sssd: redirect warning message to file (#1749001)

- useradd: clarify valid usernames/groupnames (#1869432)

- login.defs: link login specific information to its own package (#1804766)

* Fri Aug  7 2020 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.6-11

- change UMASK value and add HOME_MODE in login.defs (#1777718)

* Tue May  5 2020 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.6-10

- check only local groups when adding new supplementary groups to a user

* Fri Apr 17 2020 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.6-9

- do not mistake a regular user process for a namespaced one (#1788696)

- add HOME_MODE support in login.defs (#1777718)

* Fri Jun  7 2019 Tomáš Mráz <tmraz@redhat.com> - 2:4.6-8

- properly audit group password change

- do not add uid of a new (not yet added) user to the audit message

- use lckpwdf() again to disable concurrent edits of databases by

  other applications

- clarify chage manual page in regards to shadow and passwd

  inconsistency

- fix minor issues in groupadd and login.defs manual pages

- Ignore LOGIN_PLAIN_PROMPT variable in login.defs

- force regeneration of getdate.c otherwise the date parsing fix

  is not applied

* Tue Dec 18 2018 Tomáš Mráz <tmraz@redhat.com> - 2:4.6-7

- usermod: guard against unsafe change of ownership of

  special home directories

* Fri Nov 30 2018 Tomáš Mráz <tmraz@redhat.com> - 2:4.6-6

- drop trailing space from login.defs ENCRYPT_METHOD setting

* Mon Nov 19 2018 Tomáš Mráz <tmraz@redhat.com> - 2:4.6-5

- use cap_setxid file capabilities for newxidmap instead of making them setuid

- limit the SYS_U/GID_MIN value to 1 as the algorithm does not work with 0

  and the 0 is always used by root anyway

- manual page improvements

- flush sssd caches - patch by Jakub Hrozek

* Fri Oct 12 2018 Tomáš Mráz <tmraz@redhat.com> - 2:4.6-4

- fix some issues from Coverity scan

* Tue Jul 31 2018 Tomáš Mráz <tmraz@redhat.com> - 2:4.6-2

- use itstool instead of xml2po

* Tue Jul 31 2018 Tomáš Mráz <tmraz@redhat.com> - 2:4.6-1

- Update to current upstream release 4.6

- Raise limit for passwd and shadow entry length but also prevent

  writing longer entries (#1422497)

* Tue Feb 06 2018 Björn Esser <besser82@fedoraproject.org> - 2:4.5-9

- Add patch to include crypt.h, if present

- Use %%make_{build,install} macros

- Refresh other patches for proper alignment

* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 2:4.5-8

- Rebuilt for switch to libxcrypt

* Mon Nov  6 2017 Tomáš Mráz <tmraz@redhat.com> - 2:4.5-7

- fix regression caused by the userdel-chroot patch (#1509978)

* Thu Nov  2 2017 Tomáš Mráz <tmraz@redhat.com> - 2:4.5-6

- fix userdel in chroot (#1316168)

- add useful chage -E example to chage manpage

* Fri Sep 15 2017 Tomáš Mráz <tmraz@redhat.com> - 2:4.5-5

- do not allow "." and ".." user names

* Mon Aug 14 2017 Tomáš Mráz <tmraz@redhat.com> - 2:4.5-4

- allow switching to secondary group without checking the membership

  explicitly (patch from upstream)

* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2:4.5-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2:4.5-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

* Fri Jul 21 2017 Tomáš Mráz <tmraz@redhat.com> - 2:4.5-1

- update to current upstream release 4.5

* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2:4.3.1-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

* Thu Aug 25 2016 Tomáš Mráz <tmraz@redhat.com> - 2:4.3.1-2

- fix regression in useradd - not processing defaults properly (#1369979)

