diff --git a/SOURCES/shadow-4.1.5.1-goodname.patch b/SOURCES/shadow-4.1.5.1-goodname.patch
index 82b7839..2bbf38a 100644
--- a/SOURCES/shadow-4.1.5.1-goodname.patch
+++ b/SOURCES/shadow-4.1.5.1-goodname.patch
@@ -52,14 +52,14 @@ diff -up shadow-4.1.5.1/libmisc/chkname.c.goodname shadow-4.1.5.1/libmisc/chknam
}
- return true;
-+ return !numeric;
++ return !numeric || getenv("SHADOW_ALLOW_ALL_NUMERIC_USER") != NULL;
}
bool is_valid_user_name (const char *name)
diff -up shadow-4.1.5.1/man/groupadd.8.xml.goodname shadow-4.1.5.1/man/groupadd.8.xml
--- shadow-4.1.5.1/man/groupadd.8.xml.goodname 2012-05-25 13:45:27.000000000 +0200
+++ shadow-4.1.5.1/man/groupadd.8.xml 2012-09-19 18:43:53.492160653 +0200
-@@ -259,12 +259,6 @@
+@@ -259,10 +259,14 @@
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>
@@ -67,11 +67,17 @@ diff -up shadow-4.1.5.1/man/groupadd.8.xml.goodname shadow-4.1.5.1/man/groupadd.
- followed by lower case letters, digits, underscores, or dashes.
- They can end with a dollar sign.
- In regular expression terms: [a-z_][a-z0-9_-]*[$]?
-- </para>
-- <para>
- Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long.
++ Groupnames may contain only lower and upper case letters, digits,
++ underscores, or dashes. They can end with a dollar sign.
++
++ Dashes are not allowed at the beginning of the groupname.
++ Fully numeric groupnames and groupnames . or .. are
++ also disallowed.
++
++ In regular expression terms: [a-zA-Z0-9_.][a-zA-Z0-9_.-]*[$]?
</para>
<para>
+ Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long.
diff -up shadow-4.1.5.1/man/useradd.8.xml.goodname shadow-4.1.5.1/man/useradd.8.xml
--- shadow-4.1.5.1/man/useradd.8.xml.goodname 2012-05-25 13:45:29.000000000 +0200
+++ shadow-4.1.5.1/man/useradd.8.xml 2012-09-19 18:43:53.493160675 +0200
@@ -84,7 +90,7 @@ diff -up shadow-4.1.5.1/man/useradd.8.xml.goodname shadow-4.1.5.1/man/useradd.8.
wide setting from <filename>/etc/login.defs</filename>
(<option>CREATE_HOME</option>) is set to
<replaceable>yes</replaceable>.
-@@ -654,12 +654,6 @@
+@@ -654,10 +654,16 @@
</para>
<para>
@@ -92,8 +98,16 @@ diff -up shadow-4.1.5.1/man/useradd.8.xml.goodname shadow-4.1.5.1/man/useradd.8.
- followed by lower case letters, digits, underscores, or dashes.
- They can end with a dollar sign.
- In regular expression terms: [a-z_][a-z0-9_-]*[$]?
-- </para>
-- <para>
- Usernames may only be up to 32 characters long.
++ Usernames may contain only lower and upper case letters, digits,
++ underscores, or dashes. They can end with a dollar sign.
++
++ Dashes are not allowed at the beginning of the username.
++ Fully numeric usernames and usernames . or .. are
++ also disallowed. It is not recommended to use usernames beginning
++ with . character as their home directories will be hidden in
++ the <command>ls</command> output.
++
++ In regular expression terms: [a-zA-Z0-9_.][a-zA-Z0-9_.-]*[$]?
</para>
- </refsect1>
+ <para>
+ Usernames may only be up to 32 characters long.
diff --git a/SPECS/shadow-utils.spec b/SPECS/shadow-utils.spec
index d040f50..f67f3f7 100644
--- a/SPECS/shadow-utils.spec
+++ b/SPECS/shadow-utils.spec
@@ -1,7 +1,7 @@
Summary: Utilities for managing accounts and shadow password files
Name: shadow-utils
Version: 4.1.5.1
-Release: 25%{?dist}
+Release: 25%{?dist}.1
Epoch: 2
URL: http://pkg-shadow.alioth.debian.org/
Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2
@@ -251,6 +251,10 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man8/vigr.8*
%changelog
+* Fri Feb 1 2019 Tomáš Mráz <tmraz@redhat.com> - 2:4.1.5.1-25.1
+- re-allow all numeric usernames when SHADOW_ALLOW_ALL_NUMERIC_USER
+ environment variable is set (#1651450)
+
* Tue Apr 24 2018 Tomáš Mráz <tmraz@redhat.com> - 2:4.1.5.1-25
- prevent creating users ".." or "." or with all numeric usernames (#1373645)
- raise limit for passwd and shadow entry length but also prevent