* Tue Aug 23 2016 Tomáš Mráz <tmraz@redhat.com> - 2:4.3.1-1

- new upstream release fixing low impact security issue

* Tue Jun 14 2016 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-11

- guard for localtime() and gmtime() failure

* Mon May 30 2016 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-10

- chpasswd, chgpasswd: open audit when starting

* Thu May 26 2016 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-9

- chgpasswd: do not remove it

- chpasswd, chgpasswd: add selinux_check_access call (#1336902)

* Thu Mar 17 2016 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-8

- userdel: fix userdel -f with /etc/subuid present (#1316168)

* Tue Feb  9 2016 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-7

- usermod: properly return error during password manipulation

* Wed Feb  3 2016 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-6

- add possibility to clear or set lastlog record for user via lastlog

* Fri Jan  8 2016 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-5

- do not use obscure permissions for binaries

- remove unused commands from login.defs(5) cross-reference

* Fri Nov  6 2015 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-4

- document that groupmems is not setuid root

- document that expiration of the password after inactivity period

  locks the user account completely

* Thu Aug 27 2015 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-3

- unlock also passwords locked with passwd -l

- prevent breaking user entry by entering a password containing colon

- fix possible DoS when locking the database files for update

- properly use login.defs from the chroot in useradd

* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:4.2.1-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

* Wed Nov 26 2014 Tomáš Mráz <tmraz@redhat.com> - 2:4.2.1-1

- new upstream release with support for subordinate uids and gids

* Tue Nov 25 2014 Tomáš Mráz <tmraz@redhat.com> - 2:4.1.5.1-22

- small adjustments to the audit patch

* Fri Oct 17 2014 Tomáš Mráz <tmraz@redhat.com> - 2:4.1.5.1-21

- update auditing to cover more events and fix some incorrect audit

  records - patch by Steve Grubb (#1151580)

- apply the same new allocation algorithm to uids as for gids

* Wed Sep 10 2014 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-20

- discard obsolete matchpathcon cache after semanage_commit()

* Tue Sep  9 2014 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-19

- disallow all-numeric user and group names (#1139318)

* Fri Aug 29 2014 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-18

- label the newly created home dir correctly (#1077809)

- mention that chage -d 0 forces password change (#1135010)

- improve date parsing and error detecting in chage

- avoid full group database scanning in newgrp in most common case

- report error if usermod asked for moving homedir and it does not exist

* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:4.1.5.1-17

- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

* Tue Aug  5 2014 Tom Callaway <spot@fedoraproject.org> - 2:4.1.5.1-16

- fix license handling

* Mon Jul 14 2014 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-15

- revert the last change as it is not really needed

* Thu Jul 10 2014 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-14

- put system users and groups into /usr/lib/{passwd,group} if

  the files exist and SHADOW_USE_USRLIB environment variable is set

  Patch by Colin Walters

* Mon Jun 30 2014 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-13

- ignore getgrgid() errors for now

* Mon Jun 30 2014 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-12

- improve group allocation algorithm - patch by Stephen Gallager (#1089738)

* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:4.1.5.1-11

- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

* Wed Feb 12 2014 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-10

- clean up login.defs manpage

- properly document userdel -f behavior

* Fri Oct 18 2013 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-9

- document that the directory where user's home is created must exist

* Thu Jul 25 2013 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-8

- slightly more meaningful error messages if crypt() returns NULL (#988184)

- explicit suid permissions

* Fri Jul 19 2013 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-7

- fix useradd man page bugs

* Fri Jun 14 2013 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-6

- report error to stdout when SELinux context for home directory

  cannot be determined (#973647)

- audit the changing home directory owner (#885797)

- do not set the default SELinux MLS range (#852676)

* Tue Mar 19 2013 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-5

- improve the failure syslog message in useradd (#830617)

* Wed Feb 20 2013 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-4

- keep the original context if matchpathcon() fails (#912399)

* Tue Jan 29 2013 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-3

- fix bugs in merge_group_entries()

* Fri Jan 11 2013 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-2

- /etc/default is owned by glibc-common now (#894194)

* Wed Sep 19 2012 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-1

- new upstream version

- use the original file permissions when creating backup (#853102)

* Wed Jul 25 2012 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.5-5

- make /etc/default/useradd world-readable (#835137)

* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:4.1.5-4

- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Mon Jun 18 2012 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.5-3

- pwconv/grpconv skipped 2nd of consecutive failures (#832995)

* Thu Mar 22 2012 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.5-2

- fix selinux context handling

- reset selinux context on files copied from skel

* Mon Mar 19 2012 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.5-1

- upgrade

* Tue Feb 07 2012 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-14

- compile with PIE and RELRO flags (#784349)

* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:4.1.4.3-13

- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

* Tue Dec 20 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-12

- fix leaks in .IDs patch (#734340)

* Wed Nov 16 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-11

- free memory associated with SELinux security contexts

* Wed Nov 09 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-10

- replace semanage call by library call

- useradd man page (#739147)

* Tue Aug 02 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-9

- man page adjustment (userdel -Z)

* Tue Aug 02 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-8

- fixing semanage issue (#701355)

* Fri Jul 22 2011 Miloslav Trmač <mitr@redhat.com> - 2:4.1.4.3-7

- Make sure /etc/login.defs is not changed on upgrades from Fedora 1[345].

* Wed Jun 29 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-6

- man page fixes (#696213 #674878)

* Tue Jun 28 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-5

- userdel option to remove Linux login <-> SELinux login mapping (#639900)

- useradd special exit value if SELinux user mapping is invalid (#639975)

- usermod special exit value if SELinux user mapping is invalid (#639976)

* Mon Jun 27 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-4

- refer to PAM in /etc/login.defs (#629277)

* Mon Jun 06 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-3

- fix shadow-4.1.4.2-underflow.patch

* Tue May 31 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-2

- fix integer underflow in laslog (#706321)

* Fri May 20 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-1

- upgrade

- change UID/GID_MIN to #1000

- fix find_new_uid/gid for big UID/GID_MAX

* Wed Feb 09 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-11

- useradd man page (-m option)

- create home directory on fs with noacl

- remove faillog app (pam_tally.so is no longer shipped)

  Resolves: #523265, #622320

* Tue Feb 01 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-10

- do not use  gshadow functions from glibc, there is a bug

  in glibc sgetsgent(#674361)

  Resolves: #674234

* Wed Jan 05 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-9

- fix gshadow functions from shadow utils

- make shadow utils use gshadow functions from glibc

  Resolves: #665780

* Tue Jul 20 2010 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-8

- fix pwck/grpck hang

  Resolves: #586322

* Mon Jun 14 2010 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-7

- fix integer underflow in faillog (#603683)

- use preferred GID for reserved static IDs

* Thu Apr 29 2010 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-6

- preserve ACL's on files in /etc/skel

  Resolves: #513055

* Wed Apr 28 2010 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-5

- newusers man page more informative

- userdel should not need to run semanage

  Resolves: #586330 #586408

* Thu Apr 01 2010 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-4

- fix man directories ownership (#569418)

* Fri Mar 26 2010 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-3

- max group name length set to 32 characters

* Wed Nov 18 2009 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-2

- apply patches{1,2,3}

- enable SHA512 in /etc/login.defs

* Mon Sep 07 2009 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.2-1

- upgrade

* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 2:4.1.4.1-7

- rebuilt with new audit

* Wed Aug 05 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.4.1-6

- increase threshold for uid/gid reservations to 200 (#515667)

* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2:4.1.4.1-5

- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

* Thu Jul 16 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.4.1-4

- fix a list of owned directories (#510366)

* Thu Jul 16 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.4.1-3

- reduce the reuse of system IDs

* Wed Jul 15 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.4.1-2

- speed up sys users look up on LDAP boxes (#511813)

* Tue Jun 16 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.4.1-1

- upgrade

* Fri May 15 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.4-1

- upgrade

* Wed Apr 22 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.3.1-2

- lastlog fix

* Fri Apr 17 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.3.1-1

- upgrade

* Tue Apr 14 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.3-2

- get "-n" option back

- fix selinux issues

* Tue Apr 14 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.3-1

- upgrade

* Tue Mar 24 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-12

- don not allow UID/GID = 4294967295 (#484040)

* Mon Jan 19 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-11

- fix license tag (#226416)

- get rid of tabs in spec file (#226416)

- convert HOWTO to UTF8 (#226416)

* Mon Jan 05 2009 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-10

- Add policycoreutils as Requires, because of restorecon (#478494)

* Sun Dec 21 2008 Jesse Keating <jkeating@redhat.com> - 2:4.1.2-9

- Add setup as a Requires. Perhaps this should be a files requires. (#477529)

* Wed Sep 24 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-8

- groupmems: check username for valid character (#455603)

- groupmems: don't segfault on nonexistent group (#456088)

* Thu Sep 11 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-7

- fix usermod SELinux user mappings change (#458766)

* Tue Sep 02 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-6

- audit improvements, thnx. to sgrubb@redhat.com

* Tue Sep 02 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-5

- fix groupmems issues (#459825)

* Mon Jul 28 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-4

- fix configure options (#456748)

* Thu Jul 24 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-3

- recreate selinux patch

* Tue Jul 22 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-2

- provide getspnam by man-pages

* Mon May 26 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-1

- upgrade

* Tue May 20 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.1-2

- fix salt size problem (#447136)

* Mon Apr 07 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.1-1

- upgrade

* Fri Mar 07 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.0-5

- improve newgrp audit patch

* Mon Mar 03 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.0-4

- fix selinux labeling  (#433757)

* Tue Feb 19 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.0-3

- fix groupmems segmentation fault (#430813)

* Wed Feb 13 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.0-2

- fix newgrp audit event

* Wed Dec 12 2007 Peter Vrabec <pvrabec@redhat.com> 2:4.1.0-1

- new upgrade release from new upstream

- provide vipw and vigr

* Thu Nov 29 2007 Peter Vrabec <pvrabec@redhat.com> 2:4.0.18.1-20

- do not create mail spool entries for system accounts (#402351)

* Thu Oct 18 2007 Peter Vrabec <pvrabec@redhat.com> 2:4.0.18.1-19

- fix timestamps when moving home dirs to another file system (#278571)

* Mon Oct 08 2007 Peter Vrabec <pvrabec@redhat.com> 2:4.0.18.1-18

- mark localized man pages with %%lang

* Wed Aug 22 2007 Peter Vrabec <pvrabec@redhat.com> 2:4.0.18.1-17

- rebuild

* Tue Jun 26 2007 Peter Vrabec <pvrabec@redhat.com> 2:4.0.18.1-16

- fix "CAVEATS" section of groupadd man page (#245590)

* Wed Jun 06 2007 Peter Vrabec <pvrabec@redhat.com> 2:4.0.18.1-15

- fix infinitive loop if there are duplicate entries

  in /etc/group (#240915)

* Wed Jun 06 2007 Peter Vrabec <pvrabec@redhat.com> 2:4.0.18.1-14

- do not run find_new_uid() twice and use getpwuid() to check

  UID uniqueness (#236871)

* Tue Apr 10 2007 Peter Vrabec <pvrabec@redhat.com> 2:4.0.18.1-13

- fix useradd dump core when build without WITH_SELINUX (#235641)

* Mon Mar 26 2007 Peter Vrabec <pvrabec@redhat.com> 2:4.0.18.1-12

- create user's mailbox file by default (#231311)

* Fri Mar 16 2007 Peter Vrabec <pvrabec@redhat.com> 2:4.0.18.1-11

- assign system dynamic UID/GID from the top of available UID/GID (#190523)

* Wed Feb 28 2007 Peter Vrabec <pvrabec@redhat.com> 2:4.0.18.1-10

- spec file fixes to meet fedora standarts.

- fix useless call of restorecon(). (#222159